Tuesday, September 29, 2020

Basic COMSEC

 It turns out that the Feds have been tapping the phones of the Portland Antifa crowd. Well, not exactly tapping. They cloned the SIM cards of protesters that they came in contact with, and then were able to intercept calls made to that device. 

Now I know what you are thinking- "Who cares? They are just the pantifa crowd." Well, you SHOULD care, because the Feds are not constrained to only use this sort of attack on just one group of people. As I posted back in 2017, the people who were plotting to have Trump impeached were careful not to use most means of communication, preferring instead to use 2 meter HAM radio

There are many technical reasons why spying on HAM radio would be a nearly impossible task. Just by using the frequencies and methods permitted to a person with a Technician license, there are thousands of available channels. Toss in the various modes like Digital, SSB, USB, AM, FM, CW, etc., and then consider that the higher frequencies are short range and would require hundreds of listening stations in every state, and it becomes a very difficult proposition to monitor HAM radio.

Another way of communicating to others is the use of a "dictionary code." Short messages can be encoded rather simply:

1 Eliminate null words that add no real content to the message - words like "the" "and" - the fewer the words in the message, the better. 

2 Use a book that has been agreed upon ahead of time. A dictionary or thesaurus is easiest. No one would think twice about seeing a dictionary on your bookshelf. Then you simply look for each word in the book. Then write down the page number, and the number of the word. 

Let's say that the word is "habit"- I look and see that the word is found on page 335 and the word is the 16th word listed on that page, the word habit would be replaced with the number 335.16  


3 Do the same for each word in the message. You can add fake words at the beginning and end of the message as red herrings to complicate a potential adversary's task in decoding the message. Use your imagination. 

4 At this point, the weak link is probably one of the people in the communication, or perhaps traffic analysis. Sometimes the people who are communicating and the frequency of those communications are nearly as informative as the contents of the message themselves. 

5 To hide this, a blog is a great way of putting messages out there. Post often, and simply append a short message to the end of each post. You can even make most of them fake and have it begin with a prearranged "real message" number at the beginning of the post, so your intended recipient knows if they should waste time trying to decode it. Say, any message that has a word on page 327 as the first word is a real one, the rest can be ignored. 

I am sure there are other ways. Use your imagination. Just remember that Big Brother is listening. 


4 comments:

Jonathan H said...

Given the secrecy, I wouldn't be surprised if this was a non-contact method; especially given how few people have been arrested (and certainly not the ringleaders).
I assume that since somebody came up with the system being used, that same somebody, at least, knows how to break it...

Therefore said...

Military grade encryption systems run at 100% at all times. That way some body monitoring the link sees no difference in load from idle to full out.

To put into perspective how difficult it is to stop covert communications. Consider a computer rated to run at two or more classification levels at the same time. The task is to get information from a higher classification compartment to a lower one.

One leakage method that was used was the 'fork()' system call. The sender had a stream of bits to transmit. For a zero it would create a fork rate of X and for a one it would use a rate of Y. The receiver would do a fork at regular intervals. It would check the difference in PIDs and from that determine the system fork rate and be able to extract a bit.

Add in all sorts of magic for compressed data transfer as well as error detection and correction and you had a method.

During WWII the censors found somebody transmitting information encoded on Morse code in the length of the grass in a drawing of a house.

For secure digital transmission use a digital one time pad. Fill a DVD with random bits from a random source. Copy it. Both sender and transmitter get a copy. Use an algorithm based on date and which person to decided where in the disk to start.

XOR each byte of the message with a byte from the one time pad and all is good.

Repeat the use of the one time pad even once and you've given away the plan text.

https://www.amazon.com/dp/0684831309

Is a good, though dated reference.

Know how to communicate in ways that they can't over hear.

Last thing, no matter how good your system is, the weakest point is always you. Enigma daily codes were broken because the Germans required every station to send a daily weather report in the morning. The reports were so standardized that it was as good as plaintext. This gave the attackers known text to use.

Borepatch said...

John has a long mustache

AuricTech Shipyards said...

"You can add fake words at the beginning and end of the message as red herrings to complicate a potential adversary's task in decoding the message."

Just don't use "turkey trots to water" and "the world wonders" as padding at the beginning and end of your message. Given precedent, it likely wouldn't work out well.