From: Steve Schear <steve@lvdi.net>
Date: Tue, 4 Nov 1997 10:08:38 +0800
To: cypherpunks@Algebra.COM
Subject: Re: NSA, Crypto AG, and the Iraq-Iran Conflict
In-Reply-To: <BkQsuF3gzq4QYXew9s4okA==@bureau42.ml.org>
Message-ID: <v03102802b084195fcf84@[208.129.55.202]>
MIME-Version: 1.0
Content-Type: text/plain



At 5:17 PM +0000 11/3/1997, bureau42 Anonymous Remailer wrote:
>       NSA, Crypto AG, and the Iraq-Iran Conflict
>
>                    by J. Orlin Grabbe
[snip]
>	Crypto AG eventually paid one million dollars for
>Buehler's release in January 1993, then promptly fired
>him once they had reassured themselves that he hadn't
>revealed anything important under interrogation, and
>because Buehler had begun to ask some embarrassing
>questions. Then reports appeared on Swiss television,
>Swiss Radio International, all the major Swiss papers, and
>in German magazines like Der Spiegel.  Had Crypto AG's
>equipment been spiked by Western intelligence services?
>the media wanted to know. The answer was Yes [4].
>
[snip]
>
>	Representatives from NSA visited Crypto AG
>often. A memorandum of  a secret workshop at Crypto
>AG in August 1975, where a new prototype of an
>encryption device was demonstrated, mentions the
>participation of Nora L. Mackebee, an NSA
>cryptographer. Motorola engineer Bob Newman says that
>Mackebee was introduced to him as a "consultant".
>Motorola cooperated with Crypto AG in the seventies in
>developing a new generation of electronic encryption
>machines.   The Americans "knew Zug very well and gave
>travel tips to the Motorola people for the visit at Crypto
>AG," Newman told Der Spiegel.
>
>	Knowledgeable sources indicate that the Crypto
>AG enciphering process, developed in cooperation with
>the NSA and the German company Siemans, involved
>secretly embedding the decryption key in the cipher text.
>Those who knew where to look could monitor the
>encrypted communication, then extract the decryption key
>that was also part of the transmission, and recover the
>plain text message.  Decryption of a message by a
>knowledgeable third party was not any more difficult that
>it was for the intended receiver.  (More than one method
>was used.  Sometimes the algorithm was simply deficient,
>with built-in exploitable weaknesses.)

As I recall, this topic came up during a Cylink management meeting I
attended in late '92.  My recollection was that Cylink was asked by the
NSA/CIA to 'alter' some of its crypto units, which supposedly were being
sought by a Columbian cartele.  The party line was that we refused.  I
didn't follow up since I wasn't the product manager of that series.

--Steve