Crypto AG

From Wikipedia, the free encyclopedia

Crypto AG is a Swiss company specialising in communications and information security. With headquarters in Zug, the company is a long-established manufacturer of encryption machines and a wide variety of cipher devices. The company has about 230 employees, has offices in Abidjan, Abu Dhabi, Buenos Aires, Kuala Lumpur, Muscat, and Zug, and does business throughout the world.^[1]

Contents 1 History 2 Machines 3 Back-doored machines 4 References 5 External links

[edit] History

Crypto AG was established in Zug by Russian-born Swede, Boris Hagelin. Originally called AB Cryptoteknik and founded by Arvid Gerhard Damm in Stockholm in 1920, the firm manufactured the C-36 mechanical cryptograph machine that Damm had patented. After Damm's death, and just before World War II, Cryptoteknik came under the control of Boris Hagelin, an early investor, and during the War essentially operated in the United States, where 140,000 units were made under licence as C-38 (see M-209). In the early 1950s, it was transferred from Stockholm to Zug as a result of a planned Swedish government nationalisation of militarily important technology/contractors, and was incorporated in Switzerland in 1952.

Crypto AG has a sister company, InfoGuard AG.

[edit] Machines

• C-52
• CD-57
• HX-63

[edit] Back-doored machines

Crypto AG has been accused of rigging its machines in collusion with intelligence agencies such as the German Bundesnachrichtendienst (BND) and the United States National Security Agency (NSA), enabling such organisations to read the encrypted traffic produced by the machines.^[2] Suspicions of this collusion were aroused in 1986 following US president Ronald Reagan's announcement on national television that, through interception of diplomatic communications between Tripoli and the Libyan embassy in East Berlin, he had irrefutable evidence that Muammar al-Gaddafi of Libya was behind the 1986 Berlin discotheque bombing in which two US service personnel were killed and another fifty injured. President Reagan then ordered the bombing of Tripoli and Benghazi in retaliation.^[3]

Further evidence suggesting that the Crypto AG machines were compromised was revealed after the assassination of former Iranian Prime Minister Shahpour Bakhtiar in 1991. On August 7, 1991, one day before Bakhtiar's body was discovered, the Iranian Intelligence Service transmitted a coded message to Iranian embassies, inquiring "Is Bakhtiar dead?". Western governments were able to decipher this transmission, causing Iranian suspicion to fall upon their Crypto AG equipment.^[4]

The Iranian government then arrested in March 1992 in Tehran Crypto AG's top salesman, Hans Buehler, whom it accused of leaking their encryption codes to Western intelligence. Buehler was interrogated for nine months but, being completely unaware of any flaw in the machines, was released in January 1993 after Crypto AG paid a $1m ransom to Iran.^[5] Soon after Buehler's release Crypto AG dismissed him and charged him the $1m. Swiss media and the German magazine Der Spiegel took up his case in 1994, pursuing the question of whether Crypto's machines had in fact been rigged by Western intelligence.^[6]

Crypto AG rejected these accusations as "pure invention", asserting in a press release that "in March 1994, the Swiss Federal Prosecutor's Office initiated a wide-ranging preliminary investigation against Crypto AG, which was completed in 1997. The accusations regarding influence by third parties or manipulations, which had been repeatedly raised in the media, proved to be without foundation.". Subsequent commentators ^{[7][8][9][10]} are unmoved by this denial, stating that it is likely that Crypto AG products were indeed rigged.

[edit] References

1. ^ Headquarters and regional offices worldwide. Crypto AG. Retrieved on 2008-01-06.
2. ^ ""Wer ist der befugte Vierte?" Geheimdienste unterwandern den Schutz von Verschl‚àö¬∫sselungsger‚àö¬ßten", Der Spiegel, pp. 206-207. 36/96. (German) Archived from [ the original] on 1997-03-08.  English translation on the Cryptome website: "Who is the authorized fourth?"
3. ^ Operation El Dorado Canyon
4. ^ Madsen, Wayne. "Crypto AG: The NSA's Trojan Whore?", Covert Action Quarterly, 1999. 
5. ^ Schneier, Bruce (2004-06-15). Breaking Iranian codes. Crypto-Gram newsletter.
6. ^ Shane, Scott; Tom Bowman. "No Such Agency, part four: Rigging the game", The Baltimore Sun, 1995-12-04, pp. 9-11. Archived from [ the original] on 1997-03-08. 
7. ^ De Braeckeleer, Ludwig. "The NSA-Crypto AG Sting", OhmyNews, 2007-12-29. Archived from the original on 2007-12-29. 
8. ^ Grabbe, J. Orlin (1997-11-02). NSA, Crypto AG, and the Iraq-Iran conflict.
9. ^ Schneier, Bruce (2008-01-11). NSA Backdoors in Crypto AG Ciphering Machines. Schneier on Security blog.
10. ^ Baranyi, Laszlo (1998-11-11). The story about Crypto AG.

[edit] External links

• Crypto AG home page
• De Braeckeleer, Ludwig. "The NSA-Crypto AG sting: for years US eavesdroppers could read encrypted messages without the least difficulty", OhmyNews, 2007-12-29. Retrieved on 2008-01-06.