Secure Telephone Unit Key Generators
- Secure Telephone Unit Key Generators Reviews
- Secure Telephone Unit Key Generators For Sale
- Panasonic Telephone Unit
- Secure Telephone Unit Key Generators Reviews
The Secure Telephone Unit - Third Generation (STU-III) is a low-cost, user-friendly, secure telephone device. The terminals are designed to operate reliably, with high voice quality, as both ordinary telephones and secure instruments over the dial-up public switch telephone network. Scroll to Secure mail key and select Manage secure mail key. If you have more than one email address, select the one you want to use. Select Add secure mail key. Enter a nickname for the secure mail key to make it easier to recognize. Select Create secure mail key. Bitwasp php generate private key generator. Select Copy secure mail key to clipboard. (Jot down your secure mail key, so you have it handy if you have to update an email app on several devices.).
Perfect Passwords GRC's Ultra High Security Password Generator | |
2,571 sets of passwords generated per day 33,541,153 sets of passwords generated for our visitors |
not simple. So here is some totally random raw material, generated just for YOU, to start with. Every time this page is displayed, our server generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use: |
64 random hexadecimal characters (0-9 and A-F):
|
63 random printable ASCII characters:
|
63 random alpha-numeric characters (a-z, A-Z, 0-9):
|
Click your web browser's 'refresh' button a few times and watch the password strings change each time. What makes these perfect and safe? Also, because this page will only allow itself to be displayed over a snoop-proof and proxy-proof high-security SSL connection, and it is marked as having expired back in 1999, this page which was custom generated just now for you will not be cached or visible to anyone else. Therefore, these password strings are just for you. No one else can ever see them or get them. You may safely take these strings as they are, or use chunks from several to build your own if you prefer, or do whatever you want with them. Each set displayed are totally, uniquely yours — forever. The 'Application Notes' section below discusses various aspects of using these random passwords for locking down wireless WEP and WPA networks, for use as VPN shared secrets, as well as for other purposes. The 'Techie Details' section at the end describes exactly how these super-strong maximum-entropy passwords are generated (to satisfy the uber-geek inside you). |
Secure Telephone Unit Key Generators Reviews
Application Notes: A note about 'random' and 'pseudo-random' terminology: There are ways to generate absolutely random numbers, but computer algorithms cannot be used for that, since, by definition, no deterministic mathematical algorithm can generate a random result. Electrical and mechanical noise found in chaotic physical systems can be tapped and used as a source of true randomness, but this is much more than is needed for our purposes here. High quality algorithms are sufficient. The deterministic binary noise generated by my server, which is then converted into various displayable formats, is derived from the highest quality mathematical pseudo-random algorithms known. In other words, these password strings are as random as anything non-random can be. This page's password 'raw material': 64 hex characters = 256 binary bits: |
|
Each of the 64 hexadecimal characters encodes 4 bits of binary data, so the entire 64 characters is equivalent to 256 binary bits — which is the actual binary key length used by the WiFi WPA pre-shared key (PSK). Some WPA-PSK user interfaces (such as the one in Windows XP) allows the 256-bit WPA pre-shared key to be directly provided as 64 hexadecimal characters. This is a precise means for supplying the WPA keying material, but it is ONLY useful if ALL of the devices in a WPA-protected WiFi network allow the 256-bit keying material to be specified as raw hex. If any device did not support this mode of specification (and most do not) it would not be able to join the network. Using fewer hex characters for WEP encryption: WEP key strength (key length) is sometimes confusing because, although there are only two widely accepted standard lengths, 40-bit and 104-bit, those lengths are sometimes confused by adding the 24-bit IV (initialization vector) counter to the length, resulting in 64-bit and 128-bit total key lengths. However, the user only ever specifies a key of either 40 or 104 binary bits. Since WEP keys should always be specified in their hexadecimal form to guarantee device interaction, and since each hex digit represents 4 binary bits of the key, 40 and 104 bit keys are represented by 10 and 26 hex digits respectively. So you may simply snip off whatever length of random hex characters you require for your system's WEP key. Note that if all of your equipment supports the use of the new longer 256/232 bit WEP keys, you would use 232/4 or 58 hexadecimal characters for your pre-shared key.
|
|
The more 'standard' means for specifying the 256-bits of WPA keying material is for the user to specify a string of up to 63 printable ASCII characters. This string is then 'hashed' along with the network's SSID designation to form a cryptographically strong 256-bit result which is then used by all devices within the WPA-secured WiFi network. (The ASCII character set was updated to remove SPACE characters since a number of WPA devices were not handling spaces as they should.)
|
|
If some device was not following the WiFi Alliance WPA specification by not hashing the entire printable ASCII character set correctly, it would end up with a different 256-bit hash result than devices that correctly obeyed the specification. It would then be unable to connect to any network that uses the full range of printable ASCII characters. Since we have heard unconfirmed anecdotal reports of such non-compliant WPA devices (and since you might have one), this page also offers 'junior' WPA password strings using only the 'easy' ASCII characters which even any non-fully-specification-compliant device would have to be able to properly handle. If you find that using the full random ASCII character set within your WPA-PSK protected WiFi network causes one of your devices to be unable to connect to your WPA protected access point, you can downgrade your WPA network to 'easy ASCII' by using one of these easy keys. And don't worry for a moment about using an easy ASCII key. If you still use a full-length 63 character key, your entire network will still be EXTREMELY secure. And PLEASE drop us a line to let us know that you have such a device and what it is!
When these passwords are used to generate pre-shared keys for protecting WPA WiFi and VPN networks, the only known attack is the use of 'brute force' — trying every possible password combination. Brute force attackers hope that the network's designer (you) were lazy and used a shorter password for 'convenience'. So they start by trying all one-character passwords, then two-character, then three and so on, working their way up toward longer random passwords.
Note that while this 'the longer the better' rule of thumb is always true, long passwords won't protect legacy WEP-protected networks due to well known and readily exploited weaknesses in the WEP keying system and its misuse of WEP's RC4 encryption. With WEP protection, even a highly random maximum-entropy key can be cracked in a few hours. (Listen to Security Now! episode #11 for the full story on cracking WEP security.)
|
While the diagram above might at first seem a bit confusing, it is a common and well understood configuration of standard cryptographic elements. A succinct written description of the algorithm would read: 'Rijndael (AES) block encryption of never-repeating counter values in CBC mode.' CBC stands for 'Cipher Block Chaining' and, as I describe in detail in the second half of Security Now! Episode #107, CBC provides necessary security in situations where some repetition or predictability of the 'plaintext' message is present. Since the 'plaintext' in this instance is a large 128-bit steadily-increasing (monotonic) counter value (which gives us our guaranteed never-to-repeat property, but is also extremely predictable) we need to scramble it so that the value being encrypted cannot be predicted. This is what 'CBC' does: As the diagram above shows, the output from the previous encryption operation is 'fed back' and XOR-mixed with the incrementing counter value. This prevents the possibility of determining the secret key by analysing successive counter encryption results. One last detail: Since there is no 'output from the previous encryption' to be used during the encryption of the first block, the switch shown in the diagram above is used to supply a 128-bit 'Initialization Vector' (which is just 128-bits of secret random data) for the XOR-mixing of the first counter value. Thus, the first encryption is performed on a mixture of the 128-bit counter and the 'Initialization Vector' value, and subsequent encryptions are performed on the mixture of the incrementing counter and the previous encrypted result. The result of the combination of the 256-bit Rijndael/AES secret key, the unknowable (therefore secret) present value of the 128-bit monotonically incrementing counter, and the 128-bit secret Initialization Vector (IV) is 512-bits of secret data providing extremely high security for the generation of this page's 'perfect passwords'. No one is going to figure out what passwords you have just received. How much security do 512 binary bits provide? Well, 2^512 (2 raised to the power of 512) is the total number of possible combinations of those 512 binary bits — every single bit of which actively participates in determining this page's successive password sequence. 2^512 is approximately equal to: 1.34078079 x 10^154, which is this rather amazing number:
|
Gibson Research Corporation is owned and operated by Steve Gibson. The contents of this page are Copyright (c) 2016 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy. |
The National Security Agency took over responsibility for all U.S. Governmentencryption systems when it was formed in 1952. The technical details of most NSA-approved systems are still classified, but much more about its early systems have become known and its most modern systems share at least some features with commercial products.
Rotor machines from the 1940s and 1950s were mechanical marvels. The first generation electronic systems were quirky devices with cantankerous punched card readers for loading keys and failure-prone, tricky-to-maintain vacuum tube circuitry. Late 20th century systems are just black boxes, often literally. In fact they are called blackers in NSA parlance because they convert plaintext classified signals (red) into encrypted unclassified ciphertext signals (black). They typically have electrical connectors for the red signals, the black signals, electrical power, and a port for loading keys. Controls can be limited to selecting between key fill, normal operation, and diagnostic modes and an all important zeroize button that erases classified information including keys and perhaps the encryption algorithms. 21st century systems often contain all the sensitive cryptographic functions on a single, tamper-resistant integrated circuit that supports multiple algorithms and allows over-the-air or network re keying, so that a single hand-held field radio, such as the AN/PRC-148 or AN/PRC-152, can interoperate with most current NSA cryptosystems.
Security factors[edit]
NSA has to deal with many factors in ensuring the security of communication and information (COMSEC and INFOSEC in NSA jargon):
- Confidentiality and authentication - making sure messages cannot be read by unauthorized people and that they cannot be forged (nonrepudiation). Little is publicly known about the algorithms NSA has developed for protecting classified information, what NSA calls Type 1 algorithms. In 2003, for the first time in its history, NSA approved two published algorithms, Skipjack and AES for Type 1 use in NSA approved systems.
- Traffic flow security - making sure an adversary cannot obtain information from traffic analysis, often accomplished by link encryption.
- Key management - getting keys securely to thousands of crypto boxes in the field, perhaps the most challenging part of any encryption system. One NSA goal is benign fill (technology for distributing keys in a way that the humans never have access to plaintext key).
- Investigative access - making sure encrypted communications are accessible to the U.S. Government. While few would argue with the need for the government to access its own internal communications, the NSA Clipper chip proposal to extend this key escrow requirement to public use of cryptography was highly controversial.
- TEMPEST - protecting plaintext from compromise by electronic, acoustic or other emanations.
- Tamper resistance, tamper-evident, self-destruct - ensuring security even if encryption systems are physically accessed without authorization or are captured.
- Meeting military specifications for size, weight, power consumption, MTBF and ruggedness to fit in mobile platforms.
- Electromagnetic pulse hardening - protecting against nuclear explosion effects, particularly electromagnetic pulse.
- Ensuring compatibility with military and commercial communication standards.
- Controlling cost - making sure encryption is affordable so units that need it have it. There are many costs beyond the initial purchase price, including the manpower to operate and maintain the systems and to ensure their security and the cost of key distribution.
- Enabling secure communication with NATO, allied and coalition forces without compromising secret methods.
Five generations of NSA encryption[edit]
The large number of encryption systems that NSA has developed in its half century of operation can be grouped into five generations (decades given are very approximate):
First generation: electromechanical[edit]
First generation NSA systems were introduced in the 1950s and were built on the legacy of NSA's World War II predecessors and used rotor machines derived from the SIGABA design for most high level encryption; for example, the KL-7. Key distribution involved distribution of paper key lists that described the rotor arrangements, to be changed each day (the cryptoperiod) at midnight, GMT. The highest level traffic was sent using one-time tape systems, including the British 5-UCO, that required vast amounts of paper tape keying material.[1]:p. 39 ff
Second generation: vacuum tubes[edit]
Second generation systems (1970s) were all electronic designs based on vacuum tubes and transformer logic. Algorithms appear to be based on linear feedback shift registers, perhaps with some non-linear elements thrown in to make them more difficult to cryptanalyze. Keys were loaded by placing a punched card in a locked reader on the front panel.[2] The cryptoperiod was still usually one day. These systems were introduced in the late 1960s and stayed in use until the mid-1980s. They required a great deal of care and maintenance, but were not vulnerable to EMP. The discovery of the Walker spy ring provided an impetus for their retirement, along with remaining first generation systems.
Third generation: integrated circuits[edit]
Third generation systems (1980s) were transistorized and based on integrated circuits and likely used stronger algorithms. They were smaller and more reliable. Field maintenance was often limited to running a diagnostic mode and replacing a complete bad unit with a spare, the defective box being sent to a depot for repair. Keys were loaded through a connector on the front panel. NSA adopted the same type of connector that the military used for field radio handsets as its fill connector. Keys were initially distributed as strips of punched paper tape that could be pulled through a hand held reader (KOI-18) connected to the fill port. Other, portable electronic fill devices (KYK-13, etc.) were available as well.
Fourth generation: electronic key distribution[edit]
Fourth generation systems (1990s) use more commercial packaging and electronic key distribution. Integrated circuit technology allowed backward compatibility with third generation systems. Security tokens, such as the KSD-64 crypto ignition key (CIK) were introduced. Secret splitting technology allows encryptors and CIKs to be treated as unclassified when they were separated. Later the Fortezza card, originally introduced as part of the controversial Clipper chip proposal, were employed as tokens. Cryptoperiods were much longer, at least as far as the user was concerned. Users of secure telephones like the STU-III only have to call a special phone number once a year to have their encryption updated. Public key methods (FIREFLY) were introduced for electronic key management (EKMS). Keys could now be generated by individual commands instead of coming from NSA by courier. A common handheld fill device (the AN/CYZ-10) was introduced to replace the plethora of devices used to load keys on the many third generation systems that were still widely used. Encryption support was provided for commercial standards such as Ethernet, IP (originally developed by DOD'sARPA), and optical fiber multiplexing. Classified networks, such as SIPRNet (Secret Internet Protocol Router Network) and JWICS (Joint Worldwide Intelligence Communications System), were built using commercial Internet technology with secure communications links between 'enclaves' where classified data was processed. Care had to be taken to ensure that there were no insecure connections between the classified networks and the public Internet.
Fifth generation: network-centric systems[edit]
In the twenty-first century, communication is increasingly based on computer networking. Encryption is just one aspect of protecting sensitive information on such systems, and far from the most challenging aspect. NSA's role will increasingly be to provide guidance to commercial firms designing systems for government use. HAIPE solutions are examples of this type of product (e.g., KG-245A [permanent dead link] and KG-250 ). Other agencies, particularly NIST, have taken on the role of supporting security for commercial and sensitive but unclassified applications. NSA's certification of the unclassified NIST-selected AES algorithm for classified use 'in NSA approved systems' suggests that, in the future, NSA may use more non-classified algorithms. The KG-245A and KG-250 use both classified and unclassified algorithms. The NSA Information Assurance Directorate is leading the Department of Defense Cryptographic Modernization Program, an effort to transform and modernize Information Assurance capabilities for the 21st century. It has three phases:
- Replacement- All at risk devices to be replaced.
- Modernization- Integrate modular programmable/embedded crypto solutions.
- Transformation- Be compliant to Global Information Grid/NetCentric requirements.
NSA has helped develop several major standards for secure communication: the Future Narrow Band Digital Terminal (FNBDT) for voice communications, High Assurance Internet Protocol Interoperability Encryption- Interoperability Specification (HAIPE) for computer networking and Suite B encryption algorithms.
NSA encryption by type of application[edit]
The large number of encryption systems that NSA has developed can be grouped by application:
Sep 26, 2019 Generating an SSH key. To generate an SSH key with PuTTYgen, follow these steps: Open the PuTTYgen program. For Type of key to generate, select SSH-2 RSA. Click the Generate button. Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair. Type a passphrase in the Key passphrase field. When you use ssh-keygen -t rsa to generate a SSH key and it prompts you to. Enter file in which to save the key (/Users/iamarasekera/.ssh/idrsa): Do not give any file name. Instead, just press 'Enter' key and go ahead. Then it will create.ssh folder and inside that folder it will generate. Generate ssh key on folder. To generate the public/private key pair, enter this in the Command Prompt: ssh-keygen At the first prompt, “Enter file in which to save the key,” press Enter to save it in the default location. Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed.
Record traffic encryption[edit]
During World War II, written messages (known as record traffic) were encrypted off line on special, and highly secret, rotor machines and then transmitted in five letter code groups using Morse code or teletypewriter circuits, to be decrypted off-line by similar machines at the other end. The SIGABA rotor machine, developed during this era continued to be used until the mid-1950s, when it was replaced by the KL-7, which had more rotors.
The KW-26 ROMULUS was a second generation encryption system in wide use that could be inserted into teletypewriter circuits so traffic was encrypted and decrypted automatically. It used electronic shift registers instead of rotors and became very popular (for a COMSEC device of its era), with over 14,000 units produced. It was replaced in the 1980s by the more compact KG-84, which in turn was superseded by the KG-84-interoperable KIV-7.
Fleet broadcast[edit]
U.S. Navy ships traditionally avoid using their radios to prevent adversaries from locating them by direction finding. The Navy also needs to maintain traffic security, so it has radio stations constantly broadcasting a stream of coded messages. During and after World War II, Navy ships copied these fleet broadcasts and used specialized call sign encryption devices to figure out which messages were intended for them. The messages would then be decoded off line using SIGABA or KL-7 equipment.
The second generation KW-37 automated monitoring of the fleet broadcast by connecting in line between the radio receiver and a teleprinter. It, in turn, was replaced by the more compact and reliable third generation KW-46.
Strategic forces[edit]
NSA has the responsibility to protect the command and control systems for nuclear forces. The KG-3X series is used in the U.S. government's Minimum Essential Emergency Communications Network and the Fixed Submarine Broadcast System used for transmission of emergency action messages for nuclear and national command and control of U.S. strategic forces. The Navy is replacing the KG-38 used in nuclear submarines with KOV-17 circuit modules incorporated in new long-wave receivers, based on commercial VME packaging. In 2004, the U.S. Air Force awarded contracts for the initial system development and demonstration (SDD) phase of a program to update these legacy generation systems used on aircraft.
Trunk encryption[edit]
Modern communication systems multiplex many signals into wideband data streams that are transmitted over optical fiber, coaxial cable, microwave relay, and communication satellites. These wide-band circuits require very fast encryption systems.
The WALBURN family (KG-81, KG-94/194, KG-94A/194A, KG-95) of equipment consists of high-speed bulk encryption devices used primarily for microwave trunks, high-speed land-line circuits, video teleconferencing, and T-1 satellite channels. Another example is the KG-189, which support SONET optical standards up to 2.5 Gbit/s.
Digital Data encryptors such as KG-84 family which includes the TSEC/KG-84, TSEC/KG-84A and TSEC/KG-82, TSEC/KG-84A and TSEC/KG-84C, also the KIV-7.
Voice encryption[edit]
True voice encryption (as opposed to less secure scrambler technology) was pioneered during World War II with the 50-ton SIGSALY, used to protect the very highest level communications. It did not become practical for widespread use until reasonable compact speech encoders became possible in the mid-1960s. The first tactical secure voice equipment was the NESTOR family, used with limited success during the Vietnam war. Other NSA voice systems include:[1]:Vol I, p.57ff
- STU I and STU II - These systems were expensive and cumbersome and were generally limited to the highest levels of command
- STU-III - These telephone sets operated over ordinary telephone lines and featured the use of security tokens and public key cryptography, making them much more user friendly. They were very popular as a result. Used since the 1980s, this device is rapidly being phased out, and will no longer be supported in the near future.
- 1910 Terminal - Made by a multiple of manufacturers, this device is mostly used as a secure modem. Like the STU-III, new technology has largely eclipsed this device, and it is no longer widely used.
- HY-2 a vocoder for long haul circuits designed to work with the KG-13 key generator.
- Secure Terminal Equipment (STE) - This system is intended to replace STU-III. It uses wide-bandwidth voice transmitted over ISDN lines. There is also a version which will communicate over a PSTN (Public Switched Telephone Network) line. It can communicate with STU-III phones and can be upgraded for FNBDT compatibility.
- Sectéra Secure Module - A module that connects to the back of a commercial off the shelf cellular phone. It uses AES or SCIP for encryption.
- OMNI - The OMNI terminal, made by L3 Communications, is another replacement for STU-IIIs. This device uses the FNBDT key and is used to securely send voice and data over the PSTN and ISDN communication systems.
- VINSON A series of systems for tactical voice encryption including the KY-57 man portable unit and KY-58 for aircraft
- HAVE QUICK and SINCGARS use NSA-supplied sequence generators to provide secure frequency hopping
- Future Narrowband Digital Terminal (FNBDT) - Now referred to as the 'Secure Communications Interoperability Protocol' (SCIP), the FNBDT is a replacement for the wide-band STE, which uses narrow-bandwidth communications channels like cellular telephone circuits, rather than ISDN lines. The FNBDT/SCIP operates on the application layer of the ISO/OSI Reference Model, meaning that it can be used on top of different types of connections, regardless of the establishment method. It negotiates with the unit at the other end, much like a dial-up modem.
- Secure Iridium - NSA helped add encryption to the Iridium commercial mobile phones after it rescued the bankrupt Iridium.
- Fishbowl - In 2012, NSA introduced an Enterprise Mobility Architecture intended to provide a secure VoIP capability using commercial grade products and an Android-based mobile phone called Fishbowl that allows classified communications over commercial wireless networks.[3]
The operational complexity of secure voice played a role in the September 11, 2001 attacks on the United States. According to the 911 Commission, an effective U.S. response was hindered by an inability to set up a secure phone link between the National Military Command Center and the Federal Aviation Administration personnel who were dealing with the hijackings. SeeCommunication during the September 11, 2001 attacks.
Wikimedia Commons has media related to Voice encryption devices in the National Cryptologic Museum. |
Internet[edit]
NSA has approved a variety of devices for securing Internet Protocol communications. These have been used to secure the Secret Internet Protocol Router Network (SIPRNet), among other uses.
The first commercial network layer encryption device was the Motorola Network Encryption System (NES). The system used the SP3 and KMP protocols defined by the NSA Secure Data Network System (SDNS) and were the direct precursors to IPsec. The NES was built in a three part architecture that used a small cryptographic security kernel to separate the trusted and untrusted network protocol stacks.[4]
The SDNS program defined a Message Security Protocol (MSP) that was built on the use X.509 defined certificates. The first NSA hardware built for this application was the BBN Safekeeper.[5] The Message Security Protocol was a precursor to the IETF Privacy Enhance Mail (PEM) protocol. The BBN Safekeeper provided a high degree of tamper resistance and was one of the first devices used by commercial PKI companies.
Field authentication[edit]
NSA still supports simple paper encryption and authentication systems for field use such as DRYAD.
Public systems[edit]
Secure Telephone Unit Key Generators For Sale
NSA has participated in the development of several encryption systems for public use. These include:
- Suite B - a set of public key algorithm standards based on elliptic curve cryptography.
- Advanced Encryption Standard (AES) - an encryption algorithm, selected by NIST after a public competition. In 2003, NSA certified AES for Type 1 use in some NSA-approved systems.
- Secure Hash Algorithm - a widely used family of hash algorithms developed by NSA based on earlier designs by Ron Rivest.
- Data Encryption Standard (DES)[6]
- Skipjack - the cipher developed for Clipper and finally published in 1998.
- Clipper chip - a controversial failure that convinced NSA that it was advisable to stay out of the public arena.
- Security-Enhanced Linux - not strictly an encryption system, but a recognition that in the 21st century, operating system improvements are more vital to information security than better ciphers.
- The Speck and Simon light-weight Block ciphers, published in 2013.
Panasonic Telephone Unit
References[edit]
Secure Telephone Unit Key Generators Reviews
- ^ abA History of U.S. Communications Security; the David G. Boak Lectures, National Security Agency (NSA), Volumes I, 1973, Volumes II 1981, partially released 2008, additional portions declassified October 14, 2015
- ^Melville Klein, 'Securing Record Communications: The TSEC/KW-26', 2003, NSA brochure, p. 4, (PDF)
- ^'Archived copy'(PDF). Archived from the original on March 1, 2012. Retrieved 2012-03-02.CS1 maint: archived copy as title (link) CS1 maint: BOT: original-url status unknown (link)
- ^https://www.google.com/patents/EP0435094B1
- ^Nancy Cox (1999). Electronic Messaging. CRC Press. p. 566. ISBN978-0-8493-9825-4.
- ^Thomas R. Johnson (2009-12-18). 'American Cryptology during the Cold War, 1945-1989.Book III: Retrenchment and Reform, 1972-1980, page 232'(PDF). NSA, DOCID 3417193. Archived from the original(PDF) on 2010-05-27. Retrieved 2010-01-03.
Sources[edit]
Wikimedia Commons has media related to NSA encryption devices. |