- For other uses, see Baton.
While the BATON algorithm itself is secret, the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block in most modes, and also supports a 96-bit electronic codebook mode. 160 bits of the key are checksum material. It supports a "shuffle" mode of operation, like the NSA cipher JUNIPER. It may use up to 192 bits as an initialization vector, regardless of the block size.
BATON is used in a variety of products and standards:
- APCO Project 25 (Public standard for land mobile radio) (Algorithm IDs 01 and 41)
- PKCS#11 (Public standard for encryption tokens)
- CDSA/CSSM (Another public standard)
- HAIPE-IS (NSA's version of IPsec)
- FNBDT (Advanced flexible voice security protocol)
- Thales Datacryptor 2000 (a British network-encryption box)
- SecNet-11 (a crypto-secure 802.11b PC Card, based on the Sierra chip)
- Fortezza Plus (a PC Card product, used in the STE)
- SafeXcel-3340 (a HAIPIS network-encryption box)
- Numerous embeddable encryption modules: AIM, CYPRIS, MYK-85, Sierra (microchip), etc.
- PKCS documentation
- Discussion of BATON
- Quotes about BATON
- Senate security interviewTemplate:Crypto-stub