Cryptography Reference
In-Depth Information
million dollars to bail him out. To everybody's surprise, he was fired after
he got back home and was requested to pay back the ransom. Obviously,
former and current employees got cold feet and told reporters that the allegation
against the firm might not have been totally unjustified after all. They hinted
that members of the NSA and the BND had designed and obviously 'reworked'
these machines 15 years earlier. Investigations in Switzerland yielded no results.
When the Swiss media brought the matter up despite Crypto AG suing against
it, the parties agreed on an out-of-court settlement just a couple of days before
witnesses were to be heard.
Crypto's reputation was largely damaged, of course. When rumors had it that
Crypto AG was an affiliate of Siemens AG, and that the ransom for Buhler
was said to have come from Siemens, Siemens were also pulled into the affair.
The impact was devastating. These ciphering machines had been used in the
diplomatic community in about 120 countries. Had the NSA eavesdropped on
everything? Restlessness spread everywhere, from Saddam Hussein to the Pope.
A spokesman of the Vatican even called the brains behind the affair 'bandits'.
Libya switched to products of the Swiss firm Greta Data Systems AG. They
were believed to also have been approached by the NSA
...
Anyway, this is how the NSA obtained (presumably via Israel) background
information on the aircraft bombing over Lockerbie, Scotland, as well as papal
secret messages, and Irish diplomatic messages during the British - Irish nego-
tiations in 1985 (in this case via the British GCHQ). But read the story; it is
as thrilling as only the real world can be.
I'm not telling you fairytales — an acquaintance of mine spoke with a former
employee of Crypto AG about the matter and heard more or less the same story
as reported. I know from that same source that keys had actually been hidden
in headers.
The consequences and implications caused by an encrypted key secretly infil-
trated can hardly be illustrated more dramatically! By the way, I find it rather
worrying that this Trojan cryptography was revealed by employees of Crypto
AG themselves only after a very long time, and not by analyzing the machines
sold. How hard must it be then to reveal the methods described in the following?
A Refinement By Means of Asymmetric Encryption
The method described here has another drawback theoretically, namely for
the intelligence agency that had this cute feature built in by the manufac-
turer. If the manufacturer encrypts the user password, then the key has to be
