encryption

89 Articles

As The World Burns, At Least You’ll Have Secure Messaging

May 20, 2025 by 45 Comments

There’s a section of our community who concern themselves with the technological aspects of preparing for an uncertain future, and for them a significant proportion of effort goes in to communication. This has always included amateur radio, but in more recent years it has been extended to LoRa. To that end, [Bertrand Selva] has created a LoRa communicator, one which uses a Pi Pico, and delivers secure messaging.

The hardware is a rather-nice looking 3D printed case with a color screen and a USB A port for a keyboard, but perhaps the way it works is more interesting. It takes a one-time pad approach to encryption, using a key the same length as the message. This means that an intercepted message is in effect undecryptable without the key, but we are curious about the keys themselves.

They’re a generated list of keys stored on an SD card with a copy present in each terminal on a particular net of devices, and each key is time-specific to a GPS derived time. Old keys are destroyed, but we’re interested in how the keys are generated as well as how such a system could be made to survive the loss of one of those SD cards. We’re guessing that just as when a Cold War spy had his one-time pad captured, that would mean game over for the security.

So if Meshtastic isn’t quite the thing for you then it’s possible that this could be an alternative. As an aside we’re interested to note that it’s using a 433 MHz LoRa module, revealing the different frequency preferences that exist between enthusiasts in different countries.

Continue reading “As The World Burns, At Least You’ll Have Secure Messaging”

Radio Repeaters In The Sky

April 30, 2025 by 10 Comments

One of the first things that an amateur radio operator is likely to do once receiving their license is grab a dual-band handheld and try to make contacts with a local repeater. After the initial contacts, though, many hams move on to more technically challenging aspects of the hobby. One of those being activating space-based repeaters instead of their terrestrial counterparts. [saveitforparts] takes a look at some more esoteric uses of these radio systems in his latest video.

There are plenty of satellite repeaters flying around the world that are actually legal for hams to use, with most being in low-Earth orbit and making quick passes at predictable times. But there are others, generally operated by the world’s militaries, that are in higher geostationary orbits which allows them to serve a specific area continually. With a specialized three-dimensional Yagi-Uda antenna on loan, [saveitforparts] listens in on some of these signals. Some of it is presumably encrypted military activity, but there’s also some pirate radio and state propaganda stations.

There are a few other types of radio repeaters operating out in space as well, and not all of them are in geostationary orbit. Turning the antenna to the north, [saveitforparts] finds a few Russian satellites in an orbit specifically designed to provide polar regions with a similar radio service. These sometimes will overlap with terrestrial radio like TV or air traffic control and happily repeat them at brief intervals.

[saveitforparts] has plenty of videos looking at other satellite communications, including grabbing images from Russian weather satellites, using leftover junk to grab weather data from geostationary orbit, and accessing the Internet via satellite with 80s-era technology.

Continue reading “Radio Repeaters In The Sky”

Enigma buttons

Modernizing An Enigma Machine

April 17, 2025 by 6 Comments

This project by [Miro] is awesome, not only did he build a replica Enigma machine using modern technologies, but after completing it, he went back and revised several components to make it more usable. We’ve featured Enigma machines here before; they are complex combinations of mechanical and electrical components that form one of the most recognizable encryption methods in history.

His first Enigma machine was designed closely after the original. He used custom PCBs for the plugboard and lightboard, which significantly cleaned up the internal wiring. For the lightboard, he cleverly used a laser printer on semi-transparent paper to create crisp letters, illuminated from behind. For the keyboard, he again designed a custom PCB to connect all the switches. However, he encountered an unexpected setback due to error stack-up. We love that he took the time to document this issue and explain that the project didn’t come together perfectly on the first try and how some adjustments were needed along the way.
Continue reading “Modernizing An Enigma Machine”

EPROM-based Enigma Machine

March 12, 2025 by 5 Comments

The Enigma machine is perhaps one of the most legendary devices to come out of World War II. The Germans used the ingenious cryptographic device to hide their communications from the Allies, who in turn spent an incredible amount of time and energy in finding a way to break it. While the original Enigma was a complicated electromechanical contraption, [DrMattRegan] recently set out to show how its operation can be replicated with an EPROM.

The German Enigma machine was, for the time, an extremely robust way of coding messages. Earlier versions proved somewhat easy to crack, but subsequent machines added more and more complexity rendering them almost impenetrable. The basis of the system was a set of rotors which encrypted each typed letter to a different one based on the settings and then advanced one place in their rotation, ensuring each letter was encrypted differently than the last. Essentially this is a finite-state machine, something perfectly suited for an EPROM. With all of the possible combinations programmed in advance, an initial rotor setting can be inputted, and then each key press is sent through the Enigma emulator which encrypts the letter, virtually advances the rotors, and then moves to the next letter with each clock cycle.

[DrMattRegan]’s video, also linked below, goes into much more historical and technical detail on how these machines worked, as well as some background on the British bombe, an electromechanical device used for decoding encrypted German messages. The first programmable, electronic, digital computer called Colossus was also developed to break encrypted Enigma messages as well, demonstrating yet another technology that came to the forefront during WWII.

Continue reading “EPROM-based Enigma Machine”

Inside Project Delilah

February 4, 2025 by 13 Comments

The invention of the computer is a tricky thing to pinpoint. There were some early attempts that were not well known and some early attempts that were deliberately secret. [Alan Turing]’s efforts with Colossus were top secret for years, and while that work built on earlier efforts in Poland, [Turing] has as much claim to be the father of computers as anyone. But [Jack Copland] points out in a recent post that the famous computer scientist was also involved in another secret project: Delilah.

While [Turing] is best known for his work breaking ciphers at Bletchley Park, he also put time in on a second project about ten miles away in a secret electronics lab at Hanslope Park. There he worked with an assistant, [Donald Bayley] on Delilah — a portable system for encrypting voice transmissions.

Continue reading “Inside Project Delilah”

Hacking An IP Camera To Run Your Own Software

July 17, 2024 by 18 Comments

Ah, generic unbranded IP cameras. Safe, secure? Probably not. [Alex] has been hacking around with one of his very own, and he’s recently busted the thing wide open.

Determining that the camera had a software update function built in, [Alex] saw an opening for hijinks. The first issue was that the camera only accepts encrypted update packages, which complicates things somewhat. However, through some smart reverse engineering, the format of the updates and their encryption method became obvious to [Alex]. Oh, and partly because there was a GitHub repository online featuring the source code used by the manufacturer to encrypt their updates. That definitely helped. It also led [Alex] to suspect the manufacturer may not have properly respected the open source license of some of the routines involved.

In the demo of the exploit, [Alex] has the camera reach out to www.pudim.com.br instead of the servers of the original manufacturer. That’s a pretty clear way to show that the camera has been owned.

We first featured [Alex]’s work in this space all the way back in 2019. It’s come a long way since then!

Continue reading “Hacking An IP Camera To Run Your Own Software”

Falsified Photos: Fooling Adobe’s Cryptographically-Signed Metadata

November 30, 2023 by 34 Comments

Last week, we wrote about the Leica M11-P, the world’s first camera with Adobe’s Content Authenticity Initiative (CAI) credentials baked into every shot. Essentially, each file is signed with Leica’s encryption key such that any changes to the image, whether edits to the photo itself or the metadata, are tracked. The goal is to not only prove ownership, but that photos are real — not tampered with or AI-generated. At least, that’s the main selling point.

Although the CAI has been around since 2019, it’s adoption is far from widespread. Only a handful of programs support it, although this list includes Photoshop, and its unlikely anybody outside the professional photography space was aware of it until recently. This isn’t too surprising, as it really isn’t relevant to the casual shooter — when I take a shot to upload to Instagram, I’m rarely thinking about whether or not I’ll need cryptographic proof that the photo wasn’t edited — usually adding #nofilter to the description is enough. Where the CAI is supposed to shine, however, is in the world of photojournalism. The idea is that a photographer can capture an image that is signed at the time of creation and maintains a tamper-proof log of any edits made. When the final image is sold to a news publisher or viewed by a reader online, they are able to view that data.

At this point, there are two thoughts you might have (or, at least, there are two thoughts I had upon learning about the CAI)

  1. Do I care that a photo is cryptographically signed?
  2. This sounds easy to break.

Well, after some messing around with the CAI tools, I have some answers for you.

  1. No, you don’t.
  2. Yes, it is.

Continue reading “Falsified Photos: Fooling Adobe’s Cryptographically-Signed Metadata”