Thursday, February 11, 2016

Castle Feuerstein Laboratorium

There are many stories, some more fiction than others, about mysterious Nazi laboratories in dark castle dungeons where SS scientists perform all kinds of occult experiments. Return to Castle Wolfenstein and Mortyr are some well known PC games that portrait the Nazi obsession with the Ahnenerbe, the occult and paranormal experiments. Wewelsburg, the elite SS school and a center for archaeological excavations, is probably the most sinister of all.

What if I told you that scientists, lead by Dokter Oskar Vierling, worked in a secretive laboratorium in Castle Feuerstein. Does this sound to you like a sequel to Castle Wolfenstein? Not quite! Burg Feuerstein, located in Ebermannstadt, close to Nürenberg, was all but fiction. A physicist in a mysterious laboratorium, how could that possibly relate to cryptology and intelligence? Exactly!

Feuerstein was an important target of TICOM, a secret Allied project to capture German scientists and seize SIGINT stations,  cryptographic and communications equipment, just before Germany surrendered. The mission of TICOM (Target Intelligence Committee) was to collect as much as possible German science and technology, preferably before Soviet forces got their hands on it. To achieve this, TICOM sent fast-moving special teams to pre-determined valuable locations inside the collapsing Germany, sometimes ahead of Allied troops.

Burg Feuerstein in Ebermannstadt

Is there a better way to hide a secret laboratorium than to build a typical Frankischen Schweiz style castle on top of a mountain in plain sight? It was so obtrusive that no one would suspect its purpose. Castle Feuerstein was build from scratch in 1941 by Dr Vierling with private funds. He was a physicist, electronics engineer and professor in high-frequency technology and electroacoustics. Laboratorium Feuerstein started its research in 1942 and developed experimental communications systems. At its peak, Feuerstein housed 200 staff and workers. TICOM only learned about Feuerstein's existence from decoded intercepts that referred to its research.

The scientists, lead by Dr Vierling, worked on a variety of projects, including high speed transmitters for covert agents, receivers, wave traps, accurate filter design, speech scramblers, voice frequency spectography, teleprinter cipher (crypto) attachments, improvements on cipher machines, a synchronisation system for the Lorenz SZ42 cipher teleprinter, acoustics and filter components for acoustic torpedoes, anti-radar coating for submarines, a night fighter control system, various frequency generators and an electronic calculator to solve sine and cosine equations. They were a busy bunch!

Dr. Oskar Vierling
Just before the German collapse, Dr Vierling was ordered to relocate his speech projects to Berchtesgaden in the Bavarian Alps and to destroy all other projects and equipment. Vierling, however, had other plans with his Feuerstein legacy. Once the Nazi's were off to Berchtesgaden with the speech equipment, he stored the most valuable equipment and plans in a large bomb proof walk-in vault, hidden behind a false wall in Feuerstein. There, he awaited the end of the war.

Castle Feuerstein was used as a German Army hospital at the time the TICOM team arrived. They rounded up the scientists and Dr Vierling proved very willing to cooperate with TICOM. Vierling and his group rushed to restore the laboratory and continued their work on selected projects under control of TICOM investigators.

NSA's declassified AXIS SIGINT in WWII, Vol II, Notes on German High Level Cryptography and Cryptanalysis contains some interesting crypto related info. The Lorenz SZ-42c cipher teleprinter with synchronisation, named SK-44 and SK-45, would generate and send a continuous pseudo-random five-bit stream. The receiver mixed its identical stream, by XOR-ing, with the incoming stream, resulting in nothing to print, since (K ⊕ K) = 0. When sending a message, the plain teleprinter message was mixed into the stream. The receiver mixed, as usual, the received signal with its own stream, which results in canceling out the stream and the original plain message being printed instantly, since (K ⊕ M) ⊕ K = M.

An eavesdropper would not know if or when the random stream contained an actual message or how long it was, thus effectively preventing traffic analysis. The U.S. Army Security Agency (ASA) suggested that analysis of the continuous mostly non-message-carrying pseudo-random stream, generated by the  SZ-42c, might compromise the machine's secret key settings. This would enable them to predict the stream and decipher all message that follow. The principle of continuous random stream was also used in the 1950s on the more advanced U.S. KWR-37 JASON and KWT-37 Fleet Broadcast crypto system.

Speech scrambling research by Dr Vierling's team produced little result. In 1943, only Dr Vierling and Telefunken still worked on ciphony (encrypted voice) and from 1944 on only Dr Vierling. At war ends, Feuerstein's research on ciphony focused on synthetic speech, encrypted by triple wobbling. The speech was separated in eight frequency bands. These were encrypted in a three stage ring wobbling (shifting the frequencies up and down) where the stage was split in half and these halves wobbled separately. However, speech quality after de-wobbling was very bad and ASA considered the German scientists several years away from developing any usable ciphony.

More details about the Feuerstein laboratory and Dr Vierling's work is available in chapter VIII, page 37 from Volume 8 Miscellaneous (alternative link here) of NSA's declassified files on European Axis Signal Intelligence in World War II. The rebuild of the lab under control of TICOM is described the Interim Report on Laboratorium Feuerstein (first pages are double, start reading from page 5) from the NARA archive. Another excellent source is the TICOM Archive. These documents contain enough inspiration for a few Wolfenstein sequels.

The importance of Feuerstein for TICOM is shown in ASA documents. The Temporary Duty Report of Mr William Friedman, the renowned U.S. cryptologist, is a resume of his tour in Germany from July to September 1945, in cooperation with TICOM. Vierling's Laboratorium, noted as important TICOM target, was one of the sites he visited in July 1945. NSA has a few more documents related to Dr Vierling.

After the war, Prof Dr Oskar Vierling continued working at his 1941 established firm VIERLING GmbH but relocated to Ebermannstadt, a mere kilometer from Castle Feuerstein. He had quite a prolific career, developing crypto machines, covert radio transmitters, eavesdropping devices, radio direction finding and various measuring and test equipment. He worked for Organisation Gehlen (post-war West-German intelligence), its successor Bundesnachrichtendienst (foreign intelligence), Zentralstelle für Chiffrierwesen (central cryptologic service) and the Deutsche Bundespost. From the 1930s until the 1950s he was also an important pioneer in the development of electronic and electro-acoustic instruments.

Due to legal restrictions on crypto export, Dr Vierling sold the rights for his crypto equipment to Crypto AG's predecessor Hagelin Cryptos. NSA archives show that Dr Vierling developed crypto machines in cooperation with ASA and NSA, at least until 1953 (see here and here).

Vierling's firm is currently still located in Ebermannstadt. Today, Burg Feuerstein is a catholic youth center.

Thursday, November 26, 2015

U.S. COMSEC History - Additional Releases

The National Security Agency (NSA) just published an update of the 2007 release of the David Boad lectures on communications security (see my old post). Many blank pages of the old version are now unredacted and show newly released information on various crypto systems, such as the TSEC/KL-7, KW-7, KW-26, KW-37 and one-time pad systems.

After the 2011 FOIA releases of the KL-7 operating instructions, I'm happy to see another bit of information on that pretty crypto machine ooze out of Fort Meade. More on the KL-7 at my website (including an accurate simulation). Of course there's much more to discover in the wonderful David Boak lectures.

The new almost unredacted version:

Friday, November 06, 2015

The Able Archer 1983 Source Book - Finally!

The Cold War was (and actually still is) often far from cold in many Asian, African, Middle Eastern and South American countries. At times, we were much closer to a nuclear war than many ever realised. Two events, however, really stand out if it comes to getting truly at the brink of Armageddon.

The first one was the Cuban missile crisis, caused by the Soviet preparations for installing nuclear missiles at a stone's throw from the United States. The second, lesser known crisis was the Soviet reaction to, or rather perception of, NATO exercise Able Archer. The purpose of Able Archer was to test NATO command level communications and the readiness of nuclear armament in Western Europe, with the exercise scenario ending in a fictitious DEFCON 1 alert. The Soviets believed this exercises to be a cover for an actual nuclear attack by NATO against the Soviet Block.

Today, the National Security Archive released over a thousand declassified pages with details on how the Soviets perceived Able Archer and how the exercise lead them to the idea that the Western Allies were about to launch an all-out war against them. The sources include KGB papers, reports from East Germany's STASI, various Warsaw Pact countries and Western intelligence services. They are a real treasure trove that gives you a front seat in the decision making process and the reactions of the various countries involved. More importantly, these documents finally end the speculations about how scary the 1983 War Scare actually was.

All documents are available at the Able Archer Source Book web page. Before submerging in this fascinating Cold War event, you might first want to read the short recap 1983 - The Brink Of Apocalypse that I wrote some years ago, just to get you in the picture, because exercise Able Archer was only the grand final of various events that culminated into tense nerves at the Kremlin.

The documentation of this 1983 War Scare for the National Security Archive was in large part Nate Jones' project. As FOIA coordinator, he succeeded in getting all these wonderful documents declassified and released. In the video below, Nate explains how the Able Archer Source Book was compiled.

I can highly recommend a visit to the Able Archer Source Book pages, the newest addition at the National Security Archive's Nuclear Vault!

Tuesday, April 07, 2015

Operation Tinker Bell - KGB On The Run Anniversary

I usually write about the real stuff, but I do enjoy creating a fun challenge once in a while. Exactly two years ago I published Operation Tinker Bell, a spy adventure about the hunt for a KGB defector, set at the height of the Cold War. Meanwhile, many participants have already taken up the challenge to unveil the secret behind the KGB defector and it continues to amaze me how many people are attracted to the combination of espionage & cryptology.

Although the story itself is fictional (or maybe not ;-) I took care to make it as realistic as possible, using actual modus operandi of intelligence organisations and their tricks of the trade. Accurate details about organisations, locations and historical facts are woven into the story, submerging the participant in a true Cold War espionage atmosphere. In contrast to my previous challenges, you don't need any cryptologic skills to crack messages. All required keys and tools are provided.

Do you love spy stories, liked watching The Americans on TV or got fascinated by reports about ten Russian sleepers that were caught by the FBI? Then rush to Operation Tinker Bell, visit the briefing and start the hunt for Colonel Rogozin!

Our friend here is on the run for two years now. Can you solve the case?

Tuesday, February 10, 2015

BAPCO 's Use of One Time Pads During WWII

Mounted camel guard at the refinery.
Source: BAPCO
The Bahrain Petroleum Company (BAPCO) was a Canadian subsidiary, founded in 1929 by the American Standard Oil of California (Socal) to run its operations at the Awali oil fields on Bahrain Island at the inlet of the Persian Gulf. BAPCO was one of the companies that became a possible target of Axis forces when Britain declared war on Germany. In 1940, the Bahrain oil refinery was targeted by Italian bombers, forcing the Allies to strengthen Bahrain's defense. Bahrain, in 1943 still a British Protectorate, decided to implement a censorship on messages that were sent over commercial cable and wireless, to prevent disclosure of information that might be useful to the enemy.

This censorship, however, greatly restricted the communications and operations of BAPCO. The majority of their messages contained information about oil production, shipping, personnel and food supply. Those messages fell into three main categories: a) cables that could be sent in plain text without objection, b) security cables that contained information that, in conjunction with other information, might indirectly be useful to the enemy, and c) secret cables that would be of direct use to the enemy if intercepted, such as ship movements, especially oil tankers.

On April 4, 1943, Ward P. Anderson, the general manager and chief local representative of BAPCO, asked E. B. Wakefield, the British Political Agent in Bahrain, permission to encrypted their cables between the local branch and their New York office. This would allow them to send security related cables, at the same time respecting Bahrain's censorship. Anderson proposed a secret company code, superimposed (enciphered a second time) with a transposition cipher for added security.

The Political Resident of the Persian Gulf in Camp Bahrain forwarded the request on April 8 to the Secretary of State for India in London, who approved the use of a secret code, provided that censorship received a plain text version of all messages, sent in that code, BAPCO should continue to send messages through the Navy if they contained vital information that would be of direct use to the enemy, and messages regarding political matters were to be sent through the Political Agent. After consulting the New York office, Ward Anderson agreed to these conditions.

P.A.I.C. in Baghdad asked whether the code had already been vetted for security. As this was not the case, the British Political Resident forwarded the request to SNOPG (Senior Naval Officer in the Persian Gulf) in Basra but they had no officer qualified to vet the code. Therefore, PAIFORCE suggested to vet the code.

The new code, proposed by the California Texas Oil Company, arrived from New York on October 24, and Bahrain forwarded the code on November 10 by courier for examination to the Cipher Security Officer of P.A.I.C. in Baghdad. After reviewing the code, the Security Officer responded that the code offered little resistance against cryptanalysis and provided no security whatsoever.

Note: P.A.I.C. (Persia and Iraq Command) in Baghdad was the headquarters of PAIFORCE (Persia and Iraq Force), the British and Commonwealth military formation in the Middle East from 1942 to 1943.

Surprised by this answer, Ward Anderson explained that the code was allocated by the U.S. Navy Department and considered the most secure known, used for the most secret messages. He clarified that "each page of the pad of sheets is used only once and destroyed after use". He continues, "In fact, the code changes with each succeeding letter of the message. When the pad is exhausted, a new set of pads is produced".

To Anderson, it seemed unlikely that British military authorities would be unfamiliar with the proper use of this type of code, so he asked to verify whether the code was indeed insecure, adding that U.S. authorities would be most interested if the British claims proved correct.

This was probably his polite way to hint the Political Agency and the PAIFORCE Security Officer that they were going to embarrass themselves. To their defense, it might be possible that the code was not accompanied with the complete and proper coding instructions, thus failing to show that the code was for one-time use.

Soon after, the Secretary of State for India in London informed the Political Resident in Bushire, Iran, that the U.S. Chief of Cable Censorship urgently requested permission to use the code, adding that it was a one-time pad, similar to the one used by the Ministry of War Transport in London. P.A.I.C. also received note of this. Apparently, someone pulled some strings.

Subsequently, the Political Resident confirmed to its agency in Bahrain that the code was indeed a one time pad from the U.S. Navy Department. Eventually, the agent informed the BAPCO representative that objection to the code had been withdrawn and that "the one time pad can be used on the understanding that the pad is not worked through more than once".

BAPCO started using the one-time pads as of January 15, 1944, more than eight months after their initial request. Yes, even during wartime, bureaucrats persist. Of course, we have to take in account that transportation and communication means in 1943 were quite different from today, and codes were always transferred safe-hand by courier.

Once the war had ended, BAPCO requested on August 22, 1945 permission from Bahrain to commence the use of the company's own cable code again, as used before the outbreak of hostilities in 1939.

Below one of the BAPCO coded messages from Bahrain to New York, with plain version included, submitted to Censorship as agreed with British authorities.

These archived conversations are a rare example of a commercial firm using the unbreakable one-time pad in the early 1940s. At that time, the use of such strong encryption was generally limited to governments, their military, intelligence agencies and diplomacy. BAPCO's use of one-time pads, allocated to them by the U.S. Navy Department, is a nice example of how government and commercial firms teamed up to ensure the highest level of communications security for those companies that were somehow important to the war effort.

All letters and cables regarding this request for using one-time pads are found in the British Library: India Office Records and Private Papers as File 10/5 BAPCO CODES, reference IOR/R/15/2/423. More examples of coded messages and their plain text version, submitted to censorship, are found in File 10/23 Code Messages - BAPCO, reference IOR/R/15/2/450. These records are archived in the Qatar Digital Library. More on the 1940 bombing raid on Bahrain in the Qatar Library, and an account of the attack on the BAPCO refirey is available at the Saudi Aramco website.

These documents are also unique as a reference, because the use of one-time pads is hardly mentioned in official documents from that era (for obvious security reasons) and they are, as far as I know, the earliest I came across. They confirm the use of one-time letter pads  by Political Residents of the British Imperial Civil Administration, the British Army, the Ministry of War Transport in London and the U.S. Navy, at least as early as 1943. Both British and U.S. authorities were quite familiar with the system and surprisingly even shared it with commercial firms. The archives also show that British Residents in the Middle East regularly received sets of two-way one-time pads.

More historical and technical information about one-time pad is available at my Cipher Machines and Cryptology website.

The Bahrain Petroleum Company (BAPCO), one of the oldest oil companies in the Middle East, was established in 1929 by Standard Oil Company of California. In 1930, BAPCO obtained the only oil concession in Bahrain. In 1936 they discovered the Awali oil field and opened a refinery with a capacity of 10,000 barrels per day. That same year, Standard Oil Company of California signed an agreement with Texaco, creating the joint venture California Texas Oil Company (Caltex). These companies are now known as Chevron and Texaco. The Bahrain government took over all BAPCO shares in 1980 and acquired full ownership in 1997.