
FM 24-12 Chapter 7 Communications Security Operations



Chapter 7 

Communications Security Operations
 
7-1. General
 
a. Success on today's battlefield depends on the commander's ability to 
concentrate superior combat power at critical times and places. A key to this 
success is superiority in command and control via communications. Effective 
communications is essential to winning. 

b. The enemy realizes the importance of our communications systems and will 
continuously try to interfere with our ability to communicate. He will try to 
gather intelligence from our communications, and then he will try to disrupt 
them. He will attempt to interfere by breaking into our nets and trying to 
deceive us, or he will try to jam us. Failing at these measures, he will try to 
destroy communications by fire. Our battlefield success will depend heavily on 
how well we minimize his attempts to disrupt our communications systems.
 
c. Communications security is the protection resulting from the application of 
crypto security, transmission security, and emission security. These protective 
measures are taken to deny unauthorized persons telecommunications information. 
This chapter addresses primarily the cryptographic and transmission security 
portions of COMSEC. 

d. Presently, AC and RC have a substantial shortage of COMSEC equipment. No 
quick or easy solutions are in sight. The need for COMSEC is essential; if 
adequate quantities of COMSEC equipment are not available, the commander must 
take other measures to secure his communications. Additionally, the active Army 
must also be skilled in the use of manual encryption techniques. Because most RC 
units possess little secure voice equipment, the active Army must anticipate 
transmitting and receiving traffic with the reserves using manual encryption 
techniques. Remember, manual encryption is also the backup for loss or failure 
of machine crypto systems. Therefore, all forces must maintain proficiency in 
the manual encryption area, regardless of interaction with other forces. Below 
are alternative methods and systems which can be used in lieu of on-line crypto 
systems. They present some difficulty when large volumes of traffic must be 
processed; however, these methods are essential to assure success and 
survivability on future battlefields. 

7-2. Authentication Systems 

a. An authentication system is designed to protect a communications system 
against the acceptance of fraudulent transmissions. Everyone who communicates in 
a tactical or strategic environment requires some method of authenticating. Good 
authentication practices contribute to combat survival and effectiveness, 
because they aid in establishing the validity of a transmission, message, or 
originator. All commanders must implement their use during training and actual 
operations.
 
b. Combat experience in Vietnam proved that IED (IED - imitative electronics 
deception) (ICD - imitative communications deception) by the enemy contributed 
to substantial numbers of casualties and caused many missions to fall short of 
desired results. Proper authentication procedures can prevent an enemy from 
posing as a friendly station. The enemy is adept at IED and needs only a 
moderate degree of skill to seriously affect our communications when we do not 
authenticate. A balance has to be struck so that effective communications is 
maintained without harassment of friendly communications. Guidance on the use of 
authentication systems is found in the unit SOI, ACP 122(D), AR 380-40, and TB 
380-41. 

c. IED is the easiest EW technique to counter. Authentication is one of the best 
means available to stop enemy IED efforts. 


        Operators are required to authenticate when they--

  Suspect a transmission is from an enemy station operating in the net 
  (deception).
 
  Direct a station to go to radio silence or to break that silence.
  (Self-authentication can be used ONLY if authorized by the SOI.)
 
  Are challenged to authenticate.
 
  Talk about enemy contact, give an early warning report, or issue any 
  follow-up report. 

  Transmit directions which affect the tactical situation such as "Move to..." 
  or "Turn off the radio." (Conversely, they challenge any directives like these 
  with a request to authenticate.)
 
  Cancel a message.
 
  Open the net or resume transmitting after a long period of silence.
 
  Transmit to someone who is under radio listening silence. 

  Transmit a classified message in the clear.
 
  Transmit messages in the blind; that is, neither desiring nor expecting 
  a reply. 


d. Challenge if you are not sure that authentication is required. If a station 
takes more than 5 seconds to authenticate, rechallenge. Why 5 seconds? Because 
an enemy operator may try to contact another station and have it respond to that 
same challenge, thereby obtaining the appropriate reply to your challenge.
 
e. The two most commonly used authentication procedures are challenge-reply and 
transmission authentication. The main difference between the two is that 
challenge-reply requires two-way communications, whereas transmission 
authentication does not. Even though transmission authentication requires only 
one-way communications, it is neither as simple nor as flexible as 
challenge-reply. The challenge-reply procedure most often used has a more 
flexible application. 

(1) Challenge-reply. 
C12 THIS IS A06 OVER 

A06 THIS IS C12 OVER 
C12 THIS IS A06 TURN EAST AT X-RAY OVER 
A06 THIS IS C12 AUTHENTICATE HOTEL VICTOR OVER 
C12 THIS IS A06 I AUTHENTICATE WHISKEY OVER 
A06 THIS IS C12 WILCO OUT 

(2) Transmission authentication.
 
  NOTE: Transmission authentication is used only when it is impossible or 
  impractical to use challenge-reply authentication.
J8C THIS IS B6A DO NOT ANSWER 

TURN EAST AT CROSSROAD X-RAY 
AUTHENTICATION IS VICTOR PAPA 
I SAY AGAIN 
J8C THIS IS B6A DO NOT ANSWER 
TURN EAST AT CROSSROAD X-RAY 
AUTHENTICATION IS VICTOR PAPA 
OUT 

7-3. Transmission Security 

Several categories of tactical information require transmission security 
protection. These are listed in FM 34-62, Appendix C. It is important that you 
learn these categories. 

7-4. Codes 

a. A code is a language substitution system that transforms plain language of 
irregular length, such as words or phrases, into groups of characters of fixed 
length. A code has an underlying plaintext of variable length, whereas a cipher 
has an underlying plaintext of fixed length (see paragraph 7-5). The codes that 
you will use are usually found in your unit SOI packet. 

b. Two types of codes are normally used in tactical communications: security 
codes and brevity codes (only as authorized). A code used to hide meanings from 
another party is a security code. A code used to shorten transmissions is a 
brevity code. A brevity code only shortens transmission; it does NOT provide 
security. It is referred to as a brevity list. The international Q and Z signals 
found in ACP 131(D) and the police 10-code signals are examples of brevity 
lists. Brevity lists must be used in conjunction with an approved code to 
provide security.
 
c. Most codes can be placed into one of three categories: numerical, operations, 
and special purpose.
 
(1) Numerical codes are among the simplest and most useful types of codes and 
are used to encode numbers. They are almost always digraphs (two-letter 
configurations) and are designed to protect intelligence bearing QUANTITATIVE 
portions of tactical communications, especially voice communications. They 
provide a short term tactical advantage when it is impossible or impractical to 
secure information to any greater degree. They are intended for use through the 
lowest operational levels. They can be used to protect the when, where, and how 
many in communications that might otherwise be unencrypted. (For example, they 
may be mixed with plain language, operating signals, or a brevity list.) 
Numerical code examples are given below.
 
(a) Hours designation:
Plaintext--Meeting time is 1530. 
Code value --Meeting time is I set XXBKWG. 

(b) Frequency designation: 
Plaintext --Change frequency to 14990 kHz at 1600. 
Code value --Change frequency to I set XYFXMPE at HITV. 

(2) OPCODE, in contrast with numerical codes, can be used to encrypt the what, 
who, why, how, and how many--the QUALITATIVE information in messages. They DO 
NOT, however, provide adequate protection for information if mixed with plain 
language. OPCODEs have a vocabulary of usually 1,000 to 3,000 entries and 
generally use trigraphic (three-letter) code groups. OPCODEs are usually 
multipurpose or general in that they may be used to encrypt different sorts of 
information. OPCODEs are intended for use down through the lowest operational 
levels. Operations codes examples are given below.
 
(a) A simulated message of tactical operation assignment: 
Plaintext--Continue on assigned mission. 
Code value--AAL. 

(b) A simulated message of tactical operation report: 
Plaintext--Battalion action at crossroad. 
Code value --OXW RFM RFX WOX. 

(3) Special purpose codes are OPCODE-type items but are generally designed for 
encrypting specialized types of messages such as radar reports and fire 
missions. Their vocabularies are usually limited in size and scope and may 
consist of single letter, digraphic, or trigraphic code groups. Frequently, they 
are intended for more sensitive application than general codes and are often 
used at higher echelons. Many such special purpose codes are of the one-time 
variety. Special purpose code examples are given below.
 
(a) Simulated message --Communications equipment, radar station reports: 
Plaintext--TRC capability impaired, jamming suspected hostile. 
Code value--OTV JNP. 

(b) Simulated message --Artillery mission report: 
Plaintext--Target altitude 2,500 meters. 
Code value--XHY OHT. 

d. Many codes are custom designed to meet requirements of specific users. They 
are fabricated in response to specific COMSEC needs. They can be produced for 
any commander who requires an individually tailored item. These codes are not to 
be produced without NSA approval. Most users, however, use only a few 
standardized systems. Standardized systems can be obtained and pre-positioned at 
appropriate levels in the distribution. This should be a consideration when 
requesting COMSEC support. If not regularly used, codes may not be on hand at 
the local COMSEC support agency. If not readily available, codes must be ordered 
through COMSEC logistic channels. Users and commanders should consider that 
custom designed codes require sufficient lead time to produce. Although a 
standardized system may not be the best solution to a tactical COMSEC problem, 
it may serve as an effective interim system until a more suitable custom 
designed product can be produced. You should never try to make up your own 
brevity codes since experience has shown they are too easily broken by the 
enemy. Only use authorized and approved codes.
 
e. The use of codes to gain advantage over an enemy cannot be overemphasized. 
Everyone using codes must be familiar with their capabilities, limitations, and 
intended usages for codes to be effective. 

(1) Codes intended for tactical application are designed to provide ONLY that 
amount of security consistent with operational needs. 

(2) Tactical OPCODEs usually require that messages be composed prior to being 
encrypted and transmitted. Users need a pencil, paper, and a place to write in 
order to work on OPCODEs.
 
(3) A tactical OPCODE is of specific but limited usefulness in the operational 
environment. It is difficult to use in the midst of hostilities or when riding 
in a vehicle. It cannot adequately protect high level communications. 
(4) Numerical codes can usually be operated without pencil and paper. Numerical 
codes can provide protection to quantitative elements of information that 
pertain to an immediate tactical situation. However, they are not as secure as 
properly used OPCODEs or numerical ciphers.
 
(5) All codes have a cryptoperiod. They also have usage rules that outline 
restrictions on their employment. If a code is used in a way for which it is 
unintended, security can break down quickly. Total encryption using tactical 
codes is not always desirable or possible. Encryption of information the enemy 
already knows may help assist him in breaking our code system. 

(6) One-time codes have special usage characteristics because of their one-time 
cryptoperiod. These codes provide a high degree of security and can be used for 
traffic with long-term intelligence value.
 
(7) The commander can request that the local INSCOM counter SIGINT personnel 
produce a code that will meet his needs when an emergency arises that does not 
allow a unit to use authorized codes (such as, compromise or cut off of 
distribution). Under no circumstances should unauthorized codes be used. 
(8) Training must emphasize security and resupply procedures for codes to ensure 
that all personnel involved in their handling and use are properly trained. 

7-5. Ciphers 

a. The one-time pad is a language substitution cipher system which transforms 
plain language formations of fixed length (numbers and/or letters) into 
characters or groups of characters of fixed length. In a cipher system, the 
underlying plaintext is fixed in length; in a code system the underlying 
plaintext is variable in length. A one-time pad has no vocabulary as such, and 
almost anything can be said using pads. One-time pads are highly secure and are 
used mainly for special operations.
 
b. All one-time pads have variables which are used to transform plaintext into 
cipher text. These variables are presented in the form of recognizable 
characters such as letters and/or numbers. Each individual key is used only 
once, from which is derived the name one-time pad.
 
c. The substitution of cipher text for plaintext and vice versa is performed 
according to a specified rule which uses the key variables discussed above. The 
rule, how to work the pad, is what distinguishes one type of system from 
another.
 
d. The three basic varieties of one-time pads are literal, digital, and 
literal/digital.
 
(1) A literal pad can encrypt letters only, so numbers must be spelled out 
before encryption. This gives great flexibility in the variety of plaintext that 
can be encrypted, but also results in a longer encryption time than would be 
experienced with a code. 

(2) A digital pad encrypts digits only. If information to be protected is 
strictly numerical, digital pads can directly encrypt the plaintext. It is not 
uncommon for it to be used to directly encrypt narrative text if the text can be 
taken from a brevity list whose equivalent groups are numerical. This technique 
is especially valuable between speakers of different languages, as operators 
need no linguistic skills since transmission involves only digits.
 
(3) Literal/digital pads are used to encrypt both letters and numbers directly. 
Their applications are similar to literal-only pads except they can directly 
encrypt numbers without spelling them out. They are most useful over good 
quality circuits which are least likely to require spelling numbers.
 
(a) Standardization systems constitute the majority of one-time pads. Standard 
systems accommodate most operational systems, but custom designed pads can be 
ordered through the local COMSEC support agency by any commander who has a 
legitimate need for special material.
 
(b) Pads can be used to protect highly sensitive traffic since they provide 
security for an indefinite time. Pads require a pencil for their operation, and 
some require that messages be composed before encryption. Writing space is 
normally provided for writing directly on the pad. A pad key is intended for 
one-time use only. If more than one message is enciphered in the same stretch of 
key, it is possible to break both messages.
 
(c) One-time pads, like one-time codes, are most effective on point-to-point or 
broadcast nets.
 
(d) One-time pad example: 
Plaintext--l4.5. Code value--XKBQ. 
Message transmitted --Page 030, set 3, XKBQ. 

e. Numerical ciphers, as with a pad, are characterized by the fixed length of 
the underlying plaintext. In all cases, this is a one-for-one substitution.
 
(1) The two types of numerical ciphers are the one-time ciphers and the standard 
cipher system. The one-time ciphers are an easy-to-employ, highly secure, 
numerical enciphering system. They can be used on basic numerical data or on a 
fixed format, such as specific data reports for personnel summaries. The 
standard numerical cipher system for enciphering numbers is DRYAD.
 
(2) A limited transmission authentication capability and a challenge/reply 
authentication capability are also provided with this system. 

7-6. Brevity Lists 

a. There may be instances where the types of information to be exchanged are not 
sufficiently varied to warrant the use of an extensive operations code. In such 
cases, it may be preferable to use a brevity list (Figure 7-1) in conjunction 
with a numerical cipher. Security is provided by encrypting numerical 
equivalents with an approved cipher system such as the DRYAD system.
 
b. Use of a brevity list has certain advantages over use of an operations code. 
Use of a brevity list eliminates the need to distribute, account for, and 
destroy an operations code in which the greatest part of the vocabulary is never 
used.
 
c. Brevity lists may be found in the supplemental instructions in the unit SOI. 
If there is no list present, it may be added at the unit level permanently or 
temporarily for a particular exercise.
 
d. A brevity list approach is an extremely practical alternative to an 
operations code--
  When the information exchange requirement is relatively limited. 
  When the entries can be held to a minimum number of sentences, phrases, and/or 
  words. 
  When the messages are generally short. 
  Where the vocabulary entries consist primarily of complete, independent 
  thoughts. 

7-7. COMSEC Operations Support 

a. A unit must have a COMSEC account or have access to a COMSEC account, before 
it can conduct meaningful COMSEC training. Most units either have approved 
containers or a facility for storing COMSEC material or can obtain an approved 
container through supply channels. Command is responsible for establishing a 
COMSEC account. The unit must then train and operate using COMSEC equipment 
and/or systems. Commanders must use AR 380-40 and the TB 380-41 series in 
establishing COMSEC support for their unit. Although it places an additional 
burden on the commander to use COMSEC systems, their use is essential to success 
and survival on the battlefield. COMSEC IS NOT AN OPTION; IT IS 
MISSION-ESSENTIAL. 

b. Unit SOPs must be clear on the use of COMSEC equipment and systems, both for 
administrative operations and tactical operations. All personnel should be 
familiar with SOP instructions and SOI instructions on the unit's particular 
COMSEC systems. Personnel must be familiar with procedures for resupply of 
COMSEC material during operations, and the COMSEC custodian must provide for an 
adequate supply of COMSEC material to be on hand for both training and/or 
operations.
 
c. Training programs must ensure that all necessary personnel receive adequate 
instructions and training on COMSEC procedures by both formal and on-the-job 
training. The INSCOM support activity can provide invaluable assistance in 
establishing, maintaining, and evaluating your unit's COMSEC account, training 
program, SOP, and storage facilities. Their support must be scheduled well ahead 
of time due to the number of units each activity supports. Information on 
storage and accounting for COMSEC equipment can be found in AR 380-40, AR 
640-15, and the TB 380-41 series.