M-94 25 wheel Cipher Device (Wiki)
M-94 is the U.S. Army nomenclature, CSP-488 is the Navy name.
The M-138-A is a strip cipher version.
The Jefferson Disk (Wiki) aka: Bazeries Cylinder (Wiki) works on the same idea, but is much older.
Manual operation. Simple construction.
Used through the end of W.W.II.
Got the crypto bug from reading The Ultra Secret by F.W. Witherbotham. It told about breaking the Enigma machine. I've wanted one of these since then (1975) but real machines are very collectable (expensive) so never got one. Did get the Enigma-E kit to make a functional machine, but it does not have the look and feel of a real machine. The Enigma I shown here is a non functional machine that does have the look and feel of a real enigma machine.
This came from Spain. Maquina Enigma - This is the Enigma I model.
White Collar TV series (Wiki, IMDB): S2-E16 "Under the Radar" booby trapped Nazi Submarine & Enigma Machine - Preview@0:20 -
Fig 1 Spain to California took a tool
But no damage to Enigma.
2024Feb6: will improve.
Fig 5 Rotor cover hinges open
Fig 8 Inside Lid
GRA-71 Coder-Burst Transmission Group (British GRA-71 for the PRC-316)
Magnetic tape holds a short message that is sent using 300 Word Per Minute Morse code (Burst transmission (Wiki). Can be used with the GRC-109, PRC-64, Delco 5300, PRC-74, PRC-316, PRC-319, PRC104 & probably most modern radios that support CW operation.
Used through Vietnam conflict.
KYV-2 Secure Voice Module
Used with the PRC-68 Family of hand held Squad Radios, Digital 16 kbps
Should inter operate with the KY-57 (ground) and KY-58 (airborne) systems
Post Viet Nam.
VINSON (Wiki) voice encryption system (Wiki)
KY-38 Man Portable Secure Voice System
Works with the PRC-77 but not the PRC-25. Mechanical key loading.
Should inter operate with the KY-8 (Vehicular) and KY-28 (airborne)
Used through Viet Nam.
NESTOR system replaced by VINSON.
KY-57 Voice Transmission Security Device
Used with a large number of radios for both voice, fax and data.
VINSON system (Wiki)
KY-65 Voice Encryption Unit
Used with PRC-104 and other H.F. radios.
? mid to late Vietnam (same box as PRC-25 and PRC-77)
KY-68 Secure Field Phone
Not much is known.
What encryption system, what will it interoperate with? Let me know.
KY-99 Advanced Narrowband Digital Voice Terminal (ANDVT)Wiki: ANDVT,
Replaces the KY-57 and other equipment. Requires new interconnecting cables.
MSC-2001 Voice Encryption Unit (VEU)Uses a 40 character key based on 5-level paper tape. Originally designed to work with the PRC-77.
TCC CSD 909 PRM Communication Security DeviceUses thumb-wheel switches to set key.
Should work on any radio via audio input & output.
Key loaded from KYK-13.
An aircraft module for encoding and decoding digital to analog. Probably no crypto function although nomenclature is KY-...
Wiki "The KG-84A and KG-84C are encryption devices developed by the U.S. National Security Agency (NSA) to ensure secure transmission of digital data. The KG-84C is a Dedicated Loop Encryption Device (DLED), and both devices are General-Purpose Telegraph Encryption Equipment (GPTEE). The KG-84A is primarily used for point-to-point encrypted communications via landline, microwave, and satellite systems. The KG-84C is an outgrowth of the U.S. Navy high frequency (HF) communications program and supports these needs. The KG-84A and KG-84C are devices that operate in simplex, half-duplex, or full-duplex modes. The KG-84C contains all of the KG-84 and KG-84A modes, plus a variable update counter, improved HF performance, synchronous out-of-sync detection, asynchronous cipher text, plain text, bypass, and European TELEX protocol. The KG-84 (A/C) is certified to handle data at all levels of security. The KG-84 (A/C) is a Controlled Cryptographic Item (CCI) and is unclassified when unkeyed. Keyed KG-84 equipment assumes the classification level equal to that of the keying material used."
AC Power Cord
KG-84 Circular to DB-25 Red/Black Adapter Box
KG-84 Circular to DB-25 Red/Black Adapter Box Open
U-229 - DB-9 Crypto Fill Cable
KG-84 Circular to DB-25 Red/Black Adapter Cable
There are a number of different things that can be filled.
Wiki: Glossary of cryptographic keys, Fill Device
- a SINCGARS or Have Quick hop set telling the radio what frequencies are allowed for frequency hopping.
- a SINCGARS or Have Quick lockout set telling the radio what frequencies not to use.
- a SINCGARS or Have Quick Transmission Security Key (TSK) telling the radio the order to do the hopping.
- a KY-57 or ICOM Transmission Encryption Keys (TEK) for the voice/data encryption unit
- a KY-57 or ICOM Key Encryption Key (KEK) used for Over The Air Rekeying (OTAR)
- a GPS Group Unique Variable (GUV) key good for one year
- a GPS Crypto Variable Weekly (CVW) good for 6 weeks
- There are probably many more different keys used for data (teletype) and for trunked phone systems that may be the same as the above or different.
DS-102 protocol. The KOI-18 may be the oldest electrical key loader (the KY-38 used a mechanical key loader). Used to load the Transmission Encryption Keys (TEK) into the KY-57 and about anything that needs a key. It uses a photo optical reader to read a paper tape that's pulled through the reader by hand.
Very versatile since what comes out depends on what is punched on the tape. Other key loaders have electronic registers that can only hold keys in predetermined formats.
Manuals: TM 9-1425-429-12 or TM 9-1425-2586-10
Battery: 6.3 Volt BA-5372/U (used to be the 6.5 Volt Mercury BA-1572/U)
Supports 128 bit keys (actually any length paper tape that someone can pull through the machine)
Fig 13 8-level tape (Wiki) is 1" wide.
Fig 14 Note grouped as 3-space-5.
The space is where the sprocket holes are.
Fig 15 The rod with the blue tape seems to be made of carbon and is the common ground for the wire fingers that sense the 8 data holes. Note there is no sensor for the sprocket holes.
TM 11-5810-292-13&P General Purpose Tape Reader, KOI-18; Elect Transfer Device, KYK-13; Net Control Device, KYX-15/15A
I've heard that it uses 8 level ASCII type tapes rather than the older 5 level Baudot tapes. Note that the data holes are larger in diameter than the sprocket (clock) holes. This is important since the leading edge of the sprocket hole can be used to latch the data bits and the trailing edge of the sprocket hole can be used to shift out the data bits. This would not work if all the holes were the same diameter.
In the old mechanical tape readers, like on the Teletype Corp. Model ASR33 machine, there was a plastic wheel with pins that match the sprocket holes and it pulled the tape through a reader that worked using mechanical pins to sense each data hole.Inside there's probably a parallel in - serial out shift register. The parallel inputs are driven from the data holes. The shift register data is latched on the rising edge of the sprocket hole and on the falling edge a pulse generator sends 8 clock pulses which are used both to clock out the shift register data bits and to provide the clock signal to the device being loaded. The clock rate needs to be fast enough to get all the bits sent before the next set of holes gets to the tape reader.
If the tape was pulled at 3 feet per second and the pitch of the data was 0.1" then there would be 360 words per second (8 bits per word) or an average rate of 2,880 bits per second, so the internal clock generator needs to run faster, say 5,000 bits per second.
If the operator pulls the tape too fast the bits will get corrupted. To check for this the tape needs to be punched with parity, Cyclic Redundancy Check (CRC), check sum or some other data to be sure the correct key gets loaded. This is not a part of the key loader, but instead is part of how the data is punched into the tape. This check can also be used by the the device holding the key to tell the difference between no key and a valid key. The device being loaded should not function without a valid key and it's cold start state should be such that it is recognized as a no key state. For this reason even parity is not a good way to go because a key of all zeros would have even parity. If odd parity is used a key of all zeros fails a parity test.
Note that an asynchronous data system, like RS-232 that uses start and stop bits will not work with a hand pulled paper tape reader because the baud rate can vary over a huge range. This is why a synchronous system is used that has data and clock channels. Newer key loaders that are not paper tape based continue to use the data plus clock format for backward compatibility.
"COMSEC equipment descriptionThere is no limit to the key size since it will just read whatever is on a tape.
General purpose tape reader, KOI-18/TSEC, controlled cryptographic item (CCI).
The National Security Agency (NSA) has directed that a fill cable be connected to the fill device when transferring a key.
KOI-18 tape reader, general purpose.
(a) Battery operated, hand-held device.
(b)Converts eight-level standard paper and mylar tape to serial electronic information.
(c) Loads keys from prepunched tape to other COMSEC equipment, KYK-13 or KYX-15.
(d) Has no storage capability.
(e) Tapes are normally generated ahead of time and stored for later use. May be distributed by mail or courier."
There are two very major problems with this system. First the amount of key material is gigantic and the logistics of getting the keys where they need to be is a huge task. Because the keys need to be made at NSA well before they are used they are vulnerable to being copied or compromised anywhere along the path to the end user. This has happened more than once during the cold war.
One attempt has been made to secure the key tape between it's generation and use is a canister that claims to prevent returning a key tape.
4108390 Paper tape canister, Hugh V. Hayes, Secretary Of The Army, Aug 22, 1978, 242/588.6, 242/615.3, 225/52 -
4768693 Canister opener, James E. Tomaszewski, Sep 6, 1988, 225/94, 30/363, 30/120.3, 380/59 - to allow inspection prior to disposal
The KLL -1 is a more modern version of the KOI-18 made in Germany. (Crypto Museum: KLL-1)
Fig 11 UV flashlight
DS-102 protocol. This electronic key device looks very similar to the MX-18290 and is designed to hold TEKs and so replace the KOI-18. THe KYK-13 is smaller than the MX-18290.
Uses the common crypto battery BA-5372/U.
Holds 6 TEK variables.
20 Aug 2004 - there is some confusion about what key size the KYK-13 can hold. The PLGR can use the KYK-13 to load its GPS key which is 128 bits long. But other references say the KYK-13 can only hold a 64 bit key. I think it's 128 bit keys.
Instructions for loading key from paper tape (KOI-18) into KYK-13:
1. Connect the LOI-18 to the KYK-13.
2. Turn the KYK-13 selection knob to the desired buffer.
3. Open the latch on the LKOI-18.
4. Insert the paper tape (printed side up) into the slot marked IN.
5. Turn the KYK-13 command knob to ON.
6. Push the load INIT switch on the KYK-13.
7. Pull the paper tape thorough the KOI-18.
8. Turn the KEY-13 command knob to OFF.
9. Press the load INIT switch on the KYK-13. If the key was loaded successfully, the load indicator light on the KYK-13 will flash. (same as when loading a key into user equipment)
10. If more keys are needed to be loaded, turn the selection knog on the KYK-13 to the desired buffer, and startr again at step 3.
DS-102 protocol. Don't have much info in this Net Control Device, but it can load a TEK.
Powered from a BA-5372/U
Does support KY-57. See
TM 11 5820-890-10-3 pg 102 (3-20).
KYX-15A 5810-01-095-1312 Net Control DeviceTM 11-5810-292-13&P
Probably can hold different types of predefined variables and can load more than one variable because a switch allows selection of those that need to be loaded. This would make loading all the different variables into a modern SINCGARS radio much easier that with the above key loaders.
The VG switch position may mean Crypto Net Variable Generation, so this device actually generates a key. Used to load all the KY-57's on a SINCGARS radio net.
It must support 128 bit keys.
Fig 10 Small black and white wires
that have been cut as part of de-mill process.
Local Key GenerationNote that local key generation is a revolutionary concept. All prior keying methods depended on distribution of keys that were centrally generated. The problem with that is a spy (Walker Family for example) that gains access to the unused keys can comprise the whole system. In order to generate local keys requires a high quality hardware random number generator based on a noise diode or some other physical noise mechanism, not on any software algorithm. When a network of SINCGARS radios have their keys loaded using Over The Air Rekeying (OTAR) from the KYX-15() you know that the keys have not been compromised.
9 Switch positions:
Nice Photos of a KYX-15
- SEL-Z to zero selected slots
- OFF/CK for power OFF and for ChecKing a slot to see if it holds a valid key,
- LD for LoaDing a key into the KYK-15 or from the KYK-15, which direction depends on which device has it's initiate "load me" button pressed,
- VG for Variable Generation,
- AK for Auto Keying of a remote variable slot that holds a valid key,
- MK for Manual Keying a remote variable slot that is either empty or holds an obsolete key,
- RV for Remote Variable for filling the KYK-15 from a remote source over a radio, (same as RV on KY-57)
- VU for ?
- ALL for zeroizing all slots (with manual lock button)
Battery: DL123A, U9VL EMER ONLY, BA-3090/U - this is the very common 3 volt 123 photo battery.
Supports 128 bit keys.
This is the newest variable loader and it can hold all the different key formats now used and other stuff. It's internal clock is not good enough to set the time in a frequency hopping radio like the SINCGARS or Have Quick radios, not because of dropping battery voltage, but because it uses a crystal oscillator. All crystal oscillators change frequency with aging, temperature, power supply voltage, and other factors.
SINCGARS Fill cable is CX-13467, NSN 5995-01-379-9689. Note that the SINCGARS needs a number of different fills for both frequency hopping and for transmission security.
It's not clear if the Crazy 10 supports key generation. If not it needs a modification to support key generation.
The Crazy 10 uses 3 each common 123 photo batteries (aka BA-5123/U) in a battery adapter (NSN 5810-01-348-3147) that has standard "9 Volt" battery snaps. This way a common 9 Volt battery can be used if the 123 batteries are not available. But the common 9 Volt battery has only 0.6 AH compared to the 1.4 AH of the 123 battery. Also the cold temperature performance of common 9 volt batteries is very poor at and below freezing where the 123 battery is still going strong.
PS Magazine #571 pgs 48-51 - Beating the Battery Blues.
TB 11-5810-394-12 Generic Equipment Information and Instructions for the AN/CYZ-10 V3 (NSN 5810-01-393-1973) Data Transfer Device (DTD)
TM 5820-890-20-2 Chapter 6 Fill Devices
TB 5820-890-12 Operator and Unit Maintenance for AN/CYZ-10 Automated Net Control Device (ANCD) NSN: 5810-01-343-1194 (EIC: QSU) with the Single Channel Ground and Airborne Radio Systems (SINCGARS)
This is the replacement for the CYZ-10. Looks sort of like a hand held PDA. It would be interesting to learn how good it's internal clock is. i.e. can it be used to set the date and time or is a seperate GPS still needed? Ans: the PYQ-10 clock is the same as the Crazy-10 clock. Too bad they didn't improve it. I think I know how to make a 1,000 times improvement for a small amount of money.
from a now turned off Navy web page.
The KG-40A is a mandatory modified version of the older KG-40, which incorporates variable fill capability. The modification entails replacement of a printed circuit board (motherboard) and the front panel assembly. The KG-40A provides enhanced security using an improved cryptographic algorithm and electronic key capability. Because the KG-40A key is a standard 128-bit key, it can only be keyed by the AN/CYZ-10 Data Transfer Device (DTD) or a KOI-18 Common Fill Device (CFD). It cannot accept key from the KYK-13 Electronic Transfer Device (ETD) or from the KYX-15 Net Control Device (NCD). The KG-40A is an UNCLASSIFIED controlled cryptographic item (CCI) when unkeyed and is interoperable with the KG-40. When the KG-40A is keyed, classification equals that of the key installed.
(BC - note the KYX-15 above is the no change version, probably the KYX-15A does support 128 bit keys.)
MX-18290 Fill Device for early RT-1439 SINCGARS radios Hop setNot used for voice security.
CV4228 PC to SINCGARS Fill Cable
Fill Cable - not sure, but probably.NSN 5810-01-066-7587 is an official fill cable.
SINCGARS W4 CableSome of the SINCGARS manuals refer to the W4 as an Audio/Data/Fill cable. It's wired 1:1 on 6 contacts of the AUDIO connector.
U-229 Family ConnectorTaking a look at how this connector is used for: Audio, Fill, Data and Retransmission.
KD-100 Key Tape DisintegratorFor the destruction of paper or plastic key tapes
Back to Products made by Brooke, Crypto, Crypto Patents, Military Audio, Squad Radio, Military Information, Home page
Page created 14 Dec 2002.---------------------