Editing NSA encryption systems (section)

== NSA encryption by type of application ==

The large number of cipher devices that NSA has developed can be grouped by application:

=== Record traffic encryption ===

During [[World War II]], written messages (known as '''record traffic''') were encrypted off line on special, and highly secret, [[rotor machine]]s and then transmitted in five-letter code groups using [[Morse code]] or [[Teletype Corporation|teletypewriter]] circuits, to be decrypted off-line by similar cipher devices at the other end. The [[SIGABA]] rotor machine, developed during this era continued to be used until the mid-1950s, when it was replaced by the [[KL-7]], which had more rotors.

The [[KW-26]] ROMULUS was a second generation cipher device in wide use that could be inserted into teletypewriter circuits so traffic was encrypted and decrypted automatically. It used electronic [[linear-feedback shift register|shift registers]] instead of rotors and became very popular (for a COMSEC device of its era), with over 14,000 units produced. It was replaced in the 1980s by the more compact [[KG-84]], which in turn was superseded by the KG-84-interoperable [[KIV-7]].

=== Fleet broadcast ===

US Navy ships traditionally avoid using their radios to prevent adversaries from locating them by [[direction finding]]. The Navy also needs to maintain traffic security, so it has radio stations constantly broadcasting a stream of coded messages. During and after World War II, Navy ships copied these ''fleet broadcasts'' and used specialized ''[[call sign]] encryption'' devices to figure out which messages were intended for them. The messages would then be decoded off line using [[SIGABA]] or [[KL-7]] equipment.

The second generation [[KW-37]] automated monitoring of the fleet broadcast by connecting in line between the radio receiver and a [[teleprinter]]. It, in turn, was replaced by the more compact and reliable third generation [[KW-46]].

=== Strategic forces ===

NSA has the responsibility to protect the command and control systems for nuclear forces. The [[KG-3]]X series is used in the US government's ''Minimum Essential Emergency Communications Network'' and the ''Fixed Submarine Broadcast System'' used for transmission of emergency action messages for nuclear and national command and control of US strategic forces. The Navy is replacing the [[KG-38]] used in [[nuclear submarine]]s with [[KOV-17]] circuit modules incorporated in new long-wave receivers, based on commercial [[VMEbus|VME]] packaging. In 2004, the US Air Force awarded contracts for the initial system development and demonstration (SDD) phase of a program to update these legacy generation systems used on aircraft.

=== Trunk encryption ===
Modern communication systems [[multiplexing|multiplex]] many signals into wideband data streams that are transmitted over [[optical fiber]], [[coaxial cable]], [[microwave]] relay, and [[communication satellite]]s. These wide-band circuits require very fast cipher devices.

The [[WALBURN]] family ([[KG-81]], [[KG-94]]/[[KG-194|194]], [[KG-94A]]/[[KG-194|194A]], [[KG-95]]) of equipment consists of high-speed bulk encryption devices used primarily for microwave trunks, high-speed land-line circuits, video teleconferencing, and [[Digital Signal 1|T-1]] satellite channels. Another example is the [[KG-189]], which support [[SONET]] optical standards up to 2.5&nbsp;Gbit/s.

Digital Data encryptors such as [[KG-84]] family which includes the TSEC/[[KG-84]], TSEC/[[KG-84]]A and TSEC/[[KG-82]], TSEC/[[KG-84]]A and TSEC/[[KG-84]]C, also the [[KIV-7]].

====KIV-7====
The '''KIV-7''' is a [[National Security Agency]] [[Type 1 encryption|Type-1]], single-channel [[Encrypting|encryptor]] originally designed in the mid-1990s by [[AlliedSignal]] Corporation to meet the demand for secure data communications from personal computers (PC), workstations, and FAXs. It has data rates up to 512&nbsp;kbit/s and is interoperable with the [[KG-84]], KG-84A, and KG-84C data encryption devices.

Several versions of the KIV-7 have been developed over the years by many different corporations that have either bought the rights to build the KIV-7 or through corporate mergers.

*KIV-7 		Speeds up to 512&nbsp;kbit/s
*KIV-7 HS	Speeds up to T-1 (1.54&nbsp;Mbit/s)
*KIV-7HSB	Speeds up to 2.048&nbsp;Mbit/s
*KIV-7M		Speeds up to 50&nbsp;Mbit/s and supports the High Assurance Internet Protocol Interoperability Specification (HAIPIS)
 
(The National Security Agency (NSA) has established new High Assurance Internet Protocol Interoperability Specifications ([[HAIPE|HAIPIS]]) that requires different vendor's Inline Network Encryption (INE) devices to be interoperable.)

=== Voice encryption ===

[[Image:KY-68.nsa.jpg|thumb|[[KY-68]] tactical secure telephone]]

True voice encryption (as opposed to less secure [[scrambler]] technology) was pioneered during World War II with the 50-ton [[SIGSALY]], used to protect the very highest level communications. It did not become practical for widespread use until reasonable compact [[Speech encoding|speech encoder]]s became possible in the mid-1960s. The first tactical secure voice equipment was the [[NESTOR (encryption)|NESTOR]] family, used with limited success during the Vietnam war. Other NSA voice systems include:<ref name=boaklectures>[https://www.governmentattic.org/18docs/Hist_US_COMSEC_Boak_NSA_1973u.pdf A History of US Communications Security; the David G. Boak Lectures], National Security Agency (NSA), Volumes I, 1973, Volumes II 1981, partially released 2008, additional portions declassified October 14, 2015</ref>{{rp|Vol I, p.57ff}}

* [[STU I]] and [[STU II]] — These systems were expensive and cumbersome and were generally limited to the highest levels of command
* [[STU-III]] — These telephone sets operated over ordinary telephone lines and featured the use of security tokens and [[public key cryptography]], making them much more user friendly. They were very popular as a result. Used since the 1980s, this device is rapidly being phased out, and will no longer be supported in the near future.
* [[1910 Terminal]] — Made by a multiple of manufacturers, this device is mostly used as a secure modem. Like the STU-III, new technology has largely eclipsed this device, and it is no longer widely used.
* HY-2 a vocoder for long haul circuits designed to work with the [[KG-13]] key generator.
* [[Secure Terminal Equipment]] (STE) — This system is intended to replace STU-III. It uses wide-[[Bandwidth (signal processing)|bandwidth]] voice transmitted over [[Integrated Services Digital Network|ISDN]] lines. There is also a version which will communicate over a PSTN (Public Switched Telephone Network) line. It can communicate with STU-III phones and can be upgraded for FNBDT compatibility.
* [[Sectéra Secure Module]] — A module that connects to the back of a commercial off the shelf cellular phone. It uses AES or SCIP for encryption.
* [[OMNI (SCIP)|OMNI]] — The OMNI terminal, made by L3 Communications, is another replacement for STU-IIIs. This device uses the FNBDT key and is used to securely send voice and data over the PSTN and ISDN communication systems.
* [[VINSON]] A series of systems for tactical voice encryption including the KY-57 man portable unit and [[KY-58]] for aircraft
* [[HAVE QUICK]] and [[SINCGARS]] use NSA-supplied sequence generators to provide secure [[frequency hopping]]
* [[FNBDT|Future Narrowband Digital Terminal]] (FNBDT) — Now referred to as the "Secure Communications Interoperability Protocol" ([[Secure Communications Interoperability Protocol|SCIP]]), the FNBDT is a replacement for the wide-band STE, which uses narrow-bandwidth communications channels like [[cellular telephone]] circuits, rather than ISDN lines. The FNBDT/SCIP operates on the application layer of the [[OSI model|ISO/OSI Reference Model]], meaning that it can be used on top of different types of connections, regardless of the establishment method. It negotiates with the unit at the other end, much like a dial-up [[modem]].
* Secure Iridium — NSA helped add encryption to the Iridium commercial mobile phones after it rescued the bankrupt [[Iridium Satellite LLC|Iridium]].
* [[Fishbowl (secure phone)|Fishbowl]] — In 2012, NSA introduced an Enterprise Mobility Architecture intended to provide a secure VoIP capability using commercial grade products and an Android-based mobile phone called Fishbowl that allows classified communications over commercial wireless networks.<ref>{{cite web |url=http://www.nsa.gov/ia/_files/Mobility_Capability_Pkg_(Version_1.1U).pdf |title=Archived copy |accessdate=2012-03-02 |url-status=bot: unknown |archiveurl=https://web.archive.org/web/20120301112501/http://www.nsa.gov/ia/_files/Mobility_Capability_Pkg_(Version_1.1U).pdf |archivedate=March 1, 2012 }}</ref>

The operational complexity of secure voice played a role in the [[September 11, 2001 attacks]] on the United States. According to the [[9/11 Commission]], an effective US response was hindered by an inability to set up a secure phone link between the National Military Command Center and the [[Federal Aviation Administration]] personnel who were dealing with the hijackings. ''See'' [[Communication during the September 11, 2001 attacks]].

{{commons category|Voice encryption devices in the National Cryptologic Museum}}

=== Internet ===

NSA has approved a variety of devices for securing [[Internet Protocol]] communications. These have been used to secure the Secret Internet Protocol Router Network ([[SIPRNet]]), among other uses.

The first commercial network layer encryption device was the Motorola Network Encryption System (NES). The system used the SP3 and KMP protocols defined by the NSA [[Secure Data Network System]] (SDNS) and were the direct precursors to [[IPsec]]. The NES was built in a three part architecture that used a small cryptographic security kernel to separate the trusted and untrusted network protocol stacks.<ref>{{cite web |url=https://patents.google.com/patent/EP0435094B1 |title = EP0435094B1 - Uniform interface for cryptographic services - Google Patents}}</ref>

The SDNS program defined a Message Security Protocol (MSP) that was built on the use X.509 defined certificates. The first NSA hardware built for this application was the BBN Safekeeper.<ref>{{cite book|author=Nancy Cox|title=Electronic Messaging|url=https://books.google.com/books?id=BJVwSRGkDZMC&pg=PA566|year=1999|publisher=CRC Press|isbn=978-0-8493-9825-4|page=566}}</ref> The Message Security Protocol was a successor to the IETF Privacy Enhance Mail (PEM) protocol. The BBN Safekeeper provided a high degree of tamper resistance and was one of the first devices used by commercial PKI companies.

=== Field authentication ===

[[File:KAL-55B Tactical Authentication System (Vietnam War era) - National Cryptologic Museum - DSC08013.JPG|thumb|NSA KAL-55B Tactical Authentication System used during the [[Vietnam War]] — [[National Cryptologic Museum]]]]

NSA still supports simple paper encryption and authentication systems for field use such as [[DRYAD]].

=== Public systems ===

NSA has participated in the development of several cipher devices for public use. These include:
* [[NSA Suite B Cryptography|Suite B]]: a set of [[public key cryptography|public key]] algorithm standards based on [[elliptic curve cryptography]].
* [[Advanced Encryption Standard]] (AES): an encryption algorithm, selected by [[NIST]] after a public competition. In 2003, NSA certified AES for [[Type 1 encryption|Type 1]] use in some NSA-approved systems.
* [[Secure Hash Algorithm]]: a widely used family of [[Cryptographic hash function|hash algorithm]]s developed by NSA based on earlier designs by [[Ron Rivest]].
* [[Digital Signature Algorithm]]
* [[Data Encryption Standard]] (DES)<ref>{{cite web|url = https://www.nsa.gov/public_info/_files/cryptologic_histories/cold_war_iii.pdf|title = American Cryptology during the Cold War, 1945-1989.Book III: Retrenchment and Reform, 1972-1980, page 232|author = Thomas R. Johnson|accessdate = 2010-01-03|publisher = [[NSA]], DOCID 3417193|date = 2009-12-18|url-status = dead|archiveurl = https://web.archive.org/web/20100527214909/http://www.nsa.gov/public_info/_files/cryptologic_histories/cold_war_iii.pdf|archivedate = 2010-05-27}}</ref>
* [[Skipjack (cipher)|Skipjack]]: the cipher developed for Clipper and finally published in 1998.
* [[Clipper chip]]: a controversial failure that convinced NSA that it was advisable to stay out of the public arena.
* [[Security-Enhanced Linux]]: not strictly a cipher device, but a recognition that in the 21st century, [[operating system]] improvements are more vital to information security than better [[cipher]]s.
* The [[Speck (cipher)|Speck]] and [[Simon (cipher)|Simon]] light-weight [[Block cipher]]s, published in 2013.