Monday, November 13, 2017

Deep Undercover by Jack Barsky

Imagine driving on the interstate on a Friday evening with a great weekend ahead. You just passed the tollgate and a state trooper waves you over. The moment you get out of the car, an FBI agent approaches and tells you he would like to talk to you. You and I would wonder what on earth the FBI wants from you. Jack Barsky didn’t wonder. He knew his life would never be the same anymore.

If you dream of joining the secret service and operate as an illegal agent in foreign countries, you better think twice. It is indeed fascinating work but there’s little glory or 007 excitement. Only lots of stress and worries. Ask Jack Barsky, formerly known as Albrecht Dittrich.

In 1970, Albrecht Dittrich was a talented student at the university of Jena with a promising career in chemistry until a knock on his dorm room changed the course of his life. Scouted by the Stasi, Albrecht was asked by the KGB to join the almighty Soviet secret service and defend the communist ideals as a secret agent. And honestly, you and I would have been honoured to do just the same in similar circumstances. This book explains the how and why.

Albrecht grew up during the harsh post-war years in East-Germany. As a brilliant student he was destined to join the league of men who would define the future of his country and socialism. His childhood shaped his character and ideals, and when offered to serve the socialist cause in the secret service he eagerly took the challenge.

They called it serving but in reality it meant sacrifice. He left family, friends and love to be trained in Moscow as illegal agent. He told his mother he worked in diplomacy and many loved ones were told other fake stories in the next decades. Serving as illegal non-registered agent of the KGB in the United States - the main adversary - is arguable the highest rated mission in intelligence work and more a calling than work, but it had its downsides.

In 1978, after extensive training in secret communications, counter-surveillance, English language and learning his new identity, Albrecht Dittrich finally arrived in the U.S. to shake off his past life and start a new one as Jack Barsky. It was a formidable task to go from zero to hero. His book gives an excellent insight into what it takes to establish a new identity, acquire a fictitious but credible past and the trouble to transfer that fiction onto genuine official documents.

It’s an account of many tricks of the intelligence trade, learning to adapt to the culture and particular habits of an unknown country, getting a university degree all over again, loneliness, the pressure of evading counter-intelligence, improvising solutions to problems that the KGB didn't take into account, missing his wife and child and eventually alienate from his loved ones.

Despite these challenges, Jack Barsky managed to live the American but fictitious Dream and rose from bicycle messenger to successful manager in a large software firm. At the same time, he was challenged in a way that every illegal agent has to cope with. As he began to appreciate the opportunities, given to him by the United States, his dedication to the communist cause faded and he reluctantly decrypted his weekly received radiograms with instructions from KGB headquarters. Eventually, he fell in love and married a woman in the U.S. but his double life took a toll on his marriage. And just when his covert life finally seemed to have embedded perfectly in the land of the main adversary, he was waved aside at the tollgate...

The book is a real page-turner. How Albrecht Dittrich was made a spy, his training, how he embedded as Jack Barsky, what ended his spying career, how he was finally catched and his surprising redemption. But the book doesn't merely provide a fascinating account of espionage tradecraft. It's also a very personal story about the psychological and emotional burden of living a covert life. It unravels the reasons why a self-confident and a bit arrogant young man becomes a dedicated spy who sacrifices his real life in exchange for a fictitious one, how it is to even lose that fabricated life and how he eventually finds a new purpose in life.

You cannot but imagine how you would feel when you had to choose between loyalty to your country, wife and children, cope with building a new future in a country far away and then see everything falling apart. Could you live that covert life, knowing that it can all be over in a blink of an eye?

Deep Undercover: My Secret Life and Tangled Allegiances as a KGB Spy in America, Jack Barsky, ISBN 1496416821

More on Jack Barsky on this blog post and on Jack Barsky's website. You can find more book reviews at my website.

Thursday, October 12, 2017

DIANA - A Fast Reciprocal One Time Pad Table

There are various ways to perform one-time pad encryption with letter pads. The Vigenére table is a well known method to encrypt or combine plain and key text into cipher text and vice versa. However, Vigenére has some serious drawbacks. It is cumbersome, time consuming and finding the cross section between letter and key is prone to mistakes. Also, key and cipher text must be processed in the same order by both sender and receiver.

A way faster and easier system is the reciprocal DIANA table. For each column letter there is a normal alphabet and a reversed alphabet. For each column, the reversed alphabet is shifted one position against the previous reversed alphabet and the table is statistically secure (1/26 chance to produce any cipher letter). Such reciprocal tables come in various formats but they all use the same principle. Note that this table is not compatible with the Vigenére table.

Thanks to its reciprocal properties, encryption and decryption are identical and require only a single column. The order of plain, key and cipher letter don't matter and may even differ for sender and receiver. The table is easy to use and it's virtually impossible to make a mistake.

The DIANA Reciprocal One-time Pad Table ( download .txt file format)

To encrypt, we either write plaintext under key or key underneath plaintext. The choice is yours. For each combination of key and plain letter we take the table column that corresponds to the first letter and search underneath it for the second letter on the left. The lower-case letter to its right is the result.

In the example below we wrote the plaintext above the key. To encrypt T with X, find column T in the table, go downward to letter X and find cipher letter j at its right. Thanks to the reciprocal system it doesn't matter whether you combine T with X or X with T. Quite handy!
Plaintext : T H I S   I S   T H E  S E C R E T
OTP-Key   : X V H E   U W   G T P  N O P G D Z 
Ciphertext: J X K D   X L   A Z G  U H I C S H

To decrypt, take column X, go downward to J and find plain letter t at its right. Again, the order of key and cipher letter don't matter. The beauty of this system is the ease and speed of finding plain and cipher letters in whatever order you like best.

There is also a method to memorise the DIANA table and speed up the process even more. When encrypting F + G = O, we can decrypt this as O + G = F, but also as G + O = F. We call this the trigram combination FGO. Because of the reciprocal property, we can use the trigram FGO for any possible combination, that is, FGO, FOG, OFG, OGF, GFO and GOF.

Thus, if you encrypt or decrypt any letter from a trigram with another letter from that trigram you will always get the remaining letter of that trigram, regardless of the order. We therefore only need to remember the trigram FGO and instantly know every variation of the trigram. This reduces the number of combinations to memorise from 676 to 126. FGO can easily be remembered as the word "FOG".

Any user can create his list of mnemonics by memorising the 126 possible trigrams in any desired order. Some other examples are TAG (derived from AGT), BAY (derived from ABY), AIR (as itself), FDR (Franklin D Roosevelt, derived from DFR), HRB (HR Bureau), NNZ (Northern New Zealand), AMN (A-Mu-Nition), BGS (Better Get Smart), MBM (My Best Mate), JTX (Jump The Ex), VHX (Very Hot Ex), WXG (Wild X-Games) or OXO (the game). Tickle your imagination to find your own.

Everyone has his own connotations to easily remember the trigrams. Well trained operators can encrypt and decrypt on-the-fly at high speed without using any table, which is sheer impossible with Vigenére's 676 bigram combinations.

The full list of trigrams (in alphabetic order) to be memorised as any desired combination (e.g. ABY is also AYB, BAY, BYA, YAB and YBA):


With one-time letter pads, punctuations and figures in the plaintext are usually spelled out. However, to limit the message length you generally omit punctuations where it doesn't affect readability. Alternatively, you could use rare letter combinations as a prefix to convert figures or punctuations into letters, for instance QQ or XX.

In that case XXF could be used to switch to figures and XXL to switch to letters, with ABCDEFGHIJ representing the digits 1234567890. Thus, 2581 would become XXFBEHAXXL or XXFBBEEHHAAXXL to exclude errors, which is more economical than having to write out 2581 in letters. XXP could be a period, XXK a comma and XXS a slant. XXC could be Code, a prefix for three or four-letter codes to replace long words or sentences, like XXCABC, where ABC represents “Request further information” or "My location is..."

And the best of all, one-time pad encrypted messages are absolutely unbreakable if the one-time pads are used once only (hence one-time) and destroyed immediately after use. Of course, the letters should be truly random (no algorithm based pseudo-random) and generated either by hardware or a dedicated computer, never connected to the Internet, and printed on a dedicated printer.

You can download the Reciprocal OTP Table and the Reciprocal Trigram List (right-click and save). More technical and historical information about various one-time letter pads and one-time figure pads at Cipher Machines and Cryptology.

Saturday, September 16, 2017

The Spy Sons Long Way Back

I already wrote about Jack Barsky and how a spy career and family life don't always mix that well. I mentioned Tim and Alex Foley, the sons of Donald Heathfield and Tracy Foley who were arrested by the FBI in 2010. Their parents' real names were Andrei Bezrukov and Elena Vavilova, two illegal agents of the Russian intelligence agency SVR. After their trial, the spy couple and their sons Alex and Tim, then aged 16 and 20, were expelled and put on a plane to Russia, together with eight other illegals. It was the biggest spy swap since the Cold War after a decade long operation to uncover a large spy ring in the United States.

Alex and Tim Foley (now Vavilov)  in 2010

Alex and Tim, who now carry the surname Vavilov from their mother, were born and raised in Canada, briefly lived in France and then settled with their parents in the United States. They never knew anything else than the fake family history, fabricated by the SVR. Despite the fact that they testified never knowing about their parents' spying career, they were also stripped from their Canadian citizenship. Since they left the United States, they are in a legal battle to get back their Canadian citizenship and return home to pick up their old life. The only life they ever knew. 

Now, a Canadian federal court ruled that Alex Foley's citizenship should be restored. The Canadian Security Intelligence Service (CSIS) however says that his older brother Tim knew about the secret life of his parents and that he was sworn in by the SVR. At McLean's you can read about their struggle to return to their old life and the current legal battle. Fascinating story, but again, a spying career can put a heavy burden on your kids. More spy family trouble in a previous post.

Below a July 2017 interview with Elena Vavilova about her work as illegal SVR agent, raising Tim and Alex and how it was to live in the United States. In a way, she's the real Elizabeth Jennings from The Americans, the acclaimed Netflix series, inspired by this spy case (non-russian speakers can set translated subtitles).

Thursday, August 10, 2017

Secret Splitting Revisited

I wrote about secret splitting some ten years ago and decided to fresh things up and create a new easy-to-use template. You only need a pen, paper and first grade math to obtain absolute security. But first, a quick reminder on what secret splitting is, how it works and why everyone should know this interesting system.

Secret splitting (also called secret sharing) enables you to split a secret code into multiple shares and give those shares in the custody of several persons. Retrieving the original code is only possible if the shareholders agree upon putting their shares together. The secret could be the code to a combination lock, safe deposit box, electronic key or password. You can split passwords to access a computer, encrypted files, a digital lock to enter a building or disable an alarm system.

An interesting property of secret splitting is that more people with shares means more security, because more people have to agree on putting their shares together, which is the opposite of sharing the secret itself, where more people means more risk.

There are many useful applications for secret splitting where you need to delegate access to your secret code in a specific situations. You can appoint several persons that will be able to open your safe with money or critical information in case of emergency. None of them can act alone and a single trustworthy person among them is enough to prevent misuse.

A parent who has stored his money, documents or valuables in a safe deposit box can split the number combination and all children receive a share. In case of emergency or the parent's decease they can only access the safe when all of them agree upon opening the safe. Each shareholder can even split his own share again into two shares, to hide his sub-shares separately as backup or destroy his original share and store his sub-shares at different places to increase security.

You can use secret splitting for secure remote delegation through insecure channels. Create a share for yourself and one or more shares for other persons. This way, you can be on the other side of the world and send your share to all other shareholders to give them access to a computer file or the pin code of a credit card, to name a few. The shareholders can only retrieve the code at the moment that you decide to give them your share and they all need to agree. You can use any insecure method like e-mail, chat or telephone to send your share, because that single share never reveals any useful information to an eavesdropper.

The template to create your own secure shares (download pdf here)

For our template we use the method where all shares are required to retrieve the original. It is mathematically impossible to retrieve the original if a single shareholder refuses to disclose his share. This method is information theoretically secure, read unbreakable.

There is another method, called secret splitting with threshold, which requires less shares than the total number of shares to retrieve the original. It's security is based on mathematical complexity. Unfortunately, this method does not guarantee information theoretical security.

Of course, you cannot simple cut a code or password in half or quarters, as this would reveal at least part of the code and provide clues to find the rest of the code or reduce the number of combinations to try out. The secret splitting we use is based on the principle of one-time pad encryption and all calculations are performed modulo 10 (addition without carry and subtraction without borrowing). The secret code is encrypted with one or more truly random keys and, in contrast to sending the encrypted secret to the receiver, we use the random keys and the encrypted code as shares.

We can only retrieve the original code when the encrypted code and all keys are put together. Take one share out of the equation and it will be mathematically impossible to decrypt the code. The only requirements are the use of truly random digits and, obviously, secure physical separation of the shares. The small number of required truly random digits are easily generated manually.

Secret splitting may sound complicated but it's quite simple to apply. If you can add and subtract, then you can create secure shares, and all it requires is a pen and paper. You can download the new version of the easy-to-use Secure Code Splitter which comes with clear instructions and examples, a blank calculation sheet and share template. More to read about secret splitting at my website.

Wednesday, July 26, 2017

Martha Peterson and TRIGON

Martha Peterson on her
1975 Russian driver license
The story of CIA operations officer Martha Peterson Shogi and her work related to Soviet spy Aleksandr Ogorodnik is quite remarkable and also sheds some light on how the two communicated in Moscow.

Martha 'Marti' Peterson, née Denny, met her first husband John Peterson at Drew University and married him in 1969. John enlisted as Green Beret to serve in Vietnam and was later hired by the Central Intelligence Service for covert operations in Laos. In 1971, Martha and John travelled to Laos. John was killed one year later in a helicopter crash during a mission Laos.

In 1972, the CIA recruited Aleksandr Ogorodnik, a Soviet diplomat at the Soviet embassy in Bogota, Colombia. He was given the codename TRIGON. Ogorodnik provided the CIA with communications between Soviet ambassadors in South America, giving the CIA an insight in Soviet foreign politics. In 1974 he was recalled to Moscow to work at the Soviet Ministry of Foreign Affairs. His new job provided him access to communications and reports of Soviet ambassadors from all over the world. The CIA struck gold.

Aleksandr Ogorodnik
Before he returned to Moscow, the CIA provided him with a pen with miniature camera to photograph documents, a schedule to make dead drops, special carbon paper for invisible writing and trained him in the use of these materials. Ogorodnik also insisted on having a suicide pill, to use in case he got caught. CIA provided him with such so-called L-pill, concealed in a pen.

Martha Peterson returned to the Washington after her husbands death and applied for a job at the CIA. She was hired as CIA operations officer and agreed to be sent to Moscow. She received operational training and took a Russian language course. Peterson arrived in Moscow in November 1975. At the age of 30 she became the first ever female CIA officer to be stationed in Moscow and was now responsible for the exchange of communications and spy items with TRIGON.

Peterson had an important advantage over here male CIA colleagues. The Soviet Intelligence Service did not believe that an American female would be a CIA officer and assumed that she was a low level clerk. Peterson was therefore never under surveillance and, in contrary to other CIA officers, could travel around Moscow without being followed.

Peterson never met TRIGON in person. He delivered photographed documents and messages through pre-arranged dead drops, mostly in parks. After extensive surveillance detection runs she collected the content of the dead drop a short time later, at the same time supplying him with a new pen-camera with film, instructions and one-time pad duplicates through that same dead drop which he in turn collected later on.

TRIGON used the one-time pads to decrypt messages that he received trough CIA numbers station broadcasts from West Germany. During such operations, Peterson always wore an SRR-100 surveillance receiver to intercept and detect KGB surveillance communications.

In early 1977, the CIA started worrying about the quality of the material that TRIGON provided and grew concerned about his security. Eventually, on June 26, TRIGON failed to retrieve a dead drop and there was no more communications. TRIGON neither showed up after a numbers station broadcast, instructing him to meet at a pre-arranged location on July 14.

In the evening of July 15, after the usual surveillance detection runs, Peterson arrived at the Krasnoluzhskiy railroad bridge over the Moscow river, near Lenin Central Stadium. At 2230 hours she placed a dead drop package, concealed as a hollow piece of concrete, in a niche in one of the bridge’s towers. As soon as she walked out of the tower she was grabbed by three men who immediately strip-searched her, took photos and put her in a van that drove straight to Lubyanka prison in KGB headquarters.

KGB photo of Martha Peterson's apprehension at the Krasnoluzhskiy bridge

Martha Peterson during the interrogation at Lubyanka prison
Peterson's arrival for interrogation was filmed (see video at 48:58). She was interrogated while all items from the dead drop package and her SRR-100 receiver were displayed in front of her.

The U.S. Consul was summoned to Lubyanka prison to explain who she was and what she was doing. The KGB had no other choice than to release Peterson because she had a diplomatic status as vice consul (which of course was a cover for her CIA work). She was returned to the U.S. embassy and flown to Washington the next day. Declared persona non grata, Martha Peterson would never return to Russia.

The displayed espionage items, retrieved from the dead drop, and the SRR-100 receiver

In 1978, the Soviets released the story in the Izvestia newspaper and the heavily publicised spy case also ended up in U.S. press. The Soviets alleged that Peterson smuggled poison to kill a Soviet citizen that interfered with a spy's criminal activities (see Washington Post archive June 13, June 15 and June 21, 1978). These accusations at the height of the Cold War were later proven false by the KGB itself.

The fate of Aleksandr Ogorodnik was unknown until the Soviets aired the 1984 TV series TASS Is Authorized to Declare (also on Youtube). Its script was almost a copy of TRIGON’s story. In that movie, the spy committed suicide during interrogation with a pill from his pen. KGB accounts confirmed that Ogorodnik was arrested a month before Peterson got caught. During interrogation, he pretended to write a confession, took the special pen and quickly used the L-pill.

However, even today accounts vary on what actually happened to Ogorodnik and some even believe that he was killed by the KGB. We will probably never know the real story. The CIA believes that Karl Koecher, an agent of the Czechoslovak intelligence service StB that infiltrated the CIA as translator and analyst, betrayed TRIGON to the Soviets.

Martha Peterson continued to work as CIA officer in operations, including 10 years of foreign assignments, married her second husband Joseph Shogi in 1978 and retired in 2003 after a distinguished 32 year career in the Agency.

More about Martha Peterson at her website Widow Spy, which is also the title of the book she wrote about her CIA career and the TRIGON case. The CIA published a short Featured Story on TRIGON. CNN's DECLASSIFIED page tells how she revealed her secret spy life to her kids, including several images of her Moscow era They also aired Trigon: The KGB Chess Game.

An account of Peterson's arrest is found at the The Espionage History Archive which also has the Russian view on the death of Aleksandr Ogorodnik. There's also a Russian documentary. More information about the equipment, used in this spy case, is found at the Cryptomuseum website. published TRIGON Numbers Station and on my website there's more on number stations and the use of one-time pads.

But who can explain everything better than Martha Peterson herself. The Spy Museum published the podcast Caught by the KGB where she tells about how she was captured by the KGB. Below her fascinating account (direct link) of her time in Moscow as case officer with many details on TRIGON. Highly recommended!