BATON
Encyclopedia
BATON is a Type 1
block cipher
in use since at least 1995 by the United States government to secure classified information
.
While the BATON algorithm itself is secret, the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block in most modes, and also supports a 96-bit electronic codebook mode. 160 bits of the key are checksum
material. It supports a "shuffle" mode of operation, like the NSA cipher JUNIPER
. It may use up to 192 bits as an initialization vector, regardless of the block size.
In response to a Senate question about encrypted video links, NSA said that BATON could be used for encryption at speeds higher than those possible with Skipjack
.
Type 1 encryption
In cryptography, a Type 1 product is a device or system certified by the National Security Agency for use in cryptographically securing classified U.S...
block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
in use since at least 1995 by the United States government to secure classified information
Classified information in the United States
The United States government classification system is currently established under Executive Order 13526, the latest in a long series of executive orders on the topic. Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the...
.
While the BATON algorithm itself is secret, the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block in most modes, and also supports a 96-bit electronic codebook mode. 160 bits of the key are checksum
Checksum
A checksum or hash sum is a fixed-size datum computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmission or storage. The integrity of the data can be checked at any later time by recomputing the checksum and...
material. It supports a "shuffle" mode of operation, like the NSA cipher JUNIPER
Juniper
Junipers are coniferous plants in the genus Juniperus of the cypress family Cupressaceae. Depending on taxonomic viewpoint, there are between 50-67 species of juniper, widely distributed throughout the northern hemisphere, from the Arctic, south to tropical Africa in the Old World, and to the...
. It may use up to 192 bits as an initialization vector, regardless of the block size.
In response to a Senate question about encrypted video links, NSA said that BATON could be used for encryption at speeds higher than those possible with Skipjack
Skipjack (cipher)
In cryptography, Skipjack is a block cipher—an algorithm for encryption—developed by the U.S. National Security Agency . Initially classified, it was originally intended for use in the controversial Clipper chip...
.
Usage
BATON is used in a variety of products and standards:- APCO Project 25 (Public standard for land mobile radio) (Algorithm IDs 01 and 41)
- PKCS#11PKCS11In cryptography, PKCS #11 is one of the family of standards called Public-Key Cryptography Standards , published by RSA Laboratories, that defines a platform-independent API to cryptographic tokens, such as Hardware Security Modules and smart cards...
(Public standard for encryption tokens) - CDSA/CSSM (Another public standard)
- HAIPE-IS (NSA's version of IPsecIPsecInternet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
) - FNBDT (Advanced flexible voice security protocol)
- ThalesThales GroupThe Thales Group is a French electronics company delivering information systems and services for the aerospace, defense, transportation and security markets...
Datacryptor 2000 (a British network-encryption box) - SecNet-11 (a crypto-secure 802.11b PC CardPC CardIn computing, PC Card is the form factor of a peripheral interface designed for laptop computers. The PC Card standard was defined and developed by the Personal Computer Memory Card International Association which itself was created by a number of computer industry companies in the United States...
, based on the Sierra chip) - Fortezza PlusKOV-14The KOV-14 Fortezza Plus is a US National Security Agency-approved PC card which provides encryption functions and key storage to the Secure Terminal Equipment and other devices...
(a PC CardPC CardIn computing, PC Card is the form factor of a peripheral interface designed for laptop computers. The PC Card standard was defined and developed by the Personal Computer Memory Card International Association which itself was created by a number of computer industry companies in the United States...
product, used in the STESecure Terminal EquipmentSecure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...
) - SafeXcel-3340 (a HAIPIS network-encryption box)
- Numerous embeddable encryption modules: AIM, CYPRISCypris (microchip)CYPRIS was a cryptographic module developed by the Lockheed Martin Advanced Technology Laboratories. The device was designed to implement NSA encryption algorithms and had a similar intent to the AIM and Sierra crypto modules...
, MYK-85, Sierra (microchip), etc.