The coded messages of the terrorist Franz Fuchs

Eight years ago I reported about the RSA ciphers of the Austrian letter bomber Franz Fuchs. Thanks to blog reader John Haas, I can present some of these cryptograms today.

Deutsche Version

In the mid-1990s, a terrorist group called the Bavarian Liberation Army was up to mischief in Austria. It sent letter bombs to, among others, Vienna Mayor Helmut Zilk and TV presenter Arabella Kiesbauer. The series of attacks claimed four lives, and 15 people were injured, some seriously.

In 1997, a 15-page letter of confession from the Bavarian Liberation Army was received by the Viennese news magazine Profil. The content consisted of long columns of numbers representing a message that had been encrypted using the RSA method. The public key (i.e. a prime number product) was given. The key length was 1024 bits.


NSA and BSI provided administrative assistance

The Austrian police offered several organizations with cryptology expertise for assistance in deciphering the messages, including the NSA. The German Federal Office for Information Security (BSI) also provided administrative assistance. There, among others, the cryptologist Hans Dobbertin, who has since passed away, dealt with the cryptogram.

But the matter seemed hopeless. An RSA key with a length of 1,024 bits is still impossible to crack today – let alone with the means available in 1997. But then Hans Dobbertin realized that the encrypter had made a gross mistake. The BSI cryptologist realized this when he took the square root of the prime number product and found that it looked something like this:


In other words, the decimal point was followed by a conspicuous number of nines. Dobbertin drew the right conclusions from this observation: The many nines indicated that the two prime numbers used were close to each other. This allowed Dobbertin to determine these numbers and easily decipher the seemingly unsolvable cryptograms. A mathematician at the Austrian Ministry of Defense managed to do the same thing at about the same time. After four days, the Bajuwarische Befreiungsarmee cryptogram was solved.


Bajuwarische Befreiungsarmee shattered

The plaintext turned out to be inconsequential, according to the police. Nevertheless, investigators were soon able to put a stop to the Bajuwarische Befreiungsarmee when, during a routine check, a certain Franz Fuchs detonated an explosive device in an attempt to kill himself. This failed, and instead he blew off both his hands. It turned out that the alleged terrorist group consisted only of Fuchs. The latter took his own life in prison.

Fuchs later stated that he had deliberately built the vulnerability into the RSA encryption. Hans Dobbertin thought this was credible. Until his death, Dobbertin had an interesting question ready for his students: “How can I crack an RSA encryption if there is a series of nines in the root of the prime product after the decimal point?”


The cryptograms

I blogged about Franz Fuchs back in 2014. At that time, however, I did not know the terrorist’s RSA messages. A few days ago, blog reader John Haas informed me that they are partially printed in the following book from 1996:

Quelle/Source: John Haas

John thankfully sent me scans of the relevant pages right away. At the beginning is the cipher instruction:

Quelle/Source: Polizei Österreich

As can be seen, the term “RSA” does not appear in the letter. However, it is clear that Fuchs is describing the RSA process here. He also announces 15 encrypted pages. The book in question contains three of them:

Quelle/Source: Polizei Österreich

Quelle/Source: Polizei Österreich

Quelle/Source: Polizei Österreich


Open questions

Does a reader manage to decrypt these cryptograms? Are there any other pages from the letter publicly known? I would be very happy about support from my readers.

If you want to add a comment, you need to add it to the German version here.

Further reading: Die Verschlüsselungsverfahren der RAF-Terroristen (1)


Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.