US military technician Brian Regan was sentenced to life in prison, after he had tried to sell secret information to foreign governments. He used a few interesting ciphers.
Brian Regan (not to be confused with the comedian of the same name), a former master sergeant in the United States Air Force, tried to deliver secret information to foreign governments in exchange for money. Before he had any success, he was arrested and convicted to life in prison. He has been imprisoned for over 16 years now.
Secrets for money
Regan’s dramatic story is told in a great book titled The Spy Who Couldn’t Spell written by Yudhijit Bhattacharjee, whom I met last year at the NSA Symposium on Cryptologic History. It’s an exciting book – a must-read for everybody interested in espionage.
The subtitle A Dyslexic Traitor, an Unbreakable Code, and the FBI’s Hunt for America’s Stolen Secrets indicates that encryption plays a role in this book. In fact, Regan, who had been trained in cryptography, used several encryption methods to conceal information like banking codes, hiding place locations, and addresses.
The following picture was made by an FBI surveillance camera. It shows Brian Regan stealing secrets at his working place.
Regan stole 20,000 pages of highly classified documents, and a variety of videotapes and computer compact disks. He buried all these items underground in Maryland and Virginia’s state parks. His plan was to reveal the hiding places to foreign governments in exchange for money.
The codebreaking unit of the FBI (the so-called CRRU) with its master codebreaker Dan Olson was able to break most of Regan’s ciphertexts. I had the pleasure to share a session with Olson at the NSA Symposium on Cryptologic History 2015. The following picture of me (with FBI historian John Fox, Dan Olson and David Oranchak) was taken during my presentation:
The following encrypted note shown in Yudhijit’s book is especially interesting (Regan carried it with him, when he was arrested at the airport before boarding a plain to Zurich, Switzerland):
The first line is easy to decipher (except for the first two letters). It’s a simple Caesar cipher with key 1:
Ciphertext: ??-56NVOAIPG CBIOIPG-TUS Plaintext: xx-45MUNZHOF BAHNHOF-STR
Here’s the second line
Ciphertext: VCT-AV-533341011943418 Plaintext: UBS-ZU-422230900832307
These two lines refer to the Union Bank of Switzerland (UBS), which is located in a building named Münzhof in the Bahnhofstrasse 45 in Zurich. I don’t know what the numbers 4222… stand for. Here’s the next line (encrypted the same way):
Ciphertext: SS-CVOEFTQMBUA3CFSO Plaintext: RR-BUNDESPLATZ2BERN
Bundesplatz 2 in Bern, Switzerland, is the address of another major Swiss bank, Credit Suisse. I don’t know, what RR means. The meaning of the last line is unknown to me, too. Can a reader find it out?
The unsolved code mentioned in the subtitle of The Spy Who Couldn’t Spell looks like this:
Brian Olson suspected that these numbers reffered to words in a book (this method is known as book cipher). In fact, after his conviction, Regan revealed that Olson was right and that the book he had used was his junior highschool yearbook. However, neither he himself nor Olson could decipher this message. This was a serious problem, as this note described the locations of the places where Regan had dug the secret material. In the end, breaking the cipher proved unnecessary – Regan could remember all the hiding places without reading his encrypted note. The FBI even took him – hand-cuffed and strictly guarded – to a forrest where a part of the material was hidden. As planned, Regan directed the FBI agents to his stashes.
On their way back, the FBI men and Regan stopped at a McDonald’s restaurant. For Regan it might have been the last visit at a McDonald’s in his life.
Further reading: How a crypto mystery from the Cold War was solved – or was it?