Tuesday, December 14, 2021

Russia’s Modern Early Warning Systems

Duga-1 OTH Receiver
Source: Ingmar Runge
During the Cold War, the Soviet Union developed various early warning systems to detect the launch of  intercontinental ballistic missiles (ICBMs).

The Duga OTH (over-the-horizon) radar was a well known example. Although top secret at the time, the Duga soon got nicknamed "the woodpecker" in the West because of its characteristic repetitive tapping noise that disrupted HF utility and communications signals across the world. By the mid-1980s it became clear that the Duga's technology at the time was inadequate. More about the Duga radar in our Mysterious Cold War Signals.

With the Duga radars no longer operational, what other systems protected the Soviet Union and now Russia? The SPRN System Warning on Missile Attack (Rus. Sistema Preduprezhdeniya o Raketnom Napadenii = СПРН Система предупреждения о ракетном нападении) consist of both satellites and land-based radar.

Early Soviet Satellite Program
The Soviet Око program (Eng. eye) to develop early warning satellites was already initiated in the late 1960s. Its first US-K satellite Космос-520 (Eng. Cosmos) was launched in 1972. To this day, all early warning satellites are designated Космос, followed by a three or four-digit number.

This first generation US-K Managed Satellite Continental (Rus. Upravlyayemyy Sputnik Kontinental'nyy = УС-К Управляемый Спутник Континентальный) was placed in a highly elliptical Molniya orbit.  The similar US-KS Managed Satellite Continental Stationary (Rus. Upravlyayemyy Sputnik Kontinental'nyy Statsionarnyy = УС-КС Управляемый Спутник Континентальный Стационарный) was placed in geosynchronous orbit. More on orbits in the further reading links.

US-K and US-KS Satellite
The first 13 US-K satellites, launched between 1972 and 1979, were very unreliable and short-lived. The following US-K and US-KS satellites were launched from 1979, with the first combat ready in 1982. In total, 86 US-K and 7 US-KS satellites were launched between 1972 and 2010. The large number of satellites was due to their limited lifespan, on average 2 to 4 years, largely determined by their liquid-fuel reserve for the orbit correction engines.

They carried a stabilized infrared telescope with 50 cm mirror to detect missile exhaust heat and were also equipped with multiple smaller telescopes. They didn't always work flawlessly, with dangerous consequences, as you can read in our 3 Seconds from World War 3.

Second Generation Око-1 with Issues

The second generation satellites from the Око-1 program launched between 1991 and 2012 eight US-KMO Managed Satellite Control Ocean Seas (Rus. Upravlyayemyy Sputnik Kontrol' Morey Okeanov = УС-КМО Управляемый Спутник Контроль Морей Океанов) in a geosynchronous orbit, with an expected lifespan of 5 to 7 years, which they never lived up to.

US-KMO Satellite
Source: Novosti Kosmonavtik
The US-KMO had a 100 cm mirror and could also detect submarine-launched ballistic missiles (SLBMs). However, they proved very unreliable to detect such missile launches and several failed after a few months.  They are no longer operational since 2014. Only two older US-KS satellites remained in orbit.
The Unified Space System

From 2015 on, the US-КMO satellites were gradually replaced by the new generation Tundra satellites (Тундра), part of the EKS Unified Space System - Detection and Combat Control (Rus. Edinoy Kosmicheskoy Sistemy Obnaruzheniya i Boyevogo Upravleniya = ЕКСОиБУ Единой космической системы обнаружения и боевого управления), also known as Kupol (Купол).
A this moment, five Tundra satellites are in a Molniya orbit, despite the satellite's name suggesting the highly elliptical geosynchronous Tundra orbit (taking a full sidereal day) which has a closed figure 8 ground track with a small fast loop and a large slow loop (apogee dwell). Tundra's large slow loop provides very long coverage of the designated area, requiring only two satellites for continuous cover versus three with Molniya orbit (half a sidereal day). The Molniya orbit might be chosen because it requires less launch energy than a Tundra orbit (a sidereal day is one Earth rotation of 23h 56m 04s).

At Gunter's Space Page more details on the US-K, UK-KS, US-KMO and Tundra satellites. The US-K was carried in orbit with the Molniya-M launcher, both US-KS and US-KMO with the Proton-K launcher, and the Tundra with Soyuz-2-1b Fregat. The contractor for most of the satellites is Kometa Corporation (translation), previously known as TsNII Kometa. The Tundra is manufactured by RKK Energia.

Today's Early Warning Radar

The Russian Federation also revived the long-distance early warning capabilities to track ballistic missiles with a new generation of radar, called 77Ya6 Voronezh (Rus. 77Я6 Воронеж). The NIIDAR scientific research institute initiated its research for early warning radar in the late 1970s.

The Voronezh  is a line-of-sight phased array radar, a fixed antenna that directs its radar beam electronically. There are five different types. The Voronezh-M (VHF), DM (UHF), VP (high-power VHF), SM (SHF) and MSM (dual VHF-SHF). They have a range up to 6000 km (3728 mi) and can track 500 targets simultaniously. The first Voronezh on actual combat duty operates since 2009. Meanwhile, seven of ten planned radars are operational across Russia.

Voronezh-M Radar in Lekhtusi, Leningrad region (source Russian Army)

The Voronezh is  the first radar of VZG High Factory Readiness (ВЗГ - высокой заводской готовности). Its factory-made modular structures allow fast construction, between one and two years. More technical information and many detailed images of the Voronezh radar at Military Russia blog (translation) and at New Defense Order (translation).

One Voronezh-DM radar is located near Pionersky, a city in the Kaliningrad oblast. This is a quite unique but smartly chosen location, as Kaliningrad is today completely surrounded by Poland and Lithuania, two EU countries that are also NATO members.

Kaliningrad was previously the East Prussian city Königsberg, part of Germany. After the Second World War, Kaliningrad became part of the Soviet Union and the Kaliningrad oblast became an administrative part of the Russian Federation in 1991. This required special travel arrangements for the inhabitants, enclosed between Poland and Lithuania. An early warning system for nuclear missiles inside the territory of the main adversary? That's as close as it gets!

на новой суперсовременной РЛС семейства Воронеж
State-of-the-art radar of Voronezh family (auto-translate available)

50 лет назад создана система предупреждения о ракетном нападении
Missile attack warning system created 50 years ago
(auto-translate available)

Further Reading and Technical Details

Satellites and Orbits
Early Warning Systems
         Satellite Manufacturers

More Related on This Blog

Tuesday, November 30, 2021

The Agent - KGB Illegal Jack Barsky's Story

A new 12-episode podcast series brings the extraordinary life of a young student turned spy. The life of talented East German student Albrecht Dittrich took an irreversible turn when he decided to accept an invitation to work for the almighty Russian KGB. He was sent to Moscow and trained extensively to become an illegal agent, the elite among spies.

Albrecht Dittrich arrived in the United States in 1978 and developed a new life under the name Jack Barsky. A decade later, in a risky move, he cut ties with the KGB. By 1997, Jack Barsky had become a family man with a successful career, living the American dream, when his past caught up with him and his fate was in the hands of the FBI.

In 2017, Jack Barsky wrote the book Deep Undercover, detailing his life and career as a spy. The book is a real page-turner that gives a unique look into his life, the training as KGB illegal and working in the United States.

In the new podcast series, he tells the story in his own words. In 12 episodes, you will you crawl under Jack's skin and listen how real spies are literally created, and how they operate. The podcast is an excellent additional spoken account of his life as KGB agent, with many new details. I can highly recommend the book, but hearing the story, told by Jack himself, is a truly fascinating.
The Agent is available on all popular podcast platforms, with each Monday a new episode. A production of Imperative Entertainment, produced and edited by Jason Hoch, narrated by Alden Ehrenreich and, of course, by Jack Barsky himself.
See also the Book review of  Deep Undercover on our blog. Read more about Jack Barsky on our blog.

Thursday, September 09, 2021

The KL-7 on Merchant Ships during the Falklands War

The KL-7 © Photo Dirk Rijmenants

The TSEC/KL-7 was the first tactical lightweight electronic crypto machine, developed by the National Security Agency (NSA). In 1952, this cryptologic marvel was introduced as standard crypto device for the U.S. military. Soon after, NSA proposed to share the KL-7 with NATO allies to improve communications security.

The machine had excellent cryptographic properties and was certified for top secret messages. NSA did recognized that its cryptographic principles eventually would also find their way to non-military use in NATO countries, or might even end up in Soviet hands. Still, having such strong encryption, the machine was never meant to end up in non-government civilian hands. Nevertheless, there are a few rare cases when civilians did work with the KL-7.

One such case were civilian radio officers on merchant ships during the 1982 Falklands War. The Falkland Islands (Malvinas in Spanish) is British overseas territory, disputed since long by Argentina. On April 2, Argentina invaded the Falklands and the British government sent a huge naval task force with two aircraft carriers, 65 Royal Navy and Fleet Auxiliary vessels, 62 merchant ships and two ocean liners that carried two brigades.

To sail that task force 6500 nautical miles or 12.000 Km across the Atlantic was an enormous logistic operation and they needed vast quantities of fuel for the trip and to keep the task force operational near the Falklands. The British Ministry of Defense chartered a large number of commercial merchant ships to support the operation, a procedure called STUFT (Ships Taken Up From Trade).

One of these STUFT ships was the Eburna tanker that carried fuel oil, diesel and aviation fuel which had to be transferred by RAS (replenishment at sea) to other ships. This involved two ships steaming alongside each other at close range while maintaining a steady speed throughout complex anti-submarine manoeuvres. The communications between the task force and the STUFT ships had to be secure and the Eburna radio room received a KL-7.

The Eburna fuel tanker (source: helderline.com)

Bernard Kates was the radio officer on the Eburna. He had no experience at all with naval communications nor crypto systems and had learn the basics of cryptography and operating the KL-7 within very short time. Fortunately, he had a radio officer from the Royal Fleet Auxiliary who knew the KL-7 very well, as assistant.
They received encrypted traffic by teleprinter broadcast (FEC mode) via Portishead Radio and transmitted Eburna's encrypted replies using ARQ (Automatic Repeat Request protocol). They managed to keep the radio room going, processed encrypted traffic and maintained a 24 hour watch on the UHF tactical net.

Their KL-7 had an extension to read punched tape and they attempted to receive traffic by setting the teleprinter to copy to both tape and paper, but as traffic was too heavy and mixed with messages from many other ships they had trouble separating the punched tapes correctly. They therefore let the teleprinter simply print the messages and then typed the ciphertext onto the KL-7. The deciphered text, printed on gummed tape, was stuck onto a message form and delivered to the Captain, although they sometimes had to translated the "navy-speak" into plain English to make it understandable to their civilian Captain.

The system indicator "FDDND" was always the first group of ciphertext. They would set up the KL-7 following the key setting instructions for that day, then switch it to "P" and type in that group, then switch to "E" and do the encryption. The daily machine settings were printed in a booklet which had the edges of all its pages stuck together, one page per day and one month per booklet. To set up the machine you would peel off the sheet from the previous day, revealing today's settings. Used sheets would were torn out and incinerated.

Eburna's KL-7 was supplied with only one rotor cage and one set of rotors. According to the instructions, the rotor setting were changed at 00:00 UTC and the key sheet of the previous day had to be destroyed. Thus, when a message of the previous day arrived a few hours later, they could not go back to the old settings. They decided to keep the old key sheet for an additional 24 hours to go back if they had to. In the military, the KL-7 was usually supplied with two rotor cages, and the rotor cage with settings of the previous day was kept the next day. Going back then simply meant swiftly detaching the current cage and attaching the old one. The Eburna radio office did not have this luxury.

The KL-7, rotor set and setting instructions were supposed to be kept in the safe but the Eburna didn't have a safe, so they kept them in a cupboard. They assumed there were very few spies running around in the middle of the South Atlantic and their solution was probably secure enough. Bernard also recalled rewiring at least one of the rotors every month, and that it was quite a fiddly task involving many small parts.

Bernard also commented on the KL-7 simulator. "I downloaded the KL7 simulator and am having fun with it reliving old memories. The only thing the simulator doesn't do that the real machine did is to fail occasionally (actually quite often!) due to dirt under the keyboard. In accordance with Murphy's Law it would always do that when urgent traffic was on hand. Then there was nothing for it but to take the machine apart and clean it out". The need for intensive maintenance was indeed one of the KL-7's disadvantages and essential to avoid the so-called dead-rove.

The Navy didn't quite understood how merchant ships operated or how they were equipped, and never realized that keeping a 24 hour radio watch with only two men for the duration of the entire campaign was a daunting task. The Navy also expected them to know how to handle a tactical radio net and encrypt figures and phrases using NATO code books.

At first, Bernard had no idea what was going on and it took several days to work it out. He noted that a tactical radio net in a war zone is not the best place to learn military radio procedure. To their excuse, the Navy also had a daunting and unprecedented task to compile a huge naval task force within days.

The Eburna story is a rare example of civilian merchant radio officers that worked with the KL-7. Undoubtedly, more people outside the military, intelligence and state departments worked with this beautiful cipher machine. Let's hope their stories and will also be recorded some day, before that fascinating history is lost.

In the end, the Argentine forces surrendered after 74 days and many lives were lost on both sides. The 1982 Falklands War was probably the last time the KL-7 was used during combat operations.

You can read the full story about the Eburna radio room during the Falklands War (pdf). More about the Eburna tanker at Helderline.com and a detailed history of the Falklands War at Naval History.

At our website's TSEC/KL-7 ADONIS & POLLUX page more on this iconic Cold War crypto machine, including all technical details, its development, operational history and many related NSA and NATO documents.

Thursday, June 17, 2021

The Iconic Crypto AG Disappears

The recent removal of the iconic Crypto AG logo from its building is the final milestone in the history of the once renowned firm that sold state-of-the-art crypto equipment all over the world. The iconic 1960s building, located in Steinhausen, Switzerland, is to be demolished to make room for apartments. This tale however has a stinging aftermath.
This milestone also ends the rather naive era of relying on foreign commercial firms for critical secure communications, certainly in today's digital world. The fate of Crypto AG was sealed in early 2020 when documents revealed the firm was secretly owned by the CIA and West-German federal intelligence service BND since 1970, making it the largest ever compromise of secure communications. Apart from the consequences for the many customers and the firm's reputation, this was also a tragedy for those who worked at Crypto AG.

Take a look at the splendid photos from the bandonned Crypto AG building, taken by photographer Patrick Hürlimann. Seeing these pictures of the empty building, offices and storage rooms, you cannot but feel sad for the many employees, once buzzing around in the hallways and factory, who genuinely gave their best and took pride in developing quality equipment for the best crypto firm in the world.
Crypto AG also took good care of its well paid employees, including many benefits. The sailboat in one of the pictures is an eery reminder of the good times, when employees were allowed to sail the firm's boat on Zugersee, the nearby lake. Eventually, some of the firm's engineers and mathematicians became suspicious about interventions by external advisors or illogical modifications to their equipment, but they were either stonewalled by the staff or suddenly lost their job.

To leave behind a lifetime of working can by tough, certainly when they always worked with pride, but imagine seeing decades of hard work turn into an illusion of lies and spying. Not the career ending they dreamed of. But they were not the only disillusioned ones.

Unaware that Crypto AG was owned by the BND and CIA, Swedish entrepreneur Andreas Linde took over the firm and its name in 2018 and established Crypto International AG. In the wake of the revelations, with the export license suspended, Linde had no other options than to dismiss virtually all employees in mid-2020.

Earlier this year, a special prosecutor was appointed to investigate the spy scandal. In May, the Swiss intelligence chief announced he will step down end of August, following criticism about his handling of the Crypto AG case after the scandal broke out.

More about Crypto AG on this Blog and Website

Monday, April 26, 2021

U.S. KL-7 Crypto Machine - Last Details Unveiled

The ingenious sliding switch
Image © Dirk Rijmenants
We documented many technical details of the fascinating TSEC/KL7 crypto machine in 2011. Although we already knew how the KL-7 worked, the details on how the machine actually achieved this electronically and mechanically are only fully understood after the recent release of all technical documents, and these kept surprising us.

The KL-7 rotors, their flexible settings and complex irregular stepping, the use of electronics and the ingenious keyboard made it a cryptologic marvel when it was introduced by the National Security Agency (NSA) in 1952.

The compact printer
Image © Dirk Rijmenants

However, three important design features stretched the imagination of the ASA and AFSA engineers: using electronics to put their ideas into hardware, design a compact printer mechanism, find a flexible way to power the KL-7,  and all these properties in a small 12 by 12 inches (30 x 30 cm) machine, weighing a mere 20.5 lbs (9,3 Kg).

The circuitry and various timing signals to control its mechanics and operate the KL-7 required only four vacuum tubes. To power the KL-7, the machine uses 24 volts to run a DC motor that drives an AC generator, which in turn provides all voltages, from -70 to +220 volts, for the tubes.

The ingenious puls generator
alphanumeric double pulse

That same motor also drives a pulse generator that provides accurate timing to control a rotating drum printer, and the vacuum tubes ensure precise printing of alpha-numeric characters, all securely encrypted.

Only recently we had the chance to study the plans and schematics in detail to discover how all this was actually achieved, and it took some time to grasp some of the details. It seems as if they found completely new solutions, then encountered some problems with those solutions, and devised more complicated solutions to those problems.

The Pulse generator explained
A circuit with thyratron and double triode vacuum tubes, and the clever use of resistor networks that influence various voltages on the tube grids, requires perseverance to be understood.

As of today, these newly uncovered details are available on the website. You will find several new and updated drawings, photos and thorough detailed explanation about various parts of the machine. All you wanted to know about the KL-7 but were afraid to ask...

Examine the machine, its history of development, how it was used and the simulator at the Cipher Machines and cryptology.

More on the KL-7

Update June 24 - Added complete circuit diagram with details on signal processing, printing, the shift modes, a discription of the different timing signal circuits, and drawings of the piggyback system with detailed discription.

Update July 29 - NSA study about unwanted stray signals of KL-7 printer that enable recovery of plain text added. Also three documents related to release of AFSAM-7 (KL-7) to UK and NATO countries, and spreading of cryptographic pinciples of KL-7.

Update August 11 - Photos, data sheets and details operation vacuum tubes added. KL-7 page menu created. 

Updates September 10-16 - Expanded history of KL-7 in service, use of KL-7 on merchant ships in Falklands War and added various NATO documents related to the KL-7.