28 July, 2015

The NSA's Long War on Encryption

How NSA and GCHQ spied on the Cold War world
American and British intelligence used a secret relationship with the founder of a Swiss encryption company to help them spy during the Cold War, newly released documents analysed by the BBC reveal.
...
Crypto AG sold its machines around the world, offering security.
But what customers did not know was that Hagelin himself had come to a secret agreement with the founding father of American code-breaking, William F Friedman.
...
The relationship, initially referred to as a "gentleman's agreement", included Hagelin keeping the NSA and GCHQ informed about the technical specifications of different machines and which countries were buying which ones.
The provision of technical details "is a revelation of the first order," says Paul Reuvers, an engineer who runs the Crypto Museum website.
"That's extremely valuable. It is something you would not normally do because the integrity and secrecy of your own customer is mandatory in this business."
...
In one document, Hagelin hints to Friedman he is going to be able "to supply certain customers" with a specific machine which, Friedman notes, is of course "easier to solve than the new models".

Previous reports of the deal suggested it may have involved some kind of backdoor in the machines, which would provide the NSA with the keys.
But there is no evidence for this in the documents (although some parts remain redacted).
Rather, it seems the detailed knowledge of the machines and their operations may have allowed code-breakers to cut the time needed to decrypt messages from the impossible to the possible.
The relationship also involved not selling machines such as the CX-52, a more advanced version of the C-52 - to certain countries.
"The reason that CX-52 is so terrifying is because it can be customised," says Prof Richard Aldrich, of the University of Warwick.
"So it's a bit like defeating Enigma and then moving to the next country and then you've got to defeat Enigma again and again and again."
Some countries - including Egypt and India - were not told of the more advanced models and so bought those easier for the US and UK to break.
In some cases, customers appear to have been deceived.
One memo indicates Crypto AG was providing different customers with encryption machines of different strengths at the behest of Nato and that "the different brochures are distinguishable only by 'secret marks' printed thereon".
Historian Stephen Budiansky says: "There was a certain degree of deception going on of the customers who were buying [machines] and thinking they were getting something the same as what Hagelin was selling everywhere when in fact it was a watered-down version."

Among the customers of Hagelin listed are Egypt, Iraq, Saudi Arabia, Syria, Pakistan, India, Jordan and others in the developing world.
In the summer of 1958, army officers apparently sympathetic to Egyptian President Gamal Abdel Nasser overthrew the regime in Iraq.
Historian David Easter, of King's College, London, says intelligence from decrypted Egyptian communications was vital in Britain being able to rapidly deploy troops to neighbouring Jordan to forestall a potential follow-up coup against a British ally.
The 1955 deal also appears to have involved the NSA itself writing "brochures", instruction manuals for the CX-52, to ensure "proper use".
One interpretation is these were written so certain countries could use the machines securely - but in others, they were set up so the number of possible permutations was small enough for the NSA to crack.

So the NSA was working to undermine encryption as late as the Second World War.  Good to know.

No comments:

Post a Comment