From Wikipedia, the free encyclopedia
DesignersNational Security Agency
Cipher detail
Key sizes320 bits (160 effective)
Block sizes96, 128 bits

BATON is a Type 1 block cipher in use since at least 1995 by the United States government to secure classified information.

While the BATON algorithm itself is secret (as is the case with all algorithms in the NSA's Suite A), the public PKCS#11 standard includes some general information about how it is used. It has a 320-bit key and uses a 128-bit block in most modes, and also supports a 96-bit electronic codebook mode. 160 bits of the key are checksum material. It supports a "shuffle" mode of operation, like the NSA cipher JUNIPER. It may use up to 192 bits as an initialization vector, regardless of the block size.[1]

In response to a Senate question about encrypted video links, the NSA said that BATON could be used for encryption at speeds higher than those possible with Skipjack.[2]


BATON is used in a variety of products and standards:

See also[edit]


External links[edit]