 |
| KL-7 off-line crypto . (Photo by Jerry Proc) |
CRYPTO OPERATIONS AT HMCS COVERDALE
By
Ray White, Chief Petty Officer 2nd Class RCN (Retired)
From a cryptographic point of view, all stations in the SUPRAD system had Administrative and Operational channels that would only interact in case of very urgent traffic. The cryptosystems used within these channels are, with one or two exceptions, described in the web page Crypto Machines.
In the very early 1950s, Coverdale’s Administrative system was the CCM or Combined Cypher Machine, which was an adapter for the Typex to make it compatible with the American ECM machine. The TYPEX system was used by the UK and Commonwealth during the war. It was generally used for material up to level SECRET and was supplemented by the VENUS cryptosystem, a strip cypher which was intended to be processed by officers but was often delegated to a senior hand because of the drudgery involved.
In approximately 1953, the ECM, or Electro-mechanical Cypher Machine (known in the US as SIGABA-2) was introduced. Both the CCM and ECM machines were big, noisy, slow "clunkers" that really were an impediment to the rapid handling of large amounts of classified messages.
Next came the TSEC/KL-7 machine. Like many cryptosystems, the KL-7 was also identified by a “mythological” name, in this case ADONIS. It was a small device, about the size of a portable typewriter, and had a row of rotors which were changed daily. One of the problems with the KL-7 was the effect of oxidation on the rotor contacts. It became a ritual to rub the rotors with a special buffing board which had a strip of rough cotton on it to keep the rotor contacts clean. The output of the machine in the encrypt mode was a 3/8” strip of gummed paper tape printed with five-letter groups. These would be stuck to a message pad and transmitted using codress procedure, that is, the address was encrypted with the text of the message. The only outward information was the call signs and group count or, in the case of teletype transmission, the routing indicators and the group count. Adonis was a quantum leap over its predecessors but it was very slow for effective traffic flow, and the constant baby-sitting necessary to ensure the rotor contacts were clean interfered with efficient communications. Improvements came and it remained the administrative system until on-line systems were introduced.
|
| KL-7 off-line crypto . (Photo by Jerry Proc) |
Operationally, Coverdale used the ROCKEX system to transmit its reports and results of operations to CBNRC (the Communications Branch National Research Council), an autonomous entity which was the predecessor of today’s CSE, the Communications Security Establishment. A British military development in World War 2, ROCKEX was an off-line cryptosystem which used one-time keytapes. Basically, the machine compared the marks and spaces on the text tape with those on the keytape, performed a type of binary arithmetic thus resulting in the encoding or decoding of text. The advantage of ROCKEX was that the various functions which would normally occur as a result of the encryption process were disabled, thus ensuring that the encrypted text was always a series of five-letter groups separated into fifty group blocks. Letter-shift, Figure Shift, blank, space, carriage return, and line-feed would only appear when necessary to maintain this five-letter, fifty group format. ROCKEX operated at 75 words per minute and was a very efficient means of sending a heavy traffic load even though it had many mechanical and electronic problems and required constant maintenance. The rotors on the transmitter distributors required constant cleaning and, in many areas, the machines were temperamental when humidity levels fluctuated. A design feature of the machine was a “slitter” which was fitted to the keytape transmitter-distributor and was intended to cut the key-tape apart at the feed holes so the tape could not be used more than once. The finicky nature of the machines was such that the slitters had to be disabled to allow for re-encryptions and re-decryptions.The re-encryption and re-decryption referred to in-house operations. We would use a given key-tape on the live circuit only once, but sometimes, because the equipment was acting up, it would be necessary to do it all again, and if you had a large number of gaps in usage of the key-tape the station at the other end would have all these pieces of tape to account for until advised otherwise. So, we would actually use the tape two or maybe three times to make a good copy. The same would occur during decryption but, of course, without the same cryptosecurity implications. Multiple encryptions, ie, using the same keytape more than once for different plain text, was a definite no-no and was considered a violation of cryptosecurity
In addition to its basic operational functions, Coverdale was a relay point for intelligence summaries between the Flag Officer Atlantic Coast in Halifax and the Director of Naval Intelligence in NDHQ and this material was transmitted on the landline circuits leased from Canadian National Telegraphs using the on-line cryptosystem known as PYTHON, a five-unit Baudot code similar to ROCKEX in that characters were encrypted and decrypted by the process of binary arithmetic without the elimination of teletype machine functions.
In the late 1950s a replacement for ROCKEX was installed to handle the increasing operational traffic load. This was the BID-30 or 5-UCO on-line cryptosystem. 5-UCO, the preferred name (pronounced five you-coe) was the first on-line crypto device used by the SUPRAD system. It consisted of the continuous transmission of keytape to line. When it was desired to send a message the operator in the communications center would place his tape on the TD ( tape reader) and transmit the message. This innovation provided the additional security of “traffic-flow security” where, because a constant stream of marks and spaces was being transmitted, an observer or interceptor would not know when a message would start or end. That was the theory, but in actuality, the 5-UCO required constant care to maintain synchronism between the two stations. When it was out of step, a manual-morse key, attached to the machine, would be used to re-establish synchronism. It used an enormous quantity of keytape and produced prodigious numbers of burn bags for the daily burn routine.
These systems would be replaced in the early 1960s when KW-26 ROMULUS was introduced for point-to-point work, thus removing the need for large quantities of keytapes to be sent from Ottawa. The KW-26 used a single IBM-type keycard which was changed at least once daily or whenever the system went out of sync – a few cards would be used daily as opposed to the large number of 5-UCO and ROCKEX tapes. Whenever the card reader was opened a cutting device would slice the card in two, rendering it unusable.
The Atlantic HFDF Net also migrated to on-line operation in the early 1960s, with the introduction of the KW-37 JASON system. JASON was an on-line broadcast technology which the Navy also used for its fleet broadcasts. In a similar manner, HFDF Net Control stations used KWT-37 to transmit flashes to the net. The outstations copied this broadcast using KWR-37 receivers. When Net Control broadcast the call for bearing reports, outstations would use the KW-7 ORESTES cryptosystem. The CW flash and reporting nets were eliminated, and the JOVE one-time pads for the flashes and four-letter code groups for bearing reports were decommissioned. It was the end of an era.
Nov 12/12