|
|
|
|
|
|
|
Data Crypto AG Motorola BND CIA HC-500 series →
The device was intended as a desktop machine and resembles an electronic
typewriter of the era. It is integrated with a strong black plastic transit
case of which the hood can be removed.
Accessories, like manual, instruction card, paper tape and print rolls,
are stowed inside the hood.
The HC-550 is very complete. It contains a page printer, a high-quality
keyboard, a single-line plasma display, a five-level tape reader and
a five-level tape puncher,
and is suitable for off-line encryption and decryption only.
Messages are exported on paper or punched paper tape.
|
|
|
The device can be powered from the AC mains (90-250V AC) virtually anywhere
in the world and was intended for diplomatic use. Setting of the Basic Key (BK)
and the mode of operation (C/D) is by means of two
highly secure KESO locks
at the front panel, to prevent unauthorised use.
For transmission of the data via a regular telephone line, an optional
acoustic modem was available.
The machine was introduced in 1977, but was never produced in high quantities,
probably due to the high production cost.
A few years after its introduction it was replaced by the more affordable
HC-550,
which was based on a low-maintenance
Siemens T-1000 teleprinter.
Immediately after the introduction of the HC-570, the 500-series was
complemented by the portable HC-520 [1].
|
The diagram below provides an overview of the features of the HC-570.
The device is housed in a strong plastic transport case, from which it
can not be removed. It resembles an electronic typewriter, and features a
full ASCII keyboard and a thermal page printer. Furthermore, a single-line
plasma display is present at the front panel. It allows a text to be corrected
before being printed.
For operation, two
highly secure (physical) keys
are needed, that have to
be entered in the two locks to the right of the display. The left one
is needed for entering the Basic Key (BK) and for opening the cover.
The right one allows selection between Ciphering (C) and Deciphering (D).
|
|
|
Compatible machines
Cryptomatic 500
|
|
|
The HC-570 was developed at a time when the company – Crypto AG – was jointly
owned by the German Bundesnachrichtendienst (BND)
and the American Central Intelligence Agency (CIA).
The two intelligence services had
purchased the company
in 1970,
with the intention to get control over the cryptographic algorithms
and – indirectly – Crypto AG's customers. This secret project was known as
Operation RUBICON (also: THESAURUS)
and turned out to be extremely effective [1].
The HC-570 was the successor to the ill-fated H-460,
that had been introduced just before BND
and CIA became the owners of
Crypto AG.
It used a shiftregister-based cryptologic that had been
designed by the NSA in 1965, in such a way that messages were
readable 1 to them.
When BND
and CIA took over, it was decided that
Crypto AG should sell
high-end cipher machines that could compete with the designs from
other manufacturers
– like Gretag –
that were not under control.
The new machine was initially designated HS-4700 and was
(partly) developed at Crypto AG
in Zug (Switzerland) between 1970 and 1973.
But as the development was progressing too slowly, the partners
(BND
and CIA) decided in 1974 to bring in the American technology giant
Motorola from Phoenix (Arizona), and let them do development
of the electronic circuits.
Motorola based the design of the circuits
on the 6800 microprocessor that they had just
introduced in 1974 [2].
At the same time, the US
National Security Agency (NSA)
developed a cryptographic algorithm,
which Motorola had to implement in software on the 6800 processor.
It was probably the first time an algorithm was implemented this way.
It came in two flavours: readable and unreadable. 1
Unreadable versions were for friends: NATO countries,
plus Switzerland and Sweden.
Readable versions were sold to all other countries, with very
few exceptions.
Apart from NSA, they were also readable by the
Zentralstelle für das Chiffrierwesen (ZfCh)
— the German codebreakers.
Once the design was ready, it was handed over to Crypto AG in Switzerland,
where the machine was taken into production as the HC-570.
Unfortunately, it did not become very popular and caused Crypto AG to run
into red figures.
It was overly complicated, difficult to build,
expensive and prone to failure.
A few years later it was replaced by the
HC-550, which was based on
a Siemens T-1000 teleprinter
to which the cipher unit was bolted at the bottom.
Nevertheless, small quantities of HC-570 machines were built until the
early 1990s for existing customers.
Soon after the introduction of the HC-570 in 1977, a portable variant was
developed by Siemens –
the HC-520 – which became very popular.
It was intended as a competitor to the
Gretacoder 905, which had recently been
introduced by Gretag,
and was unreadable to western intelligence.
|
 |
-
The term readable means that the algorithm
could be broken by NSA.
Also known as friendly or exploitable. In contrast:
algorithms that are not breakable by NSA,
are called unfriendly or unreadable or secure.
|
In February 1979, less than two years after the introduction of the
HC-500 series, CAG-employee
Jürg Spörndli
discovered that it was possible
to break the machine with just 100 characters of known
plaintext, probably after attending a seminar by American mathematician
Martin Hellman.
Although rather theoretical, it proved that the cipher was prone to
a known plain-text attack, or KPTA as it was known in the crypto-world.
For Crypto AG this was bad news,
as the company couldn't afford another
debacle after the H-460 crisis.
In two years time, the HC-500 series had
become Crypto AG's leading product,
of which more than 1700 had already been sold worldwide.
The original algorithm had been developed by NSA's
Peter Jenks,
and was intended to last for at least 20 years. But Jürg Spörndli had
now exposed a weakness that urgently needed to be fixed before customers
would discover it themselves. At NSA,
Dave Frasier designed a
drop-in fix that defeated a known plaintext attack, but was
considerably more difficult to break by NSA
and ZfCh.
A few months later, mid-1979, Peter Jenks
left the NSA and
Dave Frasier committed suicide.
➤ More about Operation RUBICON
|
|
The machine is housed in a strong plastic transport case, from which is
can not be removed. The transport case is in integral part of the machine
and acts as a bottom shell. After placing it on a table, the hood of the
transport case should be removed, and the machine is ready for operation.
|
In order to access the interior, the leftmost KESO key must be entered
into the lock and turned counterclockwise. This releases two steel
cable-operated locks at the sides of the machine. Note that you may have to
gently push the cover down somewhat before the side locks will disengage.
The cream plastic cover can now be removed by tilting it towards the rear,
but be careful not damage the fragile printer transport mechanism at the left.
Once the cover is off, the interior is exposed, as shown in the image on
the right. At the rear left is the power supply unit (PSU).
|
|
|
|
In front of the PSU is the thermal printer (here shown with a paper roll
installed), and in front of that is the keyboard. To the right of the printer
is a purpose built paper tape puncher and – at the front right – a matching
punched paper tape reader. Both are suitable for standard 5-level tape.
|
At the rear right is a metal case that contains the electronic circuits.
It is divided in three equal compartments, each of which can accomodate
6 plug-in cards, but not all slots are populated.
The middle compartment contains the processor board and the peripheral drivers,
all of which were developed by Motorola
in Phoenix (USA).
Each card has an 64-pin connector at one edge, through which it is fitted
to the motherboard at the bottom. The cards contain the peripheral interfaces, the 6800 microprocessor, the display drivers, the printer drivers
and the memory.
|
|
|
|
Additional details can be found in the photographs below. Note that in the
device featured here, the original Motorola processor card has been replaced
by an alternative (experimental) one, that is functionally identical. It
was probably developed as part of an aftermarket update or upgrade.
|
|
The device shown here is a very late production model. Judging from the
date codes on some of the components, it was made in the early 1990s, some
15 years after its introduction. Although the machine is fully operational,
and most parts are genuine, the processor board was replaced.
|
Originally, the middle compartment of the metal cage at the rear
right of the machine, contains the microprocessor and its peripheral
drivers. There are six slots, five of which are normally populated
(one is marked TEST). In the HC-570 featured here, the rearmost three
card have been removed, and replaced by a single Eurosize
card, that contains an NSC-800 microprocessor with static RAM,
plus an EPROM with the firmware.
The alternative processor board was probably developed
as part of an aftermarket upgrade which for the firmware had to be
redeveloped.
|
|
|
|
It is also possible that the machine was built from existing (spare) parts,
in order to accomodate aftermarket orders from existing customers, and that
by the time this was done – in the early 1990s – the original processor board
was no longer available.
It is currently unknown where the replacement board was made. It is possible
that this was done in-house, but it is also possible that a small
external party,
such as TST Timmann 1
in Germany, was commissioned to do the job.
|
-
Judging from the 'design signature' and the choice of the NSC-800
processor, TST was a likely candidate.
|
|
When we obtained the HC-570 shown here, a first inspection showed that the
printer was not working. It was printing, but the paper would not advance at
the end of a line. It was clear that the transport mechanism was somehow
broken. First the cover had to be removed (see below).
|
The transport belt, that connects the platen to a stepper motor, was
completely missing
and had probably desintegrated. And, more seriously,
a spring was found
at the bottom of the machine, with a broken-off plastic
tip. This was probably once a part of the (missing) belt tension unit.
As an original belt was not available, the drive mechanism was adapted
to accept a standard one (from a printer
or flatbed scanner).
Such belts are commonly longer,
so an adjustable support post was created, and mounted in a free hole
in the printer's left side panel, as shown.
|
|
|
|
The part inside the yellow circle is new. it is mounted in an unused
oval hole in the side panel, and can be adjusted to obtain the desired
tension on the belt.
The pully, axle and replacement belt,
are all surplus from an old disassembled flatbed scanner.
The printer is now working again.
|
|
The HC-570 is protected against unauthorised use, by means of two
highly secure KESO locks,
to the right of the
display. Without suitable KESO keys,
the machine can not be operated.
When we obtained the machine shown here, in December 2010, the leftmost key
was missing, as a result of which the Basic Key (BK) could not be entered
and, worse, the top cover could not be removed.
|
Luckily, lock expert Barry Wels [3], was willing to help us out.
Back in 2009, Barry had been able to provide us with a new key for our
Enigma M4,
without removing or damaging the existing lock.
On 25 March 2011, Barry visited us again and produced a
working key from a blank, using a technique known as impressioning.
The image on the right shows the
resulting key,
which in no way resembles a
genuine KESO key,
but operates nevertheless smoothly.
Unlike an original KESO key, the impressioned one is not symmetrical
and can only be inserted in one orientation.
|
|
|
|
Starting off with a blank polished key, Barry wiggles it inside the lock.
He then searches the key for minor scratches and files away the unwanted
parts. This process is repeated numerous times, until the lock finally
gives in. Although it sounds easy, it is in fact a tedious job that
requires many hours of practice. The video clip below shows the final stage
of the creation of our BK-key
|
|
|
|
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Thursday 02 December 2010. Last changed: Friday, 04 February 2022 - 10:22 CET.
|
|
|
|
|
