Note: The full circuit diagram is available in the electronics section. All names, labels and numbering of components and electrical contacts on this page are identical to those in the original repair and maintenance document.
The continuously rotating DC motor drives the AC generator, and through a 3 to 1 reduction gear the pulse generator and printer drum, both on the same axle. The pulse generator drives the timing unit through another reduction gear. The pulse generator has a magnetic armature that rotates inside two stators with a total of 37 coils, of which 26 coils for letters, 10 for figures and one for the space. These coils are arranged in a 360-degree pattern in two separate rings and produce the timing pulse for the Print Hammer.
Depressing a key will ground one of the pulse coils. The rotors encipher that signal on its way to the pulse generator. The encipherment is non-reciprocal and the sliding contact board must therefore switch the direction of the signal through the rotors to switch between enciphering and deciphering. When the armature of the pulse generator passes a grounded coil, it induces a pulse that is passed on to both the Gate vacuum tube and to the step-up transformer. The transformer sends the pulse to Sharpener tube, which cleans up the signal and sends it to the Print tube to activate the print hammer.
If the Shift tube is in FIG mode, it tells the Sharpener tube to only react on high pulses from figure coils and ignores any low pulse from letters. The single-shot Gate tube prevents double or stray pulses by disabling the Print tube after the desired single pulse is processed until the printing and rotor stepping is completed and ready for a new pulse.
To encipher and decipher, each key has its own three connections on the Contact Panel Assemble underneath the sliding contact board. From left to right, for instance for letter G, these are named GE (G key Encipher), GP (G key Plain to its own pulse coil) and GD (G key Decipher). The contacts on the left and rights side of the cipher unit that contains the rotors are named conversely. For contact G this is EG (Encipher G) on the left side and DG (Decipher G) on the right side, thus the signals enters at the E side to encipher and at D side to decipher.
In Encipher mode, the depressed G key is connected via the T-shape and its GE contact to the EG (Encipher letter G) contact on the left side of the cipher unit that holds the rotors, and exits at the DH (Decipher H) contact on the right side, passes the small connecting bar of the H key and its goes from its Print contact to the H pulse coil.
In Decipher mode, the depressed H key is connected via the T-shape and its HD contact to the DH (Decipher letter H) contact on the right side of the cipher unit and exits at the EG (Decipher G) contact on the left side, passes the connecting bar of the G key and its goes from its Print contact to the G pulse coil.
The use of two neighboring T-shapes for each key enables the O-P-E-D sequence from right to left. The above is a simplified example with 3-pin rotors. In reality, the KL-7 uses 36-pin rotors. Note that, to perform the piggyback functions, some E, P and D connections from J, V, X, Y, Z, SPACE, FIG and LET are swapped, and additional contacts on the sliding contact board switch some piggyback wires and other control functions.
The sliding contact board also has a notched part in front of the printer mechanism. With the mode selector in Encipher position, this cam pushes a pin into the printer mechanism causing the KL-7 to print a space after each fifth character, the standard format for cryptograms.
The optional tape reader called TSEC/HL-1 enabled directly reading and processing five bit punched tapes on the KL-7. The cable that connected the HL-1 with the KL-7 required the removal of the complete keyboard cover and sliding contact board, and replace it with the KLX-7 Keyboard Adaptor.
The improper functioning of the sliding contact board or the rotor contacts affects the reliability of the KL-7. When a bad connection occurs inside the sliding contact board or between two of the rotors, the proper pulse coil will not be grounded and consequently the print hammer, the clutch and rotor stepping are not activated. This is called a dead-rove, usually caused by poor maintenance.
The enciphering in the KL-7 is performed by the rotors. These are set according to the key list. Each individual rotor performs a substitution cipher. The rotor core wiring is still classified and most surviving rotors are either stripped of their wirings or inaccessible. Its wiring was also changed on a regular basis, in contrast to, for instance, the German Enigma where the wiring never changed during its whole service time (the U.S. cryptologists learned the lessons).
The KL-7 had a set of 12 rotors to choose from, later expanded to 13, labelled "A" through "M". (see CORE on part of the key list at the right). Each rotor core has 36 flat contacts on the left side (as seen in cipher unit windows) that are wired in a scrambled fashion with 36 spring-loaded contacts on the right side. The wiring performs a substitution encipherment. An adjustable black alphabet ring is attached to the rotor core. These letters are visible through the little windows of the cipher unit. The drive-pawls from the rotor stepping unit use the notches on the alphabet ring to advance the rotors.
The side of of alphabet ring is also marked with the numbers 1 through 36. By depressing the alphabet ring, it can rotate relative to the rotor core wirings. This is done by aligning an alphabet ring number with the white arrow on the side on the rotor (ALPHA RING SET). The 36 positions on all alphabet rings are labelled as show in the table below. Note that 10 of the positions on the alphabet ring are left blank.
The detachable KLK-7 cipher unit or rotor cage holds the eight rotors that are selected from the key list. The KL-7 uses a complex re-entry system that can cause multiple enciphering of a single character. When the signal leaves the exit rotor there are two possible situations: the signal either is passed immediately to the pulse generator through one of the 26 wires, or it leaves the exit rotor on one of the 10 re-entry contacts. In the latter case, the signal is sent back to one of the 10 re-entry contacts at the entry rotor, to perform a new pass through the rotors. When the signal leaves the exit rotor again, the situation is repeated.
Depending on the internal wiring and current position of the rotors, the signal performs one or more passes (theoretically up to 10 passes) through all rotors before leaving the exit rotor towards the pulse generator. This results in a most complex signal path that constantly changes in both number of passes and its way through the rotors. Note that the above drawing is a simplified example with three 6-pin rotors and 2 re-entry connections. In reality, the cipher unit has eight 36-pins rotors and 10 re-entry wires.
When a key is depressed, the pulse generator converts the signal that passed through the rotors and the keyboard into accurate timing signals for the electronics to control the printer and to activate the clutch of the timing unit which also provides mechanical power to the rotor stepping unit.
The print hammer must activate at the exact moment a given letter on the rotating printer drum passes the hammer. To achieve this, the pulse generator provides exact timing. He consists of a magnetic armature, rotating clockwise at 2200 rpm, and two stators with pulse coils. The print wheel with all letters and figures rotates on the same axle as the. When the electronics receive a pulse from a coil it will activate the print hammer at the appropriate moment. There are 37 coils for 26 letters, 10 figures and the space.
The front stator has 19 coils. The rear stator has 18 coils and is positioned exactly behind the front stator. The rotor armature (blue at above image) has two separate magnetic poles, one for each stator. The rear pole lags 9.47 degrees behind the front pole. This ensures that only one coil at a time is induced, either on the front or rear stator.
When the drive shaft has reached it maximum swing angle, the roller cams return forward and push any released drive linkages back to the forward position. The flat end of the drive pawl pushes its rotor one step further. The drive linkage spring eventually forces the stop pawl upward into a free alphabet ring notch. During a stepping cycle, these stop pawls prevent non-moving rotors from moving along by the force of moving neighboring rotors.
On the right of the drawing are the 7 actuator switches that sense the white notch rings on the rotors. In the Plain mode, the operator can use the 7 Set Key buttons to manually step the individual rotors and set them in the proper position (see procedures enciphering and deciphering). During enciphering and deciphering, each key stroke causes some of the rotors to step in a highly irregular fashion under control of the 7 actuator switches.
In the circuit diagram below, all actuator switches are shown inactive. Each switch is a pile-up of the two sections, Sa and Sb. Note that the order of the upper Sa section is as actually positioned in the rotor stepping unit. The order of the lower Sb section and the stepping electromagnets is mixed to make the circuit diagram more readable and these are actually placed from left to right according to their number. There are only 7 switches and stepping magnets because the stationary fourth rotor is skipped. The pins on all switches are numbered the same as on switch S301a and b.
This still gives 26 alpha (-numeric) keys, the additional SPACE, LET and FIG. The KL-7 must encipher these three additional characters into a letters. Therefore, the KL-7 design permits the special functions to piggyback on some of the existing alphabet letters. The letters J, V, X, Y and Z were selected because they are some of the less frequently used letters.
This system of additional functions that piggyback on normal letters is the most practical method and also the least invasive for the readability of the text. Nonetheless, the design came with a cost. The KL-7 test phrase shows the small changes that occur. The first sentence is the text before enciphering and the second sentence is the same text after it is deciphered back into plain text. To show the effect of switching between LET and FIG mode more clearly, the spaces in the example below are replace by a dash. Notice that only the seldom used letters J and Z are affected by the piggyback system.
To accomplish the piggyback of the SPACE key on letter Z, the sliding contact board reroutes the X, Z and SPACE signals. The following drawings explain the rerouting of those letter in the different modes.
Note: Below, any unspecified letter, key or pulse coil (A through Z) is denoted by (delta). Underneath each key are three contacts, named e-p-d (encipher - plain - decipher. Thus, the contacts underneath the A key are named Ae, Ap and Ad. The left side contacts of the cipher unit that holds the rotors are named EA through EZ (Encipher this letter) and the right side contacts are named DA through DZ (Decipher this letter). See also sliding contact board.
In plain mode, the p-contact of each key is connected to its corresponding pulse coil (black route). Zp to the Z coil and Xp to the X coil. Both are high pulse coils (red). Depressing the letter Z or X will close the circuit of its corresponding coil. When the magnetic armature of the pulse generator passes that coil, the induced signal is stepped up by transformer T101, passed to the sharpener and print tube, and printed.
The SPACE key is connected to a junction on the V-SPACE coils pair. This special feature is also used in the separate FIG circuit. By using the junction, depressing the SPACE key will only close the SPACE coil circuit.
All other keys are also connected via their p-contact to the corresponding pulse coil. These coils can be high pulse letter coils (red) or low pulse alpha-numeric coils (green). The low pulse V coil from the V-SPACE pair is connected to the V key's Vp contact.
In plain mode, the signals do not pass
through the rotors in the cipher unit.
In encipher mode, the e-contact of each key is normally connected to the corresponding E-contact on the cipher unit left side. This however is not the case with the piggyback Z key.
The Z and X key e-contacts (red route) are now both switched to the EX-contact (Encipher X) on the cipher unit left side. This doesn't affect the X, but the letter Z also becomes X, because the SPACE needs the Z to piggyback.
Therefore, the SPACE key's e-contact (blue route) is connected to the cipher unit left side EZ-contact and actually enciphers the letter Z that will represent the SPACE.
The enciphered version of all letters exits the cipher unit right side at one of the D-contacts. This can be any of the 26 letters DA through DZ, even the depressed key itself, depending on the rotor positions and wiring.
The signal then travels to the key that
corresponds with the cipher unit's D-contact, enters that
key's d-contact, passes its small connecting bar and its
p-contact to the pulse coil and prints the enciphered
In decipher mode, the d-contact of each key is connected to the corresponding D-contact on the cipher unit right side (black route). The only exception is the SPACE key, which is not used, as only letters are to be deciphered.
The deciphered version of all letters exits the cipher unit left side at one of the E-contacts. This can be the any of the 26 contacts EA through AZ, even the depressed key itself, depending on the rotor positions and wiring.
The signal then travels from that E-contact to the key that corresponds with the deciphered letter, enters that key's e-contact, passes its connecting bar and p-contact to the pulse coil, and prints the deciphered letter.
When a depressed key represents the enciphered X, the signal exits the cipher unit as deciphered letter X on the left side EX-contact. The signal (red route) then travels to the Xe contact and via a connecting bar to the X coil, to print the X. Thus both originally plain X, and the Z (changed into X) are deciphered and printed as X.
When the depressed key represents the enciphered Z, the signal exits the cipher unit left side as deciphered Z at the EZ-contact. Since the deciphered Z actually represents a SPACE, the signal (blue route) does not travel to the Ze contact, but via the SPACE Key's e-contact and connecting bar to the SPACE coil to print a space.
The KL-7 is powered by a Power Cable, connected to a 24 volts source (e.g. vehicle battery) or by the seperated AC Power Converter unit that converts 110V or 220V AC into 21 to 31 volts DC (24 volts is ideal). Both have a cable with Amphenol AN 3101A Mil Spec connector (2 pins female) with AN 3057-4 cable clamp that mates with the KL-7's power cable with male connector.
The AC Power Converter has a switch to select the AC input voltage. For 100-125 volts, the two primary windings are switched parallel (routes 1w2-11-14-15 and 1-13-12-3w4). For 200-250 volts, the primary windings are switched in series (route 1w2-11-12-3w4). Since the primary windings in series are twice as much windings, relative to the secondary winding, the output voltage is inversely proportional halved.
The secondary winding is connected to two selenium full-wave bridge rectifier stacks that are connected in parallel. The first version of the power converter produced 2.5 Amps output current and a later version with 4.5 Amps (as of sn15413) was more efficient for the selenium rectifiers and the KL-7 motor. The AC Power Converter measures 10.6 x 4.7 x 4 inches (27 x 12 x 10 cm).
The KL-7 has a power cable with AN 3106A connector (2 pins male), connected to the Radio Interference Filter which is mounted in the right-side rack (see photo mode selector). From the filter, a short cable enters the KL-7 at the right-side top of the keyboard. Via two fuses and two slide contacts, the 24 volts arrive at the double T contacts (see also circuit diagram below). The rack also carries a dummy female connector to secure the power cable during transport.
The filter suppresses current variations on the power cable as these can cause interference on the mains grid or even piggy-back on the modulated signals of nearby radio equipment, leaking signals that could be exploited by the adversary, even at great distance.
The Pi-type filter attenuates these signals over a wide band of frequencies. The filter assembly was sealed and maintenance or repair was not allowed. If the filter malfunctioned, the complete filter assembly had to be replaced. More about the security risks of stray signals is found on our TEMPEST page.
To follow the circuit diagram of the KL-7, we need to know the type of vacuum tubes and how they function, as they are crucial to process the keyboard pulses and control the timing signals for the printer. The KL-7 has one 12AX7 and three 2D21 tubes. These were produced by many manufacturers like RCA, Brimar, Mullard or JRC, but for military supply contracts they were designated JAN 12AX7 and JAN 2D21 (Joint Army-Navy electronics standard nomenclature).
Below the full circuit diagram (click to enlarge). All components in the circuit diagram are labeled in the same way as in the original maintenance manual and circuit diagram. Since the original circuit diagram is pretty hard to read, the different sections of the electronics are presented here well separated. The orange dots represent parts of the sliding contact board.
At the top left of the circuit diagram is the power supply for all electronics. The 24 Volts DC arrives at two double T contacts on the sliding contact board and powers the DC motor that drives the AC generator. The 24 Volts that power the DC motor is also used for the filaments of the four vacuum tubes. The full wave bridge rectifier, followed by two diodes, provides +220 Volts at terminal W4. The rectifier + is also directly connected through terminal W8 to resistors R109 and R110 to provide +200 Volts at terminal W2 for some parts of the circuit. A half wave rectifier provides the negative 72 Volts.
The pulse generator in the center left converts a key stroke into one or two pulses when that pulse coil is grounded and induced by a rotating magnetic armature. 15 letter keys have a single high pulse coil. 10 alpha-numeric keys have a low pulse and high pulse coil in series (see also pulse generator chapter above). For the piggyback system, the V key has a low pulse coil in series with the SPACE key high pulse coil that includes a junction.
The pulse is sent to both the V104 Gate tube in the top section and to the T101 step-up transformer in the center. The Gate tube acts as single-shot multivibrator that controls the bias of the Print tube shield grid to limit how long the Print tube is allowed to accept pulses and send signals to the printer.
In the center of the diagram is the V102 Sharpener tube that receives the pulses from the step-up transformer. The Sharpener serves as a threshold to distinguish low and high pulses and its control grid bias is determined by the V103 Shift tube via the R119 - R122 - R123 resistor network. In LET mode, a low pulse is sufficient to overcome the minus 8 volt bias on the Sharpener control grid. In FIG mode, the voltage drop on terminal W5 makes the sharpener control grid bias more negative, requiring a high pulse to fire the sharpener.
The V101 Print tube only fires when the triggered Gate tube overcomes the Print tube's negative shield bias, and the pulse it received from Sharpener tube simultaniously overcomes the Print tube's negative control grid bias.
When the Gate tube is triggered and the Print tube has activated the timing unit, the Repeat Cam switch disconnects the positive voltage from the Gate tube A plate (anode), providing the Print tube shield grid with a negative bias. This prevents the Print tube from firing stray pulses from the keyboard or from pins on the moving rotors. Once the cycle and rotor stepping is completed, the Repeat Cam switch closes again and the Gate and Print tube are ready for the next cycle.
When the RPT key (repeat) is depressed, the negative bias on terminal X1 and on the Print tube shield grid is removed and the tube is ready to fire at any pulse it receives from the Sharpener tube. Depressing the RPT key together with a letter key will therefore continuously print the depressed plain or enciphered letter.
When the Print tube fires, the print and trip magnet are activated. Both magnets are energized in a quite special way. The Print capacitors C101 & C102 and Trip capacitors C106 & C107 are constantly charged though R109 and R110 to +200 Volts. When the Print tube fires, this short the circuit and discharges the caps though the tube-print-trip circuit, in series with the caps.
This activates the timing unit to perform one cycle, and switches on the cam shaft provide four timing signals. During this cycle, the Charge Cam switch shorts the 10K resistor R110, leaving only the 1K resistor R109 between the 220 Volts at W8 and the capacitors at W2, ensuring a fast recharge of the caps to be ready for the next machine cycle. The Charge Cam switch also disables the Print tube until the cycle is finished, preventing the Print tube from firing multiple times during a cycle.
At the bottom of the circuit diagram is the Shift tube section that memorizes the current shift mode, shows the current mode with a neon lamp and controls the threshold of the Sharpener to know what signals to accept in LET or FIG mode.
The switches with an orange dot in the above circuit diagram represent parts of the sliding contact board and shows how they influence the stepping of the rotors, the shift mode circuit and some of the keys. How those switches work is shown below.
The letters cam switch and figures cam switch from the timing unit control how the piggyback letters for LET and FIG keys are processed. Since we have the Plain, Encipher and Decipher mode and two shift modes, there are six different ways these keys are processed. To accomplish this, the sliding contact board reroutes the FIG and LET keys, and the figures and letters cam switches.
Note: Below, the unspecified key, letter or pulse coil (A through Z) is denoted by (delta). Also, the actual circuit uses a few more switches on the sliding contact board to avoid conflict with other key circuits in the different modes, but the route of the signals is as shown below.
The FIG key operation:
The LET key operation:
The reason for printing a space when deciphering the LET or FIG key instead of only changing the Shift mode is that activation of the Timing Unit is required for the timing signals and stepping of the rotors to correctly encipher or decipher the following letter.
We can calculate the theoretical strength of the KL-7 by taking all cryptographic variables for a complete machine set-up. We assume the machines general principle of operation is known, but don't have any information about the internal wiring of the rotors and shape of the notch rings. The 8 rotor cores can be wired in 3.66322 different ways. This comprises all positions, relative to the machine, making the alphabet ring superfluous, because it only serves as visual representation of the rotor alignment. This also comprises all positions of the stationary 4th core, set by its wide ring. The notch rings can be shaped in 7.2375 different ways. This comprises all combinations of notches, relative to the seven actuator switches. This gives a total of 2.65408 purely cryptographic combinations or 1357 bit key. However, the machine and its wiring can be known to the adversary.
Therefore, we look at the practical settings for the operator. He must select 8 rotors from a set of 13, giving 51,891,840 combinations. He has 78,364,164,096 ways to set 7 alphabet rings. There are 1,663,200 ways to select 7 notch rings from a set of 11. The 7 notch rings and the wide ring on the 4th position can be set in 2,821,109,907,456 different ways. Finally, there are 78,364,164,096 possible rotor alignments at the start of a message. In total, this gives 1.4948 ways to determine a key setting, both internal and external. This represents a 161 bit key.
When the machines specifications are known to the adversary (espionage, capture) he has to find 8 cores from a set of 13, giving 51,891,840 combinations. There are 1,663,200 ways to combine 7 notch rings from a set of 11. There are 2,821,109,907,456 ways to set 7 notch rings and 1 wide ring. Finally, there are 78,364,164,096 ways to set all core and notch combinations, relative to the machine. The alphabet ring, only a visual representation of the rotor positions, is disregarded. This gives the adversary a total of 1.9037 combinations, representing a 124 bit key.
Trying out all possible keys on a 124 bit key, a so-called brute-force attack, is considered infeasible with all present and future computer power. However, cryptanalysis is more than key size, theoretical security and brute-force attacks. Rotor cipher machines have proven vulnerable to certain types of cryptanalytic attacks, performed on fast computers. Therefore, the KL-7 is no longer considered secure. Nevertheless, even skilled cryptanalysts with current resources would today still face a huge task to mount a successful attack against the KL-7, especially when they only have a limited number of messages at their disposal.
Each ADONIS rotor set consists of 12 (later 13) rotor cores, 11 notch rings and one stationary wide ring. Before using the KL-7, the internal settings must be set according to a key list that contains multiple keys, each valid for a period of 24 hours. Each daily key list determines the choice of rotor cores and its position in the cipher unit, the setting of its alphabet ring, and the type of notch ring and its setting on that rotor core. The rotor core that is selected for the fourth position must always be fitted with the stationary wide ring, which can also be set in any position on that rotor core. This wide ring prevents the forth rotor from moving.
Below, the ADONIS key list example, in the format as documented in the declassified KAO-41C/TSEC. Usually, a second cipher unit, with rotors arranged according the key list of the previous day was readily available. When they received a message from the previous day, the operator could quickly remove the current cipher unit from the rotor stepping unit and replace it with the old cipher unit.
Note: you can set the example key on the KL-7 simulator and perform the encipher example shown below, to experience the encipher procedure as actually used by the operators. Be advised that the rotors of the simulator have their own core wirings because the secret wiring of the real rotors was never declassified and the wiring of surviving rotors has been removed.
After placing all prepared rotors in cipher unit, the new settings are checked with the 36-45 letters check. With the mode selector in Plain mode, all rotors are set in the A position. Next, the machine is set to Encipher mode (some rotors will move one step). The counter is reset and the letter "L" is typed 45 times. The last two code groups should match the 36-45 letter check on the key list for that day.
The ADONIS system indicator, shown at the bottom-right of the key for that day, consisted of five digits or five letters and was used before and after the enciphered message to identify the system and key.
For each new message, the operator must use a new unique and completely random start position of the rotors, called Message Rotor Alignment. This rotor alignment, visible through the little windows of the cipher unit, is crucial for the security of the message because using the same Message Rotor Alignment for multiple messages leads to patterns that can be exploited by codebreakers.
To produce a Message Rotor Alignment, the operator takes a previously prepared random five-letter group called Message Indicator (see note further down). For our example message, we use the random message indicator "ELXNO".
1. Set the KL-7 mode selector to Plain
Any incomplete final group should be completed by one space and, if required, followed by enough random letters to complete that last code group.
Below, the resulting ciphertext. Note that if you enciphered the message with the KL-7 sim, the result might partly differ, depending on whether you switched to FIG and LET mode before or after the space.
GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP
The complete message includes the system indicator, the Message Indicator spelled-out (NATO alphabet) , the enciphered text and repeated system indicator:
28604 ECHO LIMA XRAY NOVEMBER OSCAR
GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP 28604
The standard format for enciphered messages was the so-called CODRESS, documented in the publication ACP 127 (unclassified). In such messages, the full originator, all addressees and security classification were included in the enciphered text. These messages were always unclassified, although the coded groups contained secret information.
Below our example message with the priority pro-sign (here routine), routing indicator(s) of the addressee(s) and serial number, priority again with date and time group, groups count, and finally the message between two BT breaks.
DE RFGHIJ 1234 8/1400Z
R 311300 DEC
28604 ECHO LIMA XRAY NOVEMBER OSCAR
GOATJ ZPFJZ RGDET FKCSB TCMTD XTQLP 28604
The receiver has a KL-7 with the same rotor arrangement, as provided for that particular day in his key list. The system indicator 28604 in the received message identifies the ADONIS crypto system and key for this particular message. He will proceed as follows:
1. He switches his KL-7 mode selector
to Plain mode.
In the KL-7 simulator help file Appendix A you will find two fascinating enciphered training messages, related to the Cuban missile crisis, to practice the deciphering procedure. They use the KAO-41C/TSEC procedure and example key as described here.
Note on Message Indicators. The random five-letter Message Indicators are created beforehand. An unused KL-7 is loaded with a randomly chosen rotor arrangement that is never used in any existing key list. Next, all rotors are set in a random start position and the mode selector is set to Encipher mode. A large number of random words or letter is typed. The KL-7 prints a large number of random five-letter groups on the paper strip. The operator later uses these Message Indicators to produce a different Message Rotor Alignments for each new messages. To avoid re-use, each Message Indicator on the paper strip is used only once, then torn off the strip, and pasted on the corresponding message form.
Notes on POLLUX Procedure. POLLUX only used letters as system indicator, and its 36-45 letters check is performed with the letter A instead of letter L by ADONIS. The POLLUX procedure also uses a random five-letter Message Indicator but prescribes setting the random Message Indicator directly as Message Rotor Alignment, instead of enciphering the Message Indicator. The documents adds the notice "do not encrypt using this system only. This system gives true indicator in clear and then refers to unknown supplementary instructions. The POLLUX procedure might well use the ADONIS method (enciphered Message Indicator as Message Rotor Alignment) but various other methods to encipher and securely convey the Message Rotor Alignment are possible.
The roots of the KL-7 are found in the Second World War. In the 1940s, the electromechanical rotor cipher machine ECM (SIGABA) had set a new standard for secure high-level communications. At tactical level, the lightweight mechanical M-209 was widely used. By the end of the war, the M-209 was no longer considered secure and the Army expressed the need for a lightweight secure crypto machine that could replace the M-209 but that would have a cryptographic strength, comparable with cipher machines like the SIGABA. The Navy was also seeking a small cipher machine with the qualities of the ECM, with a focus on saving weight. In March 1945, the Army headquarter requested the Signal Security Service (SSS) to develop a machine that would fit their needs. Soon after, the SSS was renamed into the Army Security Agency (ASA), who initiated the research.
The project was designated MX-507 and ASA saw it as a long-range research project. The ASA researchers quickly decided to opt for a rotor-based machine. A design with 36-point rotors came on the forefront. They also had to design a completely new lightweight printing system, as the new machine was required to operate off-line and print out the messages on paper. Eventually, they were able to reduce a printer system to one quarter of its original size and weight.
ASA decided to apply a new cryptographic principle, called re-entry. The re-entry or re-flexing was invented by Albert Small, who filed it for patent in 1944. The idea was to take parts of the cipher output, re-enter the output back into the enciphering process and re-encipher it once again (see image right).
In 1949, the Armed Forces Security Agency (AFSA) was created. It was the first American central cryptologic organization and one of its goals was to provide standardization of secure communications devices and to determine a general policy for crypto equipment. The research of the ASA was transferred to AFSA in December 1949.
Meanwhile, in April 1949, the United States and its Allies had formed the North Atlantic Treaty Organization or NATO, and deteriorating relations with the Soviet Union resulted into a grim Cold War. Secure communications between the NATO members was an important part of making a front against the USSR.
An additional challenge that AFSA faced was to design a machine for themselves that could also be distributed to their NATO allies, without disclosing vital secret crypto technology that could come into Soviet hands, either directly or through infiltration of NATO members.
With such a large organization as NATO, it was more than likely that this machine or its specifications would sooner or later reach Russian soil. The design had to resist by far any possible cryptanalytic attack by Soviet codebreakers, even when the technical details of the machine were disclosed. The security of the machine had to depend solely on the secrecy of the key settings, thus obeying Kerckhoffs well known law on cryptography.
The MX-507 was renamed to AFSAM-7, which stands for Armed Forces Security Agency Machine No 7, and by September 1950, AFSA demonstrated an engineering model. The final design used 8 rotors with 36 contacts, a re-entry of ten rotor signals, and a most complex irregular stepping, electrically controlled by notch rings on the rotors. The problems with the printer timing and the shift system were solved by a clever design with vacuum tubes, making the KL-7 the first tactical cipher machine ever to use electronics.
Individual components of the KL-7 and KL-47 were manufactured by several different U.S. government contracted companies. After final assembly at different locations, the machines became the property of NSA and were distributed with in the U.S.
TEMPEST, the art of shielding devices against eavesdropping on unintentionally emitted signals was in its early stages of research when the KL-7 was being developed. Although Bell engineers recognized the risk of unwanted stray signals as early as 1943, the initially attempts to reduce these signals were limited to filters on the power supply and shielding as much as possible. The first breakthrough came in 1956 with the introduction of circuits with transistors at low voltage, but this was four years after the introduction of the KL-7, and the first extensive TEMPEST regulations were only drafted in 1958.
De KL-7 has a filter between the external power supply and its electronics, but some electrical contacts and coils could still be a source of unwanted signals. NSA conducted a study in 1955 to determine whether the coil of the printer magnet, which activates the print hammer, would emit signals that could be exploited. These print coil signals were detectable 25 feet from the machine.
Analysis of recorded signals during decipherment of a message on the KL-7 showed that measuring the interval between the intercepted pulses of the print magnet, and knowing the order of the letters on the print drum, enabled the recovery of the plain text. Variations in motor speed between pulses could complicate measurement of the intervals, but other signals, radiated at the same distance, could determine the change of motor speed, making recovery of the plain text much easier. They also found a correlation between the number of rotors that stepped and print drum speed deviations.
The KL-7 remained in use without additional technical changes to reduce unwanted signals, but the 1958 TEMPEST regulations undoubtedly advised operating the machine at fixed or tactical locations were eavesdropping at close range was unlikely. Nevertheless, even at secure locations, unwanted signals could unexpectedly piggyback on other equipment and enable eavesdropping from far greater distances, as you can read at our TEMPEST page.
The KL-7 was initially only used by the US Army, Air Force, Navy, CIA and FBI, but during the 1953 Communications Security Conference in London, NSA proposed to share the ADONIS crypto-principle with NATO countries to improve their communications security and interoperability, and replace the less secure Combined Cipher Machine (CCM) by the Army AFSAM-7 and Navy AFSAM-47B.
Meanwhile, a new British crypto machine was developed with identical crypto principles as the AFSAM-7 to replace the outdated CCM (LUCIFER) which was the British CCM-Typex, interoperable with the American CCM/SIGABA. The new BID/60 SINGLET greatly resembled the AFSAM-7 and used rotors that were identical to those of the AFSAM-7, but was not expected to be in production before 1960. The U.S. made available 3,500 units of the AFSAM-7 to the United Kingdom and 3,000 units to other NATO countries. These machines would be in loan and remained property of NSA.
In 1954, the U.S. Joint Chiefs of Staff approved the use of the AFSAM-7 by NATO. The plan was to introduce the machine to medium and high levels by mid-1956. NSA did recognized that the AFSAM-7, or reproductions with the same cryptographic principle, would eventually also find their way to non-military use in those countries, or might even end up in Soviet hands. NSA was confident the AFSAM-7 was secure against any attempt by the Soviets to decipher the messages, even when its cryptographic principles and specifications were compromised. The machine was therefore certified for Top Secret messages at the start of its career.
In 1955, the U.S. Army Security Agency Europe assigned two military instructors to NATO. They assisted in the training of NATO personnel, designated to repair and maintain the AFSAM-7, by then renamed into TSEC/KL-7. Those who attended the maintenance school had to be qualified as teletypewriter mechanic and have the proper security clearances. Basic knowledge of electronics was also desirable. In 1956, NATO decided to order the TSEC/HL-7 tape reader and KLX-7 keyboard adaptor, to facilitate the increasing volume of encrypted traffic. The NATO members had to determine their required stock of KL-7 spare parts, and could also order a kit with basic spare parts, at the price of $150 per machine. The spare parts and kits were gradually delivered between 1957 and 1960.
In 1957, NATO agreed to adopt the KL-7 for second level traffic and also for first level traffic with ADONIS key lists to replace the Typex (SIMPLEX) traffic, which was a Typex II, used with SIMPLEX pads. This also comprised each NATO member's Ministry of Defence and Foreign Affairs, their embassies in Paris and Washington, and their National Military Representative in Washington. In 1958 they extended the use of the KL-7 to minesweepers, fast patrol boats and long range maritime aircraft.
In 1958, the price per KL-7 was $1458. This comprised the KLB-7 base at $814, KLA-7 stepping unit $328, KLK-7 cipher unit $80, CE87054 Carrying Case $161, CE87066 AC Power Converter $75 and a set of rotors $100. A complete KL-7 would cost $13,372 when converted into present 2021.
The extended use of the KL-7 was discussed and NATO member Canada pointed out that the KL-7 had not reached 100% reliability yet due to problems with the pulse generator, and a book cipher as back-up would be essential. The KL-7 was also used on NATO submarines and in 1959 they approved the Basic Submarine Code as back-up system for the KL-7. The code, in itself not secure enough, was used in conjunction with letter one-time pads. By the end of 1959, NATO authorized the use of KL-7 ADONIS for first level military and diplomatic traffic.
The KL-7 was used by the United States, Belgium, Canada, Denmark, England (including the Commonwealth Australia and New Zealand's RNZN), France, Germany (West German Federal Republic), Greece, Italy, Luxemburg, Netherlands, Norway, Portugal and Turkey.
Advances in technology and the introduction of miniature electronic components increased the computational power to support cryptanalysis tremendously in the next decades. As a result, the KL-7 had become operationally insecure by the mid 1960s and vital message traffic was often superenciphered on other systems after being enciphered with the KL-7. From the 1970s on, the KW-26 and KW-37 online cipher equipment largely replaced the outdated KL-7. Some KL-7s stayed in service, mostly as back-up, and retired in the mid 1980s.
Although the KL-7 was only meant to be used by the U.S. military, its NATO allies and some state departments, there are some rare cases where civilians operated the KL-7. One such case was during the 1982 Falklands War. Within a few days, the British Navy had to sail a huge naval task force across the South Atlantic. They quickly chartered merchant ships to support the operations. One of them was the Eburna tanker that carried fuel oil, diesel and aviation fuel to transfer fuel at sea. The civil radio officer shad no experience with naval communications nor crypto systems and had learn the basics of cryptography and operating the KL-7 within very short time.
The last known recorded message, enciphered with a KL-7, was sent by the Canadian armed forces in June 1983. The fully electronic KL-51 RACE off-line cipher machine could be regarded as its successor. The KL-7 machine itself was unclassified but the cipher unit wiring, the entry plates and the stepping circuitry were confidential. After its service time, most KL-7s and KL-47s and their rotors were recalled. The surviving KL-7s were carefully stripped from their stepping mechanism wiring and rotor entry wiring, commonly denoted as sanitized.
The KL-7 is a unique machine in many ways. It was the first machine to be developed under one centralized cryptologic organization and introduced as a standard crypto device in all parts of the armed forces. At that time, the KL-7 used the latest cryptologic techniques and was the first ever cipher machine with electronics, yet its rotor based design would soon lose the battle against miniaturization of electronics and computational power. It proved to be the last of a breed of true cipher machines.
Many operators cursed the machine for its quirky keyboard and regular contact problems. They welcomed its electronic successors, but today they speak with sentiment about that wonderful machine and even remember vividly the typical sound of its stepping rotors. Maybe it is because of the era in which the KL-7 and the operators gave their best. Maybe because the KL-7 served all over the world, collecting secrets and memories about the Cold War, companionship, and even exciting stories about treason and espionage.
Because this was not the end of the KL-7 story...
In 1981, former US Army Warrant Officer Joseph Helmich, was arrested by the FBI for the sale of critical information on the KL-7. In 1963, he served as crypto custodian in France and later at Fort Bragg, North Carolina. Being faced with financial problems, Helmich contacted the Soviet Embassy in Paris, France. He received $131,000 in return for critical information on the KL-7. At that moment, the KL-7 was the most widely used crypto machines in the US military. After returning to the United States, Helmich continued to provide KL-7 key lists to the Soviets until 1966. Although already under suspicion in 1964 and admitting in 1980 to have received money from Soviet agents, it was only in early 1981 that he was observed with Soviet agents in Canada. Helmich eventually confessed and was sentenced to life imprisonment.
In 1985, FBI received a tip from the ex-wife of John Anthony Walker, a retired US Navy communications specialist. Later on, he was observed by the FBI while dropping a grocery bag alongside a road north of Washington D.C. The bag contained 129 copies of stolen secret U.S. Navy documents. At the same moment and a few miles further, a Soviet KGB agent left a grocery bag with $200,000. It was clearly a dead drop exchange to covertly exchange documents and money without meeting face-to-face. The following night, John Walker was arrested by the FBI in a motel.
The investigation shook up the military intelligence community. As later turned out, already in 1967, Chief Warrant Officer John Walker simply walked into the Soviet Embassy in Washington DC with a KL-47 key list and offered the Soviets to sell secret Navy documents for cash. It was the beginning of a spying career of no less than 18 years. During a search of his house after his arrest, the FBI discovered a special device, provide by the KGB, to read the internal wiring of the KL-7 rotors. During interrogations, Walker admitted providing the Soviets with complete technical maintenance manuals which enabled the reconstruction of a fully operational KL-7. He was also sentenced to life imprisonment.
The importance Soviet Intelligence gave to the key lists, despite possessing all technical details of the KL-7, shows that they were probably unable to break the KL-7 message traffic purely by cryptanalysis, or that they had no sufficient computer power to decipher them within reasonable time for practical use, at least in the early 1960s.
You can download a realistic simulation of the TSEC/KL-7 on this website. This simulator is based on the most recent information and developed in collaboration with Crypto Museum. The simulator operates in exactly the same way as the real machine. With most surviving KL-7's sanitized, this simulator is the only remaining way to actually work with this beautiful machine, and serves to keep this machine and its history alive. The simulator has an extensive 20 page manual that includes the use of the simulator, the technical and historical details on the KL-7 and some example messages. Please visit the KL-7 Simulator page to download the software,