When  the  STU-III  terminal  is  installed,  the  STU-III custodian sets up the terminal with the seed key. A seed key is issued to a particular terminal only. The seed key contains  a  microchip  that  is  embedded  electronically with  identification  information.  This  information includes  the  level  of  security  authorized  for  that terminal. Once the custodian inserts the seed key into the terminal, the information on the key is transferred to the internal memory of the terminal. At this point, the seed key  no  longer  contains  any  information  and  is considered to be “empty.” The information in the terminal is electronically registered with the Key Management Center (KMC) located   in  Finksburg,  Maryland.  The  KMC   is  the  central authority responsible for controlling the key material and issuing reports of compromised keys. The user can discuss  classified information up to the security level that has been keyed to the terminal. The crypto-ignition keys (CIKs) can now be made for users to activate the secure mode. The CIKs are “empty”  keys  with  no  information  embedded  in  the metal strip.  When the empty keys are inserted into the terminal, some  of the information that is now stored in the terminal from the seed key and other information in the memory is transferred onto the metal strips. This information becomes an electronic “password” on the CIKs for that particular terminal, making the CIKs unusable on other terminals. The terminal maintains  a list of authorized CIKs for each key in its memory. When using a STU-III with remote or dial-in, users parameters  will  be  set  according  to  the  Secure Telephone Unit Third Generation (STU-III) COMSEC Material  Management  Manual  (CMS  6)  and  locally generated instructions. Levels   of   security   classification,   keying instructions,  rekey  instruction,  CIK  management  will be decided by the user and the user’s communications facility.  All users must meet the minimum security clearance requirements. Training on the STU-III will be documented in accordance with CMS 6 and local instructions. Secure Mode As we mentioned earlier, the secure mode of the STU-III is activated and deactivated using a CIK. When the CIK (figure 1-3) is inserted into the terminal, the STU-III can be used in the secure mode up to the classification of the keying material. Without the CIK, the STU-III operates as an ordinary telephone. Calls are always initiated in the clear. To go from a clear to a secure voice transmission, either caller simply presses his or her SECURE VOICE button after the CIK is used to activate the secure mode. Once a secure link has been initiated, the two STU- III  terminals  begin  exchanging  information.  The information  exchanged  includes  the  identity  of  the  CIK of the distant-end person, the list of compromised CIKS, and the common level of classified security information to which the two callers have access. When  two  terminals  communicate  in  the  secure mode,  each  terminal  automatically  displays  the authentication  (identification)  information  of  the distant terminal. This information is scrolled through the display window during secure call setup. The first line   of   the   identification   information   and   the classification are displayed for the duration of the secure  call. The information displayed indicates the approved classification level for the call, but does not authenticate the person using the terminal. Each terminal user is responsible for viewing this information to identify the distant party and the maximum security classification level authorized for the call. STU-III    Administration The STU-III terminals and keys are COMSEC material. The terminals and keys may be administered either through the STU-III custodian or the CMS custodian. Both the terminals and keys are issued to users and must be signed for. Since the seed key is classified, it must be afforded protection for the level of classification in accordance with  Secure Telephone  Unit Third   Generation   (STU-III)   COMSEC   Material Management Manual, CMS 6. Because CIKs permit the STU-III terminals to be used in the secure mode, the CIKs must be protected against unauthorized access and use. CIKs may be retained by the users who sign for them on local custody. Users must take precautions to prevent unauthorized access and must remember to remove the CIKs from the associated   terminals. When the terminals are unkeyed, they must be provided  the  same  protection  as  any  high-value government item, such as a personal computer. When the terminal is keyed, the terminal assumes the highest classification of the key stored within and must be protected in accordance with the classification of that key. 1-18