According to recent press reports, the CIA and the BND secretly acquired Swiss crypto machine manufacturer Crypto AG and sold backdoored encryption technology.
Yesterday the Washington Post and the German TV magazine Frontal 21 reported on what might become the crypto story of the year. I want to thank my readers Peter Krapp, Arnim von Schwedler, Jon Paul, Paul Reuvers, George Lasry, and George Keller for making me aware of it.
What has happened?
For many years it has been speculated that the cipher machines of Crypto AG (Hagelin) have exploitable weaknesses (backdoors) that can be used by Western intelligence services to break encrypted messages. From the Friedman Collection it was already known that a secret unwritten Gentleman’s Agreement existed between Hagelin and the American NSA from 1951 onwards.
But the actual story is almost unimaginable. Investigative journalists of the German TV station ZDF, and the American newspaper Washington Post, have discovered that in 1970, Crypto AG was secretly purchased by the German Bundesnachrichtendienst (BND) and the American Central Intelligence Agency (CIA) in a covert operation named RUBICON. For several decades, it enabled NSA – and its German counterpart ZfCh – to read virtually all diplomatic traffic of the countries that were on the CIA/NSA target list.
Who is Crypto AG?
The roots of Crypto AG go back to the 1910s, when Swedish engineer Arvid Damm started a crypto machine business. He was later joined by his country man Boris Hagelin, who was supported by his wealthy father.
After Damm’s death in 1927, Hagelin run the company alone. After a few difficult years with only little revenue, Hagelin’s company began to thrive in the mid-1930s, when the French army became its first major customer.
In the Second World War, Hagelin became a wealthy man, when he sold the license of a cipher machine named M-209 to the US Army and 140,000 specimen of this device were built.
In the 1950s, Hagelin relocated his business from Sweden to Switzerland, now naming it Crypto AG. During the early Cold War, Crypto AG was the world market leader for crypto machines, serving customers in over 100 countries all over the world. The German armed forces (Bundeswehr) used Hagelin’s designs, just like the military and diplomatic organisations in numerous countries in Europe Asia, South America and Africa.
When electronics and computers took the course in encryption technology, Crypto AG faced more and more competition from hardware and software producers. Nevertheless, they remained a major player in the crypto business.
In 2018, Crypto AG was liquidated and its assets sold to two several other companies.
Are these new disclosures surprising?
No. For decades there have been rumors and reports about Crypto AG including backdoors into their cipher machines. As Paul Reuvers writes, already in the 1950s the company produced encryption technology that was deliberately weakened. The CX-52, a very successful Cold War encryption device, was sold exclusively to allies of the USA, while other countries only received the less secure version, C-52. The two machine designs looked the same.
In 1991, Crypto AG sales employee Hans Bühler was arrested and imprisoned for nine months in Iran. At this time, the Iranian government suspected backdoors in the machines they had purchased from Crypto AG, and Bühler was the only person representing this company they could get hold of. Here’s a recent article (in German) about this story.
What is worrisome about this affair?
It is far from unusual that a US intelligence authority employs in weakening crypto soltutions. What worries me is that in this case a German organisation was involved. Contrary to the USA, crypto backdoors, weak crypto standads and anti-crypto laws have no tradition in Germany. The German crypto industry has always profitted from this policy. So, the Rubicon affair is even more worrisome for German crypto vendors than for their US competitors.
Where can I learn more about this story?
The Washington Post has published a comprehensive article about the RUBICON affair, including a photograph of Paul Reuvers and Marc Simons.
Swiss TV station SRF has produced a one-hour feature on the subject. Dutch radio program Argos will reveal some of the Dutch aspects of Operation RUBICON next Saturday (February 15th) at 14:00 (CET).
Further reading: A fascinating report of Enigma’s contemporary witness, Max Rüegger