[Cryptography] Crypto AG and CIA project exposed

Peter Fairbrother peter at tsto.co.uk
Thu Feb 13 16:23:13 EST 2020


On 11/02/2020 20:51, Dennis E. Hamilton wrote:
> 
> Danny Muizebelt said,
> 
>> For decades Crypto AG sold backdoored crypto solutions to governments.
> 
> Technically, there was no back door.

Sometimes there was - we are talking about 70-odd years of varied 
skulduggery. At first it was just weakening, but at several points some 
of the Crypto AG machines had classic hard-to-guess-secret-based backdoors.

> There were built-in crypto weaknesses that facilitated decryption of
> intercepts by an adversary (in this case, the CIA/NSA).

But I think you can call any deliberate introduced weakness a backdoor 
anyway, even if it does not rely on a secret. Especially when you know 
about it and everybody else does not, and you need to know about it to 
know which weakness to exploit - knowing about the weakness could be 
considered the secret.

You say tomato...

> Of course, the same defects could be exploited by other capable actors, and we
> might not ever know.

Some of the early Crypto AG technology was similar to Enigma. It has 
been said that the secrecy about the wartime breaking of Enigma was 
especially longlasting because of the Crypto AG/CIA-NSA-BND link, so 
maybe GCHQ had some knowledge and access too.


Peter Fairbrother


More information about the cryptography mailing list