|
|
|
|
Electronic Transfer Device
- Wanted item
The KYK-13 is a small electronic transfer device
used by the military for the distribution of cryptographic material,
commonly refererred to as Transmission Encryption Keys (TEK).
It was developed by the US National Security Agency
(NSA) and uses the
DS-102 protocol for key transfer.
The KYK-13 is also known by its National Stock Number NSN 5810-01-026-9618.
|
The KYK-13 was very popular because of its simplicity, small size
and ease of use.
A total of 6 TEK variables can be stored
in the internal memory of the KYK-13, making it suitable for a variety of
crypto devices, such as the
KY-57 (Vinson),
KY-99,
some SINCGARS radios,
KG-84,
BID/250 (Lamberton)
and even the latest KIV-7.
It was also used with the STU-II/B,
KY-68,
Spendex-40,
Spendex-50 (DBT) and some other
crypto phones.
In normal use, the device itself is filled with cryptographic material
from of a key management system (KMS) or another key filler.
|
|
|
The KYK-13 has 6 key compatments and supports a maximum length of
128 bits 1 for each key,
making it suitable for a wide range of legacy crypto devices.
It was first built in the 1980s and has been in service
for over 30 years, with an excellent track record and wide user acceptance.
The KYK-13 was succeeded by a number of newer
key fillers,
such as the CYZ-10,
the PYQ-10
and the Secure DTD2000 System (SDS),
but they all missed the simplicity of the KYK-13.
In 2009, the US Army announced the
KIK-30 RASKL
(Really Simple Key Loader) which is called
the modern KYK-13 replacement by its manufacturer [2].
Despite that, the KYK-13 is still used widely today (2012).
The only real drawback is that it only supports
DS-102
and not the later DS-101 protocol.
|
 |
-
There has been some debate in the past as to the maximum length of the
keys that can be stored inside the KYK-13.
In some publications
it is stated that it is only suitable for 90-bit keys and that later
devices (e.g. the CYZ-10)
had to be used for the modern 128-bit keys [1].
This can not be true however, as all crypto phones listed above use
the 128-bit key based SAVILLE algorithm.
|
 |
 |
 |
 |
 |
 |
The KYK-13 is very easy to operate and has only a few controls. There are
two rotary switches (mode and address) with a recessed push button in between
them (transfer). The device has two U-229 type connectors
for connection to a crypto device: a male type (J1) and a female type (P1).
These connectors are electrically identical and can also be used for cloning
two KYK-13 devices.
At the right is the ON/OFF switch (MODE). At the left is the selector for the
required crypto key compartment (1-6). The button at the center (Transfer) is
used to initiate a transfer, although in most cases a transfer should be
initiated from the destination device (e.g. a crypto phone).
Any activity is indicated by the red LED. The
unit is ZEROIZED (i.e. all keys destroyed) by setting the key compartment
selector to Z ALL (ZEROIZE ALL)
and turning the MODE switch to Z (ZEROIZE).
|
The KYK-13 is powered by a single internal 6.5V battery that is installed
in a small compartment at the rear of the unit. A small aluminium panel with
two screws gives access to the battery and allows it to
be replaced within minutes. The image on the right shows the KYK-13 after
the battery cover has been removed.
Initially, the KYK-13 was used with the Mercury-based BA-1372/U battery,
which has now been superceeded by the better BA-5372/U Lithium Manganese
Dioxide battery. This battery is still available today from a variety of sources.
|
|
|
The design of the KYK-13 is similar to the
MX-18290 Transmission Security
Key Fill Device, featuring a similar case, similar controls and identical
connectors. The KYK-13 however, is much smaller and can be used for
cryptographic keys, whilst the
MX-18290 is only suitable for transferring
Frequency Hopping tables, also known as Transmission Security Keys (TSK).
|
The KYK-13 is used all over the world with a variety of devices,
ranging from crypto phones and similar equipment,
to frequency hopping radios (FH), airplane transponders
(Identification Friend or Foe, or IFF) and GPS devices.
The KYK-13 can hold up to six keys (or key variables) in its memory,
with a maximum of 128 bits for each key. Each key consists of 120 key bits
(i.e. the actual key) and an 8-bit checksum. As there is no way to tell
which key is used for what purpose, there are 6 writable fields on the
side panel of the device, as shown in the image.
|
|
|
The six white ovals in the image above are somewhat recessed and have
a plastic background, so that they can be written with a pencil.
As per convention, they would generally be used to indicate the type of
key and the valid crypto period. For example, if compartment #1 contains
a Secure Voice key that is valid until 24 February,
oval #1 could read something like: SV 24 Feb.
|
Although the KYK-13 can be connected to any DS-102 compatible device by
means of a so-called fill cable, it is constructed in such a way that it
can be fitted directly to the FILL connector of most crypto devices.
As it has both a male-type and a female-type connector, one will always fit.
|
KY-68
Just as an example, the KYK-13 is shown here on top of the
KY-68 military crypto phone that was used in the US Army during the
1990s. It is connected directly to the FILL connector of the
KY-68, and was used for transferring various types of keys.
More about the KY-68
|
|
|
Spendex 40
The KYK-13 was also a popular device outside the US Army.
The image on the right shows a KYK-13 unit connected to a Philips
Spendex-40 military-grade crypto phone.
It is used here to load the Traffic Encryption Keys (TEK) into the
secure telephone.
More about Spendex 40
|
|
|
Over the years, the KYK-13 has arguably become one of the most popular fill
devices of all times, because of its small size, light weight and ease of use.
In fact it was so popular that it was always in short supply.
It has become the standard by which all later key fillers
are referenced.
|
The KYK-13 is a powerful yet rather simple device. It could be serviced
at the depot and can be opened by removing the four bolts at the corners
of the front panel. After removing the front
panel, the interior becomes visible,
revealing the solder side of the main
Printed Circuit Board.
|
The Printed Circuit Board (PCB) is held in place by four small cross-head
bolts and contains a connector (at the other side) that slots directly
into another PCB that contains the controls.
After removing the bolts, the PCB and easily be lifted off the lower PCB.
The image on the rights shows the main PCB aside the KYK-13, with its
component side facing upwards.
The double-sided PCB is relatively simple
and contains only a handful of components. At the lower half is the
black sockets for the lower PCB.
|
|
|
The rest of the PCB contains only two critical components:
the main controller (ON512432)
and a static RAM memory chip (ON202178).
Both chips are custom made (OEM) by Harris. The main controller is
probably a custom-designed Application Specific Integrated Circuit
or ASIC. Judging from the date codes on both chips, the device
shown here was made in or around 1986.
|
Please note that neither the KYK-13 nor its documentation is classified
or otherwise restricted. Only when the device is loaded with a valid
key, it becomes classified to the level of the key. KYK-13 is approved
by the NSA for the distribution of Type-1 cryptographic keys.
|
Because of the success of the KYK-13 and its ever short supply,
some manufacturers have produced functional clones of the devices.
One example is the KSP-1 made by the German manufacturer ANT.
It is fully compatible with the KYK-13
but has 32 key compartments.
Another example is the UP-2001,
shown in the image on the right,
made by Philips Usfa
in The Netherlands in 1990. It resembles the
KYK-13 but has 40 key compartments. Instead of the second
U229 connector
is has a 9-pin RS-232 socket for the connection of a
barcode reader.
|
|
|
|
The following encryption/decryption units are compatible with the KYK-13:
|
|
|
Any links shown in red are currently unavailable.
If you like this website, why not make a donation?
© Copyright 2009-2013, Paul Reuvers & Marc Simons. Last changed: Tuesday, 25 February 2014 - 10:21 CET
|
 |
|
|