From: stoll@as200.zi-mannheim.de
Date: Thu, 28 Mar 96 09:28:44 PST
To: cypherpunks@toad.com
Subject: Cypher of former eastern intelligence agency broken?
Message-ID: <9603281728.AA30292@as200.zi-mannheim.de>
MIME-Version: 1.0
Content-Type: text/plain


Here is an abstract of a report the German newsmagazine Focus
published on March 11, 1996 (p. 16) - "Spaete Ermittlungen gegen
Techno-Spione" (late/belated investigations against technology
spies). I do not include a translation of the whole original text
for copyright reasons.

"Specialists of the German Federal Police Agency (BKA) have decrypted
44 floppy disks from the former [East German] Ministry for State
Security" (MfS). A defector had handed over the floppies to the
German Federal Intelligence Agency (BND) in spring 1990. The disks
contain information on East German spies in former West Germany.
Judicial inquiries against 29 suspects have started now. Apparently,
the BKA got the data no sooner than 1994. This is because the BND did
not tell law authorities about the floppy disks. German federal DAs
learned about the data in late summer 1994 by chance. The article
does not say whether the defector came over with the keys. - Probably 
not, otherwise prosecution should have started much earlier. 

It is likely that the extremely paranoic MfS used a cipher and a key
length it believed to be sufficiently strong. According to Bruce
Schneier's Applied Cryptography East Germany was quite aware of DES,
it even produced DES chips. Another possibly strong algorithm used in
the former Soviet block is GOST (a block cipher derived from the
concepts of DES, also described by Schneier). Let us assume BKA
specialists have broken the code using a combination of
cryptoanalysis, brute force and good luck. They are policemen, not
espionage professionals. Further, the BKA is much smaller than the
FBI. Imagine what code breaking capabilities a well-funded, big
intelligence agency should have then!