Click for homepage
Data
Gretag
DES
SWIFT
  
Gretacoder 720
Highly secure encryptor for SWIFT payments

Gretacoder 720, was a highly secure DES-based encryption/decryption system, developed in the late 1990s by Gretacoder Data Systems (formerly: Gretag) in Regensdorf (Switzerland). It was the successor to earlier data encryptors, such as the the Gretacoder 515 and the Gretacoder 715, and was used on the worldwide secure and trusted interbank financial communication system SWIFT.

The device is housed in a strong and tamper-free/evident 2U 19" rack­mount enclosure that is extended at the front. All controls are at the front panel, including two physical locks and a display, whilst all connections are at the rear.

The encryption device itself is mounted inside a metal frame that is mounted to the rear of the front panel. It can only be removed when both keys are inserted and turned by 180 degrees. In addition, the GC-720 has a range of tamper sensors and other security measures, to protect the device and the stored cryptographic keys.
  
Gretacoder 720

At the front panel, to the left of the two key locks, is a slot for an external (cryptographic) key module, similar to the ones used with the Gretacoder 524 and the Gretacoder 605. The GC-720 was developed between 1995 and 1998, shortly before Gretacoder Data Systems was aqcuired by the American SafeNet. The Gretacoder 720 uses the Data Encryption Standard (DES) which, by today's standards, is no longer considered secure. It remained in service well into the 2000s.

Gretacoder 720
Two men control. Both keys are needed to activate or open the device.
Placing the external key
Front panel
Rear view
LED indicators and LCD display
LCD showing the DES test has failed
Serial number label
A
×
A
1 / 8
Gretacoder 720
A
2 / 8
Two men control. Both keys are needed to activate or open the device.
A
3 / 8
Placing the external key
A
4 / 8
Front panel
A
5 / 8
Rear view
A
6 / 8
LED indicators and LCD display
A
7 / 8
LCD showing the DES test has failed
A
8 / 8
Serial number label

Features
All controls are at the front panel of the Gretacoder 720. The device is activated by connecting it to the mains and turning the two keys at the right. Furthermore, a suitable external key module must be present in the slot to the left of the lower key. To the left of the keys is a keypad with 12 buttons, used for entering cryptographic keys and parameters. To its left is a 4 x 20 character LCD. Below the display are four function keys. At the far left are 9 status indicators (LEDs).


All connections are at the rear. At the left are two 25-pin D-sub sockets for connection to the RS232 or X.25 input and output ports, plus a 10/100Mb ethernet socket. To the right of the ethernet socket is a small red RESET button. At the right are the mains socket and a removable 3.6V Lithium backup battery that can be replaced when the device is operational. The sockets are actually mounted to the internal frame and protrude the rear panel of the outer case shell.


Interior
The Gretacoder 720 is extremely well built and is housed in a strong heavy metal 2U 19" rackmount case. The actual device is mounted in a subframe that is mounted to the rear of the front panel. In order to protect the device againt tampering, a lot of safety features are present.

The subframe with the front panel and the electronics can only be removed from the outer case, by releasing the two bolts at the edges of the rear panel, and turning both physical keys at the front panel. The sub frame can now be removed from the outer shell. It is shown here.

The first tamper protection is a small switch that is mounted to the rear of the sub frame. When removing the sub frame from the outer shell, this switch causes the crypto keys to be purged. The actual keys are stored in volatile static RAM that is retained by a large 3.6V Lithium battery.
  
Gretacoder 720 interior

The device roughly consists of 4 parts: a small industry standard power supply unit (PSU), the main board, a large crypto unit (the large green square), and the front panel. The main board takes up most of the case and contains only the interface circuits such as the RS232 ports. All connectors at the rear are mounted to the main board. The front panel is also connected to the main board, via a ribbon cable with ferrite clamp (in order to meet EMC requirements).

But the most interesting part is the large green square. This is the crypto unit or crypto heart. It consists of two boards, marked HOST 720 and TPC 720, that contain the main processor, a dedicated DES encryption chip, a CPLD, various special circuits and some additional 'glue logic'.

The crypto unit is mounted inside an extremely well protected die-cast aluminium enclosure that consists of a bottom shell and an overlapping top shell. It is connected to the main board via only one ribbon cable. The top shell is removed by releasing the four bolts at the corners.
  
Removing the top lid

After removing the top shell of the crypto unit, the next anti-tamper measure becomes visible. At the inside of the top shell is a PCB with a complex labyrint of copper tracks, known as a meander. Several different signals are routed in a seemingly random manner over the board. The board is connected to the actual crypto boards via a series of contact pads at the center and at the edges.

Breaking or shorting any of the signals that are running over the meander tracks, causes a tamper alarm and will purge the cryptographic keys instantly. The image on the right shows the contact pads at the center of the top shell. These pads mate with a set of spring-loaded contacts at the center of the upper crypto board.

Similar meander patterns are also found at the inner sides of the top shell. They are constructed from orange foil with copper tracks (flex PCB) that are glued to the sides of the case shell. The flex PCBs have their contact pads at the edges.
  
Contacts pads in the top lid, connecting the meander to the crypto board

Removing the top shell from the crypto unit, breaks the spring-loaded contacts and will set of the tamper alarm. Furthermore, drilling a hole in the top or the sides of the crypto unit, will break or short the meander tracks and will also trigger the alarm. This will cause the keys to be deleted.

Inside the crypto unit are two large square PCBs that are mounted together as a sandwich, with the component sides of the PCBs facing each other. The sandwich is mounted to the bottom shell by means of 8 bolts at the edges of the upper PCB which is slightly larger. It is shown in the image on the right, with the lower board up.

The next tamper protection is a light sensor that is mounted at the center of the upper PCB, close to the spring-loaded contacts. It is connected to the PCB via red and white wires. A similar light sensor is present at the other side of the stack.
  
Sandwich of two crypto boards (bottom board up)

The light sensors are the next stage in tamper protection. As soon as any of the light sensors picks up the slightest trace of light (visible or infra-red), it will trigger the tamper alarm and cause the keys to be deleted. Cutting the wires to the light sensors will also set off the alarm.

The two sandwiched boards can be separated by removing four small bolts at the edges of the upper PCB and lifting the lower board from the 96-pin DIN socket that connects the two boards.

The image on the right shows the upper board, which is marked HOST 720. It contains the host processor, an Altera CPLD, the firmware and a lot of 'glue logic'. At the right, aside the 96-pin DIN connector, is the AM9568, a dedicated Data Ciphering Processor made by AMD [2]. It supports DES and was at the time under strict export control by the US Department of State.
  
Top crypto board (component side)

The AM9568 allows a data throughput of 1.5MB/s (approx. 15Mb/s) with was fast enough for real time encryption of high-speed serial lines and 10Mb ethernet connections. The Data Encryption Standard (DES) was controlled by the US Bureau of Standards. Today, DES is no longer considered secure for interbank financial transactions and has been superceeded by Triple-DES and AES.

The HOST board connects to the main board via the grey high-density ribbon cable that is visible at the top left in the image above. In the top corner is the 8.192 MHz crystal oscillator. At the center of the HOST board is another light sensor, that is glued on top of one of the existing chips.

The bottom PCB contains the other half of the crypto unit. It is connected to the host board by means of a large 96-way DIN connector at the edge of the PCB. This board holds the Real-Time Clock (RTC), the battery-backed STATIC RAM (for holding the key variables) and a socketed PROM.
  
Close-up of the mercury tilt switch

The bottom PCB also contains a true random noise generator, built around two NE592 video amplifiers [3]. It was used for generating new truely random key variables for each new SWIFT message. This board also holds the final stage in tamper protection: a mercury filled glass bulb, which acts as a tilt sensor. It is mounted close to the edge of the bottom PCB and is shown in the image above. Tilting the device, raised the tamper alarm and purges the crypto keys instantly.

The bottom shell of the crypto unit is similar to the top shell. It also contains meander tracks at the bottom and the sides, which are connected to the bottom PCB by means of contact pads and spring-loaded contacts. The crypto unit is so well protected that it is virtually impenetrable.

Gretacoder 720 interior
Removing the top lid
Crypto unit top lid
Contacts pads in the top lid, connecting the meander to the crypto board
Spring loaded contacts
Close-up of the meander at the sides of the crypto unit frame
Sandwich of two crypto boards (bottom board up)
Light sensor
Crypto boards aside the empty crypto unit frame
The two crypto boards separated
Top crypto board (component side)
Bottom crypto board (component side)
Industry standard Power Supply Unit (PSU)
Tamper switch at the rear
Connection between the main board and the front panel
Close-up of the light sensor at the component side
Close-up of the mercury tilt switch
Opening the battery holder
Backup battery removed from the battery holder
Connection between the crypto unit and the main board
Replaceable PROM
Close-up of the real-time clock and the static RAM
Top crypto board (component side)
Bottom crypto board (component side)
B
×
B
1 / 24
Gretacoder 720 interior
B
2 / 24
Removing the top lid
B
3 / 24
Crypto unit top lid
B
4 / 24
Contacts pads in the top lid, connecting the meander to the crypto board
B
5 / 24
Spring loaded contacts
B
6 / 24
Close-up of the meander at the sides of the crypto unit frame
B
7 / 24
Sandwich of two crypto boards (bottom board up)
B
8 / 24
Light sensor
B
9 / 24
Crypto boards aside the empty crypto unit frame
B
10 / 24
The two crypto boards separated
B
11 / 24
Top crypto board (component side)
B
12 / 24
Bottom crypto board (component side)
B
13 / 24
Industry standard Power Supply Unit (PSU)
B
14 / 24
Tamper switch at the rear
B
15 / 24
Connection between the main board and the front panel
B
16 / 24
Close-up of the light sensor at the component side
B
17 / 24
Close-up of the mercury tilt switch
B
18 / 24
Opening the battery holder
B
19 / 24
Backup battery removed from the battery holder
B
20 / 24
Connection between the crypto unit and the main board
B
21 / 24
Replaceable PROM
B
22 / 24
Close-up of the real-time clock and the static RAM
B
23 / 24
Top crypto board (component side)
B
24 / 24
Bottom crypto board (component side)

History
The Gretacoder 720 was part of the 700 family of devices, that started life in the late 1980s or the early 1990s. Based on many years of development of encryption devices for secure payments for TELEKURS, the organization that controls the transfer of money between Swiss banks, Gretag was asked to develop similar products for EUROCHEQUE payments and for the Italian Bancomat System. Many of these products were developed in close cooperation with the customer [4].

The Gretacoder 715, for example, was developed especially for TELEKURS and was used for secure payment transactions between all major Swiss banks. It is about the same size as the Gretacoder 720, but has a slightly different front panel. Rather than the EPROM slot (for the external key variable), it accepts a memory card. It has a 2 x 16 character LCD display.

In 1989, the Italian Società Interbancaria per l'Automazione (SIA), decided to add cryptographic security to its Bancomat System that was used by all major banks in the country. The contract was signed in October 1989. For this project, Gretag developed the Gretacoder 700, a device that was very similar to the Gretacoder 720, but with different communication ports.

A total of 1000 Gretacoder 700 units were ordered by the Italians, which were installed in 500 banks (2 in each bank). By July 1991, 200 units had already be delivered to SIA and the rest was delivered in the following months. At the time it was Gretag's most complex software project [4].

To accomodate the wide variety of computer systems used by the Italian banks, the Gretacoder 700 had four data ports, each with four selectable data protocols. The later Gretacoder 720 — featured here — is nearly identical, but has only three data ports: two ports for RS232 or X.25 serial communication and one Ethernet port. It is otherwise nearly identical.


References
  1. Anonymous donor, Gretacoder 720 - THANKS !
    Received August 2013.

  2. AMD, AM9568DC Datasheet
    Data Ciphering Processor (DCP). April 1985

  3. On-Semiconductor, NE592 Datasheet
    Video Amplifier. October 2006, Rev. 4.

  4. Dr. KH Müller, Gretag Data Systems liefert Sicherheit für italienisches Bancomat System
    Objectiv (internal Gretag publication) (German). September 1991. pp. 4-5.

  5. Gretag AG, Gretag, your partner in communications security
    Full-colour company brochure, June 1989.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Wednesday 28 August 2013. Last changed: Sunday, 27 February 2022 - 10:17 CET.
Click for homepage