Found a good "Communications Security" link? Let Us Know!

Introduction to "Electronic Protection" U.S. Naval Postgraduate School: Electronic protection involves methods of preventing spies from stealing secrets from the electromagnetic emanations of your information systems, as well as methods of preventing saboteurs from incapacitating or destroying your information systems using electromagnetic radiation. We discuss the kinds of threats and what can be done to reduce or prevent them. Particular weaknesses are video monitors, keyboards, and cables. Electromagnetic shielding is helpful, but requires special additions to computer hardware. Source suppression, noise generation, encryption, deliberate irregularity, and deliberate deception can also help against spies but require careful planning. Bug detectors can alert you to electronic devices that may be eavesdropping, but do not always work. As for electromagnetic sabotage, similar shielding methods can protect against it, but backup methods are important, including current limiters... [Link recovered 5/6/11]

Radio Transmitter Schematics a collection of schematic diagrams for radio transmitters and transmitter amplifiers.  Although circuit components are labeled (and can be built easily), schematics are for educational purposes only!!!  Operation of some of these devices may require licensure.  If you wish to experiment with RF transmitting circuitry without violating regulations, use a dummy load in lieu of an antenna.  [Link updated - different site - 5/6/11]

TSCM - Phone Bugging and Modifications If you are reading this then you probably have a telephone, and if you have a telephone you already have an excellent bugging device installed in your home or office. In many cases nothing has to be done to the telephone to turn it into an excellent room bug due to design flaws, but in most cases a simple capacitor (at a cost of three cents) can be installed and a wire snipped to turn your telephone into a very high quality eavesdropping device. Telephones have microphones, speakers, ringers, microphonic transducers, and power all of which can provide everything an eavesdropper needs to listen in on your business or personal affairs. What follows are a few of the hundreds of things an eavesdropper can do to very simply turn your normal telephone into an excellent surveillance device... See also TSCM Handbook - and excellent primer!!!

Detecting and Preventing Eavesdropping Any indication that an adversary or competitor is using illegal means to collect information should alert you to the possibility, at least, that listening devices might be planted in your office or home. There are a number of specific warning signs that you may be the target of eavesdropping. Of course, if eavesdropping is done by a professional, and done correctly, you may not see any of these signs...  [Link recovered 5/6/11]

Cordless Telephones: Bye Bye Privacy! by Tom Kneitel, K2AES, Editor (originally published in Popular Communications, June 1991): A Boon to Eavesdroppers, Cordless Phones Are as Private as Conversing in an Elevator. You'll Never Guess Who's Listening In! OK, so it took a while, but now you've accepted the fact that your cellular phone conversations can easily be overheard by the public at large. Now you can begin wrestling with the notion that there are many more scanners in the hands of the public that can listen to cordless telephone calls than can tune in on cellulars... [Link recovered 5/6/11]

Wireless Communications Privacy Wireless phones are very popular, and the number of people who use them is steadily growing. There are over 200 million subscribers in the U.S. But even though wireless devices have many advantages, privacy is not one of them. Depending on the kind of phone you use, others can listen to calls you make. Pagers can also be intercepted. And if your computer is connected to a wireless network (“Wi-Fi”), the data you transmit to other computers and printers might not be secure. It pays to be aware of the privacy and fraud implications of using wireless devices. A few simple precautions will enable you to detect and prevent fraud as well as to safeguard the privacy of your communications...

Cordless Security- Can Eavesdropping Be Prevented? by Jim Hanks: Most of us have picked up our cordless phones at one time or another, and found ourselves listening in on other people's conversations. Perhaps we listen for a while (until we realize that a random phone call isn't very interesting), and then we hang up. Although many of us prefer not to think about it, this technological flaw can be very dangerous. Certainly when trade secrets and insider information can be heard by anyone with a $200 radio scanner, a company will quickly learn how financially damaging poor cordless phone security can be...

The covert spectrum. (pirate and secret broadcasting) [Great article!] Since the creation of the Central Intelligence Agency in 1947, covert activity has metastasized within the federal government. Virtually every U.S. agency today is host to one or more secret components whose operations are as invisible as Washington can make them. From the unheard-of Office of Foreign Availability at the Commerce Department to the determinedly anonymous Federal Research Division of the Library of Congress, the American government has spawned a sub rosa bureaucracy whose day-to-day business resembles nothing so much as a conspiracy in (what we're told is) the public interest...

Who Else is Listening? An Expert Wiretapper Talks About His Trade - by Bernard B. Spindel with Bill Davidson - Collier's, June 10, 1955: Electronic eavesdropping is rapidly turning into a national menace-and wiretaps are only one phase of the thread. Here is the full story of the insidious invasion of our right of privacy, as told by a top expert...

Forget Quantum Encryption, Simple Scheme Can Stop Electronic Eavesdropping James Bond may use the fanciest, most expensive and high-tech devices to thwart would-be eavesdroppers, but in a pinch, the super-spy can use one Texas A&M engineer's simple, low-cost scheme to keep data secure from the bad guys...

Eavesdropping & Espionage White Paper ESPIONAGE 301 - Detection of Electronic Eavesdropping Devices: The most visible part of the Counterespionage Consultant's job is the Electronic Countermeasures Sweep: the search for eavesdropping devices. It is also the task which is least understood by clients. A knowledgeable consultant will make removing the mystery the first priority. Expect to be educated on the countermeasures process, in terms equal to your prior knowledge level. Everything can, and should, be explained in lay-person terms. Deliberately hiding behind jargon, in any specialty, is rude and should always arouse your suspicions about the true competence of the speaker. From the consultant's viewpoint, the more you know, the more you will appreciate their efforts on your behalf. Also available as a printable booklet with graphics as an Adobe Acrobat file

THE ROAD WARRIOR by Kevin Fitchard: Talking on his mobile phone while driving between jobs in Southern California, Frank Keeney looks like an operative straight out of a spy flick. While he chats nonchalantly with a journalist, the front seat of his SUV is a buzz of electronic activity. A laptop computer running a network-sniffing program called Kismet is communicating with an antenna sprouting from his roof and a GPS transceiver mounted on the dash. Meanwhile, a wireless LAN card hooked to the laptop is scanning the horizon for any activity over the unlicensed frequencies...

How to make an FM wireless BUG by Johnney Rotten This handy little device can be used for two purposes. The first is a FM bug, which transmits on the FM frequency, thus making it extremely easy to pick up. The second is a FM station blocker (which can be really fun if you are pissed at someone who just happens to be listening to the radio. In this case, you can do 1 (or both) of these: A) announce through the bug (on their station) that Fred (whoever is listening) has just won 1 years supply of orthopedic shoe pads, or B) disconnect the mike, and let it fry the station... 

WIRELESS MICROPHONE by SM0VPO This project is a miniature, VHF FM (wideband) Wireless Microphone transmitter of the type that are commonly refered to as BUG's. Note that "BUGS" are illegal but "Wide-Band Frequency Modulation Wireless Microphones" (WBFMWMs) are not, as so many people have told me (including the RSGB!). Besides, the AF sensitivity of this transmitter prevents it from being an effective bug for eaves-dropping! I personally use one of these WBFMWMs plugged into my HF rig headphone socket so that I can "earwig" QSO's and nets when sitting on the toilet, washing the dishes, bringing in the coal, etc. I know from experience that this project can be used to stimulate interest in Radio in older children, and this was also one of the projects given to a group of scouts and girl- guides to construct...  [Link recovered 5/6/11]

WIRELESS MICROPHONE 2 by Harry Lythall - SM0VPO: Here is another FM Wireless Microphone with added microphone amplifier and power amplifier stage to increase the microphone sensitivity and range. Please note that this circuit is drawn from memory and I cannot guarantee that it will work well without some form of modification so please treat this project only as an idea. I had loads of success with this version of the circuit in the early 80s and had a range of about 2Km. I will build this version again later, after my present projects are complete, then present any possible changes to the circuit.  [Link recovered 5/6/11]

Direction Finding (DFing): An article found somewhere on the net in days of yore. 

APRSdos DF-ing This page is all about Direction Finding in APRS (much of which was left out of many APRS clones). But these techniques work perfectlly well without APRS and they work perfectly well without any DF-ing equipment too!. The page is in reverse chronological order, with new experiences added at the top.  [Link recovered 5/6/11]

UARC - Radio Direction Finding page Radio Direction Finding (RDF) of signals is nearly as old as the art of radio itself. In the early days, not only was being able to communicate over long distances found to be invaluable, but so was being able to locate the source of such a signal, especially in the event of an emergency. Although the technology has changed over the many decades, the essential elements of the techniques have not. Despite advances in technology, it is still largely up to the skill of the RDF equipment operator to make sense out of the information gleaned from their gear...

Technical Surveillance Countermeasures The public is finally realizing that information loss, due to espionage attack, is real and becoming more frequent. This upsurge in clandestine surveillance activity is fast becoming a problem of epidemic proportions, as a result of many current factors.

How Much Spying Occurs? Every aspect of your business that has a value to you also has an undeniable value to your adversaries. We can only make an intellectual estimate as to the actual magnitude of this invisible threat, based upon reported incidents.

Specialized TSCM Equipment The following list is presented to serve as general guidelines to assist in the evaluation of equipment capabilities and limitations. These may vary depending upon particular requirements, based on the level of risk. Indicated equipment capabilities represents the minimum required to perform a thorough TSCM Survey.

A Glossary of Terms These few definitions are provided to give you a brief and simple explanation of some terms commonly used by TSCM professionals. These definitions are not designed to be all-inclusive and are written in layman's terminology.

Attack Methods Employed Just as scientific technology has given us the miniature micro chip to reduce the physical size of computers, it has also given us that same technology to build miniature microphones, transmitters, and other eavesdropping devices. Valuable information must be obtained from within sensitive areas for a covert operation to be successful. Numerous inherent weaknesses exist which could easily be exploited by an electronic eavesdropper. Addressed are those weaknesses which are considered practical for eavesdropping attack.

The Dancing Bear - A New Way of Composing Ciphers presents a new way to combine crypto primitives. Previously, to decrypt using any three out of five keys, the keys all had to be of the same type (such as RSA keys). With my new construction, you can mix and match - RSA, AES, even one-time pad. The paper appeared at the 2004 Protocols Workshop; an earlier version came out at the FSE 2004 rump session.  [Link recovered 5/6/11]

Two Remarks on Public Key Cryptology is a note on two ideas I floated at talks I gave in 1997-98, concerning forward-secure signatures and compatible weak keys. The first of these has inspired later research by others; the second gives a new attack on public key encryption systems.

Two Practical and Provably Secure Block Ciphers: BEAR and LION shows how to construct a provably secure block cipher from a stream cipher and a hash function. It had previously been known how to construct stream ciphers and hash functions from block ciphers, and hash functions from stream ciphers; so our constructions complete the set of elementary reductions. They also led to the `Dancing Bear' paper above.  [Link recovered 5/6/11]

Tiger - A Fast New Hash Function defines a new hash function, which we designed following Hans Dobbertin's attack on MD4. This was designed to run extremely fast on the new 64-bit processors such as DEC Alpha and IA64, while still running reasonably quickly on existing hardware such as Intel 80486 and Pentium (the above link is to the Tiger home page, maintained in Haifa by Eli Biham; if the network is slow, see my UK mirrors of the Tiger paper, new and old reference implementations (the change fixes a padding bug) and S-box generation documents. There are also third-party crypto toolkits supporting Tiger, such as that from Bouncy Castle).

Minding your p's and q's points out a number of things that can go wrong with the choice of modulus and generator in public key systems based on discrete log. It elucidated many of the previously classified reasoning behind the design of the US Digital Signature Algorithm, and appeared at Asiacrypt 96.  [Link recovered 5/6/11]

Chameleon - A New Kind of Stream Cipher shows how to do traitor tracing using symmetric rather than public key cryptology. The idea is to turn a stream cipher into one with reduced key diffusion, but without compromising security. The effect is that a single broadcast ciphertext is decrypted to slightly different plaintexts by users with slightly different keys. Thus users who re-sell their copy of the plaintext in contravention of a licence agreement can be traced. This paper appeared at the fourth workshop on Fast Software Encryption in Haifa in January 1997.  [Link recovered 5/6/11]

Searching for the Optimum Correlation Attack appeared at the second workshop on fast software encryption. It shows that nonlinear combining functions used in nonlinear filter generators can react with shifted copies of themselves in a way that opens up a new and powerful attack on many cipher systems. [Link recovered 5/6/11]

The Classification of Hash Functions appeared at Cryptography and Coding 93. It proves that correlation freedom is strictly stronger than collision freedom, and shows that there are many pseudorandomness properties other than collision freedom which hash functions may need. [Link recovered 5/6/11]

A Faster Attack on Certain Stream Ciphers shows how to break the multiplex shift register generator, which is used in satellite TV systems. I found a simple divide-and-conquer attack on this system in the mid 1980's, a discovery that got me `hooked' on cryptology. This paper is a recent refinement of that work. [Link recovered 5/6/11]

On Fibonacci Keystream Generators appeared at FSE3, and shows how to break `FISH', a stream cipher proposed by Siemens. It also proposes an improved cipher, `PIKE', based on the same general mechanisms. [Link recovered 5/6/11]

Military Surplus communications Security Equipment and Components ... Of course, if you are trying to hide stuff from the government, these items might need some "upgrades."

STU-III Secure Telephone Units, Crypto Key Generators, Encryption ... [Sales Site] While this is a sales site, the leading article is informative.

[Chapter 14] Telephone Security Relating to computers.

ON-HOOK TELEPHONE SECURITY GUIDELINES [PDF] Courtesy of the US Air Force

Understanding Cellular Telephone Security This guide summarizes all cellular telephone security and privacy issues that I am aware of. If you know of issues that are not on this list, please let me know.

Textfiles:

Please Read The Website Disclaimer!
Copyright 1986-2012, The Survival & Self-Reliance Studies Institute (SSRsi), All Rights Reserved
Site conceptualized, designed, created & maintained by MEG Raven
Snail Mail: SSRsi, PO Box 2572 Dillon, CO. 80435-2572

Page Updated
5/6/11