CIPHER MACHINES AND CRYPTOLOGY
TSEC/KL-7 ADONIS & POLLUX
Home KL-7 Simulator

   
The TSEC/KL-7 is an American off-line crypto machine, introduced in 1952 by the National Security Agency (NSA). It was the first tactical lightweight electronic crypto machine, developed as standard crypto device for all parts of the U.S. armed forces. The machine was widely used by the U.S. and several of its NATO partners until the mid-1960s, and later on served as backup, often superenciphered on other systems, until its withdrawal from service in 1983.

The machine was a marvel of technology in the 1950s and combined the latest cryptologic knowledge and electronics. Its cleverly designed keyboard changes the signal direction through the rotors. Notch rings on its rotors control the rotor movement in a most complex fashion and vacuum tubes control the timing signals of the newly designed miniature printer. The machine was introduced under the name AFSAM-7, but had its name changed to TSEC-KL-7 in 1955.

The machine had excellent cryptographic properties and was designed to resist any cryptanalytic attack by the Soviets at that time, even when its technical details would have been compromised. Unfortunately, Chief Warrant Officer John Walker not only compromised the KL-7 design in 1967 by selling the complete technical manual to the Soviets, but also provided them with the key lists over a period of almost two decades. Walker's treason added even more to the Cold War myth, surrounding this fascinating machine.

The KL-7's history and technical specifications were kept secret for decades and information about the machine only gradually surfaced in recent years. This page is a tribute to the ASA and AFSA engineers and cryptologists who developed the KL-7, and to the men who worked with this machine while serving their country in all corners of the world. On this website you can also download an accurate and realistic TSEC/KL-7 simulator.


TSEC/KL-7 ADONIS & POLLUX
Image Copyright
www.cryptomuseum.com

General description Top

The TSEC/KL-7 is an off-line non-reciprocal rotor cipher machine with electro-mechanical and electronic components (vacuum tubes). The machine measures 12 x 12 x 3.37 inches (30,5 x 30,5 x 16,2 cm) and weighs a mere 20.5 lbs (9,3 Kg). The KL-7 operates on 24 Volts DC for the motor-generator (DC motor that drives an AC generator).

Electrical properties:

  • 24 Volt DC motor operating range from 21 to 31 Volts at 2.5 amperes. This motor mechanically drives the AC generator, pulse generator, printer drum and rotor stepping mechanism. The 24 Volts are also used for the vacuum tube filaments and the stepping electromagnets.
  • AC Generator delivers 150 to 180 Volts rms at 400 Hz and 5 Watts. To power the electronics, a full-wave bridge rectifier provides +200 and +220 Volts DC and a half-wave rectifier provides -70 Volts DC.
  • Pulse Generator produces the following pulses for the timing electronics for the printer when pressing (grounding) a key:
    - 10 Volt pulse from a single coil for letters-only keys.
    - 5 Volt pulse followed by a 10 Volt pulse from two coils in series for alpha-numeric keys.

The 24 Volts to power the KL-7 could either come from batteries, as available in vehicles, or from the mains. For use on mains there is a separate AC power converter that can be set to 100-125 V or 200-250 V at 50-60 Hz and its transformer with rectifier delivers 21 to 31V DC to the KL-7. The batteries or AC power converter output are attached to the connector of the 24 Volts power cord, located at the front-right of the machine (see also electronics section).

The KL-7 nomenclature:

  • TSEC/KL-7 is the complete machine.
  • KLB-7/TSEC Base is the base of the machine and support all other components.
  • KLA-7/TSEC Rotor Stepping Unit on top of the base contains the stepping mechanism, the actuator switches and carries the cipher unit (read more).
  • KLK-7/TSEC Cipher Unit, also referred to as rotor cage, holds 8 rotors that perform the actual enciphering, also denotes as encryption (read more).
   
The other important parts are the mode selector and sliding contact board underneath keyboard to switch the signals through the rotors and select the different cipher modes, and the set of rotors to perform the encipherment and notch rings to control their movement. The pulse generator, the timing unit and vacuum tubes, three 2D21 thyratron and one 12AX7 double triode, provide the timing signals for the printer, which prints the text or code groups on a gummed paper tape.


General Schematic
Top

Note: The full circuit diagram is available in the electronics section. All names, labels and numbering of components and electrical contacts on this page are identical to those in the original repair and maintenance document.

The continuously rotating DC motor drives the AC generator, and through a 3 to 1 reduction gear the pulse generator and printer drum, both on the same axle. The pulse generator drives the timing unit through another reduction gear. The pulse generator has a magnetic armature that rotates inside two stators with a total of 37 coils, of which 26 coils for letters, 10 for figures and one for the space. These coils are arranged in a 360-degree pattern in two separate rings and produce the timing pulse for the Print Hammer.

Depressing a key will ground one of the pulse coils. The rotors encipher that signal on its way to the pulse generator. The encipherment is non-reciprocal and the sliding contact board must therefore switch the direction of the signal through the rotors to switch between enciphering and deciphering. When the armature of the pulse generator passes a grounded coil, it induces a pulse that is passed on to both the Gate vacuum tube and to the step-up transformer. The transformer sends the pulse to Sharpener tube, which cleans up the signal and sends it to the Print tube to activate the print hammer.

If the Shift tube is in FIG mode, it tells the Sharpener tube to only react on high pulses from figure coils and ignores any low pulse from letters. The single-shot Gate tube prevents double or stray pulses by disabling the Print tube after the desired single pulse is processed until the printing and rotor stepping is completed and ready for a new pulse.

The Print tube also activates the timing unit clutch, causing the timing unit to perform one single cycle in 0.1 seconds (600 rpm). This cycle controls four cam switches with timing signals for the letters and figures function, the print control circuit, and to prevent multiple cycling.

The notch rings of the 7 rotors rings are sensed by the actuator switches of the stepping logic that activates some of the stepping magnets. These magnets enable drive pawls and the timing unit provides mechanical power to the drive pawls to move the rotors. More details and the complete circuitry are found in the electronics section.
.


The four vacuum tubes at the back of the KL-7 with spare 2D21 and 12AX7
Copyright D. Rijmenants


Mode Selector and Sliding Contact Board
Top

The Contact Panel Assembly comprises spring-loaded contacts across the bottom plate that mate with contacts at the bottom of the keyboard, stepping unit and printer. This modular design allows easy disassembly of all main parts of the KL-7 for maintenance and repair.

To switch between enciphering and deciphering, the KL-7 has a simple and compact solution to change the direction of the signals through the rotors. The keyboard contains a large Sliding Contact Board which is operated by the Selector handle with the positions O-P-E-D (Off - Plain - Encipher - Decipher).

The sliding contact board with its T-shaped contacts moves from right to left between the keyboard keys and the spring-loaded contacts on the contact panel assembly. The keys are all grounded and depressing them will ground the T-shaped contact plate at the top of the sliding contact board.

The selector handle has a pawl that grasps into a vertical slot on the left of the contact board. Turning the selector clockwise moves the sliding contact board from right to left. Two rails on the sliding contact board press it down onto the spring-loaded pins, meanwhile ensuring smooth movement of the contact board.

The sliding contact board also contains the main power switch. The KL-7 power cable with connector (on the right) passes the radio interference filter (vertical block right-side machine), enters at the right-side top of the keyboard (see flipped keyboard) and connects to two slide contacts that touch two copper stripes (double-T contacts) at the far right of the contact board. The board also switches various parts of the electronics.


Sliding Contact Board to switch signal direction rotors, power and electronics
Copyright D. Rijmenants

To encipher and decipher, each key has its own three connections on the Contact Panel Assemble underneath the sliding contact board. From left to right, for instance for letter G, these are named GE (G key Encipher), GP (G key Plain to its own pulse coil) and GD (G key Decipher). The contacts on the left and rights side of the cipher unit that contains the rotors are named conversely. For contact G this is EG (Encipher G) on the left side and DG (Decipher G) on the right side, thus the signals enters at the E side to encipher and at D side to decipher.

In Encipher mode, the depressed G key is connected via the T-shape and its GE contact to the EG (Encipher letter G) contact on the left side of the cipher unit that holds the rotors, and exits at the DH (Decipher H) contact on the right side, passes the small connecting bar of the H key and its goes from its Print contact to the H pulse coil.

In Decipher mode, the depressed H key is connected via the T-shape and its HD contact to the DH (Decipher letter H) contact on the right side of the cipher unit and exits at the EG (Decipher G) contact on the left side, passes the connecting bar of the G key and its goes from its Print contact to the G pulse coil.

The use of two neighboring T-shapes for each key enables the O-P-E-D sequence from right to left. The above is a simplified example with 3-pin rotors. In reality, the KL-7 uses 36-pin rotors. Note that, to perform the piggyback functions, some E, P and D connections from “J”, “V”, “X”, “Y”, “Z”, SPACE, FIG and LET are swapped, and additional contacts on the sliding contact board switch some piggyback wires and other control functions.

The sliding contact board also has a notched part in front of the printer mechanism. With the mode selector in Encipher position, this cam pushes a pin into the printer mechanism causing the KL-7 to print a space after each fifth character, the standard format for cryptograms.

The optional tape reader called TSEC/HL-1 enabled directly reading and processing five bit punched tapes on the KL-7. The cable that connected the HL-1 with the KL-7 required the removal of the complete keyboard cover and sliding contact board, and replace it with the KLX-7 Keyboard Adaptor.

The improper functioning of the sliding contact board or the rotor contacts affects the reliability of the KL-7. When a bad connection occurs inside the sliding contact board or between two of the rotors, the proper pulse coil will not be grounded and consequently the print hammer, the clutch and rotor stepping are not activated. This is called a dead-rove, usually caused by poor maintenance.


The Rotors and Notch Rings
Top

The enciphering in the KL-7 is performed by the rotors. These are set according to the key list. Each individual rotor performs a substitution cipher. The rotor core wiring is still classified and most surviving rotors are either stripped of their wirings or inaccessible. Its wiring was also changed on a regular basis, in contrast to, for instance, the German Enigma where the wiring never changed during its whole service time (the U.S. cryptologists learned the lessons).

The KL-7 had a set of 12 rotors to choose from, later expanded to 13, labelled "A" through "M". (see CORE on part of the key list at the right). Each rotor core has 36 flat contacts on the left side (as seen in cipher unit windows) that are wired in a scrambled fashion with 36 spring-loaded contacts on the right side. The wiring performs a substitution encipherment. An adjustable black alphabet ring is attached to the rotor core. These letters are visible through the little windows of the cipher unit. The drive-pawls from the rotor stepping unit use the notches on the alphabet ring to advance the rotors.

The side of of alphabet ring is also marked with the numbers 1 through 36. By depressing the alphabet ring, it can rotate relative to the rotor core wirings. This is done by aligning an alphabet ring number with the white arrow on the side on the rotor (ALPHA RING SET). The 36 positions on all alphabet rings are labelled as show in the table below. Note that 10 of the positions on the alphabet ring are left blank.

Rotor Labels A B   C D E   F G   H I J   K L M   N O   P Q R   S T   U V W   X Y Z  
Numbers aside 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
   
The KL-7 also has set of 11 white plastic notch rings. The notches and cams on these rings control seven stepping switches in the rotor stepping unit. They are responsible for the highly irregular movement of the rotors. These notch rings were also part of the key settings.

The notch rings are labelled 1 through 11 on their side, next to a little black arrow (NOTCH RING & SET number). The notch ring is attached on any of the rotor cores by aligning the black arrow of the notch ring with the little hole near the edge of the rotor, then depress and align the notch ring with the required letter on the alphabet ring (NOTCH RING & SET letter). Since there are some blanks on the alphabet ring, these positions are marked on the key list as the letter at its left with plus sign (e.g. position 18 is M+).

As part of the key settings, a selection of seven notch rings are attached to the seven moving rotors. The stationary rotor at the fourth (non-moving) position in the cipher unit must always carry the special the wide ring and is aligned according to the key list (WIDE RING SET).


KL-7 rotors with black alphabet rings and white notch rings
Image Copyright
www.cryptomuseum.com


The Cipher Unit (Rotor Cage)
Top

The detachable KLK-7 cipher unit or rotor cage holds the eight rotors that are selected from the key list. The KL-7 uses a complex re-entry system that can cause multiple enciphering of a single character. When the signal leaves the exit rotor there are two possible situations: the signal either is passed immediately to the pulse generator through one of the 26 wires, or it leaves the exit rotor on one of the 10 re-entry contacts. In the latter case, the signal is sent back to one of the 10 re-entry contacts at the entry rotor, to perform a new pass through the rotors. When the signal leaves the exit rotor again, the situation is repeated.

Depending on the internal wiring and current position of the rotors, the signal performs one or more passes (theoretically up to 10 passes) through all rotors before leaving the exit rotor towards the pulse generator. This results in a most complex signal path that constantly changes in both number of passes and its way through the rotors. Note that the above drawing is a simplified example with three 6-pin rotors and 2 re-entry connections. In reality, the cipher unit has eight 36-pins rotors and 10 re-entry wires.

The cipher unit has a fixed end plate on the left with 36 spring-loaded contacts in a circular fashion, and a fixed spindle attached to it. The end plate on the right of the cage has 36 flat contacts in a circular fashion and is removable to load the rotors.

Both end plates have at the bottom (see image) a connector with 26 flat contacts that make contact with spring loaded pins on the Base, which connect with the 26 letters from the sliding contact board.

The end plates also have a connector with 10 flat contacts (re-entry) to connect with spring loaded contacts on the rotor stepping unit, which connects the wires of both sides straightforward between left and right (1-1, 2-2, 3-3...) to act as re-entry loops.

Once all rotors are inserted, the cipher unit is placed in the rotor stepping unit and fixed with two locking levers at the front left and right of the rotor stepping unit.

The table below shows the wiring order between base and cipher unit end plate pins. The pins are numbered clockwise (seen from the left) and pin 1 is aligned with the white index stripe on the cipher unit windows. Both cipher unit end plates are wired identically. The letter “Q” from the sliding contact board wired to end plate pin 1, letter “P” to pin 2 and so on.


KLK-7 cipher unit with rotors, bottom view
Copyright D. Rijmenants

Base connections Q P 0 N F C 3 Y O M 9 G R 8 U I 7 B H 2 V T W 6 X S 4 J L Z 5 D K E A 1
End Plate Pins 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36


The Pulse Generator
Top

When a key is depressed, the pulse generator converts the signal that passed through the rotors and the keyboard into accurate timing signals for the electronics to control the printer and to activate the clutch of the timing unit which also provides mechanical power to the rotor stepping unit.

The print hammer must activate at the exact moment a given letter on the rotating printer drum passes the hammer. To achieve this, the pulse generator provides exact timing. He consists of a magnetic armature, rotating clockwise at 2200 rpm, and two stators with pulse coils. The print wheel with all letters and figures rotates on the same axle as the. When the electronics receive a pulse from a coil it will activate the print hammer at the appropriate moment. There are 37 coils for 26 letters, 10 figures and the space.

The front stator has 19 coils. The rear stator has 18 coils and is positioned exactly behind the front stator. The rotor armature (blue at above image) has two separate magnetic poles, one for each stator. The rear pole lags 9.47 degrees behind the front pole. This ensures that only one coil at a time is induced, either on the front or rear stator.

The KL-7 combines the 10 figures with 10 letters in the top row alpha-numeric keys. The electronics must therefore detect the difference between printing a letter or its corresponding figure. To do so, the alpha-numeric keys have two coils in series, a 5 Volts low pulse coil (green) for letters and a 10 Volts high pulse coil for figures (yellow). One special alpha-numeric combination is the letter V low pulse coil in series with the SPACE high pulse coil , which is part of the piggyback system.

All other letters have a single 10 Volts high pulse coil (red). The difference between the low and high coils is the size of their core and winding. Note that the red and yellow high pulse coils are identical and only differ in color to distinguish letter and figure coils in the drawing.

Depressing a key grounds one side of its corresponding single coil or two coils. The common side of all coils is connected to the step-up transformer. The moment the magnetic core passes a grounded coil, it will induce a current in the coil. This pulse is passed to both the Gate tube and the step-up transformer.

The Gate tube works as single-shot multivibrator and enables the Print tube to process the Sharpener tube pulse, but only for a very short time. This ensures that only the current pulse activates the Print tube, and following pulses are ignored.

The 1:3 step-up transformer inverts the pulse phase and raises the minus 5 to +15 Volts and minus 10 to +30 Volts to prepare the pulse for the Sharpener tube control grid (see images). The Sharpener tube passes the cleaned up pulse to the Print tube.

To conduct, the Sharpener tube control grid potential must be higher than the tube's cathode potential. If the control grid potential is lower than the cathode, this represents a negative bias and the Sharpener cannot conduct. To make the Sharpener conduct, the incoming positive pulse on its grid must overcome or "pull up" the negative bias enough. This negative bias acts as a threshold (i.e. hurdle) enabling the Sharpener tube to distinguish low and high pulses.

The Shift tube holds the current shift mode. In LET mode, the Shift tube puts 8 volts on the Sharpener cathode. Without pulse, the transformer grounds the Sharpener grid to 0 Volts, causing a minus 8 bias (0 - 8 = -8). In FIG mode, the Shift tube increases the Sharpener cathode potential to 22 Volts, causing a minus 22 bias (0 - 22 = -22).

In LET mode, the default minus 8 Volts bias is a low threshold and the Sharpener tube will accept both high pulse letters ( -8 + 30 = +22) and low pulse letters from the alpha-numeric double-pulse (-8 + 15 = + 7) but its associated high pulse figure, although high enough ( -8 + 30 = +22), does not trigger the Sharpener tube because the tube's 11 ms recovery time is longer than the 2.88 ms between the two pulses (only one coil distance, e.g. Q and 1).

In FIG mode, the Shift tube increases the bias to approximately minus 22 Volts, resulting in a higher threshold. The Sharpener tube then ignores the alpha-numeric low pulse letters as they doesn't pass the threshold (-22 + 15 = -7) and will only react on alpha-numeric high pulse figures (-22 + 30 = +8).

The following situations will occur when depressing any key:

  • LET mode (print letter): All high pulse letters are printed. Alpha-numeric low pulse letters are printed and their following high pulse figure not processed.
  • FIG mode (print figure): Only high pulses are accepted. Alpha-numeric low pulse letters are ignored and only their following high pulse figures are printed.

The Gate tube prevents double or stray pulses, but not using this functions also enables the repeat key. The RPT repeat key forces the Gate tube to keep the Print tube ready. When pressing the RPT simultaneous with another key, that character is printed continuously.

Depressing a key will always activate the printer and the timing unit clutch. Note that the space key only activates the clutch and advances the paper one step without printing, and the space and piggyback letters are swapped and print other characters, depending on the state of the sliding contact board (see also letters and figures).


Letter single high pulse

 

Alpha-numeric double pulse

Pulse signals are measured
after the step-up transformer


Pulse Generator front view
Image George Mace


The Timing Unit Top

The timing unit has a cam shaft that controls four cam switches. These switches provide timing signals to the electronics. That same shaft also provides mechanical power to the paper strip and ink ribbon, and is connected through a gear to the pawl system of the rotor stepping unit to advance the rotors. The timing unit also has a clutch that is engaged by its trip magnet.

When the clutch is engaged, the timing unit is connected to the DC motor by gears. The rotation of the timing unit and cam switches is therefore in sync with all other mechanical processes of the KL-7. The gears with 11: 1 motor/timing ratio give the timing unit a speed of 600 rpm or 0.1 seconds for one revolution.

When the Print tube energizes the trip magnet, the clutch is engaged and the timing unit performs one single revolution in 0.1 seconds. During this cycle, the four cam switches send their timing signals to the electronics and the paper strip and ink ribbon move one step further.

Also during this cycle, only those rotors that have been released by their associated stepping magnet are advanced one step. Thanks to the timing signals, the electronics know when the mechanical cycle has been completed.

The cam switches on the timing shaft control the following functions:

  • Letters cam controls switching LET circuit and printing LET.
  • Figures cam controls switching FIG circuit and printing FIG.
  • Repeat cam prevents multiple cycling and stray pulses.
  • Charge cam for fast recharge of the Print and Trip magnet capacitors to prepare them for the next machine operation. Also prevents the Print tube firing more than once during a single key operation.

More about the cam switches in the electronics section.


The Rotor Stepping Unit
Top

The KLA-7 rotor stepping unit supports the cipher unit (rotor cage) and controls the stepping of the rotors. At the rear of the cradle, there are eight large stop pawls that prevent any non-moving rotor from moving along with neighboring moving rotors. The fourth stop pawl normally isn't used, but keeps that fourth rotor in place when testing the rotors on a special axle without the rotor cage shell.

In the middle of the cradle are seven drive pawls to advance the rotors by grasping the notches in the rotor alphabet ring. These pawls are mechanically powered by the timing unit, under control of seven stepping magnets from the stepping logic.

In front of the drive pawls are seven tiny cams from actuator switches that read the notch rings on the rotors. These pile-up switches control the stepping logic for the stepping magnets. Just before the cradle are seven Set Key buttons to manually advance each individual rotor.

When a key is depressed, the pulse generator passes the signal to the Print tube which in turn will activate the timing unit that executes a single cycle. The stepping of the rotors is mechanically driven by the timing unit side shaft that rotates the crankshaft assembly for the rotor stepping unit.

The crankshaft assembly has an eccentric crank pin that is connect to the drive link assembly and converts the rotation into a back and forth movement that is passed to the drive shaft by the rotor stepping crank.

There are 7 ball-bearing roller cams fixed to the drive shaft, that's one for each moving rotor (forth rotor doesn’t move). The roller cams hold the drive linkage forward. When the timing unit cycles, the drive shaft rotates 75 degrees in clockwise direction and the 7 rollers move downwards, away from the 7 drive linkages.

Each drive linkage has a spring that pulls the linkage backwards. However, when the stepping magnet of an associated drive linkage is not energized, the magnet prevents that drive linkage from moving backwards.

During a cycle, some of the stepping magnets are energized by the stepping logic, under control of the 7 actuator switches. When a stepping magnet is energized and the drive shaft turns the roller cams away from drive linkages, the associated drive linkage moves backwards, causing its drive pawl to move backwards.

At the same time, the drive linkage also releases the associated stop pawl, which is then pushed downwards by the stop pawl spring to enable its rotor to move. Its sloped end slides the drive pawl out of the associated black alphabet ring notch of its rotor. When the drive pawl arrives at the next notch, the small spring on the drive linkage will force the drive pawl upward into the next alphabet ring notch.


KLA-7 Rotor Stepping Unit with the Cipher Unit removed
Copyright D. Rijmenants



When the drive shaft has reached it maximum swing angle, the roller cams return forward and push any released drive linkages back to the forward position. The flat end of the drive pawl pushes its rotor one step further. The drive linkage spring eventually forces the stop pawl upward into a free alphabet ring notch. During a stepping cycle, these stop pawls prevent non-moving rotors from moving along by the force of moving neighboring rotors.

On the right of the drawing are the 7 actuator switches that sense the white notch rings on the rotors. In the Plain mode, the operator can use the 7 Set Key buttons to manually step the individual rotors and set them in the proper position (see procedures enciphering and deciphering). During enciphering and deciphering, each key stroke causes some of the rotors to step in a highly irregular fashion under control of the 7 actuator switches.

In the circuit diagram below, all actuator switches are shown inactive. Each switch is a pile-up of the two sections, Sa and Sb. Note that the order of the upper Sa section is as actually positioned in the rotor stepping unit. The order of the lower Sb section and the stepping electromagnets is mixed to make the circuit diagram more readable and these are actually placed from left to right according to their number. There are only 7 switches and stepping magnets because the stationary fourth rotor is skipped. The pins on all switches are numbered the same as on switch S301a and b.

The stepping circuit is powered by the same 24 Volts DC that powers the DC motor and the tube filaments. The switch is part of the sliding contact board and determines which part of the circuit is powered, depending on the cipher mode.

In Encipher (E as shown in drawing) and Decipher (D) mode, only the upper Sa section of the switch pile-up, used for sensing the notch rings, is powered (route K1 - K10+12 - K11 - A3 - B3). Magnets 2 through 6 are each controlled by two switches in OR logic. These magnets are activated when at least one of the two switches has the appropriate state. Magnets 1 and 7 are controlled by three switches and are activated when one switch is inactive AND at least one of two other switches is inactive. At least two magnets are always active at any given moment.

In Plain mode, only the lower Sb section is powered (route K1 - K10+12 - K13 - A4 - B4). Depressing a Set Key button first energizes its stepping magnet through contacts 4 and 2 to release the corresponding drive linkage. A fraction later, contact 4 is pushed against contact 1 that energizes the trip magnet, causing the timing unit to perform a cycle and provide mechanical power to step the corresponding rotor. If the Set Key button is still held down after completing the cycle, the rotor will continue to step until the button is released.

The stepping logic is wired in such way that a situation where none of the rotors move is avoided as this would cause the rotors to halt permanently. The logic table on the right shows the required notch combinations to move a rotor. The stepping of a single rotor is controlled by two or three separate notch rings. Two notch rings can produce a maximum period (unique movement sequence) of 1,296 and three rings a maximum period of 46,656. This is for one single rotor. The combination of seven notch rings therefore provides a most complex stepping sequence.

Notch Rings (0 = inactive & 1 = active) Rotor
that
steps
Ring 7 = 0 AND (Ring 2 = 0 OR Ring 3 = 0) 1
Ring 5 = 0 OR Ring 6 = 0 2
Ring 2 = 1 OR Ring 6 = 1 3
The stationary rotor has no actuator switch n/a
Ring 2 = 0 OR Ring 3 = 0 4
Ring 1 = 0 OR Ring 3 = 1 5
Ring 1 = 1 OR Ring 5 = 1 6
Ring 4 = 0 AND (Ring 2 = 0 OR Ring 3 = 0) 7


The Printer
Top

The KL-7 has a continuously rotating print drum at 2200 rpm, fixed on the same axle as the pulse generator. The print drum has the complete set of letters and figures on its circumference. The moment that the magnetic armature of the pulse generator passes a grounded coil, the Sharpener and Print tubes pass this signal to the print hammer and the timing unit clutch.

The print hammer pushes the paper upwards against the print drum, with the inked ribbon between them, at the exact moment that the required character passes the print hammer. The two ink ribbon spools are behind the removable black cap.

A pin, controlled by the sliding contact board, mechanically switches between continuously printing (plaintext) and five-letter groups with a space between each group (ciphertext). The paper roll is stored in the black circular casing between the motor block and the cipher unit.


Letters and Figures
Top

The KL-7 can process 37 different characters: the letters A through Z, the figures 0 through 9 and the SPACE. The rotors, however, can only process 26 characters because 10 of the 36 connections, from and to the cipher unit, are hard-wired from output to input for the re-entry function (the 36 rotor contacts have no relation with the 36 letters and digits). Moreover, the enciphering reduces the 37 characters to a 26 letters ciphertext.

To enable enciphering 37 different characters into letter-only code groups, the KL-7 uses a system, similar to the teletype code. Two signals, LET and FIG, switch the machine between letters and figures. Both character sets use the same signals and they are distinguished only by the FIG or LET mode on that particular moment. To show the current state, a neon bulb lights up when the KL-7 is in FIG mode. The characters “QWERTYUIOP” are processed as “1234567890” in FIG mode.


Printer system with electromagnet for print hammer.
At the bottom the pin to control printing in groups.
Copyright D. Rijmenants

This still gives 26 alpha (-numeric) keys, the additional SPACE, LET and FIG. The KL-7 must encipher these three additional characters into a letters. Therefore, the KL-7 design permits the special functions to piggyback on some of the existing alphabet letters. The letters “J”, “V”, “X”, “Y” and “Z” were selected because they are some of the less frequently used letters.

  • Before enciphering, the letter “Z” is changed into “X” and the SPACE key into the letter “Z”.
  • After deciphering, “Z” is translated back into a SPACE and the letter “X” (originally the letter “Z”) remains an “X”.
  • Before enciphering, the letter “J” is changed into “Y” and the FIG key is changed into “J”.
  • After deciphering, the letter “J” is not printed, but causes the KL-7 to switch to FIG mode. The letter “Y” remains “Y”.
  • Before enciphering, both the letter “V” and the LET (letters) key are changed into the letter “V”.
  • After deciphering, if the KL-7 is in LET (letters) mode at that time, the letter “V” remains “V”. If the KL-7 is in FIG mode, the letter “V” causes the KL-7 to switch back to LET (letters) mode and also prints a space.


FIG mode neon lamp and the counter unit
Copyright D. Rijmenants

This system of additional functions that piggyback on normal letters is the most practical method and also the least invasive for the readability of the text. Nonetheless, the design came with a cost. The KL-7 test phrase shows the small changes that occur. The first sentence is the text before enciphering and the second sentence is the same text after it is deciphered back into plain text. To show the effect of switching between LET and FIG mode more clearly, the spaces in the example below are replace by a dash. Notice that only the seldom used letters “J” and “Z” are affected by the piggyback system.

THE-236TH-QUICK-RED-FOX-JUMPED-780-TIMES-OVER-THE-1459-LAZY-BROWN-DOGS

THE--236-TH-QUICK-RED-FOX-YUMPED--780--TIMES-OVER-THE--1459--LAXY-BROWN-DOGS

To accomplish the piggyback of the SPACE key on letter Z, the sliding contact board reroutes the X, Z and SPACE signals. The following drawings explain the rerouting of those letter in the different modes.

Note: Below, any unspecified letter, key or pulse coil (A through Z) is denoted by (delta). Underneath each key are three contacts, named e-p-d (encipher - plain - decipher. Thus, the contacts underneath the A key are named Ae, Ap and Ad. The left side contacts of the cipher unit that holds the rotors are named EA through EZ (Encipher this letter) and the right side contacts are named DA through DZ (Decipher this letter). See also sliding contact board.

  • Plain Mode

In plain mode, the p-contact of each key is connected to its corresponding pulse coil (black route). Zp to the Z coil and Xp to the X coil. Both are high pulse coils (red). Depressing the letter Z or X will close the circuit of its corresponding coil. When the magnetic armature of the pulse generator passes that coil, the induced signal is stepped up by transformer T101, passed to the sharpener and print tube, and printed.

The SPACE key is connected to a junction on the V-SPACE coils pair. This special feature is also used in the separate FIG circuit. By using the junction, depressing the SPACE key will only close the SPACE coil circuit.

All other keys are also connected via their p-contact to the corresponding pulse coil. These coils can be high pulse letter coils (red) or low pulse alpha-numeric coils (green). The low pulse V coil from the V-SPACE pair is connected to the V key's Vp contact.

In plain mode, the signals do not pass through the rotors in the cipher unit.

  • Encipher Mode

In encipher mode, the e-contact of each key is normally connected to the corresponding E-contact on the cipher unit left side. This however is not the case with the piggyback Z key.

The Z and X key e-contacts (red route) are now both switched to the EX-contact (Encipher X) on the cipher unit left side. This doesn't affect the X, but the letter Z also becomes X, because the SPACE needs the Z to piggyback.

Therefore, the SPACE key's e-contact (blue route) is connected to the cipher unit left side EZ-contact and actually enciphers the letter Z that will represent the SPACE.

The enciphered version of all letters exits the cipher unit right side at one of the D-contacts. This can be any of the 26 letters DA through DZ, even the depressed key itself, depending on the rotor positions and wiring.

The signal then travels to the key that corresponds with the cipher unit's D-contact, enters that key's d-contact, passes its small connecting bar and its p-contact to the pulse coil and prints the enciphered letter.

  • Decipher Mode

In decipher mode, the d-contact of each key is connected to the corresponding D-contact on the cipher unit right side (black route). The only exception is the SPACE key, which is not used, as only letters are to be deciphered.

The deciphered version of all letters exits the cipher unit left side at one of the E-contacts. This can be the any of the 26 contacts EA through AZ, even the depressed key itself, depending on the rotor positions and wiring.

The signal then travels from that E-contact to the key that corresponds with the deciphered letter, enters that key's e-contact, passes its connecting bar and p-contact to the pulse coil, and prints the deciphered letter.

When a depressed key represents the enciphered X, the signal exits the cipher unit as deciphered letter X on the left side EX-contact. The signal (red route) then travels to the Xe contact and via a connecting bar to the X coil, to print the X. Thus both originally plain X, and the Z (changed into X) are deciphered and printed as X.

When the depressed key represents the enciphered Z, the signal exits the cipher unit left side as deciphered Z at the EZ-contact. Since the deciphered Z actually represents a SPACE, the signal (blue route) does not travel to the Ze contact, but via the SPACE Key's e-contact and connecting bar to the SPACE coil to print a space.


The Electronics
Top

The KL-7 is powered by a Power Cable, connected to a 24 volts source (e.g. vehicle battery) or by the seperated AC Power Converter unit that converts 110V or 220V AC into 21 to 31 volts DC (24 volts is ideal). Both have a cable with Amphenol AN 3101A Mil Spec connector (2 pins female) with AN 3057-4 cable clamp that mates with the KL-7's power cable with male connector.

The AC Power Converter has a switch to select the AC input voltage. For 100-125 volts, the two primary windings are switched parallel (routes 1w2-11-14-15 and 1-13-12-3w4). For 200-250 volts, the primary windings are switched in series (route 1w2-11-12-3w4). Since the primary windings in series are twice as much windings, relative to the secondary winding, the output voltage is inversely proportional halved.

The secondary winding is connected to two selenium full-wave bridge rectifier stacks that are connected in parallel. The first version of the power converter produced 2.5 Amps output current and a later version with 4.5 Amps (as of sn15413) was more efficient for the selenium rectifiers and the KL-7 motor. The AC Power Converter measures 10.6 x 4.7 x 4 inches (27 x 12 x 10 cm).

The KL-7 has a power cable with AN 3106A connector (2 pins male), connected to the Radio Interference Filter which is mounted in the right-side rack (see photo mode selector). From the filter, a short cable enters the KL-7 at the right-side top of the keyboard. Via two fuses and two slide contacts, the 24 volts arrive at the double T contacts (see also circuit diagram below). The rack also carries a dummy female connector to secure the power cable during transport.

The filter suppresses current variations on the power cable as these can cause interference on the mains grid or even piggy-back on the modulated signals of nearby radio equipment, leaking signals that could be exploited by the adversary, even at great distance.

The Pi-type filter attenuates these signals over a wide band of frequencies. The filter assembly was sealed and maintenance or repair was not allowed. If the filter malfunctioned, the complete filter assembly had to be replaced. More about the security risks of stray signals is found on our TEMPEST page.

To follow the circuit diagram of the KL-7, we need to know the type of vacuum tubes and how they function, as they are crucial to process the keyboard pulses and control the timing signals for the printer. The KL-7 has one 12AX7 and three 2D21 tubes. These were produced by many manufacturers like RCA, Brimar, Mullard or JRC, but for military supply contracts they were designated JAN 12AX7 and JAN 2D21 (Joint Army-Navy electronics standard nomenclature).

The 12AX7 Twin Triode consists of two separate triodes (three electrodes each) making this tube very suitable for use as multivibrator. For each triode, the current between its positive anode, called plate (pin 1 and 6), and the cathode (3 and 8) is controlled by a very small voltage on the control grid (2 and 7). The more positive the control grid is, the more current flows from plate to cathode. A negative control grid bias stops the flow of current. Note that electrons flow in opposite direction from the conventional flow of current. A positive control grid will therefore attract the electrons from the cathode and lead them towards the plate. The 12AX7 has two separate heater filaments in series (4 to 5) with a center-tap (9), making it possible to operate at 6.3 volts, as used in the KL-7, or in series at 12.6 volts (data sheet).

Although the physics are quite different, you could compare the triode with the modern NPN transistor, where the current from collector to emitter is controlled by its base.

The 2D21 Shield-grid Thyratron works quite differently from the triode. This thyratron is a xenon gas filled tetrode (four electrodes) that operates as electronic switch and can handle higher currents than normal vacuum tubes. A negative bias on the shield grid (pin 5 or 7) will repel the electrons from the cathode (2) and prevent them from reaching the plate (6) and firing the tube, regardless the bias on the control grid (1). When both control grid and shield grid are positive, the xenon gas ionizes and the electrons multiply (i.e. Townsend discharge). The resulting plasma creates a high conductivity (virtually a short circuit) between the plate (6) and the cathode (2). Once the current flows, the only way to stop that flow is to either reduce the plate voltage below the critical threshold or to cut off the plate current completely, as for instance done by the timing unit charge cam switch (data sheet).

The 2D21 therefore acts as a fast switch, either on or off, and you could compare the thyratron with a relay switch, or with the modern thyristor or FET transistor where the current is switched by its gate voltage.


12AX7 Twin Triode and 2D21 Thyratron

Below the full circuit diagram (click to enlarge). All components in the circuit diagram are labeled in the same way as in the original maintenance manual and circuit diagram. Since the original circuit diagram is pretty hard to read, the different sections of the electronics are presented here well separated. The orange dots represent parts of the sliding contact board.

At the top left of the circuit diagram is the power supply for all electronics. The 24 Volts DC arrives at two double T contacts on the sliding contact board and powers the DC motor that drives the AC generator. The 24 Volts that power the DC motor is also used for the filaments of the four vacuum tubes. The full wave bridge rectifier, followed by two diodes, provides +220 Volts at terminal W4. The rectifier + is also directly connected through terminal W8 to resistors R109 and R110 to provide +200 Volts at terminal W2 for some parts of the circuit. A half wave rectifier provides the negative 72 Volts.

The pulse generator in the center left converts a key stroke into one or two pulses when that pulse coil is grounded and induced by a rotating magnetic armature. 15 letter keys have a single high pulse coil. 10 alpha-numeric keys have a low pulse and high pulse coil in series (see also pulse generator chapter above). For the piggyback system, the V key has a low pulse coil in series with the SPACE key high pulse coil that includes a junction.

The pulse is sent to both the V104 Gate tube in the top section and to the T101 step-up transformer in the center. The Gate tube acts as single-shot multivibrator that controls the bias of the Print tube shield grid to limit how long the Print tube is allowed to accept pulses and send signals to the printer.

In the center of the diagram is the V102 Sharpener tube that receives the pulses from the step-up transformer. The Sharpener serves as a threshold to distinguish low and high pulses and its control grid bias is determined by the V103 Shift tube via the R119 - R122 - R123 resistor network. In LET mode, a low pulse is sufficient to overcome the minus 8 volt bias on the Sharpener control grid. In FIG mode, the voltage drop on terminal W5 makes the sharpener control grid bias more negative, requiring a high pulse to fire the sharpener.

The V101 Print tube only fires when the triggered Gate tube overcomes the Print tube's negative shield bias, and the pulse it received from Sharpener tube simultaniously overcomes the Print tube's negative control grid bias.

When the Gate tube is triggered and the Print tube has activated the timing unit, the Repeat Cam switch disconnects the positive voltage from the Gate tube A plate (anode), providing the Print tube shield grid with a negative bias. This prevents the Print tube from firing stray pulses from the keyboard or from pins on the moving rotors. Once the cycle and rotor stepping is completed, the Repeat Cam switch closes again and the Gate and Print tube are ready for the next cycle.

When the RPT key (repeat) is depressed, the negative bias on terminal X1 and on the Print tube shield grid is removed and the tube is ready to fire at any pulse it receives from the Sharpener tube. Depressing the RPT key together with a letter key will therefore continuously print the depressed plain or enciphered letter.

When the Print tube fires, the print and trip magnet are activated. Both magnets are energized in a quite special way. The Print capacitors C101 & C102 and Trip capacitors C106 & C107 are constantly charged though R109 and R110 to +200 Volts. When the Print tube fires, this short the circuit and discharges the caps though the tube-print-trip circuit, in series with the caps.

This activates the timing unit to perform one cycle, and switches on the cam shaft provide four timing signals. During this cycle, the Charge Cam switch shorts the 10K resistor R110, leaving only the 1K resistor R109 between the 220 Volts at W8 and the capacitors at W2, ensuring a fast recharge of the caps to be ready for the next machine cycle. The Charge Cam switch also disables the Print tube until the cycle is finished, preventing the Print tube from firing multiple times during a cycle.

At the bottom of the circuit diagram is the Shift tube section that memorizes the current shift mode, shows the current mode with a neon lamp and controls the threshold of the Sharpener to know what signals to accept in LET or FIG mode.

The switches with an orange dot in the above circuit diagram represent parts of the sliding contact board and shows how they influence the stepping of the rotors, the shift mode circuit and some of the keys. How those switches work is shown below.

  • Auto Space Switch. When the mode selector switches between Plain and Encipher, the Auto Space Switch quickly discharges the Print and Trip capacitors through the R129 resistor, causing the Print and Trip magnets to initiate a single cycle of the timing unit and stepping of the rotors. This scrambles the positions of the rotors, depending on the notch rings, which is used in the enciphering procedure. On the drawing you see the actual switch on de sliding contact board. In Plain, the resistor is only connected to the bridge and the switch is not activated. When the bridge is halfway towards Encipher position, the +200V is connected briefly to the resistor to discharge the capacitors.

  • Shift Mode Switch. This switch allows in Plain and Decipher mode to pass the current shift mode through the R119 - R121 - R122 resistor network to the V102 Sharpener tube. However, in Encipher mode the KL-7 should only print ciphertext letters. The Shift Mode switch therefore disconnects in Encipher mode the resistor network from the V103 Shift tube to keep the Sharpener in LET mode. The neon lamp then only serves as indication of the shift mode. On the drawing you can follow the path from the shift mode through the resistor and neon lamp to the resistor network (plain and decipher) or disconnected and passed to R133 (encipher).

  • Repeat Key. The pins of this key are connected through the sliding contact board to the shield grid of the V101 Print tube in both Plain, Encipher and Decipher mode. Depressing the RPT key together with a letter key therefore continuously print that letter in all modes.

The letters cam switch and figures cam switch from the timing unit control how the piggyback letters for LET and FIG keys are processed. Since we have the Plain, Encipher and Decipher mode and two shift modes, there are six different ways these keys are processed. To accomplish this, the sliding contact board reroutes the FIG and LET keys, and the figures and letters cam switches.

Note: Below, the unspecified key, letter or pulse coil (A through Z) is denoted by (delta). Also, the actual circuit uses a few more switches on the sliding contact board to avoid conflict with other key circuits in the different modes, but the route of the signals is as shown below.

The FIG key operation:

  • Plain mode. The FIG key is connected directly to FIG contact (3) of the Shift tube circuit. Depressing the key instantly activates the FIG mode and the neon lamp lights up. No actions are required to step the rotors as there is no enciphering. What you type is what you print.

  • Encipher mode. The FIG key enters the cipher unit as piggyback letter J at the EJ contact. Its enciphered version exits the cipher unit at the D contact and is routed through the Figures Cam Switch to the pulse coil to print that letter. Since LET mode has a low threshold, all low and high pulse letters are printed. The timing shaft rotates, and at 10 degrees the Figures Cam Switch changes connection to the FIG contact (3) of the Shift tube circuit. The neon lamp lights up, but only acts as indication to the operator. The machine itself stays in LET mode to print ciphertext letters (see Shift Mode Switch).

  • Decipher mode. The letter , representing the enciphered letter J, is depressed and enters the cipher unit at the D contact. The deciphered version exits the cipher unit at the EJ contact as piggyback letter J and is routed through the Figures Cam Switch to the SPACE junction (part of V-SPACE coils pair). Although in series with the V coil, the SPACE is printed because its coil is grounded separately from the V coil. The timing shaft rotates, and at 10 degrees the Figures Cam Switch changes connection to the FIG contact (3) of the Shift tube circuit. The machine is set to FIG mode and the neon lamp lights up.

The LET key operation:

  • Plain mode. The LET key is connected directly to LET contact (4) of the Shift tube circuit. Depressing the key instantly activates the LET mode and the neon lamp goes out. No actions are required to step the rotors as there is no enciphering. What you type is what you print.

  • Encipher mode. The LET key enters the cipher unit as piggyback letter V at the EV contact. Its enciphered version exits the cipher unit at the D contact and is routed through the Letters Cam Switch to the pulse coil to print that letter. Since LET mode has a low threshold, all high and low pulse coil letters are printed. The timing shaft rotates, and at 10 degrees the Letters Cam Switch changes connection to the LET contact (4) of the Shift tube circuit. The neon lamp goes out, but only acts as indication to the operator. The machine itself stays in LET mode to print ciphertext letters (see Shift Mode Switch).

  • Decipher mode. The letter , representing the enciphered letter V, is depressed and enters the cipher unit at the D contact. The deciphered version exits the cipher unit at the EV contact as letter V and is routed through the Letters Cam Switch to the V key circuit (part of V-SPACE coils pair). However, since logically the machine is currently in FIG mode with high threshold, the low pulse V is ignored and the high pulse SPACE is printed. The timing shaft rotates, and at 10 degrees the Letters Cam Switch changes connection to the LET contact (4) of the Shift tube circuit. The machine is set to LET mode and the neon lamp goes out.

The reason for printing a space when deciphering the LET or FIG key instead of only changing the Shift mode is that activation of the Timing Unit is required for the timing signals and stepping of the rotors to correctly encipher or decipher the following letter.


Cryptographic Strength
Top

We can calculate the theoretical strength of the KL-7 by taking all cryptographic variables for a complete machine set-up. We assume the machine’s general principle of operation is known, but don't have any information about the internal wiring of the rotors and shape of the notch rings.

The 8 rotor cores can be wired in 3.66322 different ways. This comprises all positions, relative to the machine, making the alphabet ring superfluous, because it only serves as visual representation of the rotor alignment. This also comprises all positions of the stationary 4th core, set by its wide ring.

The notch rings can be shaped in 7.2375 different ways. This comprises all combinations of notches, relative to the seven actuator switches. This gives a total of 2.65408 purely cryptographic combinations or 1357 bit key. However, the machine and its wiring can be known to the adversary.

Therefore, we look at the practical settings for the operator. He must select 8 rotors from a set of 13, giving 51,891,840 combinations. He has 78,364,164,096 ways to set 7 alphabet rings.

There are 1,663,200 ways to select 7 notch rings from a set of 11. The 7 notch rings and the wide ring on the 4th position can be set in 2,821,109,907,456 different ways. Finally, there are 78,364,164,096 possible rotor alignments at the start of a message. In total, this gives 1.4948 ways to determine a key setting, both internal and external. This represents a 161 bit key.

When the machine’s specifications are known to the adversary (espionage, capture) he has to find 8 cores from a set of 13, giving 51,891,840 combinations. There are 1,663,200 ways to combine 7 notch rings from a set of 11. There are 2,821,109,907,456 ways to set 7 notch rings and 1 wide ring..


KL-7 top view with the rotor cage in the center
Copyright D. Rijmenants

Finally, there are 78,364,164,096 ways to set all core and notch combinations, relative to the machine. The alphabet ring, only a visual representation of the rotor positions, is disregarded. This gives the adversary a total of 1.9037 combinations, representing a 124 bit key.

Trying out all possible keys on a 124 bit key, a so-called brute-force attack, is considered infeasible with all present and future computer power. However, cryptanalysis is more than key size, theoretical security and brute-force attacks. Rotor cipher machines have proven vulnerable to certain types of cryptanalytic attacks, performed on fast computers. Therefore, the KL-7 is no longer considered secure. Nevertheless, even skilled cryptanalysts with current resources would today still face a huge task to mount a successful attack against the KL-7, especially when they only have a limited number of messages at their disposal

We can calculate the theoretical strength of the KL-7 by taking all cryptographic variables for a complete machine set-up. We assume the machine’s general principle of operation is known, but don't have any information about the internal wiring of the rotors and shape of the notch rings. The 8 rotor cores can be wired in 3.66322 different ways. This comprises all positions, relative to the machine, making the alphabet ring superfluous, because it only serves as visual representation of the rotor alignment. This also comprises all positions of the stationary 4th core, set by its wide ring. The notch rings can be shaped in 7.2375 different ways. This comprises all combinations of notches, relative to the seven actuator switches. This gives a total of 2.65408 purely cryptographic combinations or 1357 bit key. However, the machine and its wiring can be known to the adversary.

Therefore, we look at the practical settings for the operator. He must select 8 rotors from a set of 13, giving 51,891,840 combinations. He has 78,364,164,096 ways to set 7 alphabet rings. There are 1,663,200 ways to select 7 notch rings from a set of 11. The 7 notch rings and the wide ring on the 4th position can be set in 2,821,109,907,456 different ways. Finally, there are 78,364,164,096 possible rotor alignments at the start of a message. In total, this gives 1.4948 ways to determine a key setting, both internal and external. This represents a 161 bit key.

When the machine’s specifications are known to the adversary (espionage, capture) he has to find 8 cores from a set of 13, giving 51,891,840 combinations. There are 1,663,200 ways to combine 7 notch rings from a set of 11. There are 2,821,109,907,456 ways to set 7 notch rings and 1 wide ring. Finally, there are 78,364,164,096 ways to set all core and notch combinations, relative to the machine. The alphabet ring, only a visual representation of the rotor positions, is disregarded. This gives the adversary a total of 1.9037 combinations, representing a 124 bit key.

Trying out all possible keys on a 124 bit key, a so-called brute-force attack, is considered infeasible with all present and future computer power. However, cryptanalysis is more than key size, theoretical security and brute-force attacks. Rotor cipher machines have proven vulnerable to certain types of cryptanalytic attacks, performed on fast computers. Therefore, the KL-7 is no longer considered secure. Nevertheless, even skilled cryptanalysts with current resources would today still face a huge task to mount a successful attack against the KL-7, especially when they only have a limited number of messages at their disposal.


Encipher and Decipher Procedures
Top

Each ADONIS rotor set consists of 12 (later 13) rotor cores, 11 notch rings and one stationary wide ring. Before using the KL-7, the internal settings must be set according to a key list that contains multiple keys, each valid for a period of 24 hours. Each daily key list determines the choice of rotor cores and its position in the cipher unit, the setting of its alphabet ring, and the type of notch ring and its setting on that rotor core. The rotor core that is selected for the fourth position must always be fitted with the stationary wide ring, which can also be set in any position on that rotor core. This wide ring prevents the forth rotor from moving.

Below, the ADONIS key list example, in the format as documented in the declassified KAO-41C/TSEC. Usually, a second cipher unit, with rotors arranged according the key list of the previous day was readily available. When they received a message from the previous day, the operator could quickly remove the current cipher unit from the rotor stepping unit and replace it with the old cipher unit.

Note: you can set the example key on the KL-7 simulator and perform the encipher example shown below, to experience the encipher procedure as actually used by the operators. Be advised that the rotors of the simulator have their own core wirings because the secret wiring of the real rotors was never declassified and the wiring of surviving rotors has been removed.

After placing all prepared rotors in cipher unit, the new settings are checked with the 36-45 letters check. With the mode selector in Plain mode, all rotors are set in the “A” position. Next, the machine is set to Encipher mode (some rotors will move one step). The counter is reset and the letter "L" is typed 45 times. The last two code groups should match the 36-45 letter check on the key list for that day.

The ADONIS system indicator, shown at the bottom-right of the key for that day, consisted of five digits or five letters and was used before and after the enciphered message to identify the system and key.

For each new message, the operator must use a new unique and completely random start position of the rotors, called Message Rotor Alignment. This rotor alignment, visible through the little windows of the cipher unit, is crucial for the security of the message because using the same Message Rotor Alignment for multiple messages leads to patterns that can be exploited by codebreakers.

To produce a Message Rotor Alignment, the operator takes a previously prepared random five-letter group called Message Indicator (see note further down). For our example message, we use the random message indicator "ELXNO".

1. Set the KL-7 mode selector to Plain mode.
2. Set “AAA-AAAA” as rotor alignment with the Set Key buttons on the front of the cipher unit.
3. Switch to Encipher mode (some rotors will move one step)
4. Encipher the Message Indicator "ELXNO". The resulting enciphered indicator will be "BHLDO".
5. Switch back to Plain mode.
6. Set "BHL-DOBH" as Message Rotor Alignment by re-using the first two letters at the end. Again use the seven Set Key buttons to adjust the rotors.
7. Switch to Encipher mode (some rotors will move one step), tear of the printed tape and reset the counter.
8. Encipher the example plaintext message "TOP SECRET MESSAGE 123 TEST".

Any incomplete final group should be completed by one space and, if required, followed by enough random letters to complete that last code group.

Below, the resulting ciphertext. Note that if you enciphered the message with the KL-7 sim, the result might partly differ, depending on whether you switched to FIG and LET mode before or after the space.

GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP

The complete message includes the system indicator, the Message Indicator spelled-out (NATO alphabet) , the enciphered text and repeated system indicator:

28604 ECHO LIMA XRAY NOVEMBER OSCAR
GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP 28604

The standard format for enciphered messages was the so-called CODRESS, documented in the publication ACP 127 (unclassified). In such messages, the full originator, all addressees and security classification were included in the enciphered text. These messages were always unclassified, although the coded groups contained secret information.

Below our example message with the priority pro-sign (here routine), routing indicator(s) of the addressee(s) and serial number, priority again with date and time group, groups count, and finally the message between two BT breaks.


RR RABCDE
DE RFGHIJ 1234 8/1400Z
R 311300 DEC
GR 6
BT
28604 ECHO LIMA XRAY NOVEMBER OSCAR
GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP 28604
BT



NNNN

The receiver has a KL-7 with the same rotor arrangement, as provided for that particular day in his key list. The system indicator “28604” in the received message identifies the ADONIS crypto system and key for this particular message. He will proceed as follows:

1. He switches his KL-7 mode selector to Plain mode.
2. He sets "AAA-AAAA" as rotor alignment with the Set Key buttons on the front of the cipher unit.
3. He switches to Encipher mode (not Decipher mode!).
4. He enciphers the spelled-out message indicator "ELXNO" to again produce the sender's original Message Rotor Alignment "BHLDO".
5. He switches back to Plain mode.
6. He then sets "BHL-DOBH" as Message Rotor Alignment, also repeating the first two letters at the end.
7. He finally switches to Decipher mode and deciphers the ciphertext "GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP" to retrieve the original message.

In the KL-7 simulator help file Appendix A you will find two fascinating enciphered training messages, related to the Cuban missile crisis, to practice the deciphering procedure. They use the KAO-41C/TSEC procedure and example key as described here.

Note on Message Indicators. The random five-letter Message Indicators are created beforehand. An unused KL-7 is loaded with a randomly chosen rotor arrangement that is never used in any existing key list. Next, all rotors are set in a random start position and the mode selector is set to Encipher mode. A large number of random words or letter is typed. The KL-7 prints a large number of random five-letter groups on the paper strip. The operator later uses these Message Indicators to produce a different Message Rotor Alignments for each new messages. To avoid re-use, each Message Indicator on the paper strip is used only once, then torn off the strip, and pasted on the corresponding message form.

Notes on POLLUX Procedure. POLLUX only used letters as system indicator, and its 36-45 letters check is performed with the letter “A” instead of letter “L” by ADONIS. The POLLUX procedure also uses a random five-letter Message Indicator but prescribes setting the random Message Indicator directly as Message Rotor Alignment, instead of enciphering the Message Indicator. The documents adds the notice "do not encrypt using this system only. This system gives true indicator in clear” and then refers to unknown supplementary instructions. The POLLUX procedure might well use the ADONIS method (enciphered Message Indicator as Message Rotor Alignment) but various other methods to encipher and securely convey the Message Rotor Alignment are possible.


Development of the KL-7
Top

The roots of the KL-7 are found in the Second World War. In the 1940’s, the electromechanical rotor cipher machine ECM (SIGABA) had set a new standard for secure high-level communications. At tactical level, the lightweight mechanical M-209 was widely used. By the end of the war, the M-209 was no longer considered secure and the Army expressed the need for a lightweight secure crypto machine that could replace the M-209 but that would have a cryptographic strength, comparable with cipher machines like the SIGABA. The Navy was also seeking a small cipher machine with the qualities of the ECM, with a focus on saving weight. In March 1945, the Army headquarter requested the Signal Security Service (SSS) to develop a machine that would fit their needs. Soon after, the SSS was renamed into the Army Security Agency (ASA), who initiated the research.

The project was designated MX-507 and ASA saw it as a long-range research project. The ASA researchers quickly decided to opt for a rotor-based machine. A design with 36-point rotors came on the forefront. They also had to design a completely new lightweight printing system, as the new machine was required to operate off-line and print out the messages on paper. Eventually, they were able to reduce a printer system to one quarter of its original size and weight.

ASA decided to apply a new cryptographic principle, called re-entry. The re-entry or re-flexing was invented by Albert Small, who filed it for patent in 1944. The idea was to take parts of the cipher output, re-enter the output back into the enciphering process and re-encipher it once again (see image right).

In 1949, the Armed Forces Security Agency (AFSA) was created. It was the first American central cryptologic organization and one of its goals was to provide standardization of secure communications devices and to determine a general policy for crypto equipment. The research of the ASA was transferred to AFSA in December 1949.

Meanwhile, in April 1949, the United States and its Allies had formed the North Atlantic Treaty Organization or NATO, and deteriorating relations with the Soviet Union resulted into a grim Cold War. Secure communications between the NATO members was an important part of making a front against the USSR.

An additional challenge that AFSA faced was to design a machine for themselves that could also be distributed to their NATO allies, without disclosing vital secret crypto technology that could come into Soviet hands, either directly or through infiltration of NATO members.

With such a large organization as NATO, it was more than likely that this machine or its specifications would sooner or later reach Russian soil. The design had to resist by far any possible cryptanalytic attack by Soviet codebreakers, even when the technical details of the machine were disclosed. The security of the machine had to depend solely on the secrecy of the key settings, thus obeying Kerckhoffs’ well known law on cryptography.

The MX-507 was renamed to AFSAM-7, which stands for Armed Forces Security Agency Machine No 7, and by September 1950, AFSA demonstrated an engineering model. The final design used 8 rotors with 36 contacts, a re-entry of ten rotor signals, and a most complex irregular stepping, electrically controlled by notch rings on the rotors. The problems with the printer timing and the shift system were solved by a clever design with vacuum tubes, making the KL-7 the first tactical cipher machine ever to use electronics.

The AFSAM-7 was approved and the Army was allowed to build prototype models. By December 1950, the Army declared the AFSAM-7 ready for production. The machine would become the first standard crypto machine in the US Armed Forces. The cryptosystem was designated POLLUX.

Contractors were selected and operational and maintenance manuals were composed. In February 1951, contracts were signed to produce 25,000 AFSAM-7’s at a rate of 5,000 per year. The first repair and maintenance course for Army and Air Force personnel was scheduled in September 1951.

In October 1951, AFSA announced two types of operation: the AFSAM-7 traffic for high-level communications was designated ADONIS and the traffic for the Army and Air Force was designated POLLUX. The differences between the two systems were the rotor sets and the message keying procedure. The final production contract was signed on February 9, 1952.

The AFSAM-7 was introduced in the U.S. armed forces by the newly formed National Security Agency (NSA), and some units were also bought by the Central Intelligence Agency and the Federal Bureau of Investigation. The AFSAM-7 was cryptographically more than capable to resist any attack at the moment of its release. In 1955, the AFSAM-7 was renamed TSEC/KL-7, according to the new nomenclature for crypto equipment.

The Navy version of the KL-7 was designated KL-47. This machine was cryptographically compatible with the KL-7 but could also punch five-bit level paper tapes. An ancillary Baudot paper tape reader called TSEC/HL-1 was developed for the KL-7 to enable directly reading and processing five bit level punched tape, as received from standard teleprinters. This required the removal of the KL-7 keyboard and the installation of the KLX-7 keyboard adaptor to connect the HL-1 to the KL-7.


US Navy KL-47
Photo
NSA National Cryptologic Museum

Individual components of the KL-7 and KL-47 were manufactured by several different U.S. government contracted companies. After final assembly at different locations, the machines became the property of NSA and were distributed with in the U.S.

TEMPEST, the ‘art’ of shielding devices against eavesdropping on unintentionally emitted signals was in its early stages of research when the KL-7 was being developed. Although Bell engineers recognized the risk of unwanted stray signals as early as 1943, the initially attempts to reduce these signals were limited to filters on the power supply and shielding as much as possible. The first breakthrough came in 1956 with the introduction of circuits with transistors at low voltage, but this was four years after the introduction of the KL-7, and the first extensive TEMPEST regulations were only drafted in 1958.

De KL-7 has a filter between the external power supply and its electronics, but some electrical contacts and coils could still be a source of unwanted signals. NSA conducted a study in 1955 to determine whether the coil of the printer magnet, which activates the print hammer, would emit signals that could be exploited. These print coil signals were detectable 25 feet from the machine.

Analysis of recorded signals during decipherment of a message on the KL-7 showed that measuring the interval between the intercepted pulses of the print magnet, and knowing the order of the letters on the print drum, enabled the recovery of the plain text. Variations in motor speed between pulses could complicate measurement of the intervals, but other signals, radiated at the same distance, could determine the change of motor speed, making recovery of the plain text much easier. They also found a correlation between the number of rotors that stepped and print drum speed deviations.

The KL-7 remained in use without additional technical changes to reduce unwanted signals, but the 1958 TEMPEST regulations undoubtedly advised operating the machine at fixed or tactical locations were eavesdropping at close range was unlikely. Nevertheless, even at secure locations, unwanted signals could unexpectedly piggyback on other equipment and enable eavesdropping from far greater distances, as you can read at our TEMPEST page.


The KL-7 in Service
Top

The KL-7 was initially only used by the US Army, Air Force, Navy, CIA and FBI, but during the 1953 Communications Security Conference in London, NSA proposed to share the ADONIS crypto-principle with NATO countries to improve their communications security and interoperability, and replace the less secure Combined Cipher Machine (CCM) by the Army AFSAM-7 and Navy AFSAM-47B.

Meanwhile, a new British crypto machine was developed with identical crypto principles as the AFSAM-7 to replace the outdated CCM (LUCIFER) which was the British CCM-Typex, interoperable with the American CCM/SIGABA. The new BID/60 SINGLET greatly resembled the AFSAM-7 and used rotors that were identical to those of the AFSAM-7, but was not expected to be in production before 1960. The U.S. made available 3,500 units of the AFSAM-7 to the United Kingdom and 3,000 units to other NATO countries. These machines would be in loan and remained property of NSA.

In 1954, the U.S. Joint Chiefs of Staff approved the use of the AFSAM-7 by NATO. The plan was to introduce the machine to medium and high levels by mid-1956. NSA did recognized that the AFSAM-7, or reproductions with the same cryptographic principle, would eventually also find their way to non-military use in those countries, or might even end up in Soviet hands. NSA was confident the AFSAM-7 was secure against any attempt by the Soviets to decipher the messages, even when its cryptographic principles and specifications were compromised. The machine was therefore certified for Top Secret messages at the start of its career.

In 1955, the U.S. Army Security Agency Europe assigned two military instructors to NATO. They assisted in the training of NATO personnel, designated to repair and maintain the AFSAM-7, by then renamed into TSEC/KL-7. Those who attended the maintenance school had to be qualified as teletypewriter mechanic and have the proper security clearances. Basic knowledge of electronics was also desirable. In 1956, NATO decided to order the TSEC/HL-7 tape reader and KLX-7 keyboard adaptor, to facilitate the increasing volume of encrypted traffic. The NATO members had to determine their required stock of KL-7 spare parts, and could also order a kit with basic spare parts, at the price of $150 per machine. The spare parts and kits were gradually delivered between 1957 and 1960.

In 1957, NATO agreed to adopt the KL-7 for second level traffic and also for first level traffic with ADONIS key lists to replace the Typex (SIMPLEX) traffic, which was a Typex II, used with SIMPLEX pads. This also comprised each NATO member's Ministry of Defence and Foreign Affairs, their embassies in Paris and Washington, and their National Military Representative in Washington. In 1958 they extended the use of the KL-7 to minesweepers, fast patrol boats and long range maritime aircraft.

In 1958, the price per KL-7 was $1458. This comprised the KLB-7 base at $814, KLA-7 stepping unit $328, KLK-7 cipher unit $80, CE87054 Carrying Case $161, CE87066 AC Power Converter $75 and a set of rotors $100. A complete KL-7 would cost $13,372 when converted into present 2021.

The extended use of the KL-7 was discussed and NATO member Canada pointed out that the KL-7 had not reached 100% reliability yet due to problems with the pulse generator, and a book cipher as back-up would be essential. The KL-7 was also used on NATO submarines and in 1959 they approved the Basic Submarine Code as back-up system for the KL-7. The code, in itself not secure enough, was used in conjunction with letter one-time pads. By the end of 1959, NATO authorized the use of KL-7 ADONIS for first level military and diplomatic traffic.

The KL-7 was used by the United States, Belgium, Canada, Denmark, England (including the Commonwealth Australia and New Zealand's RNZN), France, Germany (West German Federal Republic), Greece, Italy, Luxemburg, Netherlands, Norway, Portugal and Turkey.

For transport, accessories and operating, the KL-7 had three types of casings.
  • Carrying Case Assembly for transport is water-resistant, has shock mounts and is designed that the KL-7 can be operated while half in the case. The case also contains an operating light, cable, a copy holder, a spare typewriter ribbon and additional paper.
  • Accessories and Case Assembly resembles the carrying case but normally contains an AC power converter, a rotor stepping unit and two cipher unit assemblies (rotor cages). The content can vary, depending on where it is employed.
  • Office Case Assembly for storage and transport under "office conditions" is made of aluminium and has no gaskets or shock mounts. The AC power converter is fixed inside the case and has a cable with standard AC connector. The double hinged cover of the case folds back and provides a rack for holding copies.

The KLB-7 Base with all electronics had the security classification Unclassified. The KLA-7 rotor stepping unit switches circuitry and wiring harness were Classified. The maintenance rotors were Confidential and the operational rotors were Confidential or Secret.

Usually, two cipher units were available for each KL-7, one with the current day key settings and one with the previous day settings. The KL-7 also came with an operator maintenance kit in a small square metal box, which included a few tools, a cleaning block to clean contacts, contact cleaner and lubricant, a brush and bristle, spare vacuum tubes and light bulbs.

Despite its extensive use within the armed forces, the KL-7 wasn't always the most popular machine. The KL-7 was notorious for its keyboard and rotor contact problems. The operator often had to push firmly on the keys to get the machine cycling, not allowing him to get any speed on the KL-7. To avoid contact problems, the rotors had to be cleaned regularly. On start-up, the vacuum tubes need 16 seconds to heat up before you can type on its keyboard, as the printer timing is controlled by the electronics.

The KL-7 also had a high acoustical signature. When the machine is turned on, the motor slowly takes speed and the reduction gears for the pulse generator and print drum produce a characteristic high pitched noise. The advancing rotors also produce their typical sound.

During its service time, the rotors of the KL-7 and KL-47 were rewired on a regular basis. Some rotors were rewired on a yearly basis on national or NATO level and some rotors, often referred to as the NSA rotors, were to be sent directly to NSA and were rewired by NSA personnel only. It was strictly forbidden to operators, even to the maintenance technicians with crypto clearance for KL-7, to check out the internal wiring of the rotors.

The technicians were not allowed to test the rotors pin-to-pin. They were instructed to place a defective rotor on a large conductive plate that made contact with all rotor pins at once, and then check out the connection on each pin at the other side with an Ohm meter. This way, the technician would see if a wire was broken, but didn’t know to which pin it corresponded on the other side.


The KL-7 in Carrying Case Assembly,
Image Copyright
www.cryptomuseum.com


The KL-7 outside Carrying Case Assembly,
Image Copyright
www.cryptomuseum.com

Advances in technology and the introduction of miniature electronic components increased the computational power to support cryptanalysis tremendously in the next decades. As a result, the KL-7 had become operationally insecure by the mid 1960’s and vital message traffic was often superenciphered on other systems after being enciphered with the KL-7. From the 1970’s on, the KW-26 and KW-37 online cipher equipment largely replaced the outdated KL-7. Some KL-7’s stayed in service, mostly as back-up, and retired in the mid 1980’s.

Although the KL-7 was only meant to be used by the U.S. military, its NATO allies and some state departments, there are some rare cases where civilians operated the KL-7. One such case was during the 1982 Falklands War. Within a few days, the British Navy had to sail a huge naval task force across the South Atlantic. They quickly chartered merchant ships to support the operations. One of them was the Eburna tanker that carried fuel oil, diesel and aviation fuel to transfer fuel at sea. The civil radio officer shad no experience with naval communications nor crypto systems and had learn the basics of cryptography and operating the KL-7 within very short time.

The last known recorded message, enciphered with a KL-7, was sent by the Canadian armed forces in June 1983. The fully electronic KL-51 RACE off-line cipher machine could be regarded as its successor. The KL-7 machine itself was unclassified but the cipher unit wiring, the entry plates and the stepping circuitry were confidential. After its service time, most KL-7’s and KL-47’s and their rotors were recalled. The surviving KL-7’s were carefully stripped from their stepping mechanism wiring and rotor entry wiring, commonly denoted as ‘sanitized’.

The KL-7 is a unique machine in many ways. It was the first machine to be developed under one centralized cryptologic organization and introduced as a standard crypto device in all parts of the armed forces. At that time, the KL-7 used the latest cryptologic techniques and was the first ever cipher machine with electronics, yet its rotor based design would soon lose the battle against miniaturization of electronics and computational power. It proved to be the last of a breed of true cipher machines.

Many operators cursed the machine for its quirky keyboard and regular contact problems. They welcomed its electronic successors, but today they speak with sentiment about that wonderful machine and even remember vividly the typical sound of its stepping rotors. Maybe it is because of the era in which the KL-7 and the operators gave their best. Maybe because the KL-7 served all over the world, collecting secrets and memories about the Cold War, companionship, and even exciting stories about treason and espionage.

Because this was not the end of the KL-7 story...


Major Security Breaches
Top

In 1981, former US Army Warrant Officer Joseph Helmich, was arrested by the FBI for the sale of critical information on the KL-7. In 1963, he served as crypto custodian in France and later at Fort Bragg, North Carolina. Being faced with financial problems, Helmich contacted the Soviet Embassy in Paris, France. He received $131,000 in return for critical information on the KL-7. At that moment, the KL-7 was the most widely used crypto machines in the US military. After returning to the United States, Helmich continued to provide KL-7 key lists to the Soviets until 1966. Although already under suspicion in 1964 and admitting in 1980 to have received money from Soviet agents, it was only in early 1981 that he was observed with Soviet agents in Canada. Helmich eventually confessed and was sentenced to life imprisonment.

In 1985, FBI received a tip from the ex-wife of John Anthony Walker, a retired US Navy communications specialist. Later on, he was observed by the FBI while dropping a grocery bag alongside a road north of Washington D.C. The bag contained 129 copies of stolen secret U.S. Navy documents. At the same moment and a few miles further, a Soviet KGB agent left a grocery bag with $200,000. It was clearly a dead drop exchange to covertly exchange documents and money without meeting face-to-face. The following night, John Walker was arrested by the FBI in a motel.

The investigation shook up the military intelligence community. As later turned out, already in 1967, Chief Warrant Officer John Walker simply walked into the Soviet Embassy in Washington DC with a KL-47 key list and offered the Soviets to sell secret Navy documents for cash. It was the beginning of a spying career of no less than 18 years. During a search of his house after his arrest, the FBI discovered a special device, provide by the KGB, to read the internal wiring of the KL-7 rotors. During interrogations, Walker admitted providing the Soviets with complete technical maintenance manuals which enabled the reconstruction of a fully operational KL-7. He was also sentenced to life imprisonment.

The importance Soviet Intelligence gave to the key lists, despite possessing all technical details of the KL-7, shows that they were probably unable to break the KL-7 message traffic purely by cryptanalysis, or that they had no sufficient computer power to decipher them within reasonable time for practical use, at least in the early 1960’s.


TSEC/KL-7 Simulator
Top

Download KL-7 Simulator hereYou can download a realistic simulation of the TSEC/KL-7 on this website. This simulator is based on the most recent information and developed in collaboration with Crypto Museum. The simulator operates in exactly the same way as the real machine. With most surviving KL-7's sanitized, this simulator is the only remaining way to actually work with this beautiful machine, and serves to keep this machine and its history alive. The simulator has an extensive 20 page manual that includes the use of the simulator, the technical and historical details on the KL-7 and some example messages. Please visit the KL-7 Simulator page to download the software,


More on this Website Top


Documents Regarding TSEC/KL-7 (open in new tab)
Top

Technical documents

NSA reports on sharing the KL-7 with NATO

Documents from NATO Archives Online at https://archives.nato.int. Please consult guidelines for use, permission and credits.

Miscellaneous documents

More Information about the TSEC/KL-7 Top

Web Analytics Made Easy -
StatCounter

Dirk Rijmenants 2004 - 2021. Last changes: 17 September 2021

Home KL-7 Simulator