Survivalist Forum banner

Poor man's guide to encryption.

14K views 57 replies 25 participants last post by  FirstToken 
#1 ·
Unfortunately i don't have any radios that uses digital encryption. And since i have several radios, i have been speculating on alternative methods. Her is one of them. On the picture you can see a mini PC, running HamScope (free software). The software can receive and send text using audio.In fact by typing text in one laptop and having another PC 3 feet's away receiving. It's best to use a cable between the radio and the PC, however i have mange to send messages by just holding the handheld in front of the PC, to another PC 12 miles away (70 cm). (picture)



By using this method you can send text messages using what you have. It's a process that takes some time and it's more suited between stationary stations. The mode that worked best for me was MFSK16. Just using a mode like that where the signal sounds like aliens talking, would deterrent 99% of any listener. However i would suggest using some for of encryption, most software programs will do. You can also do it manually but the code most be stronger than a simple substitution code.

If you have any other ideas to a smart and easy way for secure and simple communication please let us hear!
 
See less See more
1
#3 ·
Encrypted communication between two points which can be fixed by direction finding is an invitation for attention in some circumstances. I have worked in the field of cryptology and notice that so much govt/corporate emphasis is placed on defeating encryption that the simple things have been forgotten. I'd suggest in addition to encryption, you consider enciphering, random scheduling across multiple frequencies, etc. And broadcast in clear/plain sometimes ... makes you less interesting.

FWIW, I field tested a device the size of a snickers that converted text into encrypted burst you could use with any radio/phone. Ran on AA batteries. Receiver had to be on same key. Great idea for mobile application.
 
#41 ·
FWIW, I field tested a device the size of a snickers that converted text into encrypted burst you could use with any radio/phone. Ran on AA batteries. Receiver had to be on same key. Great idea for mobile application.
Sounds a little bit like the one we used in the army (Norway), it's called PACE.

http://jproc.ca/crypto/pace.html

Even if the P in PACE stands for pocket sized, it was way to big for that. One thing that amazed me was how robust it was and how it was able to get the message through even if the signal was week. All we had to do was hold the mike of any transceiver in the vicinity of the speaker/mike in order to send and receive.

On the down side, we had to make contact first. "Ready for PACE" and "packet received" wasen't excatly hidding what was going on. :D:
 
#6 ·
Don't flame me for this as I am not saying it for HAMs as much as those that are not hams or want to be:

It is not legal to encrypt your comms on the Amateur bands.

As you have stated you can use a protocol or mode (I have chosen FHSS) that is rare enough that few could or would try understand it.

When and if the SHTF then all bets are off as well as the FCC regs. It is then that you use whatever you can come up with to make it work and secure your comms.

I really like the book/code method for simple day to day updates or in matter of duress. When combined with the salting of numbers to attempt to increase obfuscation it becomes a highly reliable security method. The biggest concern with the book method is if you are overran and someone has taken the time to observe and record your previous transmissions, the most used book in your library (or the one next to your comms) is most likely the encipher/decipher key.

I have been working on a number of projects associated with the iDEN based radios and mainly the Motorola i355. In a short range configuration (0 to 5 miles) it will usually be all the security you will need. In the longer range needs (5 miles to line of sight), I have located amplifiers for these radios that may be all one would need for reliable FHSS based security communications. Eventually however, one may will get to point that they will the need to get information over longer distances through other equipment and means.

If the packet radio infrastructure could be recreated that was in place prior to the internet broadband growth in the late 90's, it would be the backbone to add a good high dose of security. Then there will be a way to move more compressed information with a reasonable level of confidence. This would generally be data based information rather than voice.

Securing voice comms over long distances would very difficult and would probably require some sort of reliable high speed radio network to get the security that some may desire. Then again just having a protocol or a mode that is rare enough may be all that is needed to maintain reasonable security.

Securing data comms would not be to difficult and could be done with many of the shelf encryption protocols so long as there is reliable data correction.

The absolute simplest means of sending data in a mode that is not likely to be decoded or understood by the masses is the use of the simple BELL modulation capabilities on a cheap dialup modem.

I have used the serial input to cheap modem and created an audio signal that was output through the telephone line jack. That audio output was then connected to the mic input to a HAM radio and someone with the opposite setup was able to decode data at between 300 and 1200 baud that was VERY reliable. This did not take anything other than a simple terminal emulations application (HyperTerm or ProComm) and the stuff mentioned. There is a proper modem initialization string in order to get this to work on both ends.

The cool thing about that BELL mode is it could be pumped out to a common band like commercial AM or FM freqs and allow anyone that knows the "our little secret" to be able to tune their radio to the right frequency and plug the audio into their modem jack on the desktop or laptop and then watch the data paint the screen.
 
#8 ·
The cool thing about that BELL mode is it could be pumped out to a common band like commercial AM or FM freqs and allow anyone that knows the "our little secret" to be able to tune their radio to the right frequency and plug the audio into their modem jack on the desktop or laptop and then watch the data paint the screen.
And also a system like that could use "simplex repeaters" so any one in to the secret can playback the last recorded message from the repeater.
 
#7 ·
On the picture you can see a mini PC, running HamScope (free software). The software can receive and send text using audio.In fact by typing text in one laptop and having another PC 3 feet's away receiving. It's best to use a cable between the radio and the PC, however i have mange to send messages by just holding the handheld in front of the PC, to another PC 12 miles away (70 cm). (picture)



By using this method you can send text messages using what you have. It's a process that takes some time and it's more suited between stationary stations. The mode that worked best for me was MFSK16.
The HAMSCOPE Application is pretty cool.

DTMF is a simple way of sending encrypted data too. In the same way that we send text messages on some phones we could send Alphanumeric characters that equal a code.

On the Phone keypad 22 = B but so could 25, 28 or 20 as they are all the second button (center line). Another example would be 61 = M but so would 64, 67 or 6*.

Decode this 77 70 38 7* 71 30 74 7# 00 78 6# 29 58

There are cheap or free DTMF decoders for smartphones for both ANDROID and iPhone.
 
#10 ·
There is so much covered here I hardly know where to start

Well, where do I start on this barrel of snakes....

Let's try to be sure we understand and agree on the terms involved.
There is encryption, codes and/or substitution, which is a way to obscure a text or other written message. That is one thing, and it deals with one set of issues with text media.

Then there is scrambling, otherwise known as ciphony, which is a way to obscure a broadcast or other streaming media, and that has an entirely different set of related issues. Most survival situations are really scrambling situations, not encryption/code situations.

Encryption is usually a long term deal. They tend to be time consuming to employ, and precision is needed to utilize them. You do not EVER want the information being encrypted to be broken. Coke's secret formula, your love notes to old girlfriends. lists of contacts in the underground... whatever it is, you want that data secured forever. So codes have a need to be ...not just tough to break, but as close to unbreakable as humanly possible. You probably want a one time pad for that.

If you are using the radio, you are probably going to want quick, clear, effortless communication that is time sensitive. Your people need to be able to understand you the second you speak, and the bad guys should NOT be able to understand you at the time. It's even better if they don't even know you have radio, which is why a lot of military guys do things like key the mike to signal attacks.
If the bad guys figure out a month from now that the message was "They are clearing the ridge. Fire at will!", it doesn't do them any good then or later, assuming you have already rotated your scrambling protocol.

Scrambling is meant to stop the guy in the field from gaining signals intelligence (listening in on your field broadcasts) at the time you are using it. It serves a very different purpose that the type of code most people are thinking of, which is intended to protect something essentially for forever.

So how do we scramble a message? You can convert it to text like we saw here and run whatever encryption you want on it. But this hybrid system is complicated as hell, slow (I do not want to be typing "Fire!" when it hits the fan), and too easy to mess up in the field.
You can go on eBay right now and find scrambler/ANI (Identity confirming/identifier broadcasting) radio for under a hundred dollars.
http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=110415378460
These radios will allow you to use a simple scrambler to both send a message that cannot just be overheard and understood, and to be sure it came from one of your own radios, which is critical.

The 'built in' scramblers are usually of the very cheap inversion type, but that is fine for almost anything short of invading China. The microphone audio and a single tone (the inversion tone) from a 'tone generator' inside the radio are sent through an audio mixer. this 'mixed' audio then modulates the RF output. On the receiving end, everything works in reverse. Someone listening on the channel hears a burst of unintelligible crap.

The ANI (automatic number identification) is basically a small burst of tones at the beginning or ending of a transmission that relates to an assigned identification # for each radio. These radios typically use the generic DTMF or 5-tone ANI format.

This subject is really the start of an entire class rather than a post. Suffice it to say, you can buy what you probably need cheaply and online for the vast majority of situations.
 
#14 ·
If you did it my way, it isn't a hassle, for one thing. It's as simple as talking.
Either you get it or you don't.
Say I am scouting. Do I want my report understood by a potential enemy?
It would come under step four of your motto that you typed up under your name.
Just one possibility, oh legendary Troll.
 
#22 ·
Actually you make a good point.

So in keeping with the thread here is another option if you are interested.

There are radios out there that still require removable crystals to operate.

My dad, who was a HAM enthusiast for over 60 years, showed me that you can indeed use these radios as a form of secret communication.

You can buy crystals in odd frequencies, one freq for TX and the other for RX. if the wattage of the radios is low enough the possibility of you stepping on someone else will be minimal.

marry this with solid procedure, such as changing up the frequency crystals ever day or so and your communications will be reasonably safe.

Good luck on your quest and welcome to the boards.
 
  • Like
Reactions: Syncline
#23 ·
Damn, I had forgotten that trick. Good idea. It would put you into a sideband with no scramble, but would be hard to find with most scanners.
I'm sure you can back fit it into most radios. A lot of Milspec ones still use crystal sockets, so it would be plug and play. I am sure the FCC will frown on this, keep that in mind.
 
#25 ·
To generate the OTP, you can't rely solely on a computer. At least not a single computer or CPU. There are many ways of developing random or spurious data for anyone with a shred of creativity. Various sampling strategies (noise from your microphone, throwing dice by hand, taking digital photos of extremely variable scenes, etc.). Anyone who limits himself to a typical rand() function with a timestamp seed may as well not bother encrypting his stuff.

As for Columbian drug cartels, that's a political problem. Why do we fund the clearly corrupted Columbian government with foreign aid?
 
#30 ·
I've seen discussion about one time pads and encryption for communication. Read the down falls about how OTP's fail. Reuse of pads and other failures have been discussed in this thread.

One thing I saw mentioned was double encryption of a OTP. This offers no additional security benefits if the pads are properly secured and not reused.

One thing I didn't see mentioned about a one time pad, was using a conversion table. With your pad, use something like a CT-37c, CT-37w, or the CT-46 table. I like the 37 series for a one digit code identifier can seriously reduce lengths for messages with many code words. CT-55 is good if you are doing lots of math or calculations but I never understood the benefit of the larger conversion table. Each of these allows you to send codes and with the conversion table you can predefine an entire list of codes to reduce the length of your transmission even with the 46 and 55 series.

These conversion tables make it very simple to transmit messages by hand. Transmitting numbers only allows some additional flexibility for transmission methods. These messages could even be sent by text message.

Now, the bold part of my message. After you create a message destroy the key sheet permanently. You could burn it. Shred it to dust. Eat small pieces of torn strips. If this is recovered, your message is compromised.

Destroy the entire thing even if you have unused groups left. A new message should always be started with a new key sheet.

This also prevents you from being tempted to reuse a sheet!


And last but not least... if you are receiving the message you must destroy your sheet after decrypting the message.

I've written a little software program to create myself OTP's. I hate to send it out though because if used on just any old computer, it won't be secure. By far the best method for creating pads would be using 10 sided dice. You can get these at toy stores and if you buy everything on amazon you can get 20 of them for about $10.

Roll them in groups to speed up the process and to break up your key groups for easier encoding and decoding. I like to create my pads in 160 number groups, 5 in a group by 4 groups wide. by 8 rows tall. This fits in a text message if necessary and multiple key sheets can be used for longer messages. You can either send the key sheet number with the message or it can by known by both parties to use the next available key sheet after previous ones are destroyed.

Enjoy. If anyone wants to test this type of stuff out we can message either other back and forth. Since we have to send the pads electronically, of course they won't be secure. It's good practice though.
 
#51 ·
Caution everyone! While its easy to state that One Time Pads are super secure, you must realize that they must be generated in a very careful way. Writing a software program may not quite cut it. There are just two rules to remember about OTPs, uniqueness and randomness. That is, as writen before, use each pad only once. That's easy. But generating them in a true random fashion is an entirely different story. To my knowledge, there are only 3 truly random events in nature. Comic background radiation noise, electronic thermal noise and the decay of radioactive isotopes. If you use any other method of generating strings of numbers/letters for your OTP, it just aint truly random, therefore subject to computer attack. Of course, one has to consider the resources available to your opponent. In this sense, just about any way of generating a OTP would guaranty that 99% of the population would not be able to break the comms. That is just about good enough for me! :eek:) Lui
 
#34 ·
a few years ago i bought a couple of Jefferson cipher disks at ebay that look like this :



This type of discs was used by paratroopers and others during ww2. They were regarded as beeing safe back then. And they provide still provide accaptable strength.
 
#43 ·
Looked on ebay for one of these Jefferson units.... no luck. Are they available anywhere anymore... I was thinking of using something like this so I could put important numbers on a card in my wallet but have the info encrypted based on something like the jefferson disk.
 
#35 ·
It sounds like that when SHTF, whoever is supposedly listening will be so overwhelmed by the sheer variety of codes, ciphers and encryption methods that they won't be able to spend much time deciphering any one message. If we all use wildly differing methods, they'll never be able to crack us all! :D:

Many of these methods may be of dubious usefulness when the time comes. The very nature of communication necessitates that everyone communicating must have a knowledge of the language. If you want to talk to someone, you'll need to let them know what method you're using, and probably how to use it. Unless everyone has a dedicated cryptographer on staff, that would likely be a huge distraction. Most regular people running around would not be familiar with these systems.

Ultimately, it might be easier to simply set some code phrases for certain situations and then change them regularly. Or, everyone in your group can learn an obscure language. Post-SHTF, it's going to be really difficult to identify and then find someone who can speak Basque on short notice to break the code.
 
#36 ·
Reality with encryption here guys. During the first gulf war, something that didnt get widely spread about was the total failure of the 24 SOI rotation. Now, if you arent familiar basically it means you change codes every 24 hours. It fell apart so fast the powers in charge almost crapped themselves when nobody could talk to anyone, so the SOI didnt change for days at a time.

Reality check here- you comms are going to sh*t the bed about 10 minutes after you start encryption because of the weakest link in your comms plan, the least intelligent or capable person in your group.

You can grow up and accept that FACT, or you can continue with your fantasy. But it wont change whats really going to happen. Try and see how fast in training it happens, if you disagree with me, you havent really tried it
 
#37 ·
Reality with encryption here guys. During the first gulf war, something that didnt get widely spread about was the total failure of the 24 SOI rotation. Now, if you arent familiar basically it means you change codes every 24 hours. It fell apart so fast the powers in charge almost crapped themselves when nobody could talk to anyone, so the SOI didnt change for days at a time.
SCARY!!! From the point of view of not being able to communicate and then the fact that our forces ended up so stupid for so long after the fact. The Russians and the Chinese probably love that. They are probably still parsing what they learned from us by not changing codes.

Reality check here- you comms are going to sh*t the bed about 10 minutes after you start encryption because of the weakest link in your comms plan, the least intelligent or capable person in your group.

You can grow up and accept that FACT, or you can continue with your fantasy. But it wont change whats really going to happen. Try and see how fast in training it happens, if you disagree with me, you havent really tried it
YOU ARE SOOOOO RIGHT!

I remember during a REFORGER watching my LT going back and forth through his "little code book" until the CO drove up in a JEEP and had a discussion with him.

We weren't allowed to look at his buttchewing even though we could hear the whole thing. :)
 
#40 ·
This is another example of the difference between fantasy and real time uses.

People who KNOW, attempt to help and get "what if'd" and "but but" by the armchair commandoes.

Again and consistently I wonder why the few here who know bother posting
 
#50 ·
Between Desert Storm and trying to get some supplies or news from the next county there is quite a gulf. Please folks, not withstanding your individual experiences, keep things in perspective! A fire order differs greatly from a request for news about relatives. Still, some need for concealed comms is required even at this low order level. Why is it that some keep putting up all kinds of objections on KISS! Lui
 
#52 ·
There are several source of true randomness, her is an example of company using photons / light as a source:

http://www.idquantique.com/true-random-number-generator/products-overview.html

consciousness is also considered random in nature. So even if you know everything about a room, you will never be able to predict the exact path a fly in the same room will choose. So having a human input in making randomness doesn't have to be so wrong.

After the war the Russians made larger streams of random letters by having people or some one typing at random at typewriters, while it's possible to predict that some letters will be more frequent than others, it's still impossible to predict the sequence. The person thought it was a tiresome process and thought it would be OK to use the old key letters again after a while (perhaps a wasp bit her hand). However it wasn't OK. The US and UK was able to read several of the messages. And the Russian spy couple had to pay for their lives (The Rossenberg case).

Transferring messages with a onetime pad in a SHTF scenario is unnecessary and complicated. However simple codes like alpha-zulu = meaning "I found food" or Echo-Juliet meaning "vehicles are approaching" are onetime pads the first time they are being used.
 
#53 ·
So, we are using computers and HAM radios to transmit data to each other, but we need to use a book or a Capn' Crunch decoder ring to crypt our messages? Why not just keep using your computer and just implement something like AES, DES, Twofish, or whatever the heck you want with a shared key between you and your operatives. Crypt your message to ASCII text and then transmit that text, operative receives text and decrypts with your public key and viola message revealed.

It seems like you are trying to make a big problem for yourself where one doesn't exist.

If use of a computer is off the table then I guess you'll have to resort to one of the low tech methods mentioned here, but you don't need to really make it super complicated.
 
Top