Rural Defense Comms: TTPs Part III

Alright Joe, here’s the part you’ve been waiting for.  We’re going to touch on how to overcome that shortage of secure comms.  First up I’m going to state my honest opinion on having non-regulars and untrained folks encrypting and decrypting messages. Unless it’s simple and idiot proof I’m not a huge fan of it.  I would rather folks use sneakernet to pass messages but if time/space isn’t in your favor then it may very well be worth sitting some folks down and conducting a “train the trainer” session to get whatever techniques or technology you use spread amongst the tribe.  For our purposes we’ll refer to our code as a “Cipher”.

Message encryption is ancient – literally.  Ceaser used a basic encryption to encode his personal messages (Google Ceaser Cipher).  There’s literally hundreds if not thousands of ways to encrypt.  Book Encryption, drop code, etc. etc. Understand this right now:  A cipher is only as good as the folks using it and how secure they keep it.

Joe Commented “Regarding crypto. Prepare a code manual. Five-letter meaningless groups. These are assigned arbitrary meanings. You need the code book to encode and decode messages. The code groups can be spelled out phonetically. Numbers will also work, and may be easier to transmit. Just read 5-digit groups with a pause between groups. The code book is arranged like a bilingual dictionary. Code groups in some order (alphabetic or numeric) with their assigned meanings on one part of the code book; assigned meanings arranged in some manner (alphabetic) with their code groups in the other part.”  This is a viable technique as well.

When I was a young troop (and I’m going to give away my age here) we still used PRC-77s.  Now light units in those days were “equipment challenged” so not every radio had a Vinson (Google it).  In fact only our Company Commander had one.  So we lacked secure comms between the Company and the Platoons.  And the way we overcame that was through the use of the Company Tactical Standard Operating Procedures (TSOP or TACSOP – an SOP that dictates how a company operates in a tactical environment)  and the Communications Electronics Operating Instructions (CEOI later called an SOI – a classified controlled small book normally carried in the chest pocket dummy corded to the carrier).  the CEOI gave us the ability to encode messages and other information along with authenticating traffic.  The Company TACSOP gave us a neat tool – The Brevity Matrix.  I’m going to throw some example tools out inspired by these “low tech” solutions to get your gears grinding.

Remember:  A cipher code is only as good as the people using it and how well it’s protected.  So if you plan on using it prepare to conduct some really intensive training along with thorough practice sessions along with setting rules on handling your ciphers.  And spotcheck both the operation and handling frequently.

Now before we get into the meat and potatoes we need to add a few Prowords (remember those?)  to our vocabulary.  So jot these down:

ALL AFTER – Used in conjunction with SEND it tells the message sender to resend everything after a certain part of the message.  i.e. “SEND ALL AFTER VICTOR VICTOR OVER”

ALL BEFORE – Similar to ALL AFTER except it’s used to send the portion of the message that precedes the stated portion.  i.e. “SEND ALL BEFORE VICTOR VICTOR OVER”

AUTHENTICATE – This Proword is used to make a sending station conduct authentication from the authentication matrix.

I AUTHENTICATE – These prowords are used to let the receiving station know the transmitting station is sending an authentication cipher in response to the proword AUTHENTICATE.  DO NOT conduct automatic authentication (i.e. before being prompted the transmitting station sends the phrase “I authenticate Victor Victor Zulu”).  It is a sloppy practice that can compromise a cipher.

PREPARE TO COPY – This tells the receiving station to prepare to copy a message.

SEND – This lets the sending station know the receiving station is ready to copy the message.

Good to go?  Now here’s an interesting tidbit.  There are over a thousand words in the English Language that consist of ten letters without a single repeated letter.  So for this example I’m going to use my big ass list of ten letter non repeating words as a cipher.

The first thing we’ll go into is Authentication.  Authentication is normally used in response to a request, demand, or command.  Authentication allows the receiving or directed station to confirm that the sender is the real deal and not some dirtbag trying to pull some B/S.  Remember: this is an example.  Semper Gumby it.

For my purpose I want to have a 10×10 authentication matrix to make it easy on me (remember I’m working with ten letter words).  So I grid out a 10×10 grid and use the words from my list to fill it in.  The way I did this one is I started at the top and worked inward from the top and bottom – one from the top, one from the bottom, one from the top, etc.. scratching them off as I went.  Once I had the grid filled I added another unused word above and to the right side of the matrix.  So this is what I ended up with:

So how do ya use this thing? It’s simple.  The station requesting the authentication selects a letter from the top (shaded) row first and then from the shaded side row.  For example the station callsign Howell prompts the station callsign Briggs to authenticate:

“BRIGGS THIS IS HOWELL, AUTHENTICATE TANGO SIERRA OVER”

Briggs in turn would look those letters up in the same order Howell did and cross index them – resulting in the letter “R”.  Briggs would then authenticate in this manner:

“HOWELL THIS IS BRIGGS, I AUTHENTICATE ROMEO OVER”.

If the authentication is successful then that Cipher shouldn’t be used again for that period (more on that below).  If it’s not then Briggs may send another.  After two failed authentications Howell would ignore all traffic from Briggs and report a failed authentication to the NCS – which may prompt the QRF to move out and check to see why Briggs had its head up its ass and returned an incorrect authentication – possibly from an expired table (we’ve got a fix for that below).

Another neat technique is the incorporation of duress codes into authentication.  If a station is under duress and being forced to send demands, requests, etc. they could slip a predetermined code  or technique into the mix.  i.e. instead of just authenticating with Romeo they may authenticate with Romeo Tango (the letter below R).  The receiving and monitoring stations realize that a dual letter authentication isn’t right and take action.  One thing really important here :  If a duress is used in conjunction with a cipher then that cipher has to be immediately considered compromised.

Easy, eh?  Alrighty, next up is one of my favorites – the Brevity Matrix.  We used the brevity matrix to encode messages and even locations to send across unsecured nets.  It’s similar to the authentication table however instead of just letters it contains words or even phrases.  Using my list of ten letter words (over a thousand of them – that is some fascinating shit) we’re going to create another 10×10 grid.  This time we’ll fill it in with common words, orders, information, whatever you feel needs encryption.    Once we have it filled in (and you don’t have to fill the entire thing in mind you as blank spots could be a great method of deception – and don’t forget to jumble ’em up) once again we place one of our UNUSED ten letter words on top and the side like the Authentication table.  So we end up with something similar to this:

Simple right – so let’s setup a message with it.  Once again Briggs and Howell are on the net and Briggs is going to send Howell the message using what we’ve covered so far in comms techniques (including those breaks). Note how both stations use their callsigns – each message is started by the intended receiver followed by the transmitter.  Now here’s a technique I recommend:  Send brevity matrix codes in the same group size as any location types or other type encrypted info you send – it adds a layer of difficulty for the threat to determine what kind of information is being sent.

“BRIGGS, HOWELL, PREPARE TO COPY OVER”

“HOWELL, BRIGGS, SEND IT OVER”

“BRIGGS, HOWELL, I SEND ALPHA WHISKEY BRAVO, WHISKEY, ROMEO WHISKEY – BREAK” ..”UNIFORM WHISKEY PAPA, WHISKEY TANGO WHISKEY – BREAK”.. “INDIA WHISKEY OSCAR, WHISKEY, NOVEMBER WHISKEY – BREAK”.. “SIERRA WHISKEY ALPHA, OSCAR, OVER”

Now for SnG let’s say Briggs missed the last two sets.  Here’s what should happen:

“HOWELL, BRIGGS, SEND ALL AFTER NOVEMBER WHISKEY OVER”

Howell would send:

“BRIGGS, HOWELL I SEND SIERRA WHISKEY ALPHA, OSCAR, OVER”

“HOWELL, BRIGGS, ROGER OUT”.

An “ALL BEFORE” request would be structured in the a very similar manner.

Now it’s not a good idea to throw messages in a straight line like I did  – I got a bit lazy making that example and all those Whiskey lines would make breaking the cipher easier.  If you scramble those words all over the matrix it’ll take the threat some serious time or a compromised cipher to figure it out.  Also I didn’t invent the ten letter non-repeating Cipher technique – I’ve seen a lot of different forms of it over the years.  I’m sure there are some other examples on the net as well

So how do we protect our cipher.  My suggestion is to have one location (maybe the NCS) develop it daily and distribute it via sneakernet every day prior to the noon switchover with it going into effect at noon right along with the new freqs.  To get the new one the old one has to be surrendered.  It’s also a damn good idea to track how many go out, how many come in, and who lost their copy (it will happen).

Be creative and come up with your own systems.  Remember it has to be simple enough for folks to use it or else they’ll get sloppy and evolve it creating one helluva comms mess.  Take into consideration who you are working with in your AO, who needs the cipher, and who’s going to administer it.  A cipher is not something you can just float along – if you let it get sloppy IT WILL be compromised.

Advertisements

About Treaded

Semi-retired career and contract troop. I own and maintain my own small ranch out here in beautiful rural America.
This entry was posted in Security Planning, Situational Awareness. Bookmark the permalink.

12 Responses to Rural Defense Comms: TTPs Part III

  1. Pingback: LF: Comms – Part III | Western Rifle Shooters Association

  2. ca says:

    Awesome series. Keep bashing on. It is appreciated.

    — ca
    wrsa

  3. pdxr13 says:

    Tactical Comm crypto doesn’t have to be rock-solid 256-bit that can resist a concerted NSA attack for 20 years. It needs to be difficult enough to break that the volume of traffic doesn’t give it away before the next key is issued in 24 hours, which a 10×10 grid is. The “tactical” nature of the messages means that they are much-less-useful if delayed for a day. Of course, there is traffic analysis, voice analysis, etc., that does not depend on decryption for hints as to what might be going on or planned. Thus, a certain level of mundane routine encrypted traffic should be maintained for training/maintaining FreeFor skilled users, and providing the OpFor something to chew on. Aren’t there rules prohibiting encrypted traffic by Amateur radio licensees? If not, there will be.

  4. Bravo says:

    LF,

    Please do not encourage anyone to use a Caesar cypher over comms. That’s just a waste of time and a false sense of security for those who don’t know better. The fact of the matter is, good Encryption is relatively EASY, and there’s really no excuse for not using it, or using a weak cypher. set up a copy of GnuPG on a laptop for each user, or use Clipsecure (http://www.scanwith.com/download/ClipSecure.htm) (ALL FREE), or worst case and the most low tech, use a one time pad (https://en.wikipedia.org/wiki/One-time_pad). A one-time-pad could even be used as the backup comm in a power out situation.

    • Treaded says:

      Bravo – it was for a historical example. My stance on encryption at all is addressed in both Part II and the begging. Radio Abstinence is the way to go.

  5. Badger says:

    A good down & dirty piece. Just some experiential thoughts. Your brevity matrix has a 2nd role as a support tool to shorten the overall length of any other off-line system you develop, even if it’s lengthy stuff at some point that only goes via boot sole to FreeFor. Also, RE table distribution the turn-1 in to get-1 policy assumes daily physical contact with the “customers.” There will need to be some mechanism to have it positioned before the period is up, which also facilitates Plan B if one is compromised (you’re right, sometimes the dog does eat the homework). And yes, it is against current G laws as they stand to transmit with the intent to obscure meaning whether using codes, English phrases, etc. At some point that won’t matter, and for training purposes there are methods I’ll not go into here. There is no liability applied (in that scope) to the receiver. If one goes with even a moderate distribution scheme I’d recommend getting a dedicated auxiliary to run that, someone who’s totally unquestionable in dedication to purpose and insanely anal about detail. (Tax accountant maybe, LOL.) Your dime, just stuff to chew on. This is good stuff, drive on.
    🙂

  6. Rich T says:

    Here is a link to a listing of unique, nonrepeating letter words. Words are from 2 to 15 letters. Fast & easy way to build your lists.

    http://www.morewords.com/unique-letters/

  7. B Woodman says:

    Was comm for 20 years Army. During FTXs I carried two “books”. One was a months worth of daily frequencies, call signs, suffixes (to the call signs), challange & password, authentication table, and other comm minutia. The other book was the bilingual 5 letter groups and their words. So a lot of what you’re preaching is bringing back lots of memories. Even the equipment – PRC25, PRC77, the entire VRC12 series (R442, RT524, etc).
    Fun, fun, fun. (/sarc off).

  8. Treaded says:

    For those so inclined to play with the onetime pad here’s a decent source of info along with a few tools to work with:
    http://users.telenet.be/d.rijmenants/en/onetimepad.htm

  9. rijmenants says:

    Your authentication method would be very insecure, as there are only 100 unique authentications and each is disclosed when authenticating. A better apporach would be this (using your table):

    1. The challenger sends an authentication with two bigrams: TANGO SIERRA (=R) BRAVO INDIA (=E)
    2. The challenged person converts the two bigrams into the letters R and E
    3. He selects any random R and E in the letter square. Let us take the R from INDIA OSCAR and the E from UNIFORM HOTEL.
    4. He makes an imaginairy square with those R and E in the corner and takes the letters in the opposite corners, being A (UNIFORM OSCAR) and I (INDIA HOTEL).
    5. He authenticates with the bigrams for those letters: UNIFORM OSCAR INDIA HOTEL.
    6. The challenger verifies UNIFORM OSCAR (A) and INDIA HOTEL (I), takes the opposite corners and finds the letters R and E. The challenger now knows that the receiver has a correct authentication table.

    It looks complicated, but if you try it out, you’ll see that it is very easy.

    This way, the coordinate letters of the challenge are never revealed and it takes an enourmous amount of intercepted challenges and complex calculations before the adversary can deduct the construction of the letter square. There are far more possibilities with a double bigram (10.000 for your table) and with this system, there can be many different answers to each of these challenge.

    Another way to reduce risk of compromise is to use every colum and row header letter only twice. When you used it once, strike it diagonally one. When you use it a second time, strike it again, making a cross, and never reuse that letter again for authentication. Another tip, use 100 random letters in the square, instead of ten 10 ten-letter words.

    There are various ways to authenticate, for instance with a playfair squar (see playfair cipher). One rule: restric the use of authentication to the absolute minimum to avoid reconstruction of the table by the adversary.

    Regards,

    Dirk

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s