BATON
BATON is a Type 1 block cipher in use since at least 1995 by the United States government to secure classified information.
| General | |
|---|---|
| Designers | National Security Agency |
| Cipher detail | |
| Key sizes | 320 bits (160 effective) |
| Block sizes | 96, 128 bits |
While the BATON algorithm itself is secret (as is the case with all algorithms in the NSA's Suite A), the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block in most modes, and also supports a 96-bit electronic codebook mode. 160 bits of the key are checksum material. It supports a "shuffle" mode of operation, like the NSA cipher JUNIPER. It may use up to 192 bits as an initialization vector, regardless of the block size.[1]
In response to a Senate question about encrypted video links, NSA said that BATON could be used for encryption at speeds higher than those possible with Skipjack.[2]
Usage
BATON is used in a variety of products and standards:
- APCO Project 25 (Public standard for land mobile radio) (Algorithm IDs 01 and 41)
- PKCS#11 (Public standard for encryption tokens)
- CDSA/CSSM (Another public standard)
- HAIPE-IS (NSA's version of IPsec)
- FNBDT (Advanced flexible voice security protocol)
- Thales Datacryptor 2000 (a British network-encryption box)
- SecNet-11 (a crypto-secure 802.11b PC Card, based on the Sierra chip)
- Fortezza Plus (a PC Card product, used in the STE)
- SafeXcel-3340 (a HAIPIS network-encryption box)
- Numerous embeddable encryption modules: AIM, CYPRIS, MYK-85, Sierra (microchip), etc.
