Threat Inteliigence / OSINT / NETSEC / NATSEC

Visiting the National Museum of Cryptology at the NSA

Full photo gallery available here 🙂

Even though my visit to the USA was purely for holiday, I couldn't miss the opportunity to visit the NSA. Unfortunately, it is not possible to visit the agency itself, but it is the only one of the organizations that make up the United States Intelligence Community that has its part open to all interested parties. That part is the National Cryptology Museum, located near the actual campus where the famous office building housing the National Security Agency, Central Security Service, and US Cybercommand is located.

As you can guess, this part is very closely guarded. Already at a considerable distance from the gates leading to the employee parking lots, we were greeted by a number of cameras placed on gates above the road. Despite security measures, we encountered a group of agents completely disregarding the applicable rules. We're talking about a flock of geese that marched right in front of our Uber on the road and then continued to infiltrate the complex.

Unfortunately, the USA is a very car oriented country and getting there from Washington by any public transport is quite difficult. So we ended up choosing Uber and the ride took about 40 minutes. Once we are there, only a series of parking lots will separate us from the NSA itself.

The Museum building itself, as befits the installations of an intelligence agency, looks very inconspicuous. This is helped by the fact that it was built from a converted former motel.

From the parking lot of the facility you can clearly see the guarded part and the characteristic black office building, but we decided not to take photos. US law in this area is not entirely clear to me - according to the ACLU The constitution guarantees the right to photograph publicly visible objects, however The NSA guards its privacy quite closely (and the Museum area is not necessarily a public space). During the holidays, however, I had no desire to set precedents regarding the interpretation of the First Amendment to the US Constitution. Therefore, the presentation of the buildings' position will be outsourced to Google, which is certainly better prepared to deal with possible legal problems. Here, on the far right you will see the NSA complex, and on the left the Museum.

However, you can take photos freely in the facility itself, where you will be greeted by a mosaic of the NSA logo and, as befits the Museum of Cryptology, an encryption shield.

After entering the Museum, in front of you you will find the Memorial Hall, which commemorates the fallen cryptologists.

The actual part of the Museum consists of three main rooms and additional attractions such as a library and a souvenir shop.

What caught my attention the most was the third room - and not because of the "cyber" (which ultimately did not exist), but more on that in a moment.

The first room covers the period from the American Revolutionary War to World War II. It is no wonder that the central place in the exhibition is occupied by the "Bombe", which once belonged to the US Navy and was used to break Engima codes by simulating the operation of the machine (actually many machines) and by checking subsequent rotor settings, enabling messages to be read.

Much of the room's decor revolves around the Enigma. Here we find a copy that served in Hitler's headquarters:

As well as several serial production units on display for visitors to use. So you can feel like an Enigma operator transmitting information from the front. During our tests, we encountered minor problems with the device, as the lights under the letter board indicating that a key had been pressed did not always light up, which made it difficult for us to determine whether the device had accepted the next character. This is important because each press causes the rotor to rotate, so the correct writing of the encrypted message is necessary for it to be read by the recipient.

There is also a series of plaques in the room describing the history of the Battle of Midway. The American victory during this battle was closely related to breaking the Japanese code, as intercepting and decrypting the communication allowed Admiral Nimitz to set a trap for the Japanese fleet.

However, the Second World War is quite a modern period. The room also contains exhibits related to the American Revolutionary War. After all, intelligence and secret operations were one of the elements that tipped the scales in favor of the colonies fighting for independence, and one of the founding fathers - Thomas Jefferson - was the creator of the encryption device known as the Jefferson Disk.

Furthermore, if someone would like to find out whether they would get into the ranks of Riverbank Laboratories cryptologists, they can read the tests that candidates were subjected to:

Finally, the hall also commemorates key figures in the history of cryptology. In addition to the commemorative plaques, there was a screen with people inducted into the NSA/CSS Cryptologic Hall of Honor. And you could find there names well known to all infosec practitioners, such as: Whitfield Diffie 🙂

The second room was a bit smaller and contained exhibits related to the Cold War, the introduction of computers to the NSA, and the importance of the linguist in cryptology. Here we will find the first computers used by NSA employees:

As well as Cray series supercomputers:

The Cold War was also a time of US involvement in the conflict in Vietnam. An example of the involvement of electronic intelligence in these efforts were devices for locating radio stations used by enemy soldiers.

After all, an inherent element of this period was the threat of escalation to a nuclear conflict, the most dangerous manifestation of which was the Cuban Missile Crisis. Cryptology helped stabilize the situation. After this incident, the two superwpowers decided to open a direct line of communication to limit the risk of a sudden development of the situation.:

And continuing with the theme of nuclear weapons, we move to the third room. As I mentioned at the beginning, it was the most interesting for me due to the exhibits related to the role of cryptography in security and authentication processes for the use of nuclear warheads. In the middle of the room (where the "cyber" part was supposed to be located according to the map) there is a display case with exhibits from the period of the Manhattan Project and the use of nuclear bombs against Japan. So we can see trinite (sand melted into glass after the Trinity test), graphite from the first nuclear reactor, and elements of the ruins after the Hiroshima explosion.

Considering that Robert Oppenheimer has recently entered popular culture, it is also interesting to note the original correspondence between the scientist and the editor of Newsweek, who asked him for a comment.

Next are exhibits described as "perhaps the most consequential artifacts on display in any museum." We are talking about systems that, between the 1980s and the second decade of this century, generated code enabling the arming and use of nuclear warheads. It is in fact hard to imagine higher stakes.

The system consisted of two modules. The equipment you see in the photo above and below generated codes that allowed the President of the United States to authenticate an order for a nuclear attack, and also PAL (Permissive Action Link) device codes. These devices were located directly on the warhead delivery systems and protected them against unauthorized or accidental arming.

On the other side, the MP-37 system was displayed, used to create SAS (Sealed Authenticator System) codes, which are stored near weapons control systems and enable confirmation that the order comes from the President. Closely related to this system is the rule that two people must confirm an order, which fans of submarine movies may remember from Crimson Tide, where Denzel Washington and Gene Hackman had to agree on the autheticity of the order.

And when it comes to devices on the nuclear weapons side, we could see PAL, a device that secured communication with Minuteman III intercontinental missiles, as well as equipment thanks to which the flying command center could read attack orders and send a signal to fire the missiles, ensuring the US was able to respond even after destroying command centers on the ground.

The topic of nuclear weapons security is an extremely interesting issue and perhaps we will return to the topic later 🙂

There was also an interesting exhibit in the room related to the behavior of OPSEC during the distribution of intelligence products. These are artistic illustrations that the DIA used in a report on the state of the Soviet Union's armed forces. Why illustrations and not photos? Using the artists' skills, it was possible to hide details in the photos that could lead to the identification of the people who provided the materials. So, for example, the angle of the photo, the surroundings of the weapon system and people present nearby were changed.

In the third room there were also telephones used by US Presidents and officials for secure communication, both in stationary and mobile form.

And also a device used by soldiers to communicate safely on the battlefield. Here, of course, it was crucial to reduce the weight and dimensions of the equipment to facilitate use in difficult conditions.

After all, space travel also benefited from the achievements of cryptology. Both the connection to space stations and shuttles was secured by dedicated solutions. In the museum, we saw both the console used by operators at the Johnson Space Center in Houston and the encryption module recovered from the Challenger wreck.

Additionally, the Museum has a reading room with a rich collection of titles in the field of cryptology, intelligence and special operations, as well as a souvenir shop. So I couldn't miss the opportunity to have my feet nationally secured.

In addition, we took with us publications available for free to visitors. So, after returning, you can read the Cryptological Quarterly or the story of breaking Enigma, which of course also mentions the role of Marian Rejewski.

The publications also include items for younger cryptologists and, of course, potential future candidates for work at the Agency 😉

The book is really well done with interesting activities like creating your own encryption disk. We will also meet nice characters, e.g. Decipher Dog, a signal intelligence analyst.

A visit to the Cryptology Museum is definitely an extremely interesting experience, which I recommend to everyone interested in broadly understood information security. Exhibits such as devices that generate authentication codes for the use of nuclear weapons are unlikely to be found anywhere else, and the fact that the facility is located right next to the Fort Meade campus only adds to the flavor of the trip. Washington itself, due to its importance for world politics, is a special place for intelligence fans (we also visited the International Spy Museum, but that's a topic for a separate post) so I'm sure that if you manage to find it there, the Cryptology Museum will be a must-see point of the trip.

Leave a Reply

Your email address will not be published. Required fields are marked *