Crypto AG is a Swiss company specialising in communications and information security. With headquarters in Steinhausen, the company is a long-established manufacturer of encryption machines and a wide variety of cipher devices.
The company has about 230 employees, has offices in Abidjan, Abu Dhabi, Buenos Aires, Kuala Lumpur, Muscat, Selsdon and Steinhausen, and does business throughout the world. The owner(s) of Crypto AG are unknown and they hold their ownership through bearer shares.
The company has been criticised for selling backdoored products to benefit the American and British national signals intelligence agencies, the National Security Agency (NSA) and the Government Communications Headquarters (GCHQ), respectively.
Crypto AG was established in Switzerland by the Russian-born Swede, Boris Hagelin. Originally called AB Cryptoteknik and founded by Arvid Gerhard Damm in Stockholm in 1920, the firm manufactured the C-36 mechanical cryptograph machine that Damm had patented. After Damm's death, and just before the Second World War, Cryptoteknik came under the control of Boris Hagelin, an early investor, and during the War essentially operated in the United States, where 140,000 units were made under licence as C-38 (see M-209). In the early 1950s, it was transferred from Stockholm to Steinhausen as a result of a planned Swedish government nationalisation of militarily important technology contractors, and was incorporated in Switzerland in 1952.
In 1994, Crypto AG bought InfoGuard AG, a company providing encryption solutions to banks.
The company has radio, ethernet, STM, GSM, phone and fax encryption systems in its portfolio.
According to declassified (but partly redacted) US government documents released in 2015, in 1955, Crypto AG's founder Boris Hagelin and William Friedman entered into an unwritten agreement concerning the C-52 encryption machines that compromised the security of some of the purchasers. Friedman was a notable US government cryptographer who was then working for National Security Agency (NSA), the main United States signals intelligence agency. Hagelin kept both NSA and its United Kingdom counterpart, Government Communications Headquarters (GCHQ), informed about the technical specifications of different machines and which countries were buying which ones. Providing such information would have allowed the intelligence agencies to reduce the time needed to crack the encryption of messages produced by such machines from impossibly long to a feasible length. The secret relationship initiated by the agreement also involved Crypto AG not selling machines such as the CX-52, a more advanced version of the C-52, to certain countries; and the NSA writing the operations manuals for some of the CX-52 machines on behalf of the company, to ensure the full strength of the machines would not be used, thus again reducing the necessary cracking effort. Crypto AG claims that the products it currently sells are not compromised.
Crypto AG had already earlier been accused of rigging its machines in collusion with intelligence agencies such as NSA, GCHQ, and the German Bundesnachrichtendienst (BND), enabling the agencies to read the encrypted traffic produced by the machines. Suspicions of this collusion were aroused in 1986 following US president Ronald Reagan's announcement on national television that, through interception of diplomatic communications between Tripoli and the Libyan embassy in East Berlin, he had irrefutable evidence that Muammar al-Gaddafi of Libya was behind the 1986 Berlin discotheque bombing in which two US service personnel were killed and another fifty injured. President Reagan then ordered the bombing of Tripoli and Benghazi in retaliation. There is no conclusive evidence that there was an intercepted Libyan message.
Further evidence suggesting that the Crypto AG machines were compromised was revealed after the assassination of former Iranian Prime Minister Shahpour Bakhtiar in 1991. On 7 August 1991, one day before Bakhtiar's body was discovered, the Iranian Intelligence Service transmitted a coded message to Iranian embassies, inquiring "Is Bakhtiar dead?" Western governments were able to decipher this transmission, causing Iranian suspicion to fall upon their Crypto AG equipment.
The Iranian government then arrested Crypto AG's top salesman, Hans Buehler, in March 1992 in Tehran. It accused Buehler of leaking their encryption codes to Western intelligence. Buehler was interrogated for nine months but, being completely unaware of any flaw in the machines, was released in January 1993 after Crypto AG posted bail of $1m to Iran. Soon after Buehler's release Crypto AG dismissed him and charged him the $1m. Swiss media and the German magazine Der Spiegel took up his case in 1994, interviewing former employees and concluding that Crypto's machines had in fact repeatedly been rigged.
Crypto AG rejected these accusations as "pure invention", asserting in a press release that "in March 1994, the Swiss Federal Prosecutor's Office initiated a wide-ranging preliminary investigation against Crypto AG, which was completed in 1997. The accusations regarding influence by third parties or manipulations, which had been repeatedly raised in the media, proved to be without foundation." Subsequent commentators were unmoved by this denial, stating that it was likely that Crypto AG products were indeed rigged. Le Temps has argued that Crypto AG had been actively working with the British, US and West German secret services since 1956, going as far as to rig manuals after the wishes of the NSA. These claims were vindicated by US government documents declassified in 2015.