Looking for a successor to the KL-7: RACE and AROFLEX

An advanced version of the German Enigma KL-7 encryption machine was developed by the National Security Agency (NSA) in the United States. It was commissioned in 1952 and for many years served as the main encryption machine for the United States and NATO. The device, depending on the level of secrecy of the keys, bore the code names ADONIS (high level) and POLLUX (low level). KL-7 remained in service until the 1970s, later some countries exploited the KL-7 machine as a backup device. On June 30, 1983, the last message was sent from the KL-7 to the Canadian Navy. The encryption machine was replaced by a number of electronic machines, among them RACE and AROFLEX.


KL-7

The search for replacing the aging KL-7 encryption machine began in 1974. NATO offered several manufacturers to participate in a race called "KL-7 replacement". As a result, the Norwegian company STK (Standard Telefon og Kabelfabrik) and the Dutch company Philips Usfa provided their products to RACE and AROFLEX, respectively.

STK

STK was founded back in 1915, later belonged to ITT, then Alcatel and, finally, Thales; It was originally founded as a Scandinavian cable and rubber factory in Oslo. In 1934, it became the property of ITT / Standard Electric, and it was then that this name was given - STK. Under this name, the factory worked faithfully until 1987. In 1935, the number of employees was 54 people, from 1950 to the beginning of the 1970s, the company grew considerably and already had more than 4,000 people.


STK 1940

In 1987, ITT sold STK to Alcatel, and the name was changed - Alcatel Cable Norway AS. In the early 1990s, after a series of restructuring in Alcatel, almost all the production facilities in Oslo were closed.

STK was known for its series of encryption machines, which it produced over the years for the Norwegian, American, and NATO forces. In 1955, production of one of the first online / offline OTT (One-Time-Tape encryption, the essence of such encryption was simple: the key used is one-time and equal to the transmitted data, the text is encrypted and no one can decrypt it) encryption machines ETCRRM . This machine has been used in the midst of the Cold War on the Washington-Moscow hotline since 1963.


ETCRRM

Later developments of the company are SELMA (Standard Electronic Letter Machine) known as OKA-150, the transistor version of ETCRRM TCE-160 (Telecom Crypto Equipment 160) and others.


SELMA


TCE-160

In the mid-1960s, STK moved away from the production of One Tape machines and began to develop devices based on electronic key generators. The first were the TCE 180, known as Troll, and the Telex Cryptel 240 encryption machine. But, the TCE 180 never went on sale, the test results for the device were disappointing: the machine required significant improvements and changes. And Cryptel 240 was released in limited quantities for internal use, the encryption algorithm was too good for open sales. Moreover, the authorities imposed a ban on the sale of such a device, and since the design of the Cryptel 240 did not adhere to strict military specifications, NATO and other “military” customers never took over the ranks of buyers.

In 1973, the world's first microprocessor encryption machine RACE was created. The first prototypes used new MIPROC processors developed at the Norwegian State Defense Institute (Forsvarets Forskningsinstitutt, FFI).


RACE (Rapid Automatic Cryptographic Equipment)

RACE (Rapid Automatic Cryptographic Equipment) is a standalone encryption machine, it used a fully electronic cryptographic cipher. In the US, the car was known under the code name TSEC / KL-51, it was assigned the serial number NSN 5810-25-120-8069. Production of RACE was discontinued in 2006, but the device was in operation until 2010.



Compared to other crypts of that time, the RACE / KL-51 was a relatively compact device and was supplied in a durable aluminum case with a waterproof cover to protect the controls. All connections and wires were located at the back, the power cable with hex key and spare fuses were located behind the paper holder. The controls are a red dot matrix LED display, a QWERTY keyboard and an optical tape reader.

There was no connection in RACE to connect a key transfer device. Instead, the key was manually inserted using the keyboard or using an 8-level punched tape, which was read by the magnetic tape reader from the front right. Behind there were connectors for connecting an external teletype (TP) and paper punch (Punch).

In the United States, KL-51 devices remained in service until 2010. In most countries, the machine has been replaced with modern IP encryption devices, such as the KIV-7. There was also a civilian version of RACE - codenamed Cryptel 265, it used a less powerful encryption algorithm.



As mentioned above, all controls were located in the same area and were reliably protected by a waterproof cover. On the right was the power switch, on the front panel - a full QWERTY-keyboard. It was possible to switch the device operation mode using the colored keys on top.



Modes of Operation (MODE) RACE

By default, the machine started in plain text mode (P). The desired MODE could be selected using the colored keys in the upper left corner of the keyboard. The following modes are known:

• P - Plain text (default)
• D - decryption
• E - encryption
• F - function (input commands)
• X - error

The blue button (left) was used to enter commands and to execute them. If an error occurred, for example, when you entered the wrong command, the device automatically went into error mode (X), which was accompanied by an intermittent beep. The error could be removed by pressing EREASE (bottom left) or RESET (orange key). When choosing the encryption mode (ENCR) or decryption (DECR), the operator had to enter a valid key manually or through a tape. Alas, the format and key length are unknown.



Punched tape reader

The machine had a built-in punched tape reader in the front, to the right of the keyboard. He took punched tape in four different formats: 5 (standard teletype), 6 (TTS), 7 (early ASCII) and 8 rows (full ASCII). The tape was inserted from the front. With the help of a small screw on top of the reader it was possible to choose the width for the required format of punched tape. Most likely, for RACE used punched tape with 5 and 8 rows (5 and 8 bits).



Opening the cover of the reader, it was possible to easily place a punched tape between two metal guides. The recording took place mechanically, and the reading was optical. What can I say, the noise from such a device was a lot. The 5-hole tape format was used to read standard messages (using the Bodo telegraph code), such messages were prepared on an external teleprinter. The ASCII format was used to read cryptographic keys.


Mode switch

RACE was the first encryption machine in which cryptographic algorithms were implemented exclusively in software (software-optimized algorithm). At that time, it was, to put it mildly, very unusual, the STK company faced many problems until it was approved by NATO. After all, similar machines, such as AROFLEX (Philips), implemented their algorithms in hardware.

The encryption algorithms were stored in the PROM (PROM), the machine was built in such a way that you could install up to five algorithms plus a test program by simply adding a PROM memory block to the board. Inspired by the name of the car, RACE, the development team decided to name each algorithm in honor of famous racecourses in the UK. Were selected names associated with equestrian sports and consisting of 5 letters, such as EPSOM and DERBY. Unfortunately, suitable 5-letter names were soon exhausted.

The algorithm (or PROGRAM) could be selected using the 6-position PROGRAM SELECTOR located on the front panel of the machine. The following programs are known:

• EPSOM
• DERBY
• ASCOT
• EDITA

As a rule, two or three algorithms were present, depending on which country the machine was used in.

EPSOM is the default program, PROGRAM 1 for all RACE machines and American KL-51. The DERBY algorithm was probably created only for the Norwegian armed forces and national organizations. He supported two cryptographic keys and was approved by NATO. ASCOT is a special program for “human-machine communication”. The EDITA algorithm was the so-called EDIT ASSISTENT, with its help the operator prepared punched tapes for transmitting messages online.

Access to the car was in all NATO countries. Many bought several copies of the device for evaluation, but only a small number of countries officially accepted RACE (KL-51):

• USA
• Canada
• Norway
• Germany
• Australia

AROFLEX turned out to be more popular in Europe and Canada, while the United States preferred reliable RACE and designated it as TSEC / KL-51. In total, more than 5,000 copies of the RACE / KL-51 device were sold.

It is worth mentioning that the civilian version of RACE, Cryptel 265 (1978) was released. Since the cryptographic algorithms in RACE were fully implemented in software, it was not difficult to create a commercial version of the Cryptel 265 just with a different algorithm. Externally, the Cryptel 265 was identical to RACE. The production of the car turned out to be unprofitable due to the high competition in the market, and the main "rival" was the Swiss company Crypto AG. It is still unknown how much the Cryptel 265 has been sold.

Established in early 1980, the KL-51 was used by some units until the late 2000s. In 2006, it was replaced by the KIV-7.

AROFLEX UA-8116

Aroflex or UA-8116 (1976 - 1982) was developed by Philips Usfa. The company was founded shortly after the Second World War and was an important supplier of equipment for the Ministry of Defense of the Netherlands and NATO.



The name Usfa is an abbreviation of U ltra s one Fa briek (Ultrasone Factory). The company was engaged in the development and manufacture of optical and night vision devices, was well known for its achievements in the research of Stirling engines. Philips Usfa participated in the creation of a number of encryption machines for the Dutch government, the police, the Ministry of Defense.

Between 1977 and 1989, Philips Usfa had only 275 employees. Having teamed up with the Philips Holland Signaal subsidiary in the late 1980s, the company continued to operate as Signaal USFA. After Signaal was bought by Thomson-CSF (now Thales) in 1990, the cryptographic department returned to Philips. So there was Philips Crypto. Philips Crypto consisted of 60 people, all worked on the development of cryptographic solutions for civil, industrial and military communication systems. Alas, by 2000, sales had fallen significantly, and in 2003, due to lack of income, the company was closed. A number of products were sold to other companies, such as Fox-IT in Delft and Compumatica in Uden (Netherlands).

The first cryptographic devices of the company were developed in 1956 - Ecolex I and EROLET, a little later ECOLEX II. A few years later, in 1959, Philips Usfa created its first cryptographic machine: ECOLEX IV (OTT).


ECOLEX IV

But it’s probably the most successful encryption machine ever created by Philips Usfa, Aroflex . The device was developed in the period from 1976 to 1982, for all time released more than 4,500 units. The machine used hardware encryption, Aroflex is also known as UA-8116, BID / 1100 and T-1000CA. Aroflex consisted of a Siemens T-1000 teleprinter and a black aluminum encoder located at the bottom of the machine.



So, the challenge in the race to replace the aging KL-7 was accepted by Philips. The participant became the cryptomachine Aroflex. Aroflex was an automated encryption / decryption machine for fast, reliable and efficient battery life, and could be used as a device for preparing punched tapes. When designing Aroflex, Philips intended to use the existing telex as a basis and to complement the device with cryptographic capabilities. Siemens and its T-1000 teleprinter were chosen as the project partner. The T-1000 operated at 50, 75 and 100 baud / c online and 100 baud / c offline.

Aroflex was compatible with RACE and Picoflex. The plaintext was converted to 5-letter groups, 10 groups in each line. Aroflex could store up to 6 pages (120 lines of 10 crypto groups each) in internal memory.

On the front of the encoder were two locks and a red button. One lock was used as the INSERT key to switch from the “insert” mode to the “replace” mode, and the other lock was used for the SPECAT. If suddenly the cipher was compromised, the operator simply pressed the red button on the front of the encoder: the keys, and with them all the saved messages were deleted. The red button was called ZEROIZE.



In order for Siemens to sell the civilian version of Aroflex, Philips supplied the T-1000 with a separate cryptographic module. The car received the code name T-1000-CA, CA attachment meant the presence of the encoder. CA version was not sold by NATO.

The device could store up to 26 keys, as an alternative was the ability to enter the key using punched tape through the built-in tape recorder. In addition, the encoder was a special connector for connecting the input device keys.

It should be noted that the modified Siemens T-1000 teleprinter was used not only in the Aroflex machine, the Crypto AG (Hagelin) HC-550 and HC-580 encoders were also equipped with an external encoder.


HC-550 Crypto AG (Hagelin)

Although the Hagelin and TST machines visually resembled the Aroflex, they were incompatible with it and with any other NATO encryption machine. Each manufacturer applied its own cryptographic algorithm.

Philips allowed RACE to use the Aroflex algorithm, aligning both machines. The Dutch car turned out to be more popular in Europe and Canada, while the more reliable RACE was adopted by the USA. In order to directly connect to the line, appropriate interfaces were installed on some crypto machines.

During the Cold War, the cryptomachine Aroflex (actually Siemens T-1000CA) was the object of research by the Russian KGB and the East German Ministry (Stasi). In 1982 or 1983, they even managed to mysteriously seize the machine, but attempts to hack it were unsuccessful. Although they did not manage to compromise the car, someone from the side of NATO “supplied” the keys.

The article used materials CryptoMuseum , KL-51 on Jerry Proc's crypto , AROFLEX (UA 8116) and BID 1100

Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of the entry-level servers that we invented for you: The whole truth about VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps from $ 20 or how to share the server? (Options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).

Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA! Read about How to build an infrastructure building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny?