|
|
|
|
|
|
|
Crypto AG Data BND CIA
The device is housed in a rugged green die-cast aluminium enclosure,
and was usually combined with one or more eight-channel multiplexers.
It allows full-duplex point-to-point connections with a data transfer
rate of 2 Mb/s, similar to the
Philips Mucolex
or the American TED — KG-81.
The image on the right shows an MCC-314, as it was used for training
at Crypto AG in the early 1970s. The hinged door at the left gives
access to an 8-level paper tape reader that is used for loading the
cryptographic keys.
An old brochure shows the device as part of a complete
setup [1].
|
|
|
|
The MCC-314 was introduced around 1972 and was in production until at
least the late 1970s. Being a bulk encryption device, it was mainly used
by military customers, such as the armies of Austria and Yugoslavia.
In 1974, some customers discovered the weakness in the
algorithm and complained. It was promptly fixed by a CAG-employee,
who got himself in trouble with that
[2].
|
Development of the MCC-314 was started in the late 1960s,
at a time when
the company was still owned by its founder,
Boris Hagelin. But as there were
strong ties to the American and German intelligence services, it was decided
that the German cipher authority – the
Zentralstelle für das Chiffrierwesen (ZfCh) –
would design the cryptologic
(the part that holds the crypto-algorithm).
It was developed in parallel with the
CSE-280
voice encryptor that used a similar cryptologic
[2].
The algorithm had a built-in weakness
that was developed by experts at the
ZfCh.
It made the device readable to them (ZfCh) and later – after
Crypto AG had been purchased by the
BND
and CIA – also to the American
National Security Agency (NSA),
giving them an obvious advantage.
The weakness in the cryptologic is an exploitable implementation
of the forward synchronisation scheme. Head of R&D at Crypto AG
– Peter Frutiger – never liked the implementation and felt that it was
too obvious. In 1974 Crypto AG found out that Frutiger had been right,
when the Austrians and Yugoslavs had both discovered the weakness themselves.
When they reported it, Frutiger fixed the flaw in the algorithm and
delivered it to his customers, to great concern of the NSA.
With the fix in place, NSA was no longer able to read the targeted traffic.
They contacted the CAG
CEO and urged him to get
a grip on his people, but since Frutiger and his men were officially
unwitting of any CIA/BND involvement, there was little they could do.
Frutiger did the same two years later to the
CSE-280 voice encryptor
of the Syrian Army, and subsequently got fired.
|
-
Document kindly provided by [3].
|
|
|
|
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Wednesday 01 January 2020. Last changed: Tuesday, 11 August 2020 - 06:45 CET.
|
 |
|
|
|
![Close-up of an MCC-314. Photograph kindly supplied by [3].](img/mcc314_front_large.jpg)
![Close-up of an MCC-314. Photograph kindly supplied by [3].](img/mcc314_front_thumb.jpg "image # mcc314_front_large.jpg")
![MCC-314 as part of a complete setup [1].](img/mcc314_thumb.jpg "image # mcc314_large.jpg")
![MCC-314 as part of a complete setup [1].](img/mcc314_large.jpg)