Saturday, September 16, 2017

The Spy Sons Long Way Back

I already wrote about Jack Barsky and how a spy career and family life don't always mix that well. I mentioned Tim and Alex Foley, the sons of Donald Heathfield and Tracy Foley who were arrested by the FBI in 2010. Their parents' real names were Andrei Bezrukov and Elena Vavilova, two illegal agents of the Russian intelligence agency SVR. After their trial, the spy couple and their sons Alex and Tim, then aged 16 and 20, were expelled and put on a plane to Russia, together with eight other illegals. It was the biggest spy swap since the Cold War after a decade long operation to uncover a large spy ring in the United States.

Alex and Tim Foley (now Vavilov)  in 2010

Alex and Tim, who now carry the surname Vavilov from their mother, were born and raised in Canada, briefly lived in France and then settled with their parents in the United States. They never knew anything else than the fake family history, fabricated by the SVR. Despite the fact that they testified never knowing about their parents' spying career, they were also stripped from their Canadian citizenship. Since they left the United States, they are in a legal battle to get back their Canadian citizenship and return home to pick up their old life. The only life they ever knew. 

Now, a Canadian federal court ruled that Alex Foley's citizenship should be restored. The Canadian Security Intelligence Service (CSIS) however says that his older brother Tim knew about the secret life of his parents and that he was sworn in by the SVR. At McLean's you can read about their struggle to return to their old life and the current legal battle. Fascinating story, but again, a spying career can put a heavy burden on your kids. More spy family trouble in a previous post.

Below a July 2017 interview with Elena Vavilova about her work as illegal SVR agent, raising Tim and Alex and how it was to live in the United States. In a way, she's the real Elizabeth Jennings from The Americans, the acclaimed Netflix series, inspired by this spy case (non-russian speakers can set translated subtitles).

Thursday, August 10, 2017

Secret Splitting Revisited

I wrote about secret splitting some ten years ago and decided to fresh things up and create a new easy-to-use template. You only need a pen, paper and first grade math to obtain absolute security. But first, a quick reminder on what secret splitting is, how it works and why everyone should know this interesting system.

Secret splitting (also called secret sharing) enables you to split a secret code into multiple shares and give those shares in the custody of several persons. Retrieving the original code is only possible if the shareholders agree upon putting their shares together. The secret could be the code to a combination lock, safe deposit box, electronic key or password. You can split passwords to access a computer, encrypted files, a digital lock to enter a building or disable an alarm system.

An interesting property of secret splitting is that more people with shares means more security, because more people have to agree on putting their shares together, which is the opposite of sharing the secret itself, where more people means more risk.

There are many useful applications for secret splitting where you need to delegate access to your secret code in a specific situations. You can appoint several persons that will be able to open your safe with money or critical information in case of emergency. None of them can act alone and a single trustworthy person among them is enough to prevent misuse.

A parent who has stored his money, documents or valuables in a safe deposit box can split the number combination and all children receive a share. In case of emergency or the parent's decease they can only access the safe when all of them agree upon opening the safe. Each shareholder can even split his own share again into two shares, to hide his sub-shares separately as backup or destroy his original share and store his sub-shares at different places to increase security.

You can use secret splitting for secure remote delegation through insecure channels. Create a share for yourself and one or more shares for other persons. This way, you can be on the other side of the world and send your share to all other shareholders to give them access to a computer file or the pin code of a credit card, to name a few. The shareholders can only retrieve the code at the moment that you decide to give them your share and they all need to agree. You can use any insecure method like e-mail, chat or telephone to send your share, because that single share never reveals any useful information to an eavesdropper.

The template to create your own secure shares (download pdf here)

For our template we use the method where all shares are required to retrieve the original. It is mathematically impossible to retrieve the original if a single shareholder refuses to disclose his share. This method is information theoretically secure, read unbreakable.

There is another method, called secret splitting with threshold, which requires less shares than the total number of shares to retrieve the original. It's security is based on mathematical complexity. Unfortunately, this method does not guarantee information theoretical security.

Of course, you cannot simple cut a code or password in half or quarters, as this would reveal at least part of the code and provide clues to find the rest of the code or reduce the number of combinations to try out. The secret splitting we use is based on the principle of one-time pad encryption and all calculations are performed modulo 10 (addition without carry and subtraction without borrowing). The secret code is encrypted with one or more truly random keys and, in contrast to sending the encrypted secret to the receiver, we use the random keys and the encrypted code as shares.

We can only retrieve the original code when the encrypted code and all keys are put together. Take one share out of the equation and it will be mathematically impossible to decrypt the code. The only requirements are the use of truly random digits and, obviously, secure physical separation of the shares. The small number of required truly random digits are easily generated manually.

Secret splitting may sound complicated but it's quite simple to apply. If you can add and subtract, then you can create secure shares, and all it requires is a pen and paper. You can download the new version of the easy-to-use Secure Code Splitter which comes with clear instructions and examples, a blank calculation sheet and share template. More to read about secret splitting at my website.

Wednesday, July 26, 2017

Martha Peterson and TRIGON

Martha Peterson on her
1975 Russian driver license
The story of CIA operations officer Martha Peterson Shogi and her work related to Soviet spy Aleksandr Ogorodnik is quite remarkable and also sheds some light on how the two communicated in Moscow.

Martha 'Marti' Peterson, née Denny, met her first husband John Peterson at Drew University and married him in 1969. John enlisted as Green Beret to serve in Vietnam and was later hired by the Central Intelligence Service for covert operations in Laos. In 1971, Martha and John travelled to Laos. John was killed one year later in a helicopter crash during a mission Laos.

In 1972, the CIA recruited Aleksandr Ogorodnik, a Soviet diplomat at the Soviet embassy in Bogota, Colombia. He was given the codename TRIGON. Ogorodnik provided the CIA with communications between Soviet ambassadors in South America, giving the CIA an insight in Soviet foreign politics. In 1974 he was recalled to Moscow to work at the Soviet Ministry of Foreign Affairs. His new job provided him access to communications and reports of Soviet ambassadors from all over the world. The CIA struck gold.

Aleksandr Ogorodnik
Before leaving to Moscow, the CIA provided him with a pen with miniature camera to photograph documents, a schedule to make dead drops, special carbon paper for invisible writing and trained him in the use of these materials. Ogorodnik also insisted on having a suicide pill, to use in case he got caught. CIA provided him with such so-called L-pill, concealed in a pen.

Martha Peterson returned to the Washington after her husbands death and applied for a job at the CIA. She was hired as CIA operations officer and agreed to be sent to Moscow. She received operational training and took a Russian language course. Peterson arrived in Moscow in November 1975. At the age of 30 she became the first ever female CIA officer to be stationed in Moscow and was now responsible for the exchange of communications and spy items with TRIGON.

Peterson had an important advantage over here male CIA colleagues. The Soviet Intelligence Service did not believe that an American female would be a CIA officer and assumed that she was a low level clerk. Peterson was therefore never under surveillance and, in contrary to other CIA officers, could travel around Moscow without being followed.

Peterson never met TRIGON in person. He delivered photographed documents and messages through pre-arranged dead drops, mostly in parks. After extensive surveillance detection runs she collected the content of the dead drop a short time later, at the same time supplying him with a new pen-camera with film, instructions and one-time pad duplicates through that same dead drop which he in turn collected later on.

TRIGON used the one-time pads to decrypt messages that he received trough CIA numbers station broadcasts from West Germany. During such operations, Peterson always wore an SRR-100 surveillance receiver to intercept and detect KGB surveillance communications.

In early 1977, the CIA started worrying about the quality of the material that TRIGON provided and grew concerned about his security. Eventually, on June 26, TRIGON failed to retrieve a dead drop and there was no more communications. TRIGON neither showed up after a numbers station broadcast, instructing him to meet at a pre-arranged location on July 14.

In the evening of July 15, after the usual surveillance detection runs, Peterson arrived at the Krasnoluzhskiy railroad bridge over the Moscow river, near Lenin Central Stadium. At 2230 hours she placed a dead drop package, concealed as a hollow piece of concrete, in a niche in one of the bridge’s towers. As soon as she walked out of the tower she was grabbed by three men who immediately strip-searched her, took photos and put her in a van that drove straight to Lubyanka prison in KGB headquarters.

KGB photo of Martha Peterson's apprehension at the Krasnoluzhskiy bridge

Martha Peterson during the interrogation at Lubyanka prison
Peterson's arrival for interrogation was filmed (see video at 48:58). She was interrogated while all items from the dead drop package and her SRR-100 receiver were displayed in front of her.

The U.S. Consul was summoned to Lubyanka prison to explain who she was and what she was doing. The KGB had no other choice than to release Peterson because she had a diplomatic status as vice consul (which of course was a cover for her CIA work). She was returned to the U.S. embassy and flown to Washington the next day. Declared persona non grata, Martha Peterson would never return to Russia.

The displayed espionage items, retrieved from the dead drop, and the SRR-100 receiver

In 1978, the Soviets released the story in the Izvestia newspaper and the heavily publicised spy case also ended up in U.S. press. The Soviets alleged that Peterson smuggled poison to kill a Soviet citizen that interfered with a spy's criminal activities (see Washington Post archive June 13, June 15 and June 21, 1978). These accusations at the height of the Cold War were later proven false by the KGB itself.

The fate of Aleksandr Ogorodnik was unknown until the Soviets aired the 1984 TV series TASS Is Authorized to Declare (also on Youtube). Its script was almost a copy of TRIGON’s story. In that movie, the spy committed suicide during interrogation with a pill from his pen. KGB accounts confirmed that Ogorodnik was arrested a month before Peterson got caught. During interrogation, he pretended to write a confession, took the special pen and quickly used the L-pill.

However, even today accounts vary on what actually happened to Ogorodnik and some even believe that he was killed by the KGB. We will probably never know the real story. The CIA believes that Karl Koecher, an agent of the Czechoslovak intelligence service StB that infiltrated the CIA as translator and analyst, betrayed TRIGON to the Soviets.

Martha Peterson continued to work as CIA officer in operations, including 10 years of foreign assignments, married her second husband Joseph Shogi in 1978 and retired in 2003 after a distinguished 32 year career in the Agency.

More about Martha Peterson at her website Widow Spy, which is also the title of the book she wrote about her CIA career and the TRIGON case. The CIA published a short Featured Story on TRIGON. CNN's DECLASSIFIED page tells how she revealed her secret spy life to her kids, including several images of her Moscow era They also aired Trigon: The KGB Chess Game.

An account of Peterson's arrest is found at the The Espionage History Archive which also has the Russian view on the death of Aleksandr Ogorodnik. There's also a Russian documentary. More information about the equipment, used in this spy case, is found at the Cryptomuseum website. Numbers-station.com published TRIGON Numbers Station and on my website there's more on number stations and the use of one-time pads.

But who can explain everything better than Martha Peterson herself. The Spy Museum published the podcast Caught by the KGB where she tells about how she was captured by the KGB. Below her fascinating account (direct link) of her time in Moscow as case officer with many details on TRIGON. Highly recommended!

Wednesday, February 15, 2017

Crypto Box Challenge Solved by George Lasry

George Lasry
Great news from the Crypto Box Challenge, as George Lasry from Israel solved the final box! He's only the sixth person in more than nine years to complete the challenge. He took on the challenge in 2013 and, after various side tracks, including the completion of the Enigma Challenge, he succeeded cracking that last box.

George Lasry is a one.of-a-kind hobby cryptologist who evolved quickly into a well respected member of the classical cryptology community within a mere three years. It's the amazing story of a man who was searching for a new job in software development. Meanwhile, he wanted to train his programming skills and his interest in the Enigma machine lead him to the crypto challenges on my website. The Crypto Boxes were his first encounter with historical cryptography but the final box however proved a nut too hard to crack.

Giving up was not his cup of tea, so he started experimenting with various cryptanalytic techniques and quickly solved the complete Enigma Challenge with software he developed on his own. In search of new challenges he learnt about many cryptanalytic techniques and implemented various different types and combinations in his ever expanding software. Some other side tracks were the Mystery Twister C3 and the strong Double Transposition Challenge.

Searching a solution to a complex cipher is not simply writing some software to search for the solution or the proper key. It involves the development of complex fast algorithms for an exhaustive search, tailored for a specific problem, in combination with various methods to measure the success of the ongoing process and to proceed on a successful track.

The Crypto Box
He experimented with hill climbing, simulated annealing and used bigrams, trigrams, quadgrams and log quadgrams. A recent paper by Olaf Ostwald and Frode Weierud, Modern Breaking of Enigma Ciphertexts, explained the use of hexagrams. George had excellent results with this technique but the final Crypto Box remained unbroken. George finally solved the stubborn box on 14 February with a variation of simulated annealing, based on James Cowan's "churn" method, and even found three different keys to solve the box.

His journey through classical cryptology also draw the attention of some experts. George teamed up with German researchers and was encouraged to publish his techniques in the renowned Cryptologia journal. He started a PhD thesis and continued to solve various tough crypto challenges. His solution of the Double Transposition cipher caught the eye of people from Google, which eventually lead to his recruitment by Google.

I'm quite pleased to hear from George that my Crypto Box Challenge was his first encounter with classical cryptography and that the website inspired him to experiment with various cryptanalytic techniques, resulting in the successful decryption of the final Crypto Box. Congratulations George!

More about the challenges at Cipher Machines and Cryptology.

Thursday, November 24, 2016

Operation Vula's Secure Communications

Operation Vula was the creation of an underground ANC leadership with supporting secure communications network in South Africa to fight against the apartheid regime. The operation ran from 1988 to 1991 and is also the fascinating story of Tim Jenkin, who played a key role in providing secure communications.

Tim Jenkin today
Tim Jenkin came into contact with the anti-apartheid movement when he visited the African National Congress (ANC) office in London. He was eager to support the fight against apartheid. Jenkin was trained in covert operations and returned to South Africa where he and his good friend Stephen Lee started underground work for ANC in 1975. They ran a propaganda shop but got arrested in 1978 and were sentence to respectively 12 and 8 years imprisonment. Amazingly, they escaped 18 months later from a Pretoria high security prison with keys that Jenkin made out of wood. This gives you an idea of how creative he was. Jenkin left South Africa and made his way to the ANC office in London where he became a trainer for underground operatives.

The ANC leadership had fled to Lusaka in Zambia after many of their leaders and members were jailed or tortured. This left the ANC with no representatives in South Africa. Among the exiled members were ANC president Oliver Tambo, commander of the military wing (MK) Siphiwe Nyanda and ANC strategist Mac Maharaj, whose mission was to revive the freedom movement and ignite revolution in South Africa.

This proved to be a mission impossible because of the problems to communicate and coordinate with the few ANC members that were still in South Africa. In the mid 1980s, communications between London, Lusaka and operatives in South Africa were still protected by manual one-time pad encryption that was too cumbersome for long reports that took many hours up to days to encrypt by hand.

Oliver Tambo tasked Siphiwe Nyanda to join MK's Chief of Staff Joe Slovo in starting up Operation Vula. The goal of this extensive operation was to set up a secure covert communications network and to smuggle ANC leaders and weapons into South Africa to install a leadership that would take over command of the underground work. This is where Tim Jenkin comes into play.

Jenkin met Mac Haharaj while training ANC agents on radio communications in Lusaka. Haharaj asked him to set up secure communications between covert operatives in South Africa and the ANC office in London. At that time, Jenkin was experimenting with computer communications. Personal computers were quite a novelty in the 1980s but handyman Jenkin developed one-time pad encryption software that used floppy disks, filled with random data, to serve as key. During encryption, used key bytes were automatically wiped from the disk, making the system unbreakable. The software also increased encryption speed for Vula messages considerably, compared to the slow pen-and-paper system.

Jenkin's office in London, nicknamed GCHQ (after the British Signals Intelligence organisation) served as the main Vula communications hub for messages between London, Lusaka and South Africa. In his computer shack he developed, tested and ran secure communications to cope with the increasing amount of reports from and to the ANC underground leadership.

Tim Jenkin in his communications hub

Jenkin devised a system to convert encrypted message digits into DTMF (dual-tone multi-frequency) telephone dial tones that were then recorded onto cassette tapes for transmission by pay phone later one. They provided ANC operatives with several DTMF tone generators that were disguised as electronic calculators. Later on, they dropped the method of manually keying in the DTMF tones and drastically increased communication speed by  recording the computer modem sound directly to tape.

Conny Braam, a Dutch anti-apartheid activist, became responsible for the Vula logistics. She ran a network of people that supported the entire operation. First task was to get the network running. She had to find someone to travel several times a month between Amsterdam and Johannesburg. Air hostess Antoinette Vogelsang volunteered as courier. Being an air hostess, she didn't had to go through airport checks and could safely smuggle into South Africa the Toshiba laptops and software that secured the network. She also provided the communication hubs with a regular supply of floppy disks, containing new one-time pad keys.

The Dutch Lucia Raadschelders was sent to Lusaka to run a communications hub from a small house in the slums. She also served as contact between Jenkin and ANC headquarters in Lusaka. Janet Love, the ANC underground operative in Johannesburg switched from the slow manual one-time pad encryption to its fast computerised version. Everything was finally up and running. In 1988, Mac Maharaj and Siphiwe Nyanda  were the first Vula leaders to clandestinely infiltrated into South Africa.

Meanwhile, Janet Love's communications hub in Johannesburg was also operational. Tim Jenkin received the first long reports from Mac Maharaj a few weeks later. ANC's freedom movement finally was able to communicate securely with Jenkin's London office as central hub. From then on, Janet Love encrypted all Johannesburg messages and recorded the computer modem sound on cassette tape.

The operative in South Africa chose a random pay phone to call an answering machine in London and played back the tape with the message that he had encrypted and recorded earlier. The London office checked the message and called the operative's pager with a specific code to signal that the message had arrived well. London then relayed this message to, for instance, ANC headquarters in Lusaka.

The London office also used a specific pager code to warn operatives in South Africa that there were messages for them to receive. To retrieve a message, the operative again chose a random pay phone and called another answering machine in London on which the London HQ had recorded an encrypted message from Lusaka or from other operatives.

From the manual encryption of long reports, taking many hours to encrypt and days to get across, they now were able to get a message to London in one or two hours. Jenkin relayed the messages almost real-time back and forth between the ANC headquarter in Lusaka and the operatives in South Africa. The South African security services could not track these messages as they were sent anonymously from randomly chosen pay phones. It would require them to monitor each and every pay phone and even if they managed to intercept such a message, it would merely contain what seemed like unintelligible fax or computer tones, giving them no clue about their purpose.

Mac Maharaj succeeded in setting up covert communications with the imprisoned Nelson Mandela through his lawyers. By then, the South African government held secret talks with Mandela, who they believed to be clueless about the situation in the country. Little did they know that Mandela was in direct contact with ANC president Oliver Tambo and a well organised underground leadership. In fact, without realising it, the apartheid regime was negotiating directly with the ANC. When Nelson Mandela was released from prison in February 1990, the Vula operation continued underground to protect the actual leadership and its communications with Mandela.

The operation was eventually compromised in July 1990 after the police followed Siphiwe Nyanda and discovered encryption disks and plain messages in a Vula hide-out. Mac Maharaj, Siphiwe Nyanda and six other Vula members were arrested and imprisoned. Others fled the country or went into hiding. Despite this setback, Tim Jenkin was able to reboot the Vula network within 24 hours. All Vula members eventually received amnesty as part of the political transition that lead to the end of apartheid.

Tim Jenkin's story is an amazing example of people with no background in intelligence, espionage trade craft or secure communications who used their creativity to set up an ingenious international secure network that changed South Africa's history. It should be noted that their communications system, which was quite novel and therefore secure in the 1980s, would pose serious risks in today's world with advanced signals intelligence capabilities, ranging from hacking computers to extensive electonic surveillance and geolocation.

Tim Jenkin's story of operation Vula is published at the ANC website (alternative link here). More details about the encryption systems and equipment at the web page How the ANC sent encrypted messages. Below an excellent eNCA documentary about operation Vula. Additionally, you can watch a NGC documentary of Tim Jenkin's escape from Pretoria prison.