,
26 tweets,
5 min read
Read on Twitter
I am in awe of the story of Boris Hagelin. It is so absurd it can’t be real life.
In the 1920s this guy takes a management role in a mechanical cipher company at the behest of Emanuel Nobel, Alfred Nobel’s much richer nephew. The company eventually goes bankrupt.
Rather than cash it in, Hagelin buys the assets of the company and perfects the machines. Suddenly he’s making sales to the Swedish government and the French government as well.
The Soviets obtain a pair of his B-series cipher machines and copy them. The resulting machines, for which he never earns a dime, become a critical resource for the Russians in WWII.
His French contracts eventually run aground on the inconvenient fact of the Nazis invading France. This would throw a wrench into most operations. But Hagelin isn’t daunted. In Fall 1940 he boards the last ship from Genoa to the U.S. before Italy enters WWII.
In his luggage he has two of his latest cipher machines, the C-38. He doesn’t return home in 1940. Or 1941, 1942, 1943. By the time it’s safe to return to his home in Sweden it’s 1944. The US government has produced 50,000 copies of his machine under license.
The machines are manufactured in the Corona typewriter factory in NYC. The US Army calls them the M-209. The Navy calls it the CSP-1500. By the end of the war, there are more than 140,000 machines in service.
If this was the end of things, it would just be a remarkable story. But it gets so much weirder.
After the war, Hagelin moves his company from Sweden to Switzerland. The Swiss have no pesky restrictions on the sale of cryptographic machinery, so he can sell his machines commercially.
Hagelin has established a reputation by this point. It would be remiss of me to forget that at the end of the war, even Germany got in on the action — after obtaining a C-38 machine, they made their own version called the SG-41. They nearly replaced the Enigma with it.
(The German SG-41 was never broken. Had it been developed earlier in the war, and deployed at larger scale, it might have shut the Allies out of the invaluable traffic they’d been getting from ULTRA.)
Hagelin’s new company is called Crypto AG. It sells cipher machines to industry, and many smaller governments who can’t afford their own technology. Because it’s Swiss, the company is trusted in a way that NATO-based firms could never be.
This naturally attracts the attention of the NSA. The agency calls the famous cryptographer William Friedman out of retirement and sends him to Switzerland to recruit Hagelin to the US cause. en.m.wikipedia.org/wiki/William_F…
Friedman’s notes refer to this as the “Boris project”. Later declassified documents reveal that he and Hagelin came to an agreement in which the company would cooperate with the NSA.
The early relationship was modest. Hagelin provided the NSA with client lists and machine specifications. Some “problematic” clients were held back from purchasing the company’s more advanced machinery. bbc.com/news/uk-336760…
From here, everything gets much more vague. Crypto AG’s machines became more advanced and digital. Simply knowing the machine specifications couldn’t be good enough anymore. And yet the company’s clients were everywhere.
In the 1980s, President Reagan announced that the US had intercepted transmissions sent by Libya’s government. This might have been misdirection, but it cast suspicion on Crypto AG.
In 1992, the Iranian Government arrested Crypto AG’s Iranian sales representative and threw him in jail. The government alleged that Crypto AG has sabotaged its machines to allow decryption, following a known intercept several months earlier.
Later allegations would hold that Crypto AG’s digital machines would exfiltrate the cipher key in an encrypted form alongside the encrypted message. This made cryptanalysis a snap.
Crypto AG denies everything. Their representative (probably honestly) denies everything. The Iranians release him on a $1m USD bail paid by the company.
And that would normally be that. Except that the company proceeded to do one of those extraordinarily stupid things that makes me wonder if some people just want to be caught.
Instead of counting their blessings, the company fired their representative and charged him the $1m bail. He went to the Swiss and German media, who shined a very bright light on Crypto AG.
One article here: cryptome.org/jya/cryptoa2.h… 
The press even identified specific NSA employees who would fly to Zug as “consultants” and work on Crypto AG designs. It could have all been a terrible and unfair coincidence, but it probably wasn’t. The company lost clients, though it still exists in some form.
The coda to this story is that even these allegations might have remained unconfirmed, except for a later redaction error in some declassified documents. Two copies of the same document were released with different redactions.
I would love to say this is the end of the story. But of course, Crypto AG was only the canary in the coal mine. The story of how the NSA tampered with commercial cryptography gets so, so much worse. But that’s too much for this thread.
