streda 11. októbra 2023

Slovak cryptodevice - a fax with encoder - model HC-4400-09

 A fax with an encoder, model HC-4400-09 from the Swiss Company Crypto AG, was placed at Ministry of Foreign Affairs of the Slovak Republic (SR) and abroad at the representative offices of the Slovak Republic. It was used to encrypt and transfer copies of documents using the regular telephone network. The electronic device was compatible with any fax machine or personal computer. It was in the service as a fax server, did not have any restrictions on standard devices, with an error correction mode, automatic protocol adaptation, a security module resistant to unauthorised manipulation, automatic or manual key selection, for protection against forgery, for generating and encrypting keys, a program for managing keys, protected database, speed from 2400 to 14400 b/s. Installation and  operation of the fax machine was simple.

Cryptodevice - a fax with encoder - model HC-4400-09

 The device was manufactured in the 1990s by the Swiss company Crypto AG, which specialised in communication and information security. The predecessor of CryptoAG was AB Cryptoteknik, founded in Stockholm (Sweden) in 1920 and producing mechanical cryptographic machines.

During World war II, the company supplied up to 140,000 encryption devices to American troops. In 1952, the company moved to Switzerland, and in 1970 it was secretly bought (and influenced) by the Central Intelligence Agency (CIA) and the West German intelligence service BND, starting Operation Rubikon (Operation Thesaurus). The secret operation was used to collect communication information about the encrypted government communications of other countries, including the Slovak Republic (it is assumed that the operation affected up to 100 countries). This was achieved by selling manipulated encryption technology — exploiting the weakness of the algorithms.

streda 22. februára 2023

Spanish Embassy's cipher machine break by Czechoslovakian Secret Service and KGB

How the Czechoslovak secret service ŠtB breaks the encryption machine Gretag TC 803 at the Spanish embassy in Prague: https://www.info.cz/zpravodajstvi/cesko/akce-sumperk?odemknout=YAYLEWR8KH

Detailed description of the encryption machine Gretag TC 803: https://www.cryptomuseum.com/crypto/gretag/803/index.htm

Picture of the cipher machine's daily key block 


 "...Another break-in at the embassy took place on June 27, 1980. In this case, the State Security encountered a problem that it could not deal with. The Spanish started using the Gretag TC 803 encryption machine. ... Daily slips of paper with an encryption key were inserted into it. These were stored in a safe and bound with bookbinding cloth on three sides and in the middle. The canvas thus formed a kind of letter E with four arms. Between the canvas arms were perforated slips of metal foil that were inserted into the encryption machine. One part was designated for each day. Used and unused keys were shredded the next day. Without knowledge of this key, encrypted telexes could not be decrypted. Not even a specialist bookbinder from the Department of Intelligence could devise a way to bypass this security in a way that would not be noticed by the Spanish embassy cipher clerk. ... Although the StB found out the settings of the encryption machine's commutators for the second half of 1981, without knowledge of the day's encryption key, it was unable to decipher the dispatches sent. "An attempt was made to disassemble the block. A part of the light blue cardboard that covers the end of the binding cloth strips was peeled off by steaming. A high risk of exposure was found during this operation, as it is an area of 20 x 15 cm. (…) On the basis of the knowledge gained from the said inspection, I recommend consulting the problem through cooperation with the relevant workplace of experts in the issue of specially secured shipments in the USSR." Another inspection of the embassy took place on September 22, 1981, the StB copied the paper documents, but it was again unable to break the encrypted communication failed. ... The direct participation of four KGB workers in breaking into the Spanish embassy in Prague took place for the first time on March 17, 1983. The KGB had evidently managed to find a way to break the cipher blocks and copy the daily cipher for the Gretag cipher machine. It was not until four years after the installation of the "security" door to the encryption room that an employee of the Grany company, which manufactured the door, visited the embassy and removed the "defect". Between August 7 and 10, 1984, State Security verified that the door to the code room was recoded and was unable to discover the new password. The new lock was only breached during another break-in at the embassy on July 3, 1985, when Soviet specialists managed to copy all the encryption keys necessary for decrypting the communications of the Spanish embassy. Another break-in at the embassy took place in June 1986, when it was again possible to break into the encryption room and copy everything that the StB and KGB were interested in."