ee5391aa@hydra.unm.edu (Duke McMullan n5gax) (10/19/89)
In article <OTTO.89Oct17163149@tukki.jyu.fi> otto@tukki.jyu.fi (Otto J. Makela) writes: >Preventation: does anyone know of cheap but reasonably reliable scramblers ? Ahhh -- I won't insist that those are mutually exclusive, but.... Cheap and easy to defeat -- sure. There was one in last year's Electronic Ex- perimenters' Handbook (Popular Electronics). It's a simple double-balanced modulator used to invert your voice signal. It's cheap. It's easy to build. It's easy to defeat. Expensive and hard to defeat -- sure, again. There are several manufacturers in the business. A really good one digitizes the voice and performs an en- cryption/decryption in the digital domain. Very, very hard to defeat. Very, very hard to afford without corporate or government funding. Expensive and easy to defeat -- probably. I've heard (that's rumor mill level, so I don't take it too seriously) that some outfits make dippy double-balanced modulators and sell 'em to the marks for kilobucks, then run like hell. I don't know anything about it from personal experience, but still, there are a lot of goniffs in this sort of business. Cheap and hard to defeat -- I don't think it exists, but it could, and the technology is HERE TODAY! It actually wouldn't be hard to integrate the whole schmeer, including D/A, A/D, key management, (en/de)cryption, and an automatic slicer-dicer for carrots all on the same chip. The thing that would make it cheap is volume production, which probably won't happen, at least not soon. Various Government Agencies (read: Big Brother) don't want powerful crypto- graphic technology to get into the hands of T.C. Mits (and, really, I don't blame them) since it would make their job much, much more difficult. The technology is currently there for very secure voice "scrambling", but it is still a mucho bucks proposition. The VGAs can live with this; there just aren't very many of their ENEMIES who have the finances to play with this stuff on any significant scale. Those who do -- the drug "wholesalers", the Mafia and other organized crime, etc. -- are a minority who can be bugged in other ways. What most people don't realize (and I'm sure the VGAs do, but don't like to publicize it -- for obvious reasons) is that anyone with a computer has a very powerful cryptographic device at his disposal. It's not up to doing real-time voice encryption (you need customized & dedicated hardware for that), but if you don't mind communicating in blocks (write a letter, encrypt it, call up your friend, enmodem the message, etc.), it'll work just fine. Use reason- ably sophisticated algorithms, and none of the VGAs will be able to cryptanalyze your stuff effectively. They MAY crack it with other techniques, such as "practical cryptanalysis" -- stealing the key. Physical security is another problem altogether, one you can't ignore. But that, as the textbooks say, is beyond the scope of this discussion. I'm tired; good night. Hope it helps, d "In all levels of life, the sheep are only safe when the wolves are not hungry." -- F.J. Lovret Duke McMullan n5gax nss13429r phon505-255-4642 ee5391aa@hydra.unm.edu
ee5391aa@hydra.unm.edu (Duke McMullan n5gax) (10/19/89)
Re. that last, sorry if the approach to cryptography seemed simplistic. Really, I _really_did_ think I was posting on sci.electronics. It's even later than I thought. G'night! d "In all levels of life, the sheep are only safe when the wolves are not hungry." -- F.J. Lovret Duke McMullan n5gax nss13429r phon505-255-4642 ee5391aa@hydra.unm.edu
kadie@herodotus.cs.uiuc.edu (Carl M. Kadie) (10/19/89)
>In article <OTTO.89Oct17163149@tukki.jyu.fi> otto@tukki.jyu.fi (Otto J. Makela) >writes: >>Preventation: does anyone know of cheap but reasonably reliable scramblers ? In article <790@ariel.unm.edu> ee5391aa@hydra.unm.edu.UUCP (Duke McMullan n5gax) writes: ... >Cheap and hard to defeat -- I don't think it exists, but it could, and the >technology is HERE TODAY! It actually wouldn't be hard to integrate the whole >schmeer, including D/A, A/D, key management, (en/de)cryption, and an automatic >slicer-dicer for carrots all on the same chip. The thing that would make it >cheap is volume production, which probably won't happen, at least not soon. Everyone needs this technology. On National Public Radio last week there was a story about baby monitors. These are wireless devices that parents use to listen in on their baby's room. The devices work like a sensitive one-way walkie-talkie. The problem: Anyone with a radio scanner can hear just about every conversation in your house. There is a similar problem with cordless phone. Cellular phone can be heard on older scanners. Any solution that tries to outlaw such monitoring (although it is illegal to monitor cellular phone calls) is doomed to failure. [You just can't stop people from listening to radio signals that enter their house.] The technological solution to this technological problem is much better -- scramble the signals. There is precedence: HBO solved (most of) its problem with home satellite dish owners by scrambling. - Carl Kadie Carl Kadie University of Illinois at Urbana-Champaign ARPA: kadie@m.cs.uiuc.edu
henry@utzoo.uucp (Henry Spencer) (10/19/89)
In article <790@ariel.unm.edu> ee5391aa@hydra.unm.edu.UUCP (Duke McMullan n5gax) writes: >Expensive and easy to defeat -- probably... Most any non-digital scrambler, no matter how tricky, is probably going to fall under this heading. There is lots and *lots* of redundancy in the human voice, and it's very hard to hide it completely. In WW2, somebody at Bell Labs (I think it was) discovered that the then- current top-security scrambler system could be understood with the unaided ear after a bit of practice. -- A bit of tolerance is worth a | Henry Spencer at U of Toronto Zoology megabyte of flaming. | uunet!attcan!utzoo!henry henry@zoo.toronto.edu
jans@tekgvs.LABS.TEK.COM (Jan Steinman) (10/20/89)
<On National Public Radio last week there was a story about baby monitors... The problem: Anyone with a radio scanner can hear just about every conversation in your house.> Monitoring these is real interesting late at night, especially since so many babies sleep in their parent's rooms! (Of course, this is what I've been told. Being a mature adult, I have no need for such titilation. :-) Seriously, it's going to be tough to get manufacturers to add any cost at all in this price sensitive market. I suspect encryption would double the price of a baby monitor. The only hope I see is if a company *concentrates* on secure baby monitors, since in order to sell them at the higher price, they will have to explain why they are better than cheaper ones, which is an issue I imagine the baby-monitor industry would just as soon ignore. The one that really upsets me is that the CMT lobby got EPCA pushed through congress to save a lousy $10 - $20 on a kilobuck device! Jan Steinman - N7JDB Electronic Systems Laboratory Box 500, MS 50-370, Beaverton, OR 97077 (w)503/627-5881 (h)503/657-7703
agn@unh.cs.cmu.edu (Andreas Nowatzyk) (10/20/89)
>>Expensive and easy to defeat -- probably... > >Most any non-digital scrambler, no matter how tricky, is probably going to >fall under this heading. There is lots and *lots* of redundancy in the >human voice, and it's very hard to hide it completely. Not necessarily true: the (west) german police uses a system that digitizes speech, cuts the data in short blocks, permutes the order of these blocks according to a digitally computed key, converts it back to analog and sends it. A key tone is added to synchronize the receiver so that it can undue the process. The system is not easy to defeat and has the virtue of using no more bandwidth than the original signal. This point is important to be able to use it over existing gear (radios, phone lines, etc.). While a full digital system is possible in the same bandwidth, the complexity is much higher and more likely to break down under marginal signal conditions, interference, and routine day-to-day use. -- Andreas -- -- Andreas Nowatzyk (DC5ZV) Carnegie-Mellon University agn@unh.cs.cmu.edu Computer Science Department (412) 268-3617
hkhenson@cup.portal.com (H Keith Henson) (10/20/89)
ee5391aa@hydra.unm.edu (Duke McMullan n5gax) posted: "anyone with a computer has very powerful cryptographic device at his disposal. It's not up to doing real-time voice encryption (you need customized & dedicated hardware for that . . ." I wonder--at some point PC's will be up to realtime voice encription. Be an interesting software market when they do. Keith Henson
johnl@n3dmc.UU.NET (John Limpert) (10/20/89)
In article <1989Oct19.154929.19256@utzoo.uucp> henry@utzoo.uucp (Henry Spencer) writes: >In article <790@ariel.unm.edu> ee5391aa@hydra.unm.edu.UUCP (Duke McMullan n5gax) writes: >>Expensive and easy to defeat -- probably... > >Most any non-digital scrambler, no matter how tricky, is probably going to >fall under this heading. There is lots and *lots* of redundancy in the >human voice, and it's very hard to hide it completely. I read a book on HF radio frequency assignments that said the Department of Energy used a scrambler system for the trucks that transport nuclear materials. The system divided the audio spectrum into a number of frequency bands and shuffled them around before feeding the audio into the transmitter. The interesting part of the system was the use of some sort of key generator to change the mapping at a rapid rate. I don't know how difficult it would be to reconstruct the original signal by attempting to match up parts of successive samples. The nice thing about this system was that it worked with conventional radio equipment. -- John A. Limpert I'm the NRA! Internet: johnl@n3dmc.UU.NET UUCP: uunet!n3dmc!johnl
ee5391aa@hydra.unm.edu (Duke McMullan n5gax) (10/20/89)
In article <804@n3dmc.UU.NET> johnl@n3dmc.UUCP (John Limpert) writes: >I read a book on HF radio frequency assignments that said the Department >of Energy used a scrambler system for the trucks that transport nuclear >materials. The system divided the audio spectrum into a number of >frequency bands and shuffled them around before feeding the audio into >the transmitter. The interesting part of the system was the use of some >sort of key generator to change the mapping at a rapid rate. I don't >know how difficult it would be to reconstruct the original signal by >attempting to match up parts of successive samples. The nice thing >about this system was that it worked with conventional radio equipment. Yeah, that was the state-of-the-art type of system prior to digital encryp- tion-of-voice technology. They were, I believe, called "moving band" scram- blers, or some such. In addition to swapping the various bands around, about half of the bands were inverted at any given time. In real-time, this thing was a real pain in the patoozie to defeat, but it turned out that given a recording, a cryptanalyst (scrambanalyst?) could extract the voice. It was a slow process, unless the "key" was broken, but it worked. There were few enough bands (and inversions) that exhaustive cryptanalysis was quite straightforward. With modern (cheap) computer technology available to T.C. Mits, I 'spect these scramblers have become pretty bad juju in the security business. It's just too easy now (with a computer and a little special hardware) to break the scramble. I'm not sure, but a also 'spect it can be done more-or-less in real time these days. GO DIGITAL, d "In all levels of life, the sheep are only safe when the wolves are not hungry." -- F.J. Lovret Duke McMullan n5gax nss13429r phon505-255-4642 ee5391aa@hydra.unm.edu
johnd@tsdiag.ccur.com (John Decatur KA2QHD) (10/20/89)
In article <6191@tekgvs.LABS.TEK.COM>, jans@tekgvs.LABS.TEK.COM (Jan Steinman) writes: > > The one that really upsets me is that the CMT lobby got EPCA pushed through > congress to save a lousy $10 - $20 on a kilobuck device! > Jan Steinman - N7JDB Yup makes you wanna vomit doesnt it? Hey, wanna buy a frequency? 8-) 73 johnd/ka2qhd -- US MAIL: John Decatur - CONCURRENT COMPUTER CORP.(Ex MASSCOMP,Interdata) FAX: 201-870-4249 2 Crescent Pl. Oceanport NJ 07757 PH 201-870-4093 UUCP: ucbvax!rutgers!petsd!tsdiag!johnd or johnd@tsdiag.ccur.com KA2QHD IP: 44.64.0.40 ka2qhd.ampr.org PACKET RADIO: ka2qhd@nn2z TWX:710-7226502
scott@perle.UUCP (Scott Allen) (10/20/89)
In article <790@ariel.unm.edu> ee5391aa@hydra.unm.edu.UUCP (Duke McMullan n5gax) writes: >In article <OTTO.89Oct17163149@tukki.jyu.fi> otto@tukki.jyu.fi (Otto J. Makela) >writes: >>Preventation: does anyone know of cheap but reasonably reliable scramblers ? [stuff deleted here] >Cheap and hard to defeat -- I don't think it exists, but it could, and the >technology is HERE TODAY! It actually wouldn't be hard to integrate the whole >schmeer, including D/A, A/D, key management, (en/de)cryption, and an automatic >slicer-dicer for carrots all on the same chip. The thing that would make it >cheap is volume production, which probably won't happen, at least not soon. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ I'm not too concerned about scrambling the signal on the lines. What does bother me is that when I use a cordless phone, anyone close by can listen in to the radio signal without tapping the line. Producing a cordless phone with encryption between the handset and the base may be a good incentive for volume production of such a chip. (A switch could be provided so that two of the same type of phones could also encrypt end to end.) -- ========= * Scott Allen * UUCP: P E R L E * Perle Systems Ltd. * ...!uunet!mnetor!perle!scott ========= * Scarborough, Ontario, Canada *
wtm@neoucom.UUCP (Bill Mayhew) (10/24/89)
Voice scrambles are almost ridiculously easy to defeat. Fortunately, the the time required to descramble without knowing the key used to generate the mask ought to be measured in minutes for a decent system. That means that scramblers work well in tactical combat situations for plane-plane, tank-tank, etc. conversations where the volitility of the information being passed renders the ease of cracking moot. I've heard stories that on some simple scramblers used in WW II, that trained listeners could defeat the system with no cryptanalysis tools at all. There are better things. I used to work at a place that used secured Motorola HT walkie-talkies. They were no bigger than a standard police unit, but had a spread-spectrum output that used digital DES to encipher the audio. When the units were keyed-up the noise floor on a standard HT came up only slightly. A person unaware that the secured HTs were in operation probably would not have been aware that any transmission was taking place at all. The data rate on something like a Telebit trailblazer modem is almost good enough to support digitized half-duplex speech. The trailblazer can manage about 1000-1200 bytes/sec on an average quality phone line. I've played around with the AT&T voice power board and it can achieve quite good listenability with as little as 2000 bytes/sec of sub-band coded speech. One might actually manage to get something marginally listenable with a data rate that could be digitized, enciphered and transmitted over a trailblazer modem in real time (half duplex). Bill
neal@lynx.uucp (Neal Woodall) (10/25/89)
In article <6596@pt.cs.cmu.edu> Andreas Nowatzyk writes: >>There is lots and *lots* of redundancy in the human voice, and it's very >>hard to hide it completely. >Not necessarily true: the (west) german police uses a system that digitizes >speech, cuts the data in short blocks, permutes the order of these blocks >according to a digitally computed key, converts it back to analog and sends >it. I have heard of systems like this, and I think that some government agencies (maybe the Secret Service) tried them for a while. The Secret Service now uses Motorola's DES system. Another system that is available on the open market here in the US is the so-called "split band rolling code" scrambler. It is a combination of digital and analog technologies, and offers reasonable voice security at a decent price. These systems are designed to be used on common commercial two-way FM radios. Basically, the system spilts the voice band into two pieces (upper and lower)....there are 32 possible split-points. When the voice band has been split, each piece of the band is inverted, then the two inverted pieces are recombined and transmitted over the radio channel. The neat trick is that the split point in the voice band is changed from 4 to 60 times per second, controlled by a "rolling code", which, from what I can gather, is a pseudo-random generator.....the seed that you choose determines the code sequence that splits the voice band. To maintain sync, the system transmits a sync-burst every second or so....this allows people to join a conversation in progress (if they have the key!). A very robust error correction system ensures that the sync burst gets through noise. Integrated circuit designed for the various functions needed are made by MX-COM in Winston-Salem, NC. If you are so inclined, I feel certain that some of the IC's available could be adapted to use in a phone scrambler. Neal
barr@caen.engin.umich.edu (William Barr) (10/26/89)
In article <1989Oct19.143522.7686@ux1.cso.uiuc.edu> kadie@herodotus.cs.uiuc.edu.UUCP (Carl M. Kadie) writes: >>In article <OTTO.89Oct17163149@tukki.jyu.fi> otto@tukki.jyu.fi (Otto J. Makela) >>writes: >>>Preventation: does anyone know of cheap but reasonably reliable scramblers ? > >In article <790@ariel.unm.edu> ee5391aa@hydra.unm.edu.UUCP (Duke McMullan n5gax) writes: > ... >>Cheap and hard to defeat -- I don't think it exists, but it could, and the >>technology is HERE TODAY! It actually wouldn't be hard to integrate the whole >>schmeer, including D/A, A/D, key management, (en/de)cryption, and an automatic >>slicer-dicer for carrots all on the same chip. The thing that would make it >>cheap is volume production, which probably won't happen, at least not soon. I've seen a device that fits over your phone advertised in this last summer's issues of High Times (what? You don't read HT?) . Basically you have one at each end and it fits over the handset. It has a keypad and allows some fairly large number of possible codes. The person on the other end must be using the same code. I'm pretty certain it was digital. I believe that each handset device was about $100. It seemed fairly reasonable.