KL-7轉子密碼機KL-7密碼機TSEC/KL-7Adonis[1]、舊稱AFSAM-7,是著名密碼機。美國海陸空三軍皆引入過該機器。是美國武裝部隊中使用最廣泛的加密機器,並且是第一台支持安全抵禦已知明文攻擊的大型網絡機器。

KL-7
KL-7密碼機[1]
研发日期1949
常见制造商 北大西洋公约组织NSA
类型密碼機[2]
语言意大利語英語
已隱藏部分未翻譯内容,歡迎參與翻譯

was an off-line non-reciprocal rotor encryption machine.[3]:p.33ff[4]

歷史與發展

编辑

In 1952, the machine was introduced by AFSA's successor, the U.S. National Security Agency, in the US Army, Navy and Air Force. In the early 1960s, the AFSAM-7 was renamed TSEC/KL-7, following the new standard crypto nomenclature. It was the most widely used crypto machine in the US armed forces until the mid-1960s and was the first machine capable of supporting large networks that was considered secure against known plaintext attack. Some 25,000 machines were in use in the mid-1960s.[3]:p.37 The KL-7 was also used by several NATO countries until 1983.

An 8-rotor version sent indicators in the clear and was code named POLLUX. The encrypted or decrypted output of the machine was printed on a small paper ribbon. It was the first cipher machine to use the re-entry (re-flexing) principle, discovered by Albert W. Small,[5] which re-introduces the encryption output back into the encryption process to re-encipher it again. The research for the new cipher machine, designated MX-507, was initiated in 1945 by the Army Security Agency (ASA) as a successor for the SIGABA and the less secure Hagelin M-209. Its development was turned over to the newly formed Armed Forces Security Agency (AFSA) in 1949. The machine was renamed AFSAM-7, which stands for Armed Forces Security Agency Machine No 7. It was the first crypto machine, developed under one centralized cryptologic organisation as a standard machine for all parts of the armed forces, and it was the first cipher machine to use electronics (vacuum tubes), apart from the British ROCKEX, which was developed during World War 2.

說明

编辑

The KL-7 was designed for off-line operation. It was about the size of a Teletype machine and had a similar three-row keyboard, with shift keys for letters and figures. The KL-7 produced printed output on narrow paper strips that were then glued to message pads. When encrypting, it automatically inserted a space between five-letter code groups. One of the reasons for the five letter groups was messages might be given to a morse code operator. The number of five letter groups was easily verified when transmitted. There was an adaptor available, the HL-1/X22, that allowed 5-level Baudot punched paper tape from Teletype equipment to be read for decryption. The standard KL-7 had no ability to punch tapes. A variant of the KL-7, the KL-47, could also punch paper tape for direct input to teleprinters.

Both sides of a KL-7 rotor

產品詳情

编辑

每個轉子有36個觸點。

To establish a new encryption setting, operators would select a rotor and place it in a plastic outer ring at a certain offset. The ring and the offset to use for each position were specified in a printed key list. This process would be repeated eight times until all rotor positions were filled. Key settings were usually changed every day at midnight, GMT. The basket containing the rotors was removable, and it was common to have a second basket and set of rotors, allowing the rotors to be set up prior to key change. The old basket could then be kept intact for most of the day to decode messages sent the previous day, but received after midnight. Rotor wiring was changed every 1 to 3 years.[3]:p.36

The keyboard itself was a large sliding switch, also called permutor board. A signal, coming from a letter key, went through the rotors, back to the permutor board to continue to the printer. The KL-7 was non-reciprocal. Therefore, depending on the Encipher or Decipher position of the permutor board, the direction of the signal through the rotors was changed.

The rotor basket had two sets of connectors, two with 26 pins and two with 10 pins, at each end that mated with the main assembly. Both 26 pin connectors were connected to the keyboard to enable the switching of the signal direction through the rotors. Both 10 pin connectors on each side were hard-wired with each other. If a signal that entered on one of the 26 pins left the rotor pack on one of these 10 pins, that signal was redirected back into the rotors on the entry side to perform a new pass through the rotors. This loop-back, the so-called re-entry, created complex scrambling of the signal and could result in multiple passes through the rotor pack, depending on the current state of the rotor wiring.

There was also a switch pile-up under each movable rotor that was operated by cams on its plastic outer ring. Different outer rings had different arrangements of cams. The circuitry of the switches controlled solenoids which in turn enabled the movement of the rotors. The combination of cam rings and the controlling of a rotor by several switches created a most complex and irregular stepping. The exact wiring between switches and solenoids is still classified.

KL-7 on display at USAF Communications Agency museum. Rotors have been removed.

The KL-7 was largely replaced by electronic systems such as the KW-26 ROMULUS and the KW-37 JASON in the 1970s, but KL-7s were kept in service as backups and for special uses. In 1967, when the U.S. Navy sailor John Anthony Walker walked into the embassy of the Soviet Union in Washington, DC seeking employment as a spy, he carried with him a copy of a key list for the KL-47. KL-7s were compromised at other times as well. A unit captured by North Vietnam is on display at NSA's National Cryptologic Museum. The KL-7 was withdrawn from service in June 1983[1], and Canada's last KL-7-encrypted message was sent on June 30, 1983, "after 27 years of service."

The successor to the KL-7 was the KL-51, an off-line, paper tape encryption system that used digital electronics instead of rotors.

A set of KL-7 rotors

参见

编辑

注释

编辑

^ Britannica (2005). Proc (2005) differs, saying that, "after the Walker family spy ring was exposed in the mid-1980s (1985)...immediately, all KL-7's were withdrawn from service"[6]

參考

编辑
  1. ^ 1.0 1.1 KL-7. Cryptomuseum.com. [2022-09-07]. (原始内容存档于2018-11-07). 
  2. ^ Proc, Jerry. KL-7. Jproc.ca. [July 25, 2018]. (原始内容存档于2022-10-16). 
  3. ^ 3.0 3.1 3.2 A History of U.S. Communications Security; the David G. Boak Lectures页面存档备份,存于互联网档案馆), National Security Agency (NSA), Volume I, 1973, partially released 2008, additional portions declassified October 14, 2015
  4. ^ Proc, Jerry. KL-7. Jproc.ca. [2022-09-07]. (原始内容存档于2009-05-11). 
  5. ^ Method and apparatus for cryptography
  6. ^ Proc, Jerry. KL-7. Jproc.ca. [July 25, 2018]. (原始内容存档于2009-05-11). 

來源

编辑

外部鏈接

编辑