TSEC/KL-7

The TSEC/KL-7 ADONIS & POLLUX Deze pagina in het Nederlands

Photo Cpoyrighted by Paul Reuvers - Crypto Museum The TSEC/KL-7 is an American off-line non-reciprocal rotor cipher machine, introduced by the National Security Agency (NSA) in 1952. It was the first tactical lightweight electronic (vacuum tubes) crypto machine, specially developed as a standard crypto device for all parts of the U.S. armed forces. The machine was widely used by the U.S. and several of its NATO partners until the mid 1960's, and served later on as backup, often superenciphered on other systems, until its withdrawal from service in 1983.

In the 1950's, the machine was a marvel of technology that combined the latest cryptologic knowledge and electronics in a machine that weighs a mere 20.5 lbs (9,3 Kg). Its cleverly designed keyboard, with a sliding permuter board, replaced the complex and large switch, usually required to change the signal direction through the rotor pack. Special interchangeable plastic notched rings were placed on the KL-7's scrambling rotors to control the rotor movement in a most complex fashion. Vacuum tubes controlled the timing signals of the newly designed miniature printer system. The machine was introduced under the name AFSAM-7, but had its name changed to TSEC-KL-7 in the early 1960's.

The machine had excellent cryptographic properties and was designed to resist any cryptanalytic attack by the Soviets in the 1950's and early 1960's, even if its technical details would have been compromised. Unfortunately, in 1967, Chief Warrent Officer John Walker not only compromised the KL-7 design by selling the complete technical manual to the Soviets, but also provided them with the key lists for many years. Walker's treason added even more to the Cold War myth that surrounded this machine for decades. The KL-7's history and technical specifications were kept secret for decades and information about the machine only gradually surfaced in recent years. This page is a tribute to the finest ASA and AFSA engineers and cryptologist who designed the KL-7, and to the men who worked with this beautiful machine while serving their country in all corners of the world. You can also download a freeware realistic TSEC/KL-7 simulator on this website.

The KL-7 image on the right is copyrighted by Paul Reuvers from Cryptomuseum.com.

Technical Details

The TSEC/KL-7 is a classical off-line non-reciprocal rotor cipher machine with electro-mechanical and electronic components (vacuum tubes).The machine is powered by 24 Volts DC which drives a DC motor, which in turn drives a 400 Volts AC generator. The generator provides power to the electronics. The base unit is called KLB-7. The stepping unit, on top of the base unit, is designated KLA-7 and contains the stepping mechanism, the notch switches and supports the rotor cage. The detachable rotor cage KLK-7 holds 8 rotors with 36 pins on each side. Each individual rotor performs a substitution cipher. The output of the KL-7 is printed on a paper tape. The KL-7 uses an inked ribbon to print the characters onto the paper tape. The KL-7, without storage container, weighs 20.5 lbs (9,3 Kg), is 6.25 inch (15,8 cm) high, 12 inch (30,5 cm) wide and 12 inch (30,5 cm) deep.

Each rotor has an adjustable outer ring with letters, a wired core with the substitution wiring, and a white notched ring. The notched rings activate switches in the KLA-7 stepping unit that control the stepping of the rotors. The secret key settings comprise the selection and order of 8 rotors from a set of 12, the position of the letter rings on the rotors, and the selection and position of 7 notched rings from a set of 11. However, the forth rotor from the left can only be the special non-moving "L" rotor. The “L” rotor has a notch so that it can only be place in one fixed position in the rotor cage (the wiring core however is adjustable). Each individual rotor can either step once or halt after each encipher or decipher cycle.

General Schematics

The continuously rotating motor drives the AC power generator for the electronics and, through a 3 to 1 reduction gear, the pulse generator and print drum (both on the same axle). The pulse generator drives the timing unit through another reduction gear. The permuter board switches the direction of the keyboard signal through the rotors. The rotors scramble the signal on its way to the pulse generator. The pulse generator has a magnetic armature that rotates inside a double circle of 37 coils: 26 coils for A through Z, 10 coils for figures 1 through 0, and 1 coil for the space. All coils are arranged in a 360-degree pattern, in two separate rings. These coils produce the timing pulse for the print hammer and clutch.

Depressing a key will ground one of the pulse coils. When the rotating magnetic armature passes that grounded coil, it induces a pulse which is passed to the step-up transformer. The pulse is cleaned up by the sharpener tube and fed to the print tube, which activates the print hammer and the printer clutch. The pulse timing ensures that the print hammer hits the print drum when the proper character passes the hammer. The printer clutch causes the timing unit to perform one cycle. This cycle activates four cam switches for timing signals, advances the paper tape and provides mechanical power to step the rotors under control of the stepping logic.

The keyboard top row letters have two pulse coils in series: a normal coil for the letter and coil with a larger core and more windings for the corresponding figure. This combination of two coils produces a double pulse of which the second pulse has a higher amplitude. In FIG mode, the shift tube will switch the B gate of the gate tube, changing a grid on the print tube. This causes a slight delay and also requires a higher pulse to activate the print hammer, as provided by the double coils. The result is a slightly delayed activation of the print hammer, which prints the appropriate figure instead of its corresponding letter. The KL-7 holds a spare 2D21 and a 12AX7 tube, next to the 4 tubes that are used in the KLB-7 base.

The Permuter

The KL-7 has a simple and compact solution to swap the signal through the rotors: the complete keyboard is one large sliding switch, the so-called permuter board. The keys and wired contacts never move. Only the sliding contact board (with T-shaped contacts) moves from right to left between the keys and contacts. The spring-loaded keys are all grounded and pressing them down will ground the T-shaped contact plate at the top side of the permuter. Two rails on the permuter press down the permuter board onto the spring-loaded pins at the base of the keyboard, meanwhile ensuring easy movement of the board from right to left. The KL-7's main switch has a pawl on its bottom that grasps into a vertical slot on the left of the permuter board. Turning the switch from left to right will move the permuter from right to left.

Each key has its own three connections underneath the permuter board, called (from left to right) "E", "P" and "D". In Plain, the depressed key is connected via the center of the T-shape and the "P" connection directly to the pulse generator. In Encipher mode, the depressed key is connected via the right part of the same T-shape and the "E" connection to the left side of the rotor pack. In Decipher mode, the depressed key is connected via the left part of the next-right T-shape and the "D" connection to the right side of the rotor pack. The use of two neighbouring T-shapes for each key enables the O-P-E-D sequence from right to left.

The improper functioning of the permuter and the rotor contacts affects the reliability of the KL-7. When a bad connection occurs inside the permuter board or between two of the rotors, the proper pulse coil will not be grounded and consequently the print hammer, printer step clutch and rotor stepping are not activated. This is called a dead-rove, usually caused by poor maintenance.

The above is a simplified example with 3-pin rotors. In reality, the KL-7 uses 36-pin rotors. Note that, to perform the piggy-back functions (see Letter and Figures section below), some E, P and D connections from “J”, “V”, “X”, “Y”, “Z”, SPACE, FIG and LET are swapped, and additional contacts on the permuter board switch some piggy-back wires and other control functions.

The permuter board also has a notched part in front of the printer mechanism. In the Encipher position, this cam pushes a pin into the printer mechanism causing the KL-7 to print a space after each fifth character.

The Rotors

Each rotor has a wiring core with 36 contact plates on the left side and 36 spring-loaded contacts on the right side (rotors as positioned in the rotor cage). The contacts from one side are wired in a scrambled fashion with the contacts on the other side to perform a substitution enciphering. The alphabet ring of the rotor is adjustable in any of the 36 positions. This changes the position of the core, relative to the outer ring with letters, visible through the rotor cage window. The 36 positions on all rotors are labelled as show in the table below. Note that 10 of the positions are not labelled and left blank because only letters are used to represent the rotor position.

Pin	01	02	03	04	05	06	07	08	09	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31	32	33	34	35	36
Label	A	B		C	D	E		F	G		H	I	J		K	L	M		N	O		P	Q	R		S	T		U	V	W		X	Y	Z

There is a set of 12 rotors for each KL-7, labelled "A" through "L". The stationary rotor (fourth from the left) is always the special "L" rotor. To set the machine's key, one had to fill the rotor cage with three rotors, insert the "L" rotor and add four other rotors. The exact rotor wiring is still classified and all surviving machines are either sanitized or their rotors are not accessible.

The Rotor Cage

The KLK-7 detachable rotor cage holds the eight rotors. The KL-7 uses a complex re-entry system that can cause multiple encryptions of a single character. When the signal leaves the exit rotor there are two possible situations: the signal either is passed immediately to the pulse generator through one of the 26 wires, or it leaves the exit rotor on one of the 10 re-entry contacts. In the latter case, the signal is sent back to one of the 10 re-entry contacts at the entry rotor, to perform a new pass through the rotors. When the signal leaves the exit rotor again, the situation is repeated. Depending on the internal wiring and current position of the rotors, the signal performs one or more passes (theoretically up to 10 passes) through all rotors before leaving the exit rotor towards the pulse generator. This results in a most complex signal path that constantly changes in both number of passes and its way through the rotors.

The above is a simplified example with three 6-pin rotors and 2 re-entry connections. In reality, we have eight 36-pin rotors and 10 re-entry wires.

Each side of the detachable rotor cage has at the bottom a 26 plates connector (coming from permuter) and a 10 plates connector (re-entry), to connect the cage with its corresponding springloaded contacts on the KLA-7 stepping unit. The “E and “D” connections of the 26 letters from the keyboard permuter are connected (through the KLA-7) with respectively the left and right contact plates of the rotor cage. These rotor cage contact plates each have a circle of 36 pins, to connect the base with the rotors. The table below shows the wiring order between base and contact plate pins. The pins are numbered clockwise (seen from the left) and pin 1 (the permuter’s “Q” wire) is aligned with the white index stripe on the rotor cage. Both rotor contact plates are wired identically. The letter “Q” from the permuter is wired to contact plate pin 1, letter “P” to pin 2 and so on. The re-entry wires (1 through 0) are connected straightforward between left and right contact plate (1 to 1, 2 to 2, 3 to 3 ...).

Base	Q	P	0	N	F	C	3	Y	O	M	9	G	R	8	U	I	7	B	H	2	V	T	W	6	X	S	4	J	L	Z	5	D	K	E	A	1
Pins	01	02	03	04	05	06	07	08	09	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31	32	33	34	35	36

The Notched Rings

The KL-7 had a set of 11 white plastic notched rings, labelled 1 through 11. The notched rings are responsible for the highly irregular movement of the rotors. As part of the key settings, seven of them are attached to the rotors, in any of 36 positions (the 4th rotor doesn’t carry a notched ring because it never moves). The notches and cams on these rings control seven switches in the KLA-7 stepping unit.

The Stepping System

The KLA-7 stepping unit holds the rotor cage and controls the stepping of the rotors. On the front of the cradle, there are seven levers to manually advance each individual rotor. Behind them are seven cams that read the notched rings of the rotors. These cams control the seven pile-up switches of the stepping logic, connected to the solenoids. In the middle of the cradle are the seven stepping pawls to advance the rotors. These pawls are mechanically powered by the timing unit, under controlled by the seven solenoids. At the rear of the cradle, there are eight locking pawls that prevent the non-moving rotors from moving along with neighbouring moving rotors. The fourth locking pawl normally isn't used, but keeps the "L" rotor in place when testing the rotors without the rotor cage shell.

The stepping logic must avoid a situation where none of the rotors move, because this would cause the rotors to halt permanently. The KL-7 stepping logic ensures that at least thee rotors move on each cycle. When we consider the required cryptographic properties and observe the stepping of the rotors at different rotor positions, we can deduce the following logic table:

Moving Rotor	Notched Rings ( 0 = inactive & 1 = active )
1	Ring 7 = 0 AND (Ring 2 = 0 OR Ring 3 = 0)
2	Ring 5 = 0 OR Ring 6 = 0
3	Ring 2 = 1 OR Ring 6 = 1
4	Ring 2 = 0 OR Ring 3 = 0
5	Ring 1 = 0 OR Ring 3 = 1
6	Ring 1 = 1 OR Ring 5 = 1
7	Ring 4 = 0 AND (Ring 2 = 0 OR Ring 3 = 0)

Knowing the operation of the machine’s KLB-7 base unit and the composition of the unwired switches, we can put this in a schematic which uses only the available components, a solution as most likely incorporated in the KL-7.

All switches are shown inactive. Each switch is one single pile-up of the two parts Sa and Sb. Note that the order of upper switches is as actually positioned on stepping unit. The order of the lower switches and the solenoids is mixed to make the circuit diagram more readable. In reality, the lower switches and solenoids are placed from left to right according to its number. Of course, there are only 7 switches and solenoids because the fourth rotor is skipped.

Solenoids 2 through 6 are each controlled by two switches in OR logic: the solenoid is activated if at least one of the two switches has the appropriate state. Solenoids 1 and 7 are controlled by three switches and are activated if one switch is inactive AND at least one of two other switches is inactive. At least two solenoids are always active at any given moment. Switches S1b through S7b are used for the manual stepping (small levers in front of rotors). On the KL-7, the stepping of a single rotor is controlled by two or three separate notched rings. Two notched rings can produce a maximum period (unique movement sequence) of 1,296 and three rings a maximum period of 46,656. This is for one single rotor. The combination of seven notched rings therefore provides a most complex stepping sequence.

The Printer Mechanism

The KL-7 has a continuously rotating print drum, fixed on the same axle as the pulse generator. The print drum has the complete set of letters and digits on its circumference. The moment that the magnetic armature of the pulse generator passes a grounded coil, the sharpener and print tubes pass this signal to the print hammer and the printer clutch. The print hammer pushes the paper upwards against the print drum (with the inked ribbon between them) at the exact moment that the required character passes the print hammer.

The activated printer clutch causes the timing unit axle to perform a single cycle, providing mechanical power to advance both the paper and the rotors (adjusting the individual rotors manually also activates the clutch and therefore will also advance the paper). A pin, controlled by the permuter board, mechanically switches between continuously printing (plaintext) and five-letter groups with a space between each group (ciphertext). The paper roll is stored in the black circular casing between the motor block and the rotor cage.

Letters and Figures

The KL-7 enciphers and deciphers only the 26 alphabet letters and the ciphertext is letters-only. However, the machine must process 37 different characters: the complete alphabet, the figures 0 through 9 and a SPACE. Note that the 36 characters A-Z and 0-9 have no relation whatsoever with the 36 pins on a rotor. The rotors only encrypt 26 signals and the 10 remaining wires are hard-wired for the re-entry function.

To enable the processing of 37 different characters, the KL-7 uses a special trick, also used on the five-bit teletype code. Two signals, LET and FIG, switch the machine between letters and figures. Both character sets use the same signal and they are only distinguished by the FIG (figures) or LET (letters) mode on that particular moment. The characters “QWERTYUIOP” are processed as “1234567890” in FIG mode

This still gives 26 alpha (-numeric) keys, the additional space, LET and FIG. The KL-7 must encipher these three additional characters into a letters-only ciphertext. Therefore, the KL-7 design permits the special functions to piggy-back on some of the existing alphabet letters. The letters “J”, “V”, “X”, “Y” and “Z” were selected because they are some of the less frequently used letters.

Before enciphering, the letter “Z” is changed into “X” and the space key into the letter “Z”.
After deciphering, “Z” is translated back into a space and the letter “X” (originally the letter “Z”) remains an “X”.

Before enciphering, the letter “J” is changed into “Y” and the FIG key is changed into “J”.
After deciphering, the letter “J” is not printed, but causes the KL-7 to go into FIG mode. The letter “Y” remains “Y”.

Before enciphering, both the letter “V” and the LET (letters) key are changed into the letter “V”.
After deciphering, if the KL-7 is in LET (letters) mode at that time, the letter “V” remains “V”. If the KL-7 is in FIG mode, the letter “V” causes the KL-7 to switch back into LET (letters) mode and also prints a space

This system of additional characters that piggy-back on normal letters is the most practical method and also the least invasive for the readability of the text. Nonetheless, the design came with a cost. The KL-7 test phrase shows the small changes that occur. The first sentence is the text before enciphering and the second sentence is the same text after it is deciphered back into plain text. To show the changes in spaces after switching to LET-mode more clearly, the spaces in the example below are replace by a dash:

THE-236TH-QUICK-RED-FOX-JUMPED-780-TIMES-OVER-THE-1459-LAZY-BROWN-DOGS

THE-236-TH-QUICK-RED-FOX-YUMPED-780--TIMES-OVER-THE-1459--LAXY-BROWN-DOGS

Notice that only the seldom used letters “J” and “Z” are affected by the piggy-back system.

Cryptographic Strength

We can calculate the theoretical security of the KL-7 by considering the selection of the rotors, the position of the letters, relative to the wiring core, the notched ring combinations and their position, and finally the start position of the rotors. There are 7 rotors to be selected from a possible 11 (the 4th rotor is always the same). This gives 1,663,200 rotor combinations. The 36 positions of the 8 rotors (also the 4th rotor) give 2,821,109,907,456 combinations. There are 1,663,200 possible ways to select 11 notched rings for the visible rotors, and they can be set in 78,364,164,096 different positions. Finally, there are 78,364,164,096 ways to set the 7 visible rotors to one of their 36 positions. Note that although there are only 26 labels on the rotors to set a message key, the system of stepping rotors when switching from “P” to “E” mode makes it possible that a rotor could be in a position that carries no alphabet label at the start of a message.

The total of possible settings on the KL-7 is found by multiplying all these results. This gives a key size of 4.79 x 10⁴⁶ possible different settings. This is comparable with a 156 bit key, which is enormous, even for today’s standards. Don’t forget that, to calculate these figures, we assume that the adversary knows the machine, the wiring of each rotor (3.6 x 10³²² possibilities for all rotors) and the shape of each notched ring (7.2 x 10⁷⁵ possibilities for all notched rings). If these variables are unknown to the adversary, the over-all total of possible different settings is 1.2 x 10⁴⁵⁵, which is comparable with a 1511 bit key.

Trying out all possible keys, a so-called brute force attack, on a 156 bit key is considered infeasible with present and future computer power, let alone on a 1511 bit key. However, cryptanalysis is more than key size, brute force attacks and theoretical security. Rotor cipher machines have proven vulnerable to certain types of cryptanalytic attacks, performed on fast computers. Therefore, the KL-7 is no longer considered secure. Nevertheless, it still requires considerable resources and skilled cryptanalysts to mount a successful attack on the KL-7.

Developement of the KL-7

The roots of the KL-7 are found in the Second World War. In the 1940’s, the electromechanical rotor cipher machine ECM (SIGABA) had set a new standard for secure high-level communications. At tactical level, the lightweight mechanical M-209 was widely used. By the end of the war, the M-209 was no longer considered secure and the Army expressed the need for a lightweight secure crypto machine that could replace the M-209 but that would have a cryptographic strength, comparable with cipher machines like the SIGABA. The Navy was also seeking a small cipher machine with the qualities of the ECM, with a focus on saving weight. In March 1945, the Army headquarter requested the Signal Security Service (SSS) to develop a machine that would fit their needs. Soon after, the SSS was renamed into the Army Security Agency (ASA), who initiated the research.

The project was designated MX-507 and ASA saw it as a long-range research project. The ASA researchers quickly decided to opt for a rotor-based machine. A design with 36-point rotors came on the forefront. They also had to design a completely new lightweight printing system, as the new machine was required to operate off-line and print out the messages on paper. Eventually, they were able to reduce a printer system to one quarter of its original size and weight. ASA decided to apply a new cryptographic principle, called re-entry. The re-entry or re-flexing was discovered by Albert Small, who filed it for patent in 1944. The idea was to take parts of the cipher output, re-enter the output back into the enciphering process and re-encipher it once again (see image right). In 1949, the Armed Forces Security Agency (AFSA) was created. It was the first American central cryptologic organisation and one of its goals was to provide standardization of secure communications devices and to determine a general policy for crypto equipment. The research of the ASA was transferred to AFSA in December 1949.

Meanwhile, in April 1949, the United States and its Allies had formed the North Atlantic Treaty Organisation or NATO, and deteriorating relations with the Soviet Union resulted into a grim Cold War. Secure communications between the NATO members was an important part of making a front against the USSR. An additional challenge that AFSA faced was to design a machine for themselves that could also be distributed to their NATO allies, without disclosing vital secret crypto technology that could come into Soviet hands, either directly or through infiltration of NATO members. With such a large organization as NATO, it was more than likely that this machine or its specifications would sooner or later reach Russian soil. The design had to resist by far any possible cryptanalytic attack by Soviet codebreakers, even when the technical details of the machine were disclosed. The security of the machine had to depend solely on the secrecy of the key settings, thus obeying Kerckhoffs’ well known law on cryptography.

The MX-507 was renamed to AFSAM-7, which stands for Armed Forces Security Agency Machine No 7, and by September 1950, AFSA demonstrated an engineering model. The final design used 8 rotors with 36 contacts, a re-entry of ten rotor signals, and a most complex irregular stepping, electrically controlled by notched rings on the rotors. The problems with the printer timing and the shift system were solved by a clever design with vacuum tubes, making the KL-7 the first tactical cipher machine ever to use electronics.

The AFSAM-7 was approved and the Army was allowed to build prototype models. By December 1950, the Army declared the AFSAM-7 ready for production. The machine would become the first standard crypto machine in the US Armed Forces. The cryptosystem was designated POLLUX. Contractors were selected and operational and maintenance manuals were composed. In February 1951, contracts were signed to produce 25,000 AFSAM-7’s at a rate of 5,000 per year. The first repair and maintenance course for Army and Air Force personnel was scheduled in September 1951.

In October 1951, AFSA announced two types of operation: the AFSAM-7 traffic for high-level communications was designated ADONIS and the traffic for the Army and Air Force was designated POLLUX. The differences between the two systems were the rotor sets and the message keying procedure. The final production contract was signed on February 9, 1952. The AFSAM-7 was introduced in the US armed forces by the newly formed National Security Agency (NSA), and some units were also bought by the Central Intelligence Agency and the Federal Bureau of Investigation. The AFSAM-7 was cryptographically more than capable to resist any attack at the moment of its release. In the early 1960’s, the AFSAM-7 was renamed TSEC/KL-7, according to the new nomenclature for crypto equipment.

A Baudot paper tape reader called TSEC/HL-1 was developed for the KL-7. With this HL-1, the KL-7 could directly read and decipher five bit level punched paper tapes, as received from standard teleprinters. A larger variant of the KL-7, designated KL-47, could also punch five-bit level paper tapes. Individual components of the KL-7 and KL-47 were manufactured by several different US government contracted companies. After final assembly at different locations, the machines became the property of the National Security Agency and were distributed within the US and to NATO members. All machines, used in other countries, were in loan from the NSA.

The KL-7 in Service

Despite the KL-7's extensive use within the armed forces, it wasn't always the most popular one. The KL-7 was notorious for its keyboard and rotor contact problems. The operator often had to push firmly on the keys to get the machine cycling, not allowing him to get any speed on the KL-7. To avoid contact problems, the rotors had to be cleaned regularly. The KL-7 also had a high acoustical signature. TEMPEST, the ‘art’ of shielding devices against eavesdropping on emitted electrical pulses and, in the case of the KL-7 also sounds, wasn’t given priority during the development of the KL-7. When the machine is turned on, the motor slowly takes speed and the reduction gears for the pulse generator and print drum produce its characteristic high pitched noise. The advancing rotors also produce their typical sound. On start-up, the KL-7's vacuum tubes need to heat up before one can type on its keyboard, as the printer timing is controlled by the electronics. Usually, two rotor cages were available for each KL-7. The rotor cage of the previous day was kept on a secure location. If a message of the previous day arrived, the operator simply detached the current rotor cage and attached the old rotor cage on the KL-7 to decipher the message with the previous key settings.

During its service time, the rotors of the KL-7 and KL-47 were rewired on a regular basis. Some rotors were rewired on a yearly basis on national or NATO level and some rotors, such as the special non-moving “L “ rotor, often referred to as the NSA rotor, were to be sent directly to NSA and were rewired by NSA personnel only. It was strictly forbidden to operators, even to the maintenance technicians with crypto clearance for KL-7, to check out the internal wiring of the rotors. The technicians were not allowed to test the rotors pin-to-pin but were instructed to place the rotor on a large conductive plate that made contact with all rotor pins at once, and then check out the connection on each pin at the other side with an Ohm meter. This way, the technician would see if a wire was broken, but didn’t know to which pin it corresponded on the other side.

With its large key size (the number of possible different key settings) the KL-7 and KL-47 were considered secure against any attempt by the Soviets to decipher the messages, even when its specifications would be compromised sooner or later. The machine was therefore certified for Top Secret messages at the start of its career. However, advances in technology and the introduction of miniature electronic components increased the computational power tremendously in the next decades. As a result, the KL-7 had become operationally insecure by the mid 1960’s, and vital message traffic was often superenciphered on other systems after being enciphered with the KL-7.

From the 1970’s on, the KW-26 and KW-37 online cipher equipment largely replaced the outdated KL-7. Some KL-7’s stayed in service, mostly as back-up, and retired in the 1980’s. The last known recorded message, enciphered with a KL-7, was sent by the Canadian armed forces in June 1983. The fully electronic KL-51 RACE off-line cipher machine could be seen as the successor of the KL-7. The KL-7 machine itself was unclassified. However, the rotor cage wiring, the rotor entry plates and the stepping circuitry were confidential. Maintenance rotors were considered confidential and operational rotors secret. After its service time, all KL-7’s and KL-47’s and their rotors were recalled. All surviving KL-7’s were carefully stripped from the stepping mechanism and rotor entry wiring. A process, commonly denoted as ‘sanitized’.

The KL-7 is a unique machine in many ways. It was the first machine to be developed under one centralized cryptologic organisation and introduced as a standard crypto device in all parts of the armed forces. At that time, the KL-7 used the latest cryptologic techniques and was the first ever cipher machine with electronics, yet its rotor based design would soon lose the battle against miniaturisation of electronics and computational power. It proved to be the last of a breed of true cipher machines. Many operators cursed the machine for its quirky keyboard and regular contact problems. They welcomed its electronic successors, but today they speak with sentiment about that wonderful machine and even remember vividly the typical sound of its stepping rotors. Maybe it is because of the era in which the KL-7, and the men, gave their best. Maybe because the KL-7 served all over the world, collecting secrets and memories about the Cold War, companionship, and even exciting stories…about treason and espionage.

Because this was not the end of the KL-7 story...

Major Security Breaches

In 1981, former US Army Warrant Officer Joseph Helmich, was arrested by the FBI for the sale of critical information on the KL-7. In 1963, he served as crypto custodian in France and later at Fort Bragg, North Carolina. Being faced with financial problems, Helmich contacted the Soviet Embassy in Paris, France. He received $131,000 in return for critical information on the KL-7. At that moment, the KL-7 was the most widely used crypto machines in the US military. After returning to the United States, Helmich continued to provide KL-7 key lists to the Soviets until 1966. Although already under suspicion in 1964 and admitting in 1980 to have received money from Soviet agents, it was only in early 1981 that he was observed with Soviet agents in Canada. Helmich eventually confessed and was sentenced to life imprisonment.

In 1985, FBI received a tip from the ex-wife of John Anthony Walker, a retired US Navy communications specialist. Later on, he was observed by the FBI while dropping a grocery bag alongside a road north of Washington D.C. The bag contained 129 copies of stolen secret U.S. Navy documents. At the same moment and a few miles further, a Soviet KGB agent left a grocery bag with $200,000. It was clearly a dead drop exchange to covertly exchange documents and money without meeting face-to-face. The following night, John Walker was arrested by the FBI in a motel. The investigation shook up the military intelligence community. As later turned out, already in 1967, Chief Warrent Officer John Walker simply walked into the Soviet Embassy in Washington DC with a KL-47 key list and offered the Soviets to sell secret Navy documents for cash. It was the beginning of a spying career of no less than 18 years. During a search of his house after his arrest, the FBI discovered a special device, provide by the KGB, to read the internal wiring of the KL-7 rotors. During interrogations, Walker admitted providing the Soviets with complete technical maintenance manuals which enabled the reconstruction of a fully operational KL-7. He was also sentenced to life imprisonment.

The importance Soviet Intelligence gave to the key sheets, despite possessing all technical details of the KL-7, shows that they were probably unable to break the KL-7 message traffic purely by cryptanalysis, or that they had no sufficient computer power to decipher them within reasonable time for practical use, at least in the early 1960’s.

TSEC/KL-7 Simulator

You can download a freeware realistic simulation of the TSEC/KL-7 on this website. The simulator is based on the most recent available information on the KL-7 and operates in exactly the same way as the real machine. With most surviving KL-7's sanitized, this simulator is the only remaining way to actually work with this beautiful machine, and the simulator serves as an attempt to keep this machine and its history alive. The simulator has a very complete 19 page manual that includes the use of the simulator, the technical and historical details on the KL-7 and some example messages. Please visit the KL-7 Simulator page to download the software,

More information on the TSEC/KL-7 (off site)

The TSEC/KL-7 on Cryptomuseum.com Paul Reuvers' and Marc Simoens' Crypto Museum with detailed technical information and many high-quality images.
The TSEC/KL-7 On Cryptomachines Jerry Proc's webpage on the KL-7, with information from various sources and former operators, including many images.
The TSEC/KL-47 On Cryptomachines Jerry Proc's webpage on the KL-47 (KL-7 with paper tape punch and tape reader)
The TSEC/HL-1 tape reader Jerry Proc's Baudot puched paper tape reader for KL-7
National Security Agency Cryptologic Almanac 50th Anniversary Series History of the developement of the AFSAM-7.
Albert W. Small's Patent on Re-Entry Principle at Free Patents On-line.
John Walker on Crime Library The story of John Walker's spy ring.
Analysis of Security Weaknesses Exploited by CWO John Walker by Laura J. Heat, Maj USA, M.S., Georgia Institute of Technology, 2001
JAVA KL-7 Simulator 3.8 Uri Blumenthal from MIT has written a JAVA version of my KL-7 simulator. You can download it as jar file from my Dropbox
Operation Tinker Bell Decipher a series of KL-7 messages and join the hunt for a KGB defector