Thursday, February 13, 2020

CRYTPTO AG Fallout

The bombshell news about the rigged Crypto AG equipment is spreading. The renowned Switzerland based crypto firm, a world leader on commercial crypto equipment throughout the Cold War, already came under suspicion in the 1992 Hans Bühler case.

Iran, one of the many countries using Crypto AG equipment, became suspicious after some of their secret communications had leaked. Bühler, a salesman for Crypto AG, was arrested in Iran and imprisoned for nine months. This was a mere the tip of the iceberg.

Six years ago, declassified NSA documents showed a close cooperation between Boris Hagelin, founder of Hagelin Cryptos (later renamed Crypto AG) and his close friend William Friedman. Friedman, a brilliant U.S. cryptologist, already had a career from SIS over AFSA to chief cryptologist for NSA (National Security Agency).

CX-52, the machine that
NSA feared to be unbreakable.
Their 1950's gentlemen's agreement ensured that Boris Hagelin would sell  to "questionable states" only crypto machines of which the message could be decrypted (read) by NSA. The Gentlemen's Agreement seemed to extend into the 1990's, as the Hans Bühler case showed. This cooperation between Crypto AG and NSA was pretty big news in the cryptologic world. NSArchive has more on Hagelin and Friedman.

The current revelations, although more of the same, surpass the old suspicions by far. Journalists from German television ZDF and American news­paper The Washington Post now uncovered the last pieces of the puzzle. The CIA and the BND (Bundesnachrichtendienst, West-German Federal Intelligence Service) joint-purchased Crypto AG and took full control already in 1970.

This enabled the CIA, in cooperation with NSA, to develop unnoticeable weakened crypto equipment, sell these worldwide and eavesdrop on the compromised communications of many countries for decades. Eventually, this intelligence coup, called operation RUBICON, reached such proportions that BND decided to pull out in 1993, making CIA the sole owner of Crypto AG.

Crypto AG was liquidated and sold in 2018, two years before the CIA and BND ownership and operation RUBICON came to light. Two companies independently acquired part of the Crypto AG assets. One company took over the Swiss part and has the Swiss government as only customer. The other company took over the international branch of Crypto AG and also acquired the brand name. The owner  stated that they are a completely different company, until recently unaware of the links between Grypto AG, CIA and BND. They will change their company name.

Crypto Museum, who took part in the investigations in cooperation with the Dutch investigative VPRO radio Argos, has an excellent overview of the case and press coverage and many links to detailed information about Boris Hagelin, Crypto AG and the secret alliance with BND, NSA and CIA.

Greg Miller of The Washington Post gave an excellent 37 minutes summary of the Crypto AG spying on NPR podcast. More about the Hagelin CX-52, one of the compromised machines, at Cipher Machines and Cryptology and at the Swiss National Museum blog.

Update! The Full Operation RUBICON Story just release by Crypto Museum. They compiled an incredibly detailed full story on operation Rubicon with all agreements, timelines, involved persons, agencies and equipment. If you visited that page before, make sure to refresh the page to load all new information.

End of story? Not quite. Apart from the damage to the neutral image of Switzerland, there are many questions that are left open. The documents revealed that Crypto AG not only sold weakened machines to "questionable states" but also to several NATO allies. Among them was Belgium, a diplomatic hotspot with NATO and EU in Brussels.

Weakened encryption could help the enemy to read those messages, and that's exactly what the Soviets did. They also shared that knowledge, as documented in BStU files (German federal Stasi archives). The Soviets had excellent cryptologists, but even Cuba provided the East-German Stasi with info on cryptanalysis and decryption of Crypto AG equipment from various South American and Western European countries. Not quite a testimony of quality for Crypto AG, but that was their intention. More on compromised Crypto AG merchandise at SAS Chiffrierdienst (translated).

Insecure NATO members' equipment might well have leaked sensitive information to the Russians. The BND left operation RUBICON just a few years after the Berlin wall came down. Was it because they discovered in seized Stasi files that the Russians & friends could read Crypto AG messages from friends and foes? And CIA wasn't worried? Just collateral damage? The murky world of crypto  where even former Stasi cryptologists work for NATO. So many connected dots.

On my website you will find more on Hagelin-Cryptos and Crypto AG.

The whole mess reminds us of Organisation Gehlen, the post-war West-German intelligence and predecessor of the BND. Organisation Gehlen was kindly assisted by the US Army, who de facto ran it as a department. The CIA took over from 1949 until 1956, when Gehlen dissolved in the new BND, not coincidentally the era of the gentlemen's agreement.

The cooperation between the BND and U.S. intelligence was naturally and had many advantages, so close to the Iron Curtain. Already before the end of World War II, U.S. military TICOM teams rounded up scientists that could be useful. One of them was Oskar Vierling, prolific physicist and engineer with his Feuerstein Laboratory. His research proved interesting for various German and American post-war organisations.

Vierling's crypto research and work for ZfCh, the German central cryptologic service, eventually ended when he (willingly or not) sold the rights to his crypto equipment  to... you guessed, Crypto AG's predecessor Hagelin Cryptos, who's founder Boris Hagelin already had an alliance with William Friedman. This might have been the wisest decision ever that saved Vierling's firm from becoming a CIA subsidiary. More about the Feurstein Laboratory on this post.

The close cooperation between German and American intelligence also had its drawbacks. A most damaging case was Heinz Felfe, a Nazi SS officer with the SD Sicherheitsdienst (Foreign Intelligence branch of the SS). He was recruited by British Intelligence who quickly dropped him on suspicion of working for the Soviets.

Eventually, Felfe was recruited by, of all places, the Counter-Intelligence section of the Gehlen Organization (read CIA subsidiary). Felfe, in reality a Soviet spy, caused enormous damage to Western Intelligence. More about Felfe's devastating escapades in this post.

More posts about Crypto AG
 

No comments: