False Positive

When I ran my regular virus scan this morning I was stunned by the report that several files were infected (Exploit.PHP.Userpic.a), of which one in the installation zip of the popular Enigma Sim, available as download on my website. The same file was also infected in the source code folder as well as my own installation folder!

Not taking any risk, and since the software is downloaded many times each day, I immediately created a new installation and zip. As it turned out later, lots of work for nothing. I already found it strange that even old CD's, which cannot get overwritten, were also infected. After contacting F-Secure I received the confirmation that it was a false positive and the error was fixed in the new anti-virus update. After I checked some forums it seems Kaspersky AV also had the same problem.

Nice to know that my carefully scanned and published software is clean, but this doesn't do any good to your credibility if someone downloads from your website and runs into a wrong virus alert. I can imagine that some commercial firms aren't that happy if they are wrongly 'accused' of downloading viruses onto your computer. It's a bit like being wrongly accused, jailed and then set free. Damage done.

I must say that my e-mail to F-Secure was answered within 15 minutes, apologies inclusive, and indeed, about one hour later the new AV database update no longer reported my precious files as infected. So, no complaints here. But this shows how vulnerable our modern Internet society has become, not only for viruses, but also for these false positive alerts and the consequences that can follow. It has cost my about one and a half hour of recompiling the code, creating installs, uploading, adding apologies to the concerned web page, changing these apologies again, etc etc. All for nothing! Fortunately it's freeware, and I'll be just as poor as I was before. But I can imagine some people lose customers thanks to a virus that doesn't exist.

At the end, visitors on my website will all know by now that I regularly scan my stuff and make sure nothing gets infected. They can download without fear, as before!

Update: I noticed that many visitors landed on my weblog, searching for information about "Exploit.PHP.Userpic.a". To all people that are affected by this nasty thing, one advice: contact your AV provider and send him the infected file (zipped). I don't have any idea how many and which type of files are false positive and which are actually infected, but I'm sure the Exploit things exists (otherwise they didn't searched for it), so never assume it's always false alarm.

Cold War SAGE System

SAGE - Semi Automatic Ground Environment - was an automated system for tracking and intercepting enemy bomber aircraft. It was developed in response to the threat by Soviet high speed nuclear bombers such as the notorious Tupolev Tu-95 (codenamed BEAR by NATO)

The SAGE project was developed by MIT Lincoln Laboratory, IBM and many other top notch firms. It became operational in 1959 and was a part of North American Aerospace Defense Command (NORAD) until 1989, when it was replaced by more advanced systems.

SAGE was at the time the most advanced network of large early warning radars on land and sea, and AWACS airplanes. All these stations electronically transmitted their data to an information storing and processing system. The core of that system was the AN/FSQ-7, the largest computer ever build. It processed the identification, directions and speed of enemy airplanes, and calculated interception coordinates, altitude and time. All that information was sent to screens, ready for use. And all this 1959! This enabled US interceptor aircraft to be guided accurately towards the enemy bombers.

Although a most advanced system, SAGE was soon to be proven useless against a new threat, the intercontinental nuclear missiles. Nonetheless, SAGE was a very important kick-off for many new technologies such as advanced radar systems, computer communication networks, the development of computer memory storage, on-screen information display, the light pen and much more. More on SAGE on Wikipedia

There's an interesting Cold War movie about SAGE from the Computer Museum. Not only it explains the general concept of SAGE, but it's a very nice example of how Cold War propaganda scared the hell out of people. After viewing this movie you'll understand why people got paranoia and started to build nuclear shelters in their garden!

You can view the magnificent 23 minutes movie here, or watch it on youtube. Hit the full-screen button and swallow some hot Cold War Stuff!



Another fine example of scaring people nuts, children on playgrounds and nuclear blasts inclusive, is displayed in a two part movie. This is the Cold War on its best (as a matter of speaking). Visit part 1 and part 2 and enjoy!

Secret Splitting

An interesting way to use one-time pad encryption is Secret Splitting. We all know what sharing a secret is (people tend to have problems not to share secrets). The opposite of sharing secrets is to split them.

Suppose Charlie has a secret password or a safe combination he wants to share with someone in case of emergency. Wouldn't it be great if he could split his secret and give one share to Alice and one share to Bob? The secret could only be retrieved when both Alice and Bob agree on sharing their secret. Of course, cutting it simply in two and give each person half the secret would reveal already that part, so that would not be safe.

Well, there's a simple solution and it's called one-time pad. Secret Splitting is a special way of using one-time pad, since you don't send a secret message, and the key isn't destroyed. Here's how it goes: Charlie subtracts a random key, digit by digit (without carry), from his safe combination. He gives one share (they key) to Alice and one share (the result) to Bob.

To retrieve the original combination, Alice and Bob just add their keys together, again without carry. Of course, one could also split text by first converting the letters into digits (f.i. A=01, B=02 and so on through Z=26).

If the original is destroyed there is mathematically no way to retrieve the information without using both shares. There are some interesting applications for this system. It's for instance a secure alternative to keeping passwords in an envelop. It's also a clever way to share things with people who don't trust each other. Suppose grandpa, old and sick, splits the secret combination from the safe that contains his savings and gives each of his children one share of that secret. They can only get their hands on his money if they all agree (not that this will make grandpa live longer).

More about one-time pad and Secret Splitting at this webpage.

Whitfield Diffie on Cryptography

There's a good video from a talk that Whitfield Diffie gave at the Computer History Museum. The subject is Information Security before and after Public Key Cryptography. Whitfield tells about the development of cryptography, the problems with key distribution, the solutions to that by public key cryptography and the future of cryptography. Most interesting lecture for the novice, without any technical details or math stuff. A good introduction in cryptography.

Whitfield Diffie knows what he's talking about. He's one of the inventors of the Diffie-Hellman (what's in a name) public key protocol and is now Security Officer at Sun Microsystems. If you want to read up on Whitfield, there's an interview with Diffie on Wired.com

You can view the talk by Whitfield (1h16 ) here or click it once more to view it directly on Youtube, where you can maximize it. Enjoy!

One-time Pad Tool

I just uploaded a new software tool on my website to perform one-time pad encryption. If you enter a plaintext and one-time pad the little program converts the plaintext into numbers and calculates the ciphertext. The CT-46 table is used to convert the text into digits. The program contains a help section with instructions on how to use the pencil-and-paper version and the conversion table.

Although the program works exactly the same as the real method, it is meant for training purposes. As we all know, the only secure computer is a stand-alone laptop, stored in a safe. Given the many viruses, trojans and spyware it's useless to use a perfect crypto system on the most insecure device ever, your PC. The best way to apply one-time pads is simply with pencil and paper. However, the software is ideal to learn working with one-time pads, and if you do have a completely isolated PC and a good random number generator the program will save you lots of time and work.

All you want to know about one-time pads and the freeware program download at the one-time pad page on my website. More about working with one-time pads on this page.

Stiller-Michnowski Spy Case

Whilst looking for info on Numbers Stations, I bumped into the story of Michael Michnowski. Together with his mother and Werner Stiller, an East-German foreign intelligence officer from the HVA (Hauptverwaltung Aufklaerung), he fled in 1979 from the German Democratic Republic to the West. It's the true story of a 16 year old boy, dragged into one of the most spectacular spy cases of the Cold War. Before saying 'that must have been cool' you better read his story first.

Michael, who was relocated to the United States with the new identity of Thomas Wagner, wrote his fascinating story on a most interesting website. Not only he gives an insight on why and how they defected, but also depicts in colorful details, flavored with some fine humor, growing up in a country that was totally controlled by Erich Mielke's Stasi (State Security) and completely shut-off from the western world.

It's a story of hope, love and intrigue, but above all a story of incredible mistakes, planning and preparations going wrong, lots of luck and quit a few guardian angels. He also describes the covert communications with the BND (Bundes Nachrichten Dienst), the West-German intelligence service, by means of dead-drops, how they used a small shortwave radio to receive one-time pad encrypted messages, sent by BND Numbers Stations, and how they deciphered these messages.

With spy-catcher Hannes Schroeder and his a complete counter-intelligence department always just one step behind, trying to find out their identity, they finally managed to escape East-Germany. Documents and photographs, provided by Stiller, enabled the BND to capture many spies and even identify the notorious 'man without a face', HVA spy-chief Markus Wolf. At the end, the spy case resulted in a big embarrassment to the East-German intelligence services, and there was even a one million Deutsche Mark bounty for the capture or execution of the defectors.

I can highly recommend reading the complete story called "If It Had Not Been For 15 Minutes" at http://www.myspystory.com/

Enigma Challenge Results

I finally had the time to revise the Enigma challenge Table of Honor. After two years, 97 competitors joined the challenge to crack the 10 secret messages, encrypted with the German Enigma machine. New people keep entering the challenge. The All-Time Table of Honor started to get a bit over-populated and a new table design gives each codebreaker his little spot in the light, together with the flag of his country.

New codebreakers can still join the challenge and earn a place in the tables! You don't need to be a professional cryptologist or maths geek, just a bit of grey matter, logical thinking and some luck will do just fine. Nothing beats the thrill of an encrypted message that unveils its secret text! Check out the new All-Time Table of Honor at the Enigma Cipher Challenge page.

The Radio Security Service

The Radio Security Service or RSS was a British organisation that intercepted radio signals during the Second World War with the help of radio amateurs or Hams. In 1939, Lord Sandhurst asked Arthur Watts, the President of the Radio Society, to see if radio amateurs could assist in a listening watch. The new organisation, lead by Colonel Worlledge, was called MI-8, generally known as the Radio Security Service. The radio amateurs were called Voluntary Interceptors or V.I.s.

The initial goal was to help in detecting an locating German spies that transmitted from within the UK. A German spy network was indeed identified and several potential spies were met on arrival and were jailed, executed or turned into double agents. Another important job of the V.I.s. was intercepting all kinds of communication signals, originated from Germany and the rest of Europe. Most of the German radio traffic was encrypted, mostly with the Enigma cipher machine. The RSS assisted in supplying Hut 6 at Bletchley Park with large numbers of messages to break into the Enigma traffic. In 1941 the Secret Intelligence Service (MI6) took over the RSS which at its peak employed more than 1,500 people located all over Great Britain, most of whom were radio amateurs.

The radio amateurs became very skilled at reading weak Morse signals. Most of their radios were home designed and built, such as the Eddystone "All World Two" kit (image top). The more lucky ones had commercial receivers such as a Hallicrafter or the expensive National HRO-5 (image right). These amateurs have made a valuable and important contribution to the war efforts. At the Secretlisteners website you can find the history of the RSS. Another good description is found on 64 Baker Street.

Oleg Kalugin

Born in 1934 as the son of a NKVD officer, Oleg Kalugin was destined for a career in the intelligence services. After graduating from the Leningrad university he was recruited by the KGB. It was the start of a remarkable career in the First Chief Directorate - the foreign intelligence service - as undercover agent, mainly in the United States.

His first assignment in 1958 was as a student at the Columbia University in New York. Shortly after, he was employed as Radio Moscow correspondent at the UN in New York, of course under his cover as journalist, for the next five years. He returned to the Soviet Union to work under the cover of press officer in the Soviet Foreign Ministry in Moscow. It was a run-up to a five year career as press officer for the Soviet Embassy in Washington, DC from 1965 to 1970. In reality, he was chief of the Rezidency of the Soviet Embassy, in other words, head of the KGB office in Washington. Kalugin made a swift career in the First Chief Directorate and became the youngest general in the history of the KGB. As head of the KR line (foreign counterintelligence) he was involved in many of the most notorious spy cases in the Cold War period.

As a KGB General, Kalugin became more and more frustrated about the way the KGB worked and how it was lead. His criticism finally resulted in a demotion to a less important post in Leningrad in 1980. Having experienced the corruption from within the KGB an amongst Communist Party officials he retired from the KGB in 1990. His public attacks on the KGB resulted in the loss of his KGB rank, his decorations and pension. However, thanks to public support, Kalugin obtained a seat in the Parliament of the USSR. After the 1991 putsch, Kalugin became advisor to Vadim Bakatin who finally dissolved the old KGB and initiated the reforms of the Russian intelligence services.

When Vladimir Putin became president of the Russian Federation, Oleg Kalugin saw this as a return of the old power of the KGB in politics, an opinion he also expressed in public. While visiting the United States for businesses, Kalugin was accused of treason. He never returned to Russia and was convicted in absentia to 15 years in jail. The US refused to extradite Kalugin who now works as a staff members at the Counter Intelligence Centre. He remains a critic of Vladimir Putin. Kalugin published two books, Spymaster and The First Directorate, and was co-writer to several other books.

More about Oleg Kalugin at the CI Centre website and the CNN Cold War pages. On Youtube there's a most interesting interview with Oleg Kalugin.

Numbers Relay Page

The Numbers Relay Page (NRP) is an online method to post numbers messages. The NRP is the Internet alternative to Numbers Stations, offers anonymous communication and requires only a computer with Internet browser. You don't need an e-mail account or software and you can post or read messages from any public computer.

Using the NRP is very simple. Create sets of one-time pads and give a copy of them to your correspondent. When you want to send a message, encrypt it with the one-time pad and just post it to the NRP. Thanks to the one-time pad encryption, your messages are absolutely secure. The recipient reads the message from the NRP and decrypts it. Both you and the recipient can use any public computer and stay completely anonymous.

More about the NRP on this page. On my website you can find more information about one-time pads and how to use them in practice.

GRU

GRU (Russian: ГРУ, Главное Разведывательное Управление or Glavnoje Razvedyvatel'noje Upravlenije) is the Main Intelligence Directorate of the Armed Forces of the Russian Federation. The GRU was created by Lenin in 1918 to gather military intelligence and is known for its fierce rivalry with the KGB and the CPSU, and other intelligence agencies, in order to maintain its independence.

The existence of this secret military service was unknown to the West until after the Cold War, when information became available after the defection of GRU and KGB agents. The GRU is the largest Russian intelligence gathering agency and has far more personnel, 'military attachés', 'advisers' and agents in foreign countries as the SVR, the successor of the KGB. They collect information by Human and Signal Intelligence, espionage, reconnaissance and satellite imagery (Space Intelligence Directorate). The Spetsnaz special forces originated from the GRU but were later introduced in other parts of the armed forces due to its success. GRU is the only intelligence agency that survived the reorganisations after the dissolving of the USSR.

Information by defectors and documents from the Mitrokhin Archive (see my book review) revealed that GRU is infiltrated in all Western countries and has weapons and explosives caches in Europe and the United States, to be used in event of a war. The GRU remains a very secretive organisation and little details of its operations, capabilities and methods are known.There's an interesting interview with interview with General Korabelnikov, chief of the GRU or you can read more about GRU at the FAS website and on Agentura ru.

Code Breaking in Law Enforcement

There are some very interesting back issues at the FBI Forensic Science Communications webpage. The Volume 8 number 2 issue talks about long history of code breaking in law enforcement. Criminals have always tried to hide incriminating documents and secure their communications. Some of them were smart and used cryptography to protect information. Unfortunately for them, law enforcement has codebreakers, and they are mostly smarter than the bad guys.

Theodore Kaczynski, the Unabomber, kept log books of his crimes and plans of crimes, yet to commit. After his arrest FBI found these note books and succeeded in deciphering the incriminating writing. Two leaders of the Aryan Brotherhood prison gang were convicted for murder inside the jail, after experts broke their encrypted execution orders. During the prohibition years, rum-runners used encrypted radio communications on a large scale. Among the codebreaker in the battle against the the rum-runners was the legendary Elizebeth Friedman.

But the FBI wasn't always successful. In 1953, an encrypted text on microfilm was discovered in a hollow nickel. The code remained unbroken for four years, until a defected spy revealed information on Soviet cipher codes. More about the hollow nickel case here and there. The Zodiac killer published several ciphers, of which some were never broken. He never got caught.

Visual Cryptography

Visual Cryptography is very special type of encryption, proposed by Noni Noar and Adi Shamir. It allows a message or drawings, hidden in an image, to be decrypted by the human eye, and without the need for an encryption device, a computer or performing calculations by hand. For the recipient, it is the most simple and yet absolutely secure system.

In Visual Cryptography, two transparent images are created: one layer with random pixels, and a second layer with the secret information. Visual Cryptography works with layers with either identical or complementary pixels, a visual version of XOR-ing. Reading the information is only possible when both layers are aligned exactly on top of each other. If true (crypto secure) randomness is used to generate the pixels for the first layer, it can be seen as a one-time pad system. In this case, retrieving the secret information from one of the layers is impossible if not in possession of the other layer, and Visual Cryptography offers absolute security.

More on Visual Cryptography on my website. Dutch reader can go to this page.

Enigma Simulator for MAC OS

A beautiful simulator is now available for MAC OS. It's written by Terry Long, a young student, and has all the nuts and bolts it needs. The rotors with their ring settings, the plugboard, even the Schreibmax add-on, the device that printed the output on a paper ribbon, and sound effects. The program also incorporates a clipboard function and exporting text to a file.

Terry has done a great job on this simulator and I'm glad that, from now on, MAC users can also enjoy this notorious cipher machine. Enigma is the most famous example of the battle between codemakers and codebreakers and shows the importance of cryptography to military and civil intelligence. The Enigma simulator for MAC OS is available for download at Terry's Website.

Of course, the Windows based Enigma simulator is still available as freeware on the Cipher Machines & Cryptology website.

The Crypto Box Challenge

After the success of the Enigma Challenge, with competitors of more than 25 different countries, a new challenge starts on my website on December 6. The Crypto Box Challenge consists of three shuffled portions of text, little poems in the English language, that have to be deciphered. Each of these boxes has it's own difficulty level. It's not an easy challenge, and solving the three puzzles of text will give you lots of brain-work. So, get to work and earn your place in the Table of Honor. There is a small freeware program that you can download and that enables you to shuffle around with the letters. Of course, you can always use the program to create your own puzzles or encrypt small pieces of text.

More on the Crypto Box Challenge on my website.

Update Feb 16: People from 11 different countries have joined the challenge, but the last Crypto Box remains unbroken.

Site Review: Elonka Dunin

Elonka Dunin is an American writer, cryptographer and game developer. She's a busy lady and was even invited to speak at FBI and NSA meetings, and at CIA headquarters regarding steganography and Al-Qaeda codes. In 2003, she organized a team that cracked the Cyrillic Projector, a sculpture by James Sanborn, containing an encrypted text. Another work of Sanborn is the Kryptos sculpture on the grounds of the CIA in Langley. Elonka co-founded the Yahoo Kryptos Group about the breaking of Kryptos.

On her website you can find a most interesting page on the efforts on breaking Kryptos and her famous list of unsolved codes and ciphers. Still plenty of ciphers to be solved, so if you have the time, go ahead. She also published The Mammoth Book of Secret Code Puzzles. You can also find the transcript of the cracked Cyrillic Projector code on her site. If you're interested in cryptology and other mysterious stuff, I can recommend her weblog on memestreams.net.

Pies Descalzos Foundation

I normally write about more technical stuff on my weblog, but for a good reason I can always make an exception, and Pies Descalzos (Bare Feet) is more than a good reason. The Pies Descalzos Foundation is a non-profit and non-governmental organization that was founded by Shakira Mebarak Ripoll, the well-known Colombian artist, in 1995. In Colombia, three million children can't go to school, two and a half million children work and many thousands of them are physically or sexually abused or live on the streets. Insane numbers!

The goal of the Pies Descalzos Foundation is to help Colombian children who are victims of violence, are displaced or live in poverty. They do this by providing them education, nutrition, health care and psychological support. The foundation has already build five schools in areas that are seriously affected by internal displacement. So, please pay a visit to their website and read about the foundation, its history and its goals, and maybe you can contribute to the faith of those children.

3 Seconds from World War 3

September 1, 1983. Soviet airspace over the Sakhalin Island. A Korean Boeing 747, flying from the US to South Korea, doesn't respond after violating Soviet airspace a second time. After escorting the 747 for more than an hour, two Soviet SU-15 interceptor aircraft receive the order to shoot down the airplane. 269 passengers and crew are killed. The Cold War is on its hottest ever. The US military superiority feeds the conviction of the Kremlin that a First Strike scenario by the United States is only a question of 'when'. What happens 4 weeks later should be viewed in that context.

On the night of September 26, lieutenant colonel Stanislav Petrov resumed his shift in a bunker of the Strategic Rocket Forces. The unimaginable happens when the computers capture a nuclear missile launch from the US. According to Soviet strategy protocol, an immediate full-blown nuclear weapons counterattack against the US should be launched. Colonel Petrov cannot believe that World War 3 has begun. Why only one missile? He's convinced it's a computer error and decides not to start a nuclear counterstrike. However, only minutes later, a second, a third and a fourth missile are detected. The USSR is under missile attack! Millions of people will be killed in Moscow. Now is the time to push the button. Petrov refuses to believe it has come this far and stays convinced that it's a computer error.

Petrov was right and prevented a worldwide nuclear war that would have destroyed all large cities in both the US and the Soviet Union. This makes him one of the most important persons in the 20th century. Unfortunately, the Kermlin wasn't that happy. By breaking a critical military protocol, Petrov risked millions of Soviet lives. He was sent into early retirement with a small pension and suffered a nervous breakdown. It was only in 1998 that a book, written by another officer in that bunker, revealed the story of this heroic man. In 2008, a movie is set to be released about the incident. And now, all together: "Thank you Petrov!".

It's not the first, nor worst nuclear incident, as you can read in my January Blog, but it sure could have ended as the worst ever incident in history of human civilisation. More about Petrov in this BBC news article, including a video, or on WashingtonPost.com

FAPSI - Russia's SIGINT Agency

FAPSI - Federalnoye Agentsvo Pravitelstvennoi Svayazi I Informatsii - is Russia's Federal Agency for Government Communications and Information. In short: the Russian equivalent to the American NSA or British GCHQ.

After the reforms in 1991, the KGB was divided into several different smaller agencies. One of them is FAPSI, created from the KGB's 8th Main Directorat (communication and cryptography), the 12 Directorat (eavesdropping) and the 16th Directorat (interception of communications and Signal Intelligence). FAPSI is responsible for SIGINT (signal intelligence), government communications, cryptography in all its aspects and information technology.

FAPSI operates a large satellite network (since the 1970's more than 130 satellites) for interception and communications and has a large number of SIGINT stations around the world. One of the largest is located in Lourdes, Cuba. An enormous interception facility at the doorstep of the US, in the footprint of several American satellites, and a transmitter site of numbers stations. Another large station is located in Cam Ranh Bay, Vietnam. If you think only the West has its Echelon project, you forgot FAPSI, with far more personnel than NSA and GCHQ together! Inside Russia, FAPSI monitors civil and government communications and is responsible for approving all cryptographic software (other crypto software is forbidden in Russia).

FAPSI incorporates the Military School of FAPSI (aka the world largest hackers school) and the Military School of Communications. FAPSI also employs graduates from the Academy of Cryptography of the FSB (not a school but a "scientific organisation", read codebreakers). FAPSI also provides secure communications to the Leaders of the Russian Federation and encrypted HF telephone communications for the government. All together an enormous service that controls all communications security and gathers large quantities of information, home and abroad.

More about FAPSI on KGB Military School, Federation of American Scientists and Agentura.ru.

The "Kurier" Kurzsignal System

At the end of the Second World War the Kriegsmarine - the German Navy - experimented with a new system of radio transmissions to counter the threat of Allied HF Direction Finding. The "Kurier" system, based on what now is called burst-encoding, reduced the transmission time of a Kurzsignal - a short signal message - to only 340 milliseconds! A magnetic pickup element on a rotating arm passed 85 pre-settable levers on a drum. The settings contained the message in a pulse variation of Morse.


Not only the transmission time was reduced, but Kurier also introduced a new and complex system of frequency schedules and small frequency shift in the Kurier codebook. The system was to be used for Kurzsignalen and Wetterkurzsignalen, the short messages and weather reports. Although the Kurier experiment was given top priority it never became fully operational on the U-boat fleet before the end of the war. If Kurier had been operational earlier in the war, this could have been devastating for the Allied naval forces in the Atlantic. Being unable to locate U-boats by HF-DF and not monitoring the Kurzsignal messages would have deprived the codebreakers in Bletchley Park from the essential cribs to break the Naval Enigma keys.

On my website you can find the article on Kurzignalen, and I just added the new information about the Kurier system. The page also contains several images of the Kurier Kurzignal book which describes the procedures for frequency schedules and how to compose a Wetterkurzsignal or short signal weather report.

German Communication

The Centre for German Communication and related Technology is a foundation that preserves the history of German technology, more in particular from before and during the Second World War. It's a large collection of original documents, plans and circuit diagrams about all sorts of technology, ranging from radio equipment, encryption devices, patents, measurements, radar and company history.

I was especially pleased to find detailed documents and images about the G-Schreiber T52d cipher machine, the Kurier system, which is a German type of burst encoder transmission system, and radio equipment from the Abwehr (German secret service). There's an extensive Handbooks section with a wealth of original documents. Don't forget to visit the Archive display, with lots of detailed images of all kinds of equipment. There's far too much to explain it all here, so do visit the website!

Canadian Foreign Service Communicators

The Canadian Foreign Service Communicators served in the telecommunications division of the Canadian Department of External Affairs, at headquarters in Ottawa and at Canadian Embassies and Missions abroad. Many of them had a military communications background. As civilians they became responsible for preparation and transmission of an uncountable number of telegrams. They worked with several different types of telex machines and communications were of course protected with then appropriate encryption systems such as BID 610, KL-7, KW-7 or the manual One-Time Letter Pads and One-Time Figure Pads . These were the days that secure communications were an art. Early 1990's the communicators were kicked off by new technology.

A brief but interesting history on the Foreign Service Communicators is published on the AFFSC website. They also have a COMWEB Museum with an interesting Exhibits section (scroll down!). Another related website is the Military Communications and Electronics Museum. They have an online museum tour, describing the Canadian communications history from the 19Th century until today. I found an interesting photo gallery on the Old Foreign Affairs Retired Technicians website http://www.ofarts.ca/. Click on the Photo Gallery menu and select Shop Floor. My kind of stuff! Another good article on communicators, with many images, is found on Jerry Proc's website.

Numbers and Spies

The August edition of Spycast is an interesting interview with Scott Carmichael, the Defence Intelligence Agency (DIA) counterintelligence official who investigated the Ana Belen Montes case. Montes, the senior Cuba analyst at the DIA, was arrested in 2001 and charged with committing espionage for Cuba. The federal prosecutors stated that she communicated with the Cuban Intelligence Service through encrypted messages and received her instructions through shortwave encrypted transmissions from Cuba. This case reminds me again at the famous numbers stations, and more specific at the Cuban "Attencion 1234567890". This case, just as the "Spy With No Name" case I wrote about last month, once again confirms that numbers stations are indeed spy stations. The messages on these numbers stations are believed to be encrypted with the absolutely secure one-time pad.

I recently uploaded Numbers v3.2, a small Crypto Secure Random Number Generator that generates pads with random numbers in various formats. It's available as freeware download on my One-time Pad page. Although using a CSPRNG theoretically never achieves Shannon's perfect secrecy, it will be useful in practice to generate one-time pads. Given the astronomical seed depth and period, it's infeasible to retrieve a CSPRNG numbers stream, and it will function in practice like a one-time pad. For those who are interested, the readme file in the install zip contains the VB source code of the generator algorithm.

Spy With No Name

There's an interesting story on Simon Mason's Shortwave Espionage website about the Czech Cold War spy Erwin van Haarlem. The story begins in the Second World War, when the Dutch Mrs Joanna van Haarlem got a child with a German soldier. Joanna, who had Jewish roots, was shunned by her family and left the child with the Red Cross in Prague. No one ever heard of the child's whereabouts. Years later Vaclav Jelinek, a young Czech man who just finished his military service, was approached and recruited by the StB, the Czech Secret Service.

The StB decided to give him the false identity of Erwin van Haarlem and trained him over several years to become a skilled secret agent with a false - but existing - background. As a - pretended - child of a Dutch mother he had both Czech and Dutch nationality and therefore acquired a Dutch passport at the Dutch Embassy in Czechoslovakia. In 1975 he arrived in Britain and started his spying career for the Czech StB and the Russian Secret Service. Meanwhile, Mrs Joanna van Haarlem found him through the Red Cross and finally was reunited with her alleged son in 1977.

More than ten years she believed to have found her lost son, until he was arrested in 1988 by British Special Branch detectives in his apartment while receiving coded shortwave messages from a numbers station. Also, One-time Pads, used to decode messages, were found hidden inside soap bars in his apartment. DNA samples later confirmed that he wasn't Joanna's son. Vaclav Jelinek (photo) never told his real name during the investigations or at the trial and the spy with no name was sentenced in 1989 to ten year imprisonment. He was released and deported to Prague in 1994. Joanna finally found her real son who had changed his Dutch name in a Czech one at the age of 15. He knew nothing about the misuse of his name by the StB. Jelinek's story is a good example of infiltration under stolen identity during the Cold War.

The complete story of the false identity and how Jelinek was captured can be found on this web page. It also includes a link to a very intersting two-part radio program (in Dutch) with the story of his mother (part 1) and a 30 minutes interview with Vaclav Jelinek himself (part 2). A 30 minutes BBC Radio 4 program, explaining Number Stations that are used to transmit coded messages on shortwave radio (which also mention Erwin van Haarlem) can be downloaded on this page (6.6 Mb wma file). Very interesting!

NSArchive on SpyCast

I already wrote a Site Review on the National Security Archive last December. This month Peter Earnest from the International Spy Museum interviewed Tom Blanton of the National Security Archive. They talk about recently declassified documents about CIA activities in the Cold War, the assassination attempts at Fidel Castro and domestic wiretapping. Another interesting interview in the Spycast series. You can download the podcast MP3 file at the SpyCast web page by right clicking the July 1st interview link and select Save Target As... (opening the file directly would take to much time)