The first thing you notice in the foyer of the TeleCommunication Systems headquarters in Annapolis is the flat screen TV with red dots showing where people in the U.S. are making 9-1-1 calls on their cellphones.
The locations are calculated with technology from TCS and other companies that provide Enhanced 9-1-1 services to Verizon, AT&T and other carriers. The display zooms in on one of the dots, and I'm a little spooked when I recognize the street name. It’s around the corner from my favorite Maryland fishing shop.
Authentication tokens will ensure you're not being spied on when using TeleCommunication Systems' new app. Credit: TCS
TCS operates at our society's convergence of military, intelligence and civil technologies. One moment it's helping 9-1-1 operators find wireless callers. The next it's transmitting text messages for consumers - 900 billion in the past 12 months. It also runs an unclassified "Art of Exploitation" cyber training course, and it has big plans to win a place in the network protection business.
TCS was founded in 1987 by Maurice B. Tosé. He's an Annapolis-grad and Naval reserve officer who remains CEO, president and chairman. Tosé is African American and he started the company with the aid of section 8(a) of the Small Business Act. It gives an edge to minority-owned small companies for some federal contracts. TCS started out by providing satellite communications to special operations forces, but the company has diversified and grown to 1,400 employees. It does not plan to stop there.
None of that is why TCS executives invited me here to their headquarters on the fourth floor of a brick office building in Annapolis. They want me to try the new secure wireless phone service they're developing.
TCS is one of the firms chasing a potentially lucrative line of business sparked by the National Security Agency. NSA has started a Mobility Program whose goal is to give government workers "the rich user experience of commercial technology" even when they're engaged in secure communications.
The underlying technology sounds hard to believe. NSA wants companies like TCS to figure out how to carve secure communications tunnels through commercial 3G and 4G networks using multiple encryption layers and authentication protocols. Government workers would download the apps onto phones of their choosing – or maybe their agency's choosing – under an approach dubbed BYOD for Bring Your Own Device.
TCS likes to point out that its version requires no extra hardware. Workers would simply download the app through one of the new government app stores now in the works.
NSA has been testing the basic concept of secure mobility under a pilot project called Project Fish Bowl – the bowl being encryption and authentication, and the fish being government workers. NSA would judge the security of the services but individual agencies would do their own selecting.
I don't have good insight yet about whether Fish Bowl is gaining traction, but TCS sure acts like it is. The company has soaked up every nuance it can find in the series of "Mobility Capability Packages" NSA began publishing on its public website in February. These guidelines tell competitors like TCS how to structure their secure communications services.
TCS expects NSA to release its last package before the end of the year, and hopes to start selling its service in 2013.
For now, though, I'm intrigued to have one of their demo phones in my hand. It happens to be a Motorola but really it's the app that matters. Across the conference room table, TCS' Vineet Sachdev holds an identical phone.
Sachdev is director of product marketing and management. He enters a password for me so that a TCS computer called the Security Broker can wirelessly verify it. The broker also generates the cryptographic keys that will scramble our voices on one end and de-encrypt them on the other. When Sachdev and I begin our conversation, a string of four authentication characters, called a token, appears on each of our screens. The first thing the participants in a secure call would do is read their tokens to each other. The characters are supposed to match. That's how the system verifies that a Voice Over Internet Protocol call is not passing through a "man-in-the middle" computer, a device programmed to eavesdrop. Sachdev says he won't reveal exactly how the authentication works, but in a nutshell, the two devices pass content between each, and this content would generate mismatching characters if it had passed through a third computer.
After we verify that our tokens match, I touch confirm.
Our voices are traveling over the Verizon consumer network, but the signals are disguised by the government's Advanced Encryption Standard 256 algorithm.
This was fun, but I wouldn't dare try to weigh the security merits of the TCS system. That said, the phone looks and feels familiar. It's easy to see why some people want this type of secure communications to be the future.