Click for homepage
DS-101 →
DS-102   EKMS 608
Common fill interface protocol

DS-102 is the oldest interface standard for electronic transfer devices, or fill units, developed and endorsed by the US National Security Agency. It was first introduced on the American STU-II secure telephone, and has since found its way to many radios and encryption devices from a wide variety of manufacturers. Although DS-102 has been superceeded by DS-101, many devices are still backwards compatible with DS-102, making it arguably the most popular KEY FILL interface.

DS-102 is used on many popular FILL devices, such as the KYK-13 and the KOI-18. The DS-102 interface is described in the EKMS-608 standard. Although the details of this standard used to be freely available on the internet in the early 2000s, this is no longer the case today.

From surviving documents however, we know that the maximum key length is limited to 128 bits on most FILL devices, and that it uses a synchronous data protocol, in which separate DATA and CLOCK signals are generated by the FILL device, allowing arbitrary transfer rates.
KYK-13 key loader

The latter is illustrated by the manually operated KOI-18, where the clock signal is generated by the sprocket hole in the punched paper tape, whilst the operator pulls the tape manually through the device, resulting in a variable undetermined data transfer rate.

DS-102 fill units on this website
AN/KYK-13 Key Transfer Device AN/CYZ-10 Data Transfer Device ECCM Fill Device (Frequency Hopping tables) Key fill device Philips DS-102 compatible key loader ANT/Siemens/R&S DS-102 key tape reader Racal MA-4778 Cougar DS-102 key filler
DS-102 compatible devices on this website
KG-40 and KG-40A Link 11 encryption device KG-81 digital high-speed trunk encryption device KG-84 digital line encryptor for telex signals KY-57 (VINSON) Wide-band Voice and Data Encryption Unit Narrow-band Voice and Data Terminal Secure Telephone Unit KY-68 Digital Secure Telephone KIV-7, embeddable KG-84 COMSEC module
BID/250 (Lamberton) SAVILLE-based voice encryption unit for Clansman DMU Replacement for the BID/250 and other (obsolete) cryptographic units KG-40A Replenishment Spendex-40 secure telephone for voice, fax and computer Spendex 50 (DBT), military secure crypto phone BVO Trunk Encryption Device
Aroflex II cipher machine, also known as PDLX-6141 or T-1285CA Ecolex 20
The Siemens T-1285CA (Aroflex) cipher machine Elcrovox 1/4D narrow band voice and data terminal (STU-II compatible)
Key length
Although the DS-102 standard does not impose a limit on the length of cryptographic keys that can be transferred with a device, most FILL devices can store and transfer keys with a maximum length of 128-bits. This limit is probably related to early voice encryption devices that use the SAVILLE encryption algorithm, such as the US VINSON (KY-57) and the UK Lamberton (BID/250).

With such devices, the key consists of 120 key-bits and an 8-bit checksum. With SAVILLE, only the first 120 bits are used as crypto variables, whilst the last 8 bits are used to check whether the first 120 bits are valid. This is done by calculating an 8-bit Cyclic Redundancy Check (CRC-8) from the first 120 bits, using a non-standard NSA-determined polynomial function.

The image on the right shows a KYK-13 fill unit, attached to the FILL socket on the front panel of a Philips Spendex 40 crypto phone, developed in the early 1980s as an alternative to the STU-II.
Using the KYK-13 with the Spendex-40 crypto phone

With other devices, the 8-bit CRC is sometimes used as part of the key as well. This is particularly the case with devices that use the NSA's WALBURN encryption algorithm, such as the KG-81 trunk encryption device (TED) and the Philips BVO-T; a TED-compatible encryption device for ZODIAC.

Although with most DS-102 compatible FILL devices the maximum key length is limited to 128 bits, this is not the case for tape-based transfer units like the KOI-18 and the KLL-1.

With these devices, the key length is determined by the length of the 8-level punched paper tape that is fed through its reader. The image on the right shows the handheld KLL-1 made by the German manufacturer ANT, and marketed by ANT, Siemens, Telefunken and Rohde & Schwarz. It is basically a functional clone of the American KOI-18 unit, which was always in short supply.
KLL-1 with open lid

A similar principle was used by cipher machines that were capably of loading the cryptographic keys through a built-in paper tape reader, such as the Philips Aroflex and STK's RACE (KL-51).

SAVILLE secret key structure

For connection between the FILL unit, and a radio or encryption device, most devices used a standard U-229 connector. In many cases, this connector is shared with the audio functions of a military radio, for example for the connection of a handset. This connector has 5 or 6 spring-loaded contacts, and is available in a male and female variant, as shown in the diagram below.

Although each variant has its own specific type number, they are often referred to as U-229/U, or simply U-229, after the female 5-pin cable part. The table below shows the pinout of this connector for the DS-102 standard. On encryption devices this connector is commonly used exclusively for the FILL function, but on radio sets it is often shared with the audio functions.

Pin DS-102 Description Note
A GND Ground (common wire)  
B - Not used  
C ACK FILL request acknowlegment  
D DATA Fill data into radio or crypto device  
E CLK Fill clock into radio or crypto device  
F - -  

 More about the U-229 connector

Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Sunday 11 February 2018. Last changed: Sunday, 11 February 2018 - 13:56 CET.
Click for homepage