Highly secure encryptor for SWIFT payments
The Gretacoder 720, was a hightly secure DES-based encryption/decryption
system, developed by Gretacoder Data Systems
(formerly: Gretag) in Regensdorf (Switzerland) in the late 1990s.
It was the successor of earlier data encryptors, such as
the the Gretacoder 515 and the Gretacoder 715,
and was intended for international SWIFT bank transfers
that needed serious protection.
The image on the right shows a typical Gretacoder 720 unit.
It is housed in a heavy 2U 19" rackmount case with extended front panel.
All connections are at the rear, whilst the controls are all located at
the front panel.
The actual encryption device is mounted inside a
metal frame that is mounted to the rear of the front panel.
It can only be removed when both keys are inserted and
rotated 180 degrees. Furthermore, the GC-720 has a large number of tamper
sensors and other security measures, to protect the device and the stored
At the front panel, to the left of the two key locks, is a slot for
an external (cryptographic) key module,
similar to the ones used with the Gretacoder 524
and the Gretacoder 605.
The GC-720 was developed between 1995 and 1998,
shortly before Gretacoder Data Systems was aqcuired
by the American SafeNet.
The Gretacoder 720 uses the
DES encryption standard
which, by today's standards, is no longer considered secure.
The devices remained in service well into the 2000s.
All controls are at the front panel
of the Gretacoder 720.
The device is activated by connecting it to the mains and turning
the two keys at the right. Furthermore, a suitable
external key needs to
be present in the slot to the left of the lower key.
To the left of the keys is a keypad with 12 buttons, which is used
for entering the cryptographic keys. To its left is a
4 x 20 character LCD.
Below the display are four function keys.
At the far left are 9 status indicators (LEDs).
All connections are at the rear of the unit.
At the left are two
25-way D-type sockets for connection to the RS232 or X.25
input and output ports, plus a 10/100Mb ethernet socket.
To the right of the ethernet socket is a small red RESET button.
At the right are the mains socket and a removable 3.6V Lithium
backup battery that can easily be replaced.
The sockets are actually mounted to the internal frame and protrude
the rear panel of the outer case.
The Gretacoder 720 is extremely well built and is housed in a strong
heavy metal 2U 19" rackmount case. The actual device is mounted in a
subframe that is mounted to the rear of
the front panel. In order to protect the device againt tampering,
a lot of safety features are present.
The subframe with the front panel and the electronics can only be
removed from the outer case, by releasing the two bolts at the edges of
the rear panel, and turning both physical keys at the front panel.
The sub frame can now be removed from the outer shell.
It is shown here.
The first tamper protection is a small switch
that is mounted to the rear of the sub frame.
When removing the sub frame from the outer shell,
this switch causes the crypto keys to be purged. The actual keys are stored
in volatile static RAM that is retained by a
large 3.6V Lithium battery.
The device roughly consists of 4 parts: a small
industry standard power supply unit (PSU),
the main board, a large crypto unit (the large green square),
and the front panel.
The main board takes up most of the case and contains only the interface
circuits such as the RS232 ports. All connectors at the rear are mounted to
the main board. The front panel is also connected to the main board, via
a ribbon cable with ferrite clamp
(in order to meet EMC requirements).
The most interesting part however is the large green square, which is called
the crypto unit. It consists of two boards, marked HOST 720 and TPC 720,
and contains the main processor, a dedicated DES encryption chip,
a CPLD, many special circuits and a lot of 'glue logic'.
The crypto unit is mounted inside an extremely well protected die-cast
aluminium case that consists of a bottom shell and an overlapping top shell.
It is connected to the main board via only one ribbon cable.
The top shell is removed
by releasing the four bolts at the corners.
After removing the
top shell of the crypto unit, the next anti-tamper measure becomes visible.
At the inside of the top shell is a PCB with a
complex labyrint of copper tracks,
known as a meander.
Several different signals are routed in a seemingly random manner over the
board. The board is connected to the actual crypto boards via a series of
contact pads at the center and at the edges.
Breaking or shorting any of the signals that are running over the meander
tracks, causes a tamper alarm and will purge the cryptographic keys instantly.
The image on the right shows the contact pads at the center of the top shell.
These pads mate with a set of spring-loaded contacts
at the center of the upper crypto board.
Similar meander pattern are also found
at the inner sides of the top shell.
They are constructed from orange foil with copper tracks (flex PCB) that are
glued to the sides of the case shell. The flex PCBs have their
contact pads at the edges.
Removing the top shell from the crypto unit, breaks the spring-loaded
contacts and will set of the tamper alarm. Furthermore, drilling a hole
in the top or the sides of the crypto unit, will break or short the meander
tracks and will also trigger the alarm. This will cause the keys to be deleted.
Inside the crypto unit are two large square PCBs
that are mounted together as a sandwich,
with the component sides of the PCBs facing each other.
The sandwich is mounted to the bottom shell by means of 8 bolts at the
edges of the upper PCB which is slightly larger.
It is shown in the image on the right, with the lower board up.
The next tamper protection is a light sensor
that is mounted at the center of the upper PCB,
close to the spring-loaded contacts.
It is connected to the PCB via red and white wires.
A similar light sensor is present at the other side of the stack.
The light sensors are the next stage in tamper protection.
As soon as any of the light sensors picks up the slightest trace of light
(visible or infra-red), it will trigger the tamper alarm and cause the
keys to be deleted. Cutting the wires to the light sensors will also
set off the alarm.
The two sandwiched boards can be separated
by removing four small bolts at the edges of the upper PCB and lifting
the lower board from the 96-pin DIN socket that connects the two boards.
The image on the right shows the upper board,
which is marked HOST 720. It contains the host processor, an Altera CPLD,
the firmware and a lot of 'glue logic'.
At the right, aside the 96-pin DIN connector, is the
AM9568, a dedicated Data Ciphering Processor made by AMD .
It supports DES
and was at the time under strict export control
by the US Department of State.
The AM9568 allows a data throughput of 1.5MB/s (approx. 15Mb/s) with was
fast enough for real time encryption of high-speed serial lines and 10Mb
The Data Encryption Standard (DES)
was controlled by the US Bureau of Standards.
Today, DES is no longer considered secure for inter-bank money transfers
and has been superceeded by Triple-DES and AES.
The HOST board connects to the main board via the
grey high-density ribbon cable
that is visible at the top left in the image above. In the top corner
is the 8.192 MHz crystal oscillator. At the center of the HOST board is
another light sensor,
that is glued on top of one of the chips.
The bottom PCB
contains the other half of the crypto unit. It is connected
to the host board by means of a large 96-way DIN connector at the edge of the
PCB. This board holds the
Real-Time Clock (RTC), the battery-backed STATIC
RAM (for holding the key variables) and a
The bottom PCB also contains a true random noise generator, built around
two NE592 video amplifiers .
It was used for generating new truely random key
variables for each new SWIFT transaction. This board also holds the final
stage in tamper protection: a
mercury filled glass bulb,
which acts as a tilt sensor.
It is mounted close to the edge of the bottom PCB and
is shown in the image above. Tilting the device, causes the cryptographic
keys to be purged instantly.
The bottom shell
of the crypto unit is similar to the top shell. It also
contains meander tracks at the bottom and the sides, which are connected to
the bottom PCB by means of contact pads and spring-loaded contacts.
The crypto unit is so well protected that it is virtually impenetrable.
The Gretacoder 720 was part of the 700 family of
machines that started life in the late 1980s or the early 1990s.
Based on many years of development of encryption devices for secure
payments for TELEKURS, the organization that controls
the transfer of money between Swiss banks, Gretag was asked to
develop similar products for EUROCHEQUE payments and for the
Italian Bancomat System. Many of these products were developed
in close cooperation with the customer .
The Gretacoder 715, for example,
was developed especially for TELEKURS and was used
for secure payment transactions between all major Swiss banks.
It is about the same size as the Gretacoder 720,
but has a slightly different front panel. Rather that the
EPROM slot (for the external), it accepts a memory card.
It has a 2 x 16 character LCD display.
In 1989, the Italian Società Interbancaria per l'Automazione
(SIA), decided to add cryptographic security to its Bancomat System
that was used by all major banks in the country. The contract was
signed in October 1989. For this project, Gretag developed the
Gretacoder 700, a device that was nearly similar to the Gretacoder 720,
but with different communication ports.
A total of 1000 Gretacoder 700 units were ordered by the Italians,
which were installed in 500 banks (2 in each bank). By July 1991,
200 units had already be delivered to SIA and the rest was delivered in
the following months. At the time it was Gretag's most complex
software project .
In order to accomodate the wide variety of computer systems used by
the Italian banks, the Gretacoder 700 had four data ports, each with
four selectable data protocols. The later Gretacoder 720, featured
on this page is nearly identical, but has only three data ports:
two ports for RS232 or X.25 serial communication and one Ethernet port.
It is otherwise similar.
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?|
© Crypto Museum. Created: Wednesday 28 August 2013. Last changed: Saturday, 24 February 2018 - 10:19 CET.