List Info

Thread: Fwd: For years US eavesdroppers could read encrypted messages without the least difficulty
Fwd: For years US eavesdroppers could read encrypted messages without the least difficulty
country flaguser name
United States		 2007-12-29 12:40:27 

Begin forwarded message:

From: Eugen Leitl <eugenleitl.org>
Date: December 29, 2007 9:16:49 AM EST
To: ttpostbiota.org, infopostbiota.org,
cypherpunksal-qaeda.net
Subject: [silk] For years US eavesdroppers could read
encrypted  
messages without the least difficulty

From: Gautam John <gkjohngmail.com>
Subject: [silk] For years US eavesdroppers could read
encrypted messages
	without the least difficulty
To: silklistlists.hserus.net
Date: Sat, 29 Dec 2007 19:38:28 +0530
Reply-To: silklistlists.hserus.net


Sat, 29 Dec 2007 04:02:00
By Ludwig De Braeckeleer

(OhMyNews) -- For decades, the US National Security Agency
(NSA) has
been reading effortlessly ultra sensitive messages
intercepted from
all parts of the world. This extraordinary feat was not the
consequence of the work of some genius cyber mathematician.
Nor was it
the result of the agency dominance in the field of super
computers,
which allegedly have outpaced their most direct rivals by
orders of
magnitude. The truth is far simpler and quite troubling. The
game was
rigged.

For half a century, Crypto AG, a Swiss company located in
Zug, has
sold to more than 100 countries the encryption machines
their
officials rely upon to exchange their most sensitive
economic,
diplomatic and military messages. Crypto AG was founded in
1952 by the
legendary (Russian born) Swedish cryptographer Boris
Hagelin. During
World War II, Hagelin sold 140,000 of his machine to the US
Army.

"In the meantime, the Crypto AG has built up long
standing cooperative
relations with customers in 130 countries," states a
prospectus of the
company. The home page of the company Web site says,
"Crypto AG is the
preferred top-security partner for civilian and military
authorities
worldwide. Security is our business and will always remain
our
business."

And for all those years, US eavesdroppers could read these
messages
without the least difficulty. A decade after the end of
WWII, the NSA,
also known as No Such Agency, had rigged the Crypto AG
machines in
various ways according to the targeted countries. It is
probably no
exaggeration to state that this 20th century version of the
"Trojan
horse" is quite likely the greatest sting in modern
history.

In effect, US intelligence had spies in the government and
military
command of all these countries working around the clock
without ever
risking the possibility of being unmasked.

An Old and Venerable Company

In the aftermath of the Islamic revolution, Iran, quite
understandably, would no longer trust encryption equipment
provided by
companies of NATO countries.

The Swiss reputation for secrecy and neutrality lured
Iranians to
Crypto AG, an old and venerable company. They never imagined
for a
moment that, attached to the encrypted message, their Crypto
machines
were transmitting the key allowing the de scri ption of
messages they
were sending. The scheme was perfect, undetectable to all
but those
who knew where to look.

Crypto AG, of course, denied the allegations as "pure
invention." In
1994, the company issued a message in the Swiss press,
stating that
"manipulation of Crypto AG equipment is absolutely
excluded."

On the Wikipedia page of Crypto AG, one can read:
"Crypto AG rejected
these accusations as pure invention, asserting in a press
release that
in March 1994, the Swiss Federal Prosecutor's Office
initiated a
wide-ranging preliminary investigation against Crypto AG,
which was
completed in 1997. The accusations regarding influence by
third
parties or manipulations, which had been repeatedly raised
in the
media, proved to be without foundation."

However, meetings between a NSA cryptographer and Crypto AG
personnel
to discuss the design of new machines have been factually
established.
The story was also confirmed by former employees and is
supported by
company documents. Boris Hagelin is said to have acted out
of
idealism. What is certain is that the deal for Crypto AG was
quite
juicy. In return for rigging their machines, Crypto AG is
understood
to have been granted export licenses to all entities
controlled by the
NSA.

Early Hints

A book published in 1977 by Ronald Clark (The Man Who Broke
Purple:
The Life of Colonel William F. Friedman) revealed that
William F.
Friedman, another Russian-born genius in the field of
cryptography (he
deciphered the Japanese code in World War II) and onetime
special
assistant to the NSA director, had visited Boris Hagelin in
1957.
Friedman and Hagelin met at least on two other occasions.
Clark was
urged by the NSA not to reveal the existence of these
meetings for
national security reasons. In 1982, James Bamford confirmed
the story
in his book on the NSA: The Puzzle Palace. The operation was
codenamed
the "Boris project." In effect, Friedman and
Hagelin had reached an
agreement that was going to pave the way to cooperation of
Crypto AG
with the NSA.

Despite these very obvious hints, countries such as Iran,
Iraq and
Libya continued using the Crypto AG machines for encrypting
their
messages. And so did the Vatican, among many other
entities.

Persian Suspicions

In 1987, ABC News Beirut correspondent Charles Glass was
taken hostage
for 62 days in Lebanon by Hezbollah, the Shi'ite Muslim
group widely
believed to have been founded by Ali Akbar Mohtashemi, when
he was
Iranian ambassador to Syria in the early 1980s.

Washington claimed that NSA had intercepted coded Iranian
diplomatic
cables between Iran's embassies in Beirut and the Hezbollah
group.
Iranians began to wonder how the US intelligence could have
broken
their code.

After the USS Vincennes shot down an Iranian Airbus over the
Persian
Gulf on July 3, 1988, "Iran vowed that the skies would
rain with
American blood." A few months later, on Dec. 21, a
terrorist bomb
brought down Pan Am Flight 103 over Lockerbie, Scotland.

Once more, NSA intercepted and decoded a communication of
Iranian
Interior Minister Ali Akbar Mohtashemi linking Iran to the
bombing of
Pan Am 103.

One intelligence summary, prepared by the US Air Force
Intelligence
Agency, was requested by lawyers for the bankrupt Pan
American
Airlines through the Freedom of Information Act.

"Mohtashemi is closely connected with the Al Abas and
Abu Nidal
terrorist groups. He is actually a long-time friend of Abu
Nidal. He
has recently paid 10 million dollars in cash and gold to
these two
organizations to carry out terrorist activities and was the
one who
paid the same amount to bomb Pan Am Flight 103 in
retaliation for the
US shoot-down of the Iranian Airbus."

Moreover, Israeli intelligence intercepted a coded
transmission
between Mohtashemi in Teheran and the Iranian Embassy in
Beirut
concerning the transfer of a large sum of money to the
Popular Front
for the Liberation of Palestine-General Command, headed by
Ahmed
Jibril, as payment for the downing of Pan Am 103.

The Iranians were now at a loss to explain how Western and
Israeli
intelligence agencies could so easily defeat the security of
their
diplomatic traffic. The ease with which the West was reading
Iranian
coded transactions strongly suggested that some may have
possessed the
decryption keys.

The Bakhtiar Murder

In April 1979, Shahpour Bakhtiar was forced to leave Iran as
the last
prime minister of the Shah. He returned to France where he
lived in
the west Paris suburb of Suresnes. In July 1980, he nearly
escaped an
assassination attempt. On Aug. 6, 1991, Bakhtiar and his
personal
secretary Katibeh Fallouch were murdered by three
assassins.

Two of them fled to Iran, but the third, Ali Vakili Rad,
was
apprehended in Switzerland. One of the six alleged
accomplices, Zeyal
Sarhadi was an employee of the Iranian Embassy in Berne and
a
great-nephew of former president of Iran Hasemi Rafsanjani.
Both men
were extradited to France for trial.

On the day of his assassination and one day before his body
was found
with his throat slit, the Teheran headquarters of the
Iranian
Intelligence Service, the VEVAK, transmitted a coded message
to
Iranian diplomatic missions in bond, Paris, Bonn and Geneva.
"Is
Bakhtiar dead?" the message asked.

Switzerland's Neue Zurcher Zeitung reported that the U.S.
had provided
the contents of encrypted Iranian messages to France to
assist
Investigating Magistrate Jean Louis Bruguiere in the
conviction of Ali
Vakili Rad and one of his alleged accomplices Massoud Hendi.
This
information was confirmed by L' Express.

The NSA interception and decoding of the message led to the
identification of the murderers before the murder was
discovered. From
the Swiss and French press reports, Iranians now knew that
British and
American SIGINT operators had intercepted and decoded the
crucially
embarrassing message. Something was definitely wrong with
their
encryption machines.

The Buehler Arrest

Hans Buehler was a top Crypto AG salesman who had worked at
the Zug
company for 13 years. In March 1992, Buehler, a strongly
built
cheerful man in his 50s, was on his 25th trip to Iran on
behalf of
Crypto AG.

Then, on March 18, he was arrested. Iranian intelligence
agents
accused him of spying for the United States as well as
Germany.
Buehler was held in solitary confinement in the Evin prison
located in
the north of Tehran. He was interrogated everyday for five
hours for
more than nine months.

"I was never beaten, but I was strapped to wooden
benches and told I
would be beaten. I was told Crypto was a spy center that
worked with
foreign intelligence services."

Buehler never confessed any wrongdoing on his part or on the
part of
Crypto AG. It appeared that he had acted in good faith and
the
Iranians came to believe him. "I didn't know that the
equipment was
bugged, otherwise the Iranians would have gotten it out of
me by their
many methods."

Back to Switzerland

In January 1993, after nine months of detention, Crypto AG
[or was it
Siemens?] paid US$1 million to secure Buehler's freedom.
During the
first weeks after his return to Switzerland, Buehler's life
was once
again beautiful. The euphoria did not last long. Once more,
his life
came to an abrupt change. Crypto fired him and demanded
repayment of
the $1 million provided to Tehran for his liberation.

Back to Zug, Buehler began to ask some embarrassing
questions about
the Iranian allegations. And the answers tended to back up
Iranian
suspicions. Soon, reports began to appear on Swiss
television and
radio. Major Swiss newspapers and German magazines such as
Der Spiegel
picked up the story. Most, if not all, came to the
conclusion that
Crypto AG's equipment had been rigged by one or several
Western
intelligence services.

Buehler was bitterly disappointed. He felt nothing short of
having
been betrayed by his former employer. During all these
years, Buehler
never thought for a second that he had been unknowingly
working for
spies. Now, he was sure that he had done so.

Buehler contacted several former Crypto AG employees. All
admitted to
him, and eventually to various media, that they believed
that the
company had long cooperated with US and German intelligence
agencies.

The Truth Emerges

One of these former engineers told Buehler that he had
learned about
the cooperation from Boris Hagelin Jr., the son of the
company's
founder and sales manager for North and South America. In
the 1970s,
while stranded in Buenos Aires, Boris Hagelin Jr. confided
that he
thought his father had been wrong to accept rigging the
Crypto AG
machines.

Stunned by the revelation, the engineer decided to take this
matter
directly to the head of Crypto AG. Boris Hagelin confirmed
that the
encryption methods were unsafe.

"Different countries need different levels of security.
The United
States and other leading Western countries required
completely secure
communications. Such security would not be appropriate for
the Third
World countries that were Crypto's customers," Boris
Hagelin explained
to the baffled engineer. "We have to do it."

The NSA-Crypto AG Collaboration

A Crypto AG official document describes an August 1975
meeting set up
to demonstrate the capacity of a new prototype. The
memorandum lists
among the participants Nora L. Mackebee, who, like her
husband, was an
NSA employee. Asked about the meeting, she merely replied:
"I cannot
say anything about it."

During the '70s, Motorola helped Crypto AG in making the
transition
from mechanical to electronic machines. Bob Newman was among
the
Motorola engineers working with Crypto AG. Newman remembers
very well
Mackebee but says that he ignored that she was working for
the NSA.

Juerg Spoerndli left Crypto AG in 1994. He helped design the
machines
in the late '70s. "I was ordered to change algorithms
under mysterious
circumstances" to weaker machines," says Spoerndli
who concluded that
NSA was ordering the design change through German
intermediaries.

"I was idealistic. But I adapted quickly b& the new
aim was to help Big
Brother USA look over these countries' shoulders. We'd say
'It's
better to let the USA see what these dictators are
doing,'" Spoerndli
says.

"It's still an imperialistic approach to the world. I
do not think
it's the way business should be done," Spoerndli adds.

Ruedi Hug, another former Crypto AG technician, also
believes that the
machines were rigged.

"I feel betrayed. They always told me that we were the
best. Our
equipment is not breakable, blah, blah, blah. Switzerland is
a neutral
country."

Crypto AG vs. Buehler

Crypto AG called these allegations "old hearsay and
pure invention."
When Buehler began to suggest openly that there may be some
truth to
them, Crypto AG not only dismissed him on the spot, but also
filed a
legal case against him.

Yet Crypto AG settled the case out of court, in November
1996, before
other former Crypto AG employees could provide evidence in
court that
was likely to have brought embarrassing details to light.

No one has heard from Buehler since the settlement. "He
made his
fortune financially," whispers an insider.

A Fuzzy Ownership

The ownership of Crypto AG has been to a company in
Liechtenstein, and
from there back to a trust company in Munich. Crypto AG has
been
described as the secret daughter of Siemens but many believe
that the
real owner is the German government.

Several members of Crypto AG's management had worked at
Siemens. At
one point in time, 99.99 percent of the Crypto AG shares
belonged to
Eugen Freiberger, the head of the Crypto AG managing board
in 1982.
Josef Bauer was elected to the managing board in 1970.
Bauer, as well
as other members of Crypto AG management, stated that his
mandate had
come from the German company Siemens.

The German secret service, the Bundesnachrichtendienst
(BND), is
believed to have established the Siemens' connection. In
October 1970,
a secret meeting of the BND had discussed how the Swiss
company
Graettner could merge with it. "The Swedish company
Ericsson could be
influenced through Siemens to terminate its own
cryptographic
business," reads the memo of the meeting.

A former employee of Crypto AG reported that he had to
coordinate his
developments with the "central office for encryption
affairs" of the
BND, also known as the "people from Bad
Godesberg."

American "watchers" demanded the use of certain
encryption codes and
the "central office for encryption affairs"
instructed Crypto AG what
algorithms to use to create these codes.

Bakhtiar Murder Trial

"In the industry everybody knows how such affairs will
be dealt with,"
says a former Crypto engineer. "Of course such devices
protect against
interception by unauthorized third parties, as stated in
the
prospectus. But the interesting question is: Who is the
authorized
fourth?"

On Dec. 6, 1994, a special French terrorism court convicted
two
Iranians of murdering Bakhtiar. Vakili Rad was sentenced to
life in
prison. But, to the dismay of all observers, Sarhadi was
acquitted.

"Justice has not been entirely served for reasons of
state,"
complained Bakhtiar's widow.

It appears indeed that France, Switzerland, the German BND
and the NSA
decided to let Sarhadi go free in order to preserve the
"secrecy" of
the Crypto AG cooperation with the NSA.

In 1991, the US and the U.K. indicted two Libyans for the
bombing of
Pan Am 103. To the surprise of many observers, the
indictment did not
mention those believed to have contracted the act of terror
in spite
of the fact that their guilt had been established by the
interception
of official communications by several intelligence
agencies.

To many observers, justice was not served at the Lockerbie
trial.
Could it be that the US and U.K. governments decided to
sacrifice the
truth in order to preserve the (in)efficiency of their
intelligence
apparatus?



Ludwig De Braeckeleer has a Ph.D. in nuclear sciences. He
teaches
physics and international humanitarian law. He blogs on
"The
GaiaPost."








http://ww
w.inteldaily.com/?c=169&a=4686

----------

-- 
Eugen* Leitl <a href="http://leit
l.org">leitl</a> http://leitl.org
____________________________________________________________
__
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29
F6BE


------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )