Tuesday, July 26, 2022

History of the TSEC/KL-7 Documented

TSEC/KL-7
 © Photo Dirk Rijmenants
The U.S. AFSAM-7 crypto machine, later renamed KL-7, was a 1950s marvel of technology that combined the latest cryptologic knowledge and electronics. Thanks to declassified documents we were able to compiled a fascinating history of the KL-7 that gives the reader an inside view on where and how the machine was used.
 
Although less known to the general public than the WWII German Enigma, this far more advanced rotor-based machine served three decades throughout the Cold War in nineteen countries with the military, state departments, intelligence agencies and civilians, and its history involves wars, intelligence and espionage.

Developed by ASA and later AFSA, the first machines were delivered to the U.S. military in early 1953. AFSA's successor NSA proposed to share the KL-7 crypto-principle with their NATO allies to improve their communications security and interoperability. Although initially developed for the US Army, Air Force and Navy, the machine was quickly adopted by both CIA and FBI.

Many declassified documents to reconstruct the KL-7 history.

Already in 1954, the CIA received its first AFSAM-7’s for testing. CIA's O&T Division planned the AFSAM-7 for mobile message centers and the machine was soon also installed in the CIA Signal Center. By 1955, all FBI offices, Quantico, the Seat of Government, the White House Signal Detachment and Air Force One were equipped with the AFSAM-7. Nice detail, several FBI documents are signed by “very truly yours, J. Edgar Hoover".

The U.S. shared the KL-7 with its NATO allies but when the Cold War turned hot in Asia they also loaned the machine to South Korea, South Vietnam and the Republic China. The latter might sound a bit weird, but the Republic of China was formed in 1912 by the anti-communist Kuomintang. After the 1949 communist takeover they fled to Taiwan, today officially still called Republic of China.

Although the KL-7 had excellent cryptographic properties and even resisted known-plaintext attacks, its design and cryptographic principle was compromised several times. The KL-47 (Navy version of KL-7) was captures by the North Koreans when they seized the U.S. SIGINT ship USS Pueblo and quite a few KL-7's also fell into the hands of the North Vietnamese, who loved to share those goodies with the Soviets.

Operating the KL-7 (center). Image NSA

Vietnam was a hard lesson, also for the KL-7. One example was operation Silver Bayonet, the famous 1965 Battle of Ia Drang (depicted in the movie We Were Soldiers). That battle revealed the danger of  poor communications security. Documents from the 101st ASA Security Detachment analysis of that battle give an interesting insight on how the KL-7 wasn’t used as it should, and why too much tactical information leaked from open unencrypted communications.

Despite some massive compromises the KL-7 remained secure, even with all technical details disclosed, as longs as the secret daily key sheets from the KL-7 were not compromised. Unfortunately, U.S. Army Warrant Officer Joseph Helmich sold KL-7 keys to the Soviet GRU and U.S. Navy communications specialist John Walker caused tremendous damage by selling KL-47 keys to the Soviets for no less than 17 years.

The complete detailed history is found in the ‘KL-7 in Service’ section of my TSEC/KL-7 page, including many declassified documents. Dive into the spree of TOP SECRET NOFORN NSA, ASA, CIA, FBI and NATO docs. If you want to know all
technical details of the KL-7 and how it is operated, then visit the KL-7 webpage.

Update: The extensive history of the TSEC/KL-7, including references to many declassified documents, is now available as download on the website. More information on the research on the KL-7 history at the blog post The First Compiled History of the KL-7.

Call to Veterans! If you operated the KL-7, we're always interested to document and publish your experiences with the machine. We're not interested in classified information, only stories about where and how you worked with the KL-7, and the machine is declassified. Since the KL-7 retired more than 40 years ago, time is running out to preserve testimonies. To get an idea of the stories we like to document, below some already published stories. You can contact us through the contact page on our website Cipher Machines and Cryptology.

Enjoy reading!

2 comments:

Anonymous said...

Loved working with the
KL-7. Learned to use it while in Germany at Bad Toelz (sp) in 1969 with 8th Airborne Inf

Dirk Rijmenants said...

Thanks for your service and comment on the KL-7. You're always welcome to contact us through the website to share your experience with the machine.