KL-7
Encyclopedia
The TSEC/KL-7, code named ADONIS and POLLUX, was an off-line non-reciprocal rotor encryption machine
. The KL-7 had eight rotors to encrypt the text, seven of which moved in a complex pattern, controlled by notched rings. The non-moving rotor was in fourth from the left of the stack. The encrypted or decrypted output of the machine was printed on a small paper ribbon. It was the first cipher machine to use the re-entry (re-flexing) principle, discovered by Albert W. Small, which re-introduces the encryption output back into the encryption process to re-encipher it again.
The research for the new cipher machine, designated MX-507, was initiated in 1945 by the Army Security Agency (ASA) as a successor for the SIGABA
and the less secure Hagelin M-209
. Its development was turned over to the newly formed Armed Forces Security Agency (AFSA) in 1949. The machine was renamed AFSAM-7, which stands for Armed Forces Security Agency Machine No 7. It was the first crypto machine, developed under one centralized cryptologic organisation as a standard machine for all parts of the armed forces, and it was the first cipher machine to use electronics (vacuum tubes).
In 1952, the machine was introduced by AFSA's successor, the U.S.
National Security Agency
, in the US Army, Navy and Air Force. In the early 1960s, the AFSAM-7 was renamed TSEC/KL-7, following the new standard crypto nomenclature. It was the most widely used crypto machine in the US armed forces until the mid-1960s. The KL-7 was also used by several NATO countries until 1983.
punched paper tape from Teletype equipment to be read for decryption. The standard KL-7 had no ability to punch tapes. A variant of the KL-7, the KL-47, could also punch paper tape for direct input to teleprinters.
Each rotor had 36 contacts. To establish a new encryption setting, operators would select a rotor and place it in a plastic outer ring at a certain offset. The ring and the offset to use for each position were specified in a printed key
list. This process would be repeated eight times until all rotor positions were filled. Key settings were usually changed every day at midnight, GMT. The basket containing the rotors was removable, and it was common to have a second basket and set of rotors, allowing the rotors to be set up prior to key change. The old basket could then be kept intact for most of the day to decode messages sent the previous day, but received after midnight.
The keyboard itself was a large sliding switch, also called permutor board. A signal, coming from a letter key, went through the rotors, back to the permutor board to continue to the printer. The KL-7 was non-reciprocal. Therefore, depending on the Encipher or Decipher position of the permutor board, the direction of the signal through the rotors was changed.
The rotor basket had two sets of connectors, two with 26 pins and two with 10 pins, at each end that mated with the main assembly. Both 26 pin connectors were connected to the keyboard to enable the switching of the signal direction through the rotors. Both 10 pin connectors on each side were hard-wired with each other. If a signal that entered on one of the 26 pins left the rotor pack on one of these 10 pins, that signal was redirected back into the rotors on the entry side to perform a new pass through the rotors. This loop-back, the so-called re-entry, created complex scrambling of the signal and could result in multiple passes through the rotor pack, depending on the current state of the rotor wiring.
There was also a switch pile-up under each movable rotor that was operated by cam
s on its plastic outer ring. Different outer rings had different arrangements of cams. The circuitry of the switches controlled solenoids which in turn enabled the movement of the rotors. The combination of cam rings and the controlling of a rotor by several switches created a most complex and irregular stepping. The exact wiring between switches and solenoids is still classified.
The KL-7 was largely replaced by electronic systems such as the KW-26
ROMULUS and the KW-37
JASON in the 1970s, but KL-7s were kept in service as backups and for special uses. In 1967, when John Anthony Walker
(a sailor in the U.S. Navy) walked into the embassy of the Soviet Union
in Washington, DC seeking employment as a spy, he carried with him a copy of a key list for the KL-47. KL-7s were compromised at other times as well. A unit captured by North Vietnam
is on display at NSA's National Cryptologic Museum
. The KL-7 was withdrawn from service in June 1983, and Canada
's last KL-7-encrypted message was sent on June 30, 1983, "after 27 years of service."
The successor to the KL-7 was the KL-51
, an off-line, paper tape encryption system that used digital electronics instead of rotors.
Rotor machine
In cryptography, a rotor machine is an electro-mechanical device used for encrypting and decrypting secret messages. Rotor machines were the cryptographic state-of-the-art for a prominent period of history; they were in widespread use in the 1920s–1970s...
. The KL-7 had eight rotors to encrypt the text, seven of which moved in a complex pattern, controlled by notched rings. The non-moving rotor was in fourth from the left of the stack. The encrypted or decrypted output of the machine was printed on a small paper ribbon. It was the first cipher machine to use the re-entry (re-flexing) principle, discovered by Albert W. Small, which re-introduces the encryption output back into the encryption process to re-encipher it again.
The research for the new cipher machine, designated MX-507, was initiated in 1945 by the Army Security Agency (ASA) as a successor for the SIGABA
SIGABA
In the history of cryptography, the ECM Mark II was a cipher machine used by the United States for message encryption from World War II until the 1950s...
and the less secure Hagelin M-209
M-209
In cryptography, the M-209, designated CSP-1500 by the Navy is a portable, mechanical cipher machine used by the US military primarily in World War II, though it remained in active use through the Korean War...
. Its development was turned over to the newly formed Armed Forces Security Agency (AFSA) in 1949. The machine was renamed AFSAM-7, which stands for Armed Forces Security Agency Machine No 7. It was the first crypto machine, developed under one centralized cryptologic organisation as a standard machine for all parts of the armed forces, and it was the first cipher machine to use electronics (vacuum tubes).
In 1952, the machine was introduced by AFSA's successor, the U.S.
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...
National Security Agency
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
, in the US Army, Navy and Air Force. In the early 1960s, the AFSAM-7 was renamed TSEC/KL-7, following the new standard crypto nomenclature. It was the most widely used crypto machine in the US armed forces until the mid-1960s. The KL-7 was also used by several NATO countries until 1983.
Description
The KL-7 was designed for off-line operation. It was about the size of a Teletype machine and had a similar three-row keyboard, with shift keys for letters and figures. The KL-7 produced printed output on narrow paper strips that were then glued to message pads. When encrypting, it automatically inserted a space between five-letter code groups. There was an adaptor available, the HL-1/X22, that allowed 5-level BaudotBaudot
Baudot:*Marc Antoine Baudot , deputy during the French Revolution*Émile Baudot , French telegraph engineer, inventor of the Baudot code*Anatole de Baudot , French architect...
punched paper tape from Teletype equipment to be read for decryption. The standard KL-7 had no ability to punch tapes. A variant of the KL-7, the KL-47, could also punch paper tape for direct input to teleprinters.
Each rotor had 36 contacts. To establish a new encryption setting, operators would select a rotor and place it in a plastic outer ring at a certain offset. The ring and the offset to use for each position were specified in a printed key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
list. This process would be repeated eight times until all rotor positions were filled. Key settings were usually changed every day at midnight, GMT. The basket containing the rotors was removable, and it was common to have a second basket and set of rotors, allowing the rotors to be set up prior to key change. The old basket could then be kept intact for most of the day to decode messages sent the previous day, but received after midnight.
The keyboard itself was a large sliding switch, also called permutor board. A signal, coming from a letter key, went through the rotors, back to the permutor board to continue to the printer. The KL-7 was non-reciprocal. Therefore, depending on the Encipher or Decipher position of the permutor board, the direction of the signal through the rotors was changed.
The rotor basket had two sets of connectors, two with 26 pins and two with 10 pins, at each end that mated with the main assembly. Both 26 pin connectors were connected to the keyboard to enable the switching of the signal direction through the rotors. Both 10 pin connectors on each side were hard-wired with each other. If a signal that entered on one of the 26 pins left the rotor pack on one of these 10 pins, that signal was redirected back into the rotors on the entry side to perform a new pass through the rotors. This loop-back, the so-called re-entry, created complex scrambling of the signal and could result in multiple passes through the rotor pack, depending on the current state of the rotor wiring.
There was also a switch pile-up under each movable rotor that was operated by cam
Cam
A cam is a rotating or sliding piece in a mechanical linkage used especially in transforming rotary motion into linear motion or vice-versa. It is often a part of a rotating wheel or shaft that strikes a lever at one or more points on its circular path...
s on its plastic outer ring. Different outer rings had different arrangements of cams. The circuitry of the switches controlled solenoids which in turn enabled the movement of the rotors. The combination of cam rings and the controlling of a rotor by several switches created a most complex and irregular stepping. The exact wiring between switches and solenoids is still classified.
The KL-7 was largely replaced by electronic systems such as the KW-26
KW-26
The TSEC/KW-26, code named ROMULUS, was an encryption system used by the U.S. Government and, later, by NATO countries. It was developed in the 1950s by the National Security Agency to secure fixed teleprinter circuits that operated 24 hours a day...
ROMULUS and the KW-37
KW-37
The KW-37, code named JASON, was an encryption system developed In the 1950s by the U.S. National Security Agency to protect fleet broadcasts of the U.S. Navy. Naval doctrine calls for warships at sea to maintain radio silence to the maximum extent possible to prevent ships from being located by...
JASON in the 1970s, but KL-7s were kept in service as backups and for special uses. In 1967, when John Anthony Walker
John Anthony Walker
John Anthony Walker, Jr. is a former United States Navy Chief Warrant Officer and communications specialist convicted of spying for the Soviet Union from 1968 to 1985, at the height of the Cold War...
(a sailor in the U.S. Navy) walked into the embassy of the Soviet Union
Soviet Union
The Soviet Union , officially the Union of Soviet Socialist Republics , was a constitutionally socialist state that existed in Eurasia between 1922 and 1991....
in Washington, DC seeking employment as a spy, he carried with him a copy of a key list for the KL-47. KL-7s were compromised at other times as well. A unit captured by North Vietnam
North Vietnam
The Democratic Republic of Vietnam , was a communist state that ruled the northern half of Vietnam from 1954 until 1976 following the Geneva Conference and laid claim to all of Vietnam from 1945 to 1954 during the First Indochina War, during which they controlled pockets of territory throughout...
is on display at NSA's National Cryptologic Museum
National Cryptologic Museum
The National Cryptologic Museum is an American museum of cryptologic history that is affiliated with the National Security Agency . The first public museum in the U.S. Intelligence Community, NCM is located in the former Colony Seven Motel, just two blocks from the NSA headquarters at Fort...
. The KL-7 was withdrawn from service in June 1983, and Canada
Canada
Canada is a North American country consisting of ten provinces and three territories. Located in the northern part of the continent, it extends from the Atlantic Ocean in the east to the Pacific Ocean in the west, and northward into the Arctic Ocean...
's last KL-7-encrypted message was sent on June 30, 1983, "after 27 years of service."
The successor to the KL-7 was the KL-51
KL-51
The KL-51 is an off-line keyboard encryption system that read and punched paper tape for use with teleprinters. It was developed by the U.S. National Security Agency in the 1980s to replace the earlier KL-7, but used digital electronics for encryption instead of rotors. As of 2006, the U.S...
, an off-line, paper tape encryption system that used digital electronics instead of rotors.
Sources
- Jerry Proc's page on the KL-7, retrieved 30 November 2005.
- NSA Crypto Almanac 50th Aniversary - The development of the AFSAM-7, retrieved 27 February 2011.
- Technical details and history of the TSEC/KL-7, from Dirk Rijmenants' Cipher Machines & Cryptology, retrieved 27 February 2011.
- Patent for Rotor Re-entry by Albert W Small, filed 1944 from Free Patents On-line, retrieved 27 February 2011.
- "Cryptology", Encyclopædia Britannica. Retrieved 22 June 2005 from Encyclopædia Britannica Online http://search.eb.com/eb/article?eu=117766.
- Card attached to KL-51 on display at the National Cryptologic MuseumNational Cryptologic MuseumThe National Cryptologic Museum is an American museum of cryptologic history that is affiliated with the National Security Agency . The first public museum in the U.S. Intelligence Community, NCM is located in the former Colony Seven Motel, just two blocks from the NSA headquarters at Fort...
, 2005.
External links
- TSEC/KL-7 with detailed information and many images on the Crypto Museum website
- Accurate TSEC/KL-7 Simulator (Windows), on Dirk Rijmenants' Cipher Machines & Cryptology