Click for homepage
Crypto AG
HC-500 series →
Hagelin HC-530
Briefcase electronic cipher machine · CRYPTOMATIC

HC-530 is a series electronic portable/desktop cipher machines, developed around 1981 by Crypto AG in Zug (Switzerland). It is compatible with other members of the 500-series, like the HC-570, HC-550 and HC-520. The cryptologic is developed by Motorola in Phoenix (USA) and uses an NSA-developed cryptographic algorithm, that has a built-in weakness (backdoor) [1].

The device is housed is a metal enclosure, and features a full ASCII keyboard, a single-line Liquid Crystal Display (LCD) and a built-in miniature thermal ticket printer. At the left is an integrated acoustic modem, that is designed accept the handset of a regular telephone set.

The device delivers the encrypted or decrypted output to the LCD, the printer, the modem, or to a serial RS232 port provided by the modem. It came in two colour vaiants: cream for civil use and green for military use, but these are largely identical. The image shows the military variant.
The Hagelin HC-530 removed from it carrying case

The device was intended for diplomatic traffic, and was ideal for people on the move. It can be placed on a desktop, or carried around in a briefcase, and can be setup in seconds. The military variant is supplied in a rugged green case from within it can be operated. It can be powered from the AC mains, or by the built-in rechargeable NiCd batteries. The device was introduced in the late 1970s as a direct competitor to the Gretacoder 805, which has a similar look-and-feel [1].

The cryptographic algorithm of the HC-530 was developed by the US National Security Agency (NSA), and comes in two flavours: readable and unreadable. 1 Unreadable versions were supplied to NATO countries, plus Sweden and Switzerland. Readable versions were for all other nations. An improved version of the latter was supplied from 1979 onwards, after customers had discovered the backdoor. Needless to say that the improved version was still readable by NSA and ZfCh [1].

  1. In this context, readable means that the cryptographic algorithms could be broken by NSA and ZfCh. Also known as friendly or insecure or exploitable. In contrast: algorithms that are not breakable by NSA and ZfCh, are called unfriendly or unreadable or secure.

HC-530 packed in its typical suitcase
HC-530 mounted inside its case
The Hagelin HC-530 removed from it carrying case
Close-up of the power lock
Close-up of the printer lid and the acoustic coupler
The printer of the HC-530 with opened lid
Acoustic coupler
HC-530 seen from the front
1 / 8
HC-530 packed in its typical suitcase
2 / 8
HC-530 mounted inside its case
3 / 8
The Hagelin HC-530 removed from it carrying case
4 / 8
Close-up of the power lock
5 / 8
Close-up of the printer lid and the acoustic coupler
6 / 8
The printer of the HC-530 with opened lid
7 / 8
Acoustic coupler
8 / 8
HC-530 seen from the front

The diagram below gives a quick overview of the external features of the HC-530 and HC-535. At the front right is a full-size keyboard with high-quality push-buttons. It is used for entering the plaintext or ciphertext message, and for entering operator commands and cryptographic keys. Behind the keyboard is a single-line LCD on which the commands, keys and text are displayed.

HC-530 civil variant - overview of controls and connections

Towards the rear is the built-in thermal strip printer, which delivers a physical printed copy of the message. Bolted-on at the left, is an acoustic modem that acts as a cradle for a regular telephone handset. It allows messages to be sent and received via any regular analogue (PSTN) telephone set. A rubber strap is provided to keep the handset in place whilst it is present in the cradle.

  • HC-530
    Civil version in cream enclosure
  • HC-535
    Military version in green enclosure
The HC-530 and HC-535 were each available in a number of customer- or country-specific variants, identified with a 3-digit extension to the model number. This defines which variant of the cryptographic algorithm is used. The following variants have been observed:

  • HC-530-200
    Civil version, Argentina
  • HC-535-200
    Military version, Argentina
Compatible machines   Cryptomatic 500
Pocket version, resembling a calculator
Suitcase version
Desktop model, based on Siemens T-1000
Desktop model
Desktop model, based on Siemens T-1000
Rackmount model for serial computer signals
Similar machines   from other manufacturers
The Philips Miniflex inside a Samsonite briefcase
Philips Picoflex
Gretacoder 805
Note that these machines are not compatible with the Crypto AG (Hagelin) HC-500 series.

The HC-550 was developed at a time when the company – Crypto AG – was jointly owned by the German Bundesnachrichtendienst (BND) and the American Central Intelligence Agency (CIA). The two intelligence services had purchased the company in 1970, with the intention to get control over the cryptographic algorithms and — indirectly — Crypto AG's customers. This secret project was known as Operation RUBICON (also: THESAURUS) and turned out to be extremely effective [2].

The first machine of the 500-series – HC-570 – was the successor to the ill-fated H-460, Crypto AG's the first fully electronic cipher machine, that had been introduced just before BND and CIA became the owners of the company. It used a shift-register-based cryptologic, that had been designed by the NSA in 1966, in such a way that messages were readable 1 to them. When BND and CIA took over, it was decided that Crypto AG should sell high-end cipher machines that could compete with the designs from other manufacturers, such as Gretag, that were not under control.

The HC-570 was not very successful, and was replaced a few years later by the HC-550, which was based on an expanded Siemens T-1000 teleprinter. In the meantime, competitor Gretag had released several new machines that worried the intelligence services, as Gretag was not under their control. It was then decided to expand the 500-series with a pocket model – the HC-520 – and a portable model - the HC-530 – so that customers could be lured away from Gretag.

HC-500 Crisis
In February 1979, less than two years after the introduction of the HC-500 series, CAG-employee Jürg Spörndli, discovered that it was possible to break the machine with just 100 characters of known plaintext, probably after attending a seminar by American mathematician Martin Hellman.

Although rather theoretical, it proved that the cipher was prone to a known plain-text attack, or KPTA as it was known in the cryptologic world. To Crypto AG this was bad news, as the company couldn't afford another debacle after the H-460 crisis. In two years time, the HC-500 series had become Crypto AG's leading product, of which more than 1700 had already been sold worldwide.

The original algorithm had been developed by NSA's Peter Jenks, and was intended to last for at least 20 years. But Jürg Spörndli had now exposed a weakness, whch urgently needed to be fixed before customers would discover it themselves. At NSA, Dave Frasier designed a drop-in fix that defeated a known plaintext attack, but was considerably more difficult to break by NSA and ZfCh. A few months later, mid-1979, Peter Jenks died of cancer and Dave Frasier committed suicide.

 More about Operation RUBICON

  1. In this context, readable means that the cryptographic algorithms could be broken by the NSA. Also known as friendly. In contrast: algorithms that are not breakable by NSA, are called unfriendly or unreadable.

Operation of the HC-530/535 is straightforward, but requires some basic knowledge of the user interface. For this reason, a comprehensive manual was supplied with each machine [C]. For the experienced user, a Quick Reference Card with short-form instructions is also available [A].

The HC-530 can be operated from the mains or the built-in battery. The battery is charged auto­matically when the machine is connected to the mains, even when the machine is switched OFF. Charging is indicated by a red LED at the right.

The machine is switched ON by inserting the key into the lock – to the right of the display – and turning it 1/4 clockwise. After a short delay of approx. 1 second, the machine comes to life. If it has been off for a long time, the battery might be exhausted and the machine will require the Variable Parameters (VP) to be renewed.
Key in the ON position

The VP determines the intitial settings of the machine, such as the default input device, the output device, data speed, output formatting, etc. Entering the VP is rather simple and requires a series of numbers to be entered from the keyboard. All possible combinations are listed on the Quick Reference Card. The VP can be changed at any time by entering a special command.

The HC-530 has two modes of operation: Command Mode and Editor Mode. Once the VP has been setup correctly, the machine enters Command Mode. Ctrl-R is normally used to cancel Editor Mode and return to Command Mode. In Command Mode, all commands are combined with the Ctrl-key (control). In most cases, the command is activated by pressing the Enter-key (Return). In some cases the command must be confirmed by pressing the Y-key (for: Yes).

Activation keys
Even when the machine is turned OFF, the battery will be charged.
Key in the ON position
Immediately after turning the HC-530 on, all segments of the display are briefly highlighted.
Entering the Basic Key
Close-up of the display
Quick Reference Card
1 / 7
Activation keys
2 / 7
Even when the machine is turned OFF, the battery will be charged.
3 / 7
Key in the ON position
4 / 7
Immediately after turning the HC-530 on, all segments of the display are briefly highlighted.
5 / 7
Entering the Basic Key
6 / 7
Close-up of the display
7 / 7
Quick Reference Card

When ciphering or deciphering an message, the resulting plaintext or ciphertext can be sent to different output devices, depending on the appropriate VP-setting or Ctrl-command. The following output devices are available:

  • Display
    Encrypted or decrypted text is sent to the display. The user can read it and (optionally) write it down on paper. The display can show only one line of text.

  • Printer
    Encrypted or decrypted text is printed on paper using the built-in thermal printer. Ciphertext can then be passed on for transmission via another means, such as a courier. Plaintext text can be handed over to the addressee.

  • Coupler
    Encrypted data is sent to the acoustic phone coupler and the internal modem is used to convert data into a series of tones (not available in decipher mode to avoid plaintext to be revealed through the telephone line).

  • Serial interface
    Ciphertext or plaintext can (optionally) be sent through the built-in serial RS232 port (DB25) that is available at the rear of the acoustic modem. It is used for connection of an external terminal, teletype unit, computer or an alternative (non-acoustic) modem. Data speed and word format are set in the VP.
Likewise, the following input channels are available:

  • Keyboard
  • Coupler
  • Serial interface
1 / 8
Entering a text in cipher mode
2 / 8
3 / 8
Printing the plaintext
4 / 8
Printing the ciphertext
5 / 8
Acoustic coupler
6 / 8
Phone in the coupler
7 / 8
The 15-way D-type connector of the serial interface
8 / 8
The serial interface connected to an external device

The table below lists the various commands of the HC-530 in Command Mode. Single keys are printed bold and the return key is shown as CR (carriage return). A command sequence may have to be followed by and additional Y (yes) for confirmation (indicated in the red column).

Sequence Y Description
Ctrl I CR   Input Mode (text input from keyboard or serial interface)
Ctrl P CR   Printout (memory text unchanged)
Ctrl S CR Y Serial interface output (memory text unchanged)
Ctrl C CR   Cipher mode (output device according to VP value)
Ctrl CD CR   Cipher output device -> Display
Ctrl CP CR   Cipher output device -> Printer
Ctrl CT CR   Cipher output device -> Coupler (Telephone)
Ctrl CS CR   Cipher output device -> Serial interface
Ctrl D CR   Decipher mode (output device according to VP value)
Ctrl DD CR   Decipher output device -> Display
Ctrl DP CR   Decipher output device -> Printer
Ctrl DS CR Y Decipher output device -> Serial interface
Ctrl DC CR   Decipher Mode continuation
Ctrl A   Advance
Ctrl B CR   BASIC Key Mode (selection of the basic key)
Ctrl V CR Y VP Mode (entering the Variable Parameters)
Ctrl R   Return to Monitor (exit to Command Mode)
Ctrl X Y Reset (clear memory)
Ctrl E CR   Editor Mode (optional)
Ctrl T Y Test (optional) / space bar / P / U / Y /
Ctrl M CR   Mark polarity (coupler sends 1850 Hz tone)
Ctrl N CR   Station identification (for selective call)
DEL   Last character delete (equivalent to Ctrl-K)
WORD   Last word delete (equivalent to Ctrl-W)
Variable Parameters (VP)
# VP value 0 1 2 3 4 5 6 7 8 9
1 Coupler output * N FEC              
2 Default output device * D P S            
3 Serial input speed * Ext 50 75 110 150 200 300 600 1200
4 Serial output speed * Ext 50 75 110 150 200 300 600 1200
5 Serial I/O polarity * I/O I/O I/O I/O          
6 Serial format * BD A2 A3 A4 A5 A6 A7 A8 A9
7 MK auto-generated * Y N              
8 BK included in cleartext * Y N              
9 Ciphertext formatting * 5 10 60            
10 Auto-processing * MEM Ctrl_S MEM Ctrl_DS MEM Ctrl_DP Ctrl_S Ctrl_DS Ctrl_DP INT Ctrl_S INT Ctrl_DS INT Ctrl_DP
11 Selective call (coupler) * N Y ID            
* = Don't care (i.e. no change), can be used when changing already entered VP values.

  1. N-Normal, FEC-Forward Error Correction
  2. Display/Printer/Serial
  3. Baud rate (bps)
  4. Baud rate (bps)
  5. Normal / Inverse
  6. BD-Baudot, A-ASCII (see below)
  7. Master Key (MK) to be generated automatically (Yes/No)
  8. Output Basic Key (BK) Bigram with clear text (Yes/No)
  9. Ciphertext formatted in 5, 10 or 60 letter groups
  10. MEM-Received message transferred into text memory (if empty)
    INT-Local process interrupted
  11. N=No, Y=Yes, ID=Caller terminal identification added to message
  • PTS-530
    Thermal paper polls
  • ADA-530
    HF link frequency adjustment indicator
  • ATX-530
    Teleprinter interface
  • TPR-530
    Tape punch/reader station
  • PSB-530
    DC charger module
  • TFG-530
    Telephone/galvanic switchover interface
  • TEA-530
    Diagnostic test unit
  • TED-530
    Diagnostic test unit
  • ?
    Coupler cable for external radio
  • ?
    Back-to-back connector (2 × DB25/M)
Serial interface
At the rear of the acoustic coupler, is a 25-way D-type female socket (DB25/F) for connection to an RS232 serial port or an (optional) test device. The serial interface is suitable for synchronous and asynchronous data. The pin-out, when looking into the socket, is as follows:

  1. 0V
  2. TX
    Serial data out (async) V28/V24
  3. RX
    Serial data in (anync) V28/V24
  4. SBY
    Serial out busy TTL
  5. TRX
    Telephone data in (TTL) 3
  6. TTX
    Telephone data out (TTL) 3
  7. GND
    Signal ground
  8. PBY
    Printer busy (TTL) 3
  9. NMI
    Interrupt (TTL) 3
  10. TBY
    Telephone busy (TTL) 3
  11. TCK
    Telephone clock (TTL) 3
  12. SRD
    Serial input ready 1
  13. STX
    Serial data out 1
  14. SRX
    Serial data in 1
  15. SCO
    Serial clock out
  16. SCI
    Serial clock in
  17. ×
  18. ×
  19. CLD
    Clock display 3
  20. ICR
    Input control register 2
  21. 0V
    Battery (test) 3
  22. +5V
    Test 3
  23. -5V
    Test 3
  24. VT
    +V thermal head 3
  25. VM
    +V motor 3
  1. Synchronous serial port to TPR-530 tape puncher/reader.
  2. VP combinations: 1 = A, 0 = B.
  3. Used by (optional) external test device.

Galvanic coupler
A galvanic interface to a variety of external periphers is available as a 15-way D-type female socket (DA15/F), at the centre of the acoustic coupler, protected by a rubber cap. The pin-out, when looking into the socket, is as follows:

  1. +5V
    Supply voltage 1
  2. PH
    Phone/Manual switchover 1
  3. GCO
    Galvanic coupler 'on' 1
  4. DAT
    Data/Manual switchover 1
  5. CA
    Call signal from 1
  6. RTT
    Receive-Transmit-Telephone 1
  7. /GC
    Galvanic coupler present (0V) 1
  8. 0V
    Ground 1,2
  9. TRR
    Transmit Radio Audio 2
  10. TRGN
    Transmit Radio Ground 2
  11. RER
    Receive Radio Audio 2
  12. REGN
    Receive Radio Ground 2
  13. GTX
    TX-ON, relay n.o. 2
  14. TX
    TX-ON, relay common 2
  15. /RA
    Radio operating mode (0V) 2
  1. Specific wiring to/from TFG-530.
  2. For connection to/from radio.

  1. Quick Reference Card (front)
    3K961 (front) Crypto AG. Date unknown.

  2. Quick Reference Card (rear)
    3K961 (rear) Crypto AG. Date unknown.

  3. Cryptomatic HC-530/HC-535 Installation and Operating Instructions
    3B945. Crypto AG.
  1. Crypto Museum, Operation RUBICON
    February 2020.

  2. Wikipedia, Motorola 6800
    Retrieved December 2019.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Created: Saturday 31 July 2010. Last changed: Sunday, 14 June 2020 - 14:17 CET.
Click for homepage