The TSEC/KL-43 is a portable, electronic, off-line crypto-equipment for encryption/decryption of alphanumeric information of all categories and classifications. It has a built-in keyboard for information input, a liquid crystal display (LCD), a built-in modem and a telephone handset coupler for transmission or receipt of encrypted/decrypted data over standard telephone lines, and printer connection capability. The KL-43 has a built-in special application keyboard for daily key updating. In this annex, KL-43 equipment indicates any crypto-equipment in the KL-43 family, including the KL-43, KL-43A, KL-43C ruggedized device and KL-43D. The KL-43 system is not interoperable with the KL-42 system; however, the keys used for the KL-43 are the same keys used with the KL-42. TheKL-43 and KL-43A models are not interoperable with other KL-43 models (e.g., KL-43C and KL-43D) when the update feature is used.They are interoperable in all other modes. Holders of the KL-43and KL-43A who require use of the update feature must have prior approval of the CMC (CCT).
|KL-43 photo by Ralph Simpson|
The KL-43 without printer, or with an approved printer, is approved for use for classifications up to and including TOP SECRET. Approved printers compatible with the KL-43 are included in the Preferred Products List (PPL). Other compatible printers and restrictions on their use are included in a separate list available from the Commanding Officer, Naval Electronic Systems Security Engineering Center or Commander, Naval Investigative Service Command.
Since KL-43 printers do not automatically mark printed messages with the classification level, a statement of classification shall be included in printed messages processed by the KL-43.
If knowledge of the time a message is sent is critical to proper interpretation of the message, that message shall include a date/time/message count feature in the plain text.
KL-43 encrypted messages may be transmitted via any medium (Morse Code, verbal, modem, etc.).
KL-43 traffic encryption keys (TEK) are operational keys (KAK) or exercise keys (KXK) having either a 24-hour cryptoperiod or weekly cryptoperiod when using the daily key update feature. Each31 segment TEK canister is superseded monthly when using the 24-hour cryptoperiod or superseded every 6 months when using the daily key update feature with the weekly cryptoperiod. A used TEKtape segment may be retained up to 72 hours after its supersession to accommodate delayed messages; however, the key must be protected to preclude traffic compromise through loss or espionage until its destruction. KL-43 training keys (KTK) and maintenance keys (KMK) have no cryptoperiod and each key segment may be reused until unusable. Training keys and maintenance keys will not be used for over-the-air transmissions. All KL-43 and KL-42 key tapes are compatible even though the equipment is not.
Cryptonets should be kept as small as the operation permits to reduce the possibility of compromise, but some KL-43 nets are by necessity large. KL-43 cryptonets employing a 24-hour cryptoperiodshall be kept to 200 users for TOP SECRET and 1000 users for SECRET and lower. If the daily key update feature is used, the cryptoperiod is weekly (7 days), and cryptonets shall be kept to 30 users for TOP SECRET and 150 users for SECRET and lower. Controlling authorities requiring larger nets and/or longer cryptoperiods must request approval from the CMC (CCT).
All KL-43 equipment has a capability of updating 35 times before a new key (TEK) must be applied. Under some mission scenarios, updating is required after each message is processed. This procedure will place added security to message protection but is determined by the users' controlling authority. The users have the following options:
a. Keying every 24 hours with no updates.
b. Updating after every message for 35 updates within the 24-hour cryptoperiod.
c. A 7-day cryptoperiod with daily updates.
If an equipment malfunction in the encryption or decryption process occurs, change KL-43 equipment, rekey that equipment with the TEK tape for that cryptoperiod, and update to the appropriate day (if updating). Malfunction is defined as a function that will not clear in the encryptor, or failure of the
decryptor to achieve cryptosynchronization.
In addition, the KL-43 can be used on the Defence Switched Network (DSN) under the following conditions:
(a) The KL-43 will be disconnected from the line immediately after transmission of each message. It shall not be connected to the line while a message is being composed.
(b) Receiving and transmitting terminals will be monitored during transmission. Transmissions exceeding 90 seconds shall be interrupted and reestablished. A 2000-character message should take only 66 seconds for transmission.
(c) If the user line at either end is preempted during a KL-43 transmission, the receiving KL-43 will give an audible signal and display a message that synchronization has been lost. The sending KL-43 will continue transmitting without any indication that the circuit has been preempted.
(d) Four-wire access line shall not be used for KL-43 transmissions.
Above: Various views of the KL-43
All KL-43 photos (in the group of 6 above) courtesy Ira J. Moser, Owner, MECO. Email: firstname.lastname@example.org Web: www.meco.org
|KL-43F photo (Courtesy NATO web site)|
In Denmark, the KL-43 was used by HQ LANDJUT and the Sig BN´s (and probably by all sub-units to the HQ). The Corps HQ, which were situated in Rendsburg, is now closed.
References and Credits :
1) Excerpts from Marine Corps Order MCO 2250 .1; C4-CCT-635; 17Jan 1990.
2) Excerpt from - http://www.disa.mil/pubs/circulars/dc3102251_c8.html (now an obsolete link)
3) Ralph Simpson <ralphenator(at)gmail.com>
4) KL-43F photo http://www.ia.nato.int/niapc/Product/KL-43F_28
Back To Menu Page