back to article Swiss spies knew about Crypto AG compromise – and kept it from govt overseers for nearly 30 years

Swiss politicians only found out last year that cipher machine company Crypto AG was (quite literally) owned by the US and Germany during the Cold War, a striking report from its parliament has revealed. The company, which supplied high-grade encryption machines to governments and corporations around the world, was in fact …

  1. Yet Another Anonymous coward Silver badge

    Shocked

    Bits of the Swiss gov't have a 'flexible attitude' to doing the right thing and other bits have an even more flexible attitude to finding out

    1. Anonymous Coward
      Anonymous Coward

      Re: Shocked

      Let's not talk about banking.....where there is definately a tendancy to be very flexible.....especially with the "difficult to determine the exact provenance of huge sums of money brought in on private jets... "

      1. katrinab Silver badge
        Flame

        Re: Shocked

        That would banks based in London and Edinburgh.

        1. Abominator

          Re: Shocked

          Denmark and Sweden actually.

          1. don't you hate it when you lose your account Silver badge

            Re: Shocked

            It's actually run from the planet of the shape shifting alien lizard overloads. QAnus all the way

        2. NoneSuch Silver badge
          FAIL

          Re: Shocked

          Don't be naïve.

          Any money in UK banks went to Lichtenstein the day after BREXIT results were posted. Most of it, I imagine, converted to Euros by people connected with the "Leave" vote before the Pound declined.

      2. Jurassic Hermit

        Re: Shocked

        It's unfortunate that you're not "shocked" by the City of London, Delaware, and the numerous British overseas islands.

  2. Anonymous Coward
    Anonymous Coward

    Cheese

    Not only chocolate, we also have excellent cheese.

    1. Little Mouse Silver badge

      Re: Cheese

      And let's not forget the brotherly love and five hundred years of democracy and peace.

      1. Schultz
        Happy

        "let's not forget the brotherly love"

        within your community, because nobody likes those drivers from Aargau, the arrogant French-speaking bits (assuming you are not part of it), the inflexible German speaking bits (If you are not part of it), the neighboring Kanton, the rich Zürich bankers, the foreigners (especially the Germans if you live near that border, or the Italians if you live near that border) ... you get the idea.

        Still, the brother you hate is better than the brother across the border, who threatens your strategic cheese supplies. That does explain 500 years of peace and democracy nicely, doesn't it?

        1. sev.monster Bronze badge

          Re: "let's not forget the brotherly love"

          So everyone hates eachother equally, evening it put, but hates other countries more? Sounds like my kind of place.

        2. Jurassic Hermit

          Re: "let's not forget the brotherly love"

          We may all disagree...but we agree to disagree.

          Switzerland is the best example of 'Entente Cordiale' ever....

      2. Anonymous Coward
        Anonymous Coward

        Re: Cheese

        democracy based on a gender base until fairly recently (historically speaking...)

        IIRC universal sufferage since 1917

        1. Anonymous Coward
          Anonymous Coward

          Re: Cheese

          You have a typo.

          Wikipedia page "Women's Suffrage in Switzerland" gives a date of 1st Feb 1971 for when women got the vote in federal elections. The last canton to give women the vote on local matters did so in 1990.

          "A previous referendum on women's suffrage was held on 1 February 1959 and was rejected by the majority (67%) of Switzerland's men."

      3. Claptrap314 Silver badge

        Re: Cheese

        My Anabaptist forebearers have a thing or two to say about that "brotherly love" even two hundred years ago...

    2. Andy Non Silver badge

      Re: Cheese

      And nobody could forget your cuckoo clocks. ;-)

      1. TimMaher Silver badge
        Flame

        Re: Cukoo clocks

        Bavaria, Bavaria! dammit!

        1. Eclectic Man Silver badge

          Re: Cukoo clocks

          Blame Orson Welles in 'The Third Man' for associating Switzerland with Cuckoo clocks. (Good film, catchy tune too.)

      2. Jurassic Hermit

        Re: Cheese

        cuckoo clocks are German originally...

    3. Eclectic Man Silver badge

      Re: Cheese

      And watches, lovely, expensive, wristwatches.

      1. MiguelC Silver badge
        Joke

        Re: Cheese

        Yes, yes, I'll give you that, but apart from those, what have the Swiss ever made for us?

        1. Andy Non Silver badge
          Coat

          Re: Cheese

          Swiss rolls, Swiss cheese plants and the Swiss army knife? ;-)

          1. Anonymous Coward
            Anonymous Coward

            Re: Cheese

            banking secrecy to hide your well-deserved bonuses? That was before those cds, mind you...

        2. AGOO

          Re: Cheese

          and clogs.

          erm no that's wrong.

          How about ridiculously long tunnels?

          1. Anonymous Coward
            Anonymous Coward

            Re: Cheese

            "How about ridiculously long tunnels?"

            ...with high explosives embedded in them, ready to cut of access if necessary.

        3. Eclectic Man Silver badge

          Re: Cheese

          Mathematics: Leonhard Euler was pretty good at maths.

          https://en.wikipedia.org/wiki/Leonhard_Euler

          Switzerland also has gnomes, apparently:

          https://en.wikipedia.org/wiki/Gnomes_of_Zürich

          (A bit like the Goblins in Gringotts Bank in Dragon Alley, London, I presume.)

        4. Fruit and Nutcase Silver badge

          Re: Cheese

          fondue set cuddly toy

          Ignore that - forget where I was

          1. This post has been deleted by its author

      2. Alan Brown Silver badge

        Re: Cheese

        wristwatches frequently made from near-complete chinese blanks

        Yes really

        1. Eclectic Man Silver badge
          Facepalm

          Re: Cheese

          Nooooooooooooooooooo!

          I thought they were hewn from the living steel / gold / whatever one atom at a time by Norns whose sole joy is to think of the profit they make from mugs like me (Breitling chronometre , electronic, accurate to within 15 seconds per year, steel bracelet, battery replacement a snip at £150.00 every three years). It definitely says SWISS MADE on the dial.

          <sulks>.

    4. Fruit and Nutcase Silver badge

      Re: Cheese

      "Professor Alan Woodward of the University of Surrey told The Register: "The Swiss seem to find themselves in a bit of a pickle.

      Just need a couple of slices of bread to make a (Swiss) Cheese and Pickle Sandwich.

      Suddenly, I am hungry

    5. NetBlackOps Bronze badge

      Re: Cheese

      Some fine beer. I'm partial to Hopfenperle Feldschlossen (and yes, missing umlauts in there).

    6. JCitizen Bronze badge
      Devil

      Re: Cheese

      "Not only chocolate, we also have excellent cheese."

      And apparently the encryption machines were made of it too; or at least as leaky!

    7. Jurassic Hermit

      Re: Cheese

      ...and let's not even mention the wine, which thankfully almost nobody outside of CH has heard of.

  3. Version 1.0 Silver badge

    Or maybe...

    "If the legal framework allowed the American intelligence service and foreign intelligence services to jointly use a company to seek information on foreigners, such collaboration had a great political significance, then we are very happy that the American political leaders were not informed."

    I don't think that this is any surprise, regardless of which political party you may support, the intelligence services normally do their work for the country, not politicians. The political leaders are only updated when the services think that it's necessary.

  4. Anonymous Coward
    Anonymous Coward

    How now brown cow?

    Cisco, Cisco anyone?

  5. katrinab Silver badge
    Flame

    So the people who accuse the Chinese Government of installing secret back-doors in Huawei products are themselves installing secret backdoors in products.

    Who would have guessed?

    1. HildyJ Silver badge
      Devil

      It's like the old attitude towards sex - everybody does it but nobody mentions it.

      1. Anonymous Coward
        Anonymous Coward

        Sex? I mention it, but never do it :-(

    2. AGOO

      ah but

      Ahh but don't you mean the Chinese totalitarian state with a penchant for tidy Uyghur concentration camps?

    3. Blazde Silver badge

      This is why they're so sure the Chinese Government are doing it, and we should probably believe them over the the deniers. Because it takes one to know one.

    4. Jurassic Hermit

      Who is Huawei?

      You surely mean Wah-way...?

  6. Claverhouse Silver badge
    Meh

    Necessary Costs

    A Secret Service informing politicians, government departments, and parliaments of such things would find them leaked before breakfast.

    Back then they might as well have informed the KBG by postcard.

    1. Mark192

      Re: Necessary Costs

      Claver house said "A Secret Service informing politicians, government departments, and parliaments of such things would find them leaked before breakfast"

      This.

    2. Chris G Silver badge

      Re: Necessary Costs

      There is a great deal that is kept on a 'need to know basis', that in the opinion of many intelligence services the politicians don't need to know.

      1. Intractable Potsherd Silver badge

        Re: Necessary Costs

        "... in the opinion of many intelligence services". Therein lies the problem - they aren't objective. Who watches the paranoid arseholes with dubious loyalties?

  7. Anonymous Coward
    Anonymous Coward

    Wider government only told of encryption machine nobbling a year after it ended

    here's a poser: was it because the spooks wanted to give their paymasters time to sort out their finances, or was it because they wanted to gather "kompromat" on them? There's this third option, i.e. nobody's above the law, but... well, the third option is generally for little people, plebs and such...

    1. JimboSmith Silver badge

      Re: Wider government only told of encryption machine nobbling a year after it ended

      I somehow doubt that if they knew the machines were compromised that they would allow their government to use them. I think the Russians and the Chinese avoided them anyway because they were suspicious anyway.

      1. Alan Brown Silver badge

        Re: Wider government only told of encryption machine nobbling a year after it ended

        "I think the Russians and the Chinese avoided them anyway because they were suspicious anyway."

        Pretty much this. On the other hand the British and CIA heavily pushed these things on their "allies"

        HINT: if someone's really keen for you to use something, there's usually an ulterior motive.

        1. Anonymous Coward
          Anonymous Coward

          Re: Wider government only told of encryption machine nobbling a year after it ended

          Well we did offer some, now redundant, Enigma machines to to our less friendly 'allies' after WW2 while forgetting to tell them we had broken the encryption

  8. Anonymous Coward
    Anonymous Coward

    So sorry

    This just shows that intelligence agencies are out of control. Maybe they even inform or ask permission from the government for this compromise.

    I'm sorry, but someone will have to endure a mock execution for this. Hang them for ten seconds and if they survive they'll be cut down. If they don't, well bad luck.

    1. Anonymous Coward
      Anonymous Coward

      Re: So sorry

      > I'm sorry, but someone will have to endure a mock execution for this.

      Seeing as you volunteer…

    2. JCitizen Bronze badge
      Trollface

      Re: So sorry

      This is why we must learn to love the bomb, because the fear of it leads to evil that is even worse!

  9. Anonymous Coward
    Anonymous Coward

    Just like you can't be a little bit pregnant, if the crypto is weakened then you have to assume your communications are no longer secure

    I think this boolean interpretation of crypto security is a little bit overdone. In practice, if the crypto is sufficiently hard to decrypt that other methods to obtain the same information are much simpler, then it is not useful to look deeper.

    1. Blazde Silver badge

      It's not exactly boolean, but there's a thin fragile line between very secure and very insecure, and a small 'in' can easily take you over that line without anyone else realising.

      Most of the other methods you're probably thinking of would be disfavoured by intelligence agencies because they're significantly less covert than subverting crypto, which in this case was done while there were little more than rumours about it for ~60 years.

      The other methods also become simpler if your adversary sleeps easy wrongly believing their crypto is keeping them safe.

    2. MachDiamond Silver badge

      " if the crypto is sufficiently hard to decrypt that other methods to obtain the same information are much simpler, then it is not useful to look deeper."

      As long as the source is the same. A big component of intelligence is knowing where the information comes from. If decryption means you are getting it directly, that's a big thing.

  10. Anonymous Coward
    Anonymous Coward

    But then some of the AC community.....

    .....have been using private ciphers to protect messaging BEFORE OUR MESSAGES enter any public channel.

    *

    How hard is it to understand that with this approach, IT DOES NOT MATTER IF THE SPOOKS ARE USING BACKDOORS? Cisco, Jupiter, Crypto AG.......NSA, GCHQ, Russian spooks, Chinese spooks.....eat your hearts out.

    *

    And the proliferation of private ciphers is just making the job of "government spook" harder with every new private cipher in use.

    *

    I know, I know......private ciphers are known to be "very weak". So what?

    *

    051k0UC319e4083J0dw81TG30zT011EB0=dA0QMW

    0SFi01jN1Hm=0wdX0wC50U1w0xMQ1Jue1esn0vsS

    0y7W0tzY0lQk1ZlP0r3q0uef0Q1b0Ikw0pRY13nJ

    1JZz0B$U16$F1YYy0Mhg1U9b1X6I1TyX0GLZ13vj

    0AnB0bFO0QhV1Ide0RKc0mPj1Ocz0T7j1LR$0ZhT

    0bOF1cH90VAV1Ras0JuT0gMD0KnZ1UPr0UgB0NMB

    0DAH0Dwe0L3v1O7b0Anl1WqJ0O0r1NvQ198X012e

    1UOK0Z800TQJ0qqg0Rlu1P250AI40Bik15FF1fcY

    1gJE06Iq1CwD1lNx0ket05uh1TCj1O95052D1TOO

    1iyt0e1r0HU51OPt1dZ51gEp0g=w0lRb0Kem1buV

    0l930XXf112d08Rw0GMA0hTr147z0=6s1eIE1Abh

    1E9H1L=g0GvQ0f2T0wkW0QYF05r40RNI1KCU01xK

    00590m8t0PzM00Gy0D$a00id0DIm1jSa0LQF0EP6

    1JqH02Q110v91ARc1l2$0mtg0nM20aK70upd1EQk

    1M=g0ogw02dT01SV11CX0NXW1lBM0ru81J4c0M4P

    0dy60YG=1kQX1Abz0dSV1ZKt02tv0RWq05RB0bdA

    0qXN0fd306Fi1LLa1OpH0KUg1kUg1OKJ1mI71G24

    1i3C1G=n0JKx0RdN0rNV0oDm104e1lmV0IpL10lA

    0$NC1Swy16x41loL0maF10t60IAz07MW1Zjn0EGw

    0hdm160r0kbD1i1f0rs71M6b027Z0IDV0PJQ0hqe

    1jer0IYX0Rhl1TSN1f2y1H4E

    *

    1. Anonymous Coward
      Anonymous Coward

      Re: But then some of the AC community.....

      oL0ma0JKx0RLLa1O

      1. Aussie Doc Bronze badge
        Pint

        Re: But then some of the AC community.....

        Easy for you to say.

        1. stiine Silver badge
          Pint

          Re: But then some of the AC community.....

          Can I get mine with a side of chips?

  11. John Smith 19 Gold badge
    Unhappy

    "if the crypto is weakened then you have to assume your communications are no longer secure.""

    Words to live by.

    Sadly.

  12. UCAP Silver badge
    Meh

    Many years ago ...

    ... I was a part of a development team who were building (at a colossal cost) a SATCOM network for customer who I had better not name. Since they were not a part of NATO they had no access to UK/US military-grade cryptos, so elected to use high-grade crypto devices from CryptoAG. I am now wondering just what they are thinking now knowing that their supposedly secure network is an open book to both the CIA and BUD - bet they are definitely not happy bunnies at the moment.

    1. R Soul
      FAIL

      Re: Many years ago ...

      Your former employer must be world class idiots if they were gullible enough to believe the sales brochures and marketroids that said these devices were secure.

      Even if the CryptoAG kit hadn't been nobbled, the sensible approach would be to assume the major sigint players could crack the cyphertext and not use these devices for the really important stuff.

      Besides, many countries don't care if Russia, USA. China, etc can break their day-to-day crypto. They assume that happens and just suck it up. What matters to them is their neighbours/regional rivals can't read their encrypted traffic. The weakened CryptoAG hardware is likely to be good enough to pass that test.

    2. Alan Brown Silver badge

      Re: Many years ago ...

      I knew spooks from my own country who privately said they suspected their encrypted comms were bugged by the americans and layered their own crypto over the top (including one time pads - which are still hard to breach)

      The problem with using crypto is that unless you use high level crypto for EVERYTHING (including the laundry list), then everything encrypted is obviously a high value target woorthy of expending effort to obtain

      1. Anonymous Coward
        Anonymous Coward

        Re: Many years ago ...

        when used properly, one-time pads are impossible to break.

        using high-level crypto for EVERYTHING is very, very stupid - especially for low-grade dreck like a laundry list because stuff like that makes known plaintext attacks easier. it also increases the probability of a fuck-up with key management and bad/sloppy crypto practices like sending the same message with different keys or algorithms. more messages - more mistakes.

        needlessly increasing the volume of cyphertext is asking for trouble. it provides more opportunities for traffic analysis and known plaintext attacks. that's made much worse because it'll be far more likely the cypher clerks get lazy or complacent and do something which exposes the key(s). or they put all the plaintext in the bin - where it can get 'recycled' - instead of making sure the really secret stuff gets separated out and burned.

        encrypt your laundry list if you really must but don't use the same crypto as you'd use for the really secret stuff.

        1. Anonymous Coward
          Anonymous Coward

          Re: Many years ago ...

          Chances of user cockups, granted. But if it makes plaintext or any other attacks easier, then it's not high-grade crypto - in fact, it's not crypto at all.

        2. I am the liquor

          Re: Many years ago ...

          So on that basis, is "HTTPS everywhere" a bad idea?

        3. Anonymous Coward
          Anonymous Coward

          Re: Many years ago ...

          Not using one-time-pads. Unless they were foolish enough to use one page per day and then start over from the beginning after the last page, at which point they would have converted their one-time-pad into a book cipher. If you have a endless supply of one-time pads, it would not defeat the crypto to send copies of phone books, War and Peace, Beowulf, or other long texts just to break your opponents' will to live.

        4. Eclectic Man Silver badge

          Re: Many years ago ...

          An issue is whether the eavesdropper can tell the difference between a message enciphered using high or lower grade cryptography. If not then the attacker has to decide whether their inability to read the message is due to their failure to crack the weaker encryption, or that high grade encryption was used.

          BTW, some people's laundry list IS the really (Victoria's) secret stuff. ;o)

          Oh, and just because a crypto algorithm is 'in house' does not mean it is insecure. There are a lot of mathematicians out there who are quite competent to design their own EC or RSA type bespoke implementations, and I dare say that new algorithms could be found that are also quite or even highly secure.

  13. Anonymous Coward
    Anonymous Coward

    "But, it has a warning for those who would seek to give a golden key, weaken encryption"

    Which is why this is important:

    Act now to prevent national governments from dismantling encryption! — Marcel Kolaja (MEP).

  14. sbt Silver badge
    Childcatcher

    There's another pickle here:

    A) Encryption is hard; don't roll-your-own;

    B) Commercial offerings are under attack by TLAs (as per this example, and NSA's Bullrun efforts; just that we know of).

    Hmmm. It is a puzzlement.

    1. Alan Brown Silver badge

      Re: There's another pickle here:

      C: security and crypto are layered. Don't rely on on a single layer

    2. Schultz
      Boffin

      "Encryption is hard; don't roll-your-own;"

      One-time pads are easy, so why not roll your own? I would expect that any self-respecting bad actor (i.e., all those secret services out there), figured this one out quite a while ago. a memory stick (cd, floppy, ...) can hold a decent amount of randomness to sprinkle across your data.

      1. T. F. M. Reader Silver badge

        Re: "Encryption is hard; don't roll-your-own;"

        @Schultz - "A decent amount of randomness" is surprisingly difficult. A "cryptographically decent" amount of randomness needed for one-time pads doubly so.

        Do not roll your own random number generator for one-time pads, etc., etc.

        1. A.P. Veening Silver badge

          Re: "Encryption is hard; don't roll-your-own;"

          Do not roll your own random number generator for one-time pads, etc., etc.

          I agree, commercially available books are much easier and if you keep the title and print version secret, it is nearly impossible to break. I personally am quite partial to The Key to Rebecca (but I am not going to tell you which translation).

          1. Anonymous Coward
            Anonymous Coward

            Re: "Encryption is hard; don't roll-your-own;"

            Well.....that advice depends on just how long the message needs to remain secret. It's good advice if you want the message to be secret for years.

            *

            But if a few weeks is enough, poor encryption MIGHT BE GOOD ENOUGH!

            *

            Oh......I don't think Thomas Beale was worried about randomness....and two of his three messages are still secret after more than a centuty!

        2. Schultz
          Boffin

          "Do not roll your own random number generator for one-time pads, etc."

          Working in the field of spectroscopy, I have harddisks full of randomness. It's called quantum noise and it is part of any particle detection experiment. For home use, you could rig up a Geiger counter to give you very decent randomness.

          If you want maximum entropy you might want to compare particle pair distances for each bit of entropy: (time_p2 - time_p1) > (time_p4 - time_p3) ? 1 : 0. That should remove digitization artefacts (e.g., from detector dead-time, non-normal distribution of your source, ...).

  15. Claptrap314 Silver badge
    Boffin

    Better, but...

    It's refreshing to see an article of this sort where the "why didn't they just roll their own--it's easy!" comment(s) appear to be missing. So: it's time for the second great fallacy of crypto: one-time pads fix everything.

    It is true that perfect one-time pads are cryptographically unbreakable. The weakness of a one-time pad system is not in the keys, but in the key distribution. You see, the key itself is a type of message, and you need to get that message to both ends of a conversation you want to have. Now, in order to securely transmit a message between two parties, you just.....encrypt... Nope, you cannot use encryption. For the purposes of these discussions, the key is itself a plaintext message which has to be transmitted somehow.

    Certainly, if your 64Gb of random noise gets picked up by a TLA, they don't know how those bits are being interpreted. They still have to understand the underlying crypto system that is going to convert those bits into a key. But again, that it true for ANY crypto system. We have to assume that this is known.

    I am certainly not suggesting that one-time pads are useless. But they are not practical for many, many use cases.

  16. Claptrap314 Silver badge

    Fundamentals of Sovereignty

    I will keep banging on this. If you are not capable of defending yourself in an extended conflict against a determined foe, you are not sovereign. You must be capable of manufacturing your own food, guns, and bullets. You must be capable of maintaining the secrecy of your own communications. People who talk about leaving the US because of diminishing freedoms don't understand that the bulk of the places on the planet are only independent because the big boys cannot be bothers to roll them up.

    It is not cheap. It is expensive. But anything less means that you are "independent" on the good graces of your superiors.

    1. MachDiamond Silver badge

      Re: Fundamentals of Sovereignty

      "If you are not capable of defending yourself in an extended conflict against a determined foe, you are not sovereign."

      You mean like the UK looking to outsource the production of official documents such as passports?

  17. Herby

    Can you keep a secret?

    So can I!

    As the saying goes, "what do you have to hide?". The answer is that everyone has something to hide, plain and simple!

  18. Cryptomuseum
    Mushroom

    Based on the Minerva Report

    All you read here is based on the CIA Minerva Report about the Thesaurus/Rubicon. We from Cryptomuseum were invited to read this report, and to make notes out of it. (but *not* to have it). Read our story here:

    https://www.cryptomuseum.com/intel/cia/rubicon.htm

    And about the relevant media involved, see here:

    https://www.cryptomuseum.com/intel/cia/rubicon_media.htm

    Our special thanks to out to Peter Müller and Huub Jaspers to get us involved to explain the media about all the technical aspects of this affair.

    Hopefully this will be a good read for you, and excuse us for burning a couple of hours away of your time ;-)

    Marc & Paul, Cryptomuseum

  19. This post has been deleted by its author

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021