Decoding A 350 Year Old Coded Message

Usually, a story about hacking a coded message will have some computer element or, at least, a machine like an Enigma. But [Ruth Selman] recently posted a challenge asking if anyone could decrypt an English diplomatic message sent from France in 1670. Turns out, two teams managed it. Well, more accurately, one team of three people managed it, plus another lone cryptographer. If you want to try decoding it yourself, you might want to read [Ruth’s] first post and take a shot at it before reading on further here: there are spoilers below.

No computers or machines were likely used to create the message, although we imagine the codebreakers may have had some mechanized aids. Still, it takes human intuition to pull something like this off. One trick used by the text was the inclusion of letters meant to be thrown out. Because there were an odd number of Qs, and many of them were near the right margin, there was a suspicion that the Qs indicated a throw-away character and an end of line.

Continue reading “Decoding A 350 Year Old Coded Message”

Crowdsourcing SIGINT: Ham Radio At War

I often ask people: What’s the most important thing you need to have a successful fishing trip? I get a lot of different answers about bait, equipment, and boats. Some people tell me beer. But the best answer, in my opinion, is fish. Without fish, you are sure to come home empty-handed.

On a recent visit to Bletchley Park, I thought about this and how it relates to World War II codebreaking. All the computers and smart people in the world won’t help you decode messages if you don’t already have the messages. So while Alan Turing and the codebreakers at Bletchley are well-known, at least in our circles, fewer people know about Arkley View.

The problem was apparent to the British. The Axis powers were sending lots of radio traffic. It would take a literal army of radio operators to record it all. Colonel Adrian Simpson sent a report to the director of MI5 in 1938 explaining that the three listening stations were not enough. The proposal was to build a network of volunteers to handle radio traffic interception.

That was the start of the Radio Security Service (RSS), which started operating out of some unused cells at a prison in London. The volunteers? Experienced ham radio operators who used their own equipment, at first, with the particular goal of intercepting transmissions from enemy agents on home soil.

At the start of the war, ham operators had their transmitters impounded. However, they still had their receivers and, of course, could all read Morse code. Further, they were probably accustomed to pulling out Morse code messages under challenging radio conditions.

Over time, this volunteer army of hams would swell to about 1,500 members. The RSS also supplied some radio gear to help in the task. MI5 checked each potential member, and the local police would visit to ensure the applicant was trustworthy. Keep in mind that radio intercepts were also done by servicemen and women (especially women) although many of them were engaged in reporting on voice communication or military communications.

Continue reading “Crowdsourcing SIGINT: Ham Radio At War”

A USB dongle is shown connected to a laptop computer. A text box in the lower right corner says "PECKUS is running in DEBUG mode, it is 3x faster in non-DEBUG mode."

A Presence-sensing Drive For Securely Storing Secrets

When we hear about flash drives in the context of cybersecurity, we tend to think of them more as threats than as targets. When you’re using flash drives to store encryption keys, however, it makes sense to pay more attention to their security. [Juergen] designed the PECKUS (Presence Enforcing Crypto-Key USB-Storage) with this specifically in mind: a few-kilobyte storage device that only unlocks if the owner’s Bluetooth device is in the vicinity.

[Juergen] needed to store an infrequently-used keyfile on an air-gapped system, and commercial encrypted flash drives were rather expensive and left much to be desired in terms of usability. Instead, he designed a CircuitPython custom firmware for MakerDiary’s nRF52840 micro development kit, which provided a BLE-capable system in the form of a USB dongle.

After flashing the firmware to the board, the user sets it up with a particular Bluetooth device and a file to be stored; after writing the file during setup, it cannot be rewritten. Before reading from the device, the user must pair the previously-set device with the board and press a button on the board, and only then does the device appear to the computer.

The limited amount of storage space means that this device will probably only serve its intended purpose, but in those cases, it’ll be handy to have an open-source and inexpensive protected storage device. [Juergen] notes that attackers could theoretically defeat this system by desoldering the microcontroller from the board and extracting the memory contents from the its storage, but if you have enemies that resourceful, you probably won’t be relying on a $20 board anyways.

We’ve previously seen a few flashdrives cross these pages, including one meant to self-destruct, and one made from a rejected microSD card.

Combined Crypto, Anglo-American Style

If you think about military crypto machines, you probably think about the infamous Enigma machine. However, as [Christos T.] reminds us, there were many others and, in particular, the production of a “combined cipher” machine for the US and the UK to use for a variety of purposes.

The story opens in 1941 when ships from the United States and the United Kingdom were crossing the Atlantic together in convoys. The US wanted to use the M-138A and M-209 machines, but the British were unimpressed. They were interested in the M-134C, but it was too secret to share, so they reached a compromise.

Starting with a British Typex, a US Navy officer developed an attachment with additional rotors and converted the Typex into a CCM or Combined Cipher Machine. Two earlier verisons of the attachment worked with the M-134C. However the CSP 1800 (or CCM Mark III) was essentially the same unit made to attach to the Typex. Development cost about $6 million — a huge sum for the middle of last century.

Continue reading “Combined Crypto, Anglo-American Style”

Undo Arduino Encryption With An Oscilloscope

Cryptography ain’t easy. Seemingly small details like how many times a computationally intensive loop runs can give the game away. [Lord Feistel] gives us a demo of how this could work with nothing more than poorly designed code, a resistor, and an oscilloscope.

The hardware side is, as mentioned, really simple. Put a resistor inline with the Arduino and monitor the voltage drop across the resistor with the scope. When the chip is working hard, it consumes more current, and code sections that take longer will show up as longer dips.

On the software end, it’s only a little more complicated.  The RSA encryption scheme involves a lot of exponentiation and modulo-taking. Here, [Lord Feistel] is targeting a naive way of computing the exponents quickly, and demonstrates how you can read the exponent straight out the chip’s power demand.

Implementing this attack against a real-world RSA algorithm, in the context of the Arduino doing other stuff, will be harder. And we don’t know if the algorithm implemented in “standard” Arduino libraries is smarter than this one. (If you know, let us know in the comments.) But still, this is a cool example of just how simple and straightforward it can be to eavesdrop on bad code.

If you only need to bypass encryption instead of breaking it, check out [Lord Feistel]’s other tutorial on power glitching that we featured previously. If you haven’t played around with the hardware side of security, it gets deep pretty quickly, but you can at least dip your toes in the shallow end with what you’ve got in your closet.

A Binary Version Of The Enigma Machine

The Enigma machine is the most well-known encryption tool used by German forces in World War II, mostly because it was so famously cracked by the Allies to great effect. Like many hackers, [christofer.jh] was intrigued by the design of the Enigma, and felt compelled to build a binary version of his own design.

The original Enigma machine was designed to scramble the 26 letters in the Latin alphabet. This design is altogether simpler. Instead of 26 letters, it will scramble 1s and 0s of binary code based on the initial settings of the scrambler rings.

Continue reading “A Binary Version Of The Enigma Machine”

A portable digital radio transceiver in a 3d printed case

RNODE: A Portable Unrestricted Digital Radio

RNode is an open source, unrestricted digital radio transceiver based on — but not limited to — the Reticulum cryptographic networking stack. It is another interesting project in what we might call the “Federated application” space in that it is intended to be used with no central controlling body. It can be used in a LAN or WAN context with the Reticulum network when operating in network adaptor mode, but it also has other use cases.

Essentially, RNode is a software project running on a LilyGO LoRa32 board wrapped up in a snazzy-looking 3D-printed case. Just make sure to grab a version of the board with an u.FL connector in place or somewhere to solder one. If it comes with an SMA connector, you will want to remove that. The device can be standalone, perhaps attached to a mobile device via Wi-Fi, but it needs to be hooked up to a laptop for the really interesting applications. When set to TNC mode, it can act as an APRS gateway, which allows you to access packet radio BBSs and all that fun stuff.

Continue reading “RNODE: A Portable Unrestricted Digital Radio”