Re: Did Hezbollah use SIGINT against Israel?

2006-09-22 Thread James A. Donald

--
Steven M. Bellovin wrote:
 That isn't supposed to be possible these days...  (I
 regard it as more likely that they were doing traffic
 analysis and direction-finding than actually cracking
 the ciphers.)

Ciphers cannot be cracked when used correctly.  However,
military cipher procedures are often highly user
unfriendly, and in consequence seldom used correctly.
Come to think of it, we have the same problem on the
internet.

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 c/n1W5sl/AyzClfoXunWJSJOHHUhW1DmgUQG8ZC3
 4TpD3sBZLjv0gUHYB2nlyeJ6n8hZV0ZQ0ET1/zHLL

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Did Hezbollah use SIGINT against Israel?

2006-09-22 Thread Travis H.

On 9/20/06, Leichter, Jerry [EMAIL PROTECTED] wrote:

Newspaper reports have claimed that many troops were sent into the
field with old equipment - including in particular 10+-year-old
communications equipment.


The Single Channel Ground and Airborne Radio System was designed in the 80's:

http://www.fas.org/man/dod-101/sys/land/sincgars.htm

I don't know the hop frequency, but it's probably smaller than modern
standards (could
possibly be followed with real-time tracking), it probably uses a
manually-entered seed to
generate a hop sequence, the PRNG that stretches the seed is probably
not secure any
more, and the input space is probably searchable by now in a
reasonable amount of time.

Further, once broken with some expensive hardware (maybe a
custom-designed SIGINT SDR), they could program much cheaper units to
follow the sequence until the Israelis
re-keyed.

Just my total guess.
--
On the Internet noone knows you're a dog - except Bruce Schneier.
Unix guru for rent or hire -- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Did Hezbollah use SIGINT against Israel?

2006-09-22 Thread Thomas
  (I regard it as more
  likely that they were doing traffic analysis and direction-finding than
  actually cracking the ciphers.)
 
 IIUC, spread-spectrum communication is not much stronger than the
 background noise, and thus the traffic analysis is not that easy
 either.

We can just speculate here, a practice I dislike, but for fun (hey
today is Friday :) ) I'll add my 2 cent here too.

My first thought while reading this article was: the seed!

One thing I assume is that they did not break a cipher, even if
the radio equipment uses DES with 56-bit keys I doubt they had
broken it and can break it in real-time on the battle field.

All they say is that they can now coordinate their anti-tank forces
better because they know where Israeli tanks will appear on the battle
field.
This can be done with traffic monitoring and some simple math. formulas
to calculate the directions the tanks drive, plus their distance, and
a lower bound of the number of tanks (at least all communicating peers).

But today military radio eq. use frequency hoping based on a PRNG. This
PRNG is the same in every device and needs the same seed to hop to the
right frequency at the right time.

In the last few weeks during the fights the Hezbollah must be able to
capture zillions of messages which all use the same freq. at the same
time. Maybe they did some statistical magic and were able to guess the
seed of the PRNG based on their observations. Or maybe they get access
to a radio device and were able to reverse engineer the PRNG (or just
connect the radio device to a capture device that uses the freq. the
radio device will use). Or maybe it is just the usual war hoax blah blah,
who knows. :)

Whatever... 

Freq. hoping should protect against jamming only if I remember
correctly. So if I were able to reproduce the PRNG's seed I would use it
to disable the communication between troops during an attack and don't
just do traffic analysis with it. The same result can be accomplished
by let some guys sit in the trees with a spyglass, a compas, and a CB
radio device. ;)

Have a nice weekend,
Thomas






-- 
Tom [EMAIL PROTECTED]
fingerprint = F055 43E5 1F3C 4F4F 9182  CD59 DBC6 111A 8516 8DBF

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Did Hezbollah use SIGINT against Israel?

2006-09-21 Thread Leichter, Jerry
| 
http://www.newsday.com/news/printedition/stories/ny-wocode184896831sep18,0,7091966,print.story
| 
| That isn't supposed to be possible these days...  (I regard it as more
| likely that they were doing traffic analysis and direction-finding than
| actually cracking the ciphers.)
Newspaper reports have claimed that many troops were sent into the
field with old equipment - including in particular 10+-year-old
communications equipment.  Something that was fielded in 1996 was
likely designed using the technology of the early '90's.  Portable
communications equipment built with that technology is probably not
secure today.
-- Jerry


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Did Hezbollah use SIGINT against Israel?

2006-09-21 Thread Alexander Klimov
On Wed, 20 Sep 2006, Steven M. Bellovin wrote:
 http://www.newsday.com/news/printedition/stories/ny-wocode184896831sep18,0,7091966,print.story

 That isn't supposed to be possible these days...

It is not clear that with modern technology interception is
impossible, at least during Second Gulf War the reports about
SIGINT against US were quite convincing:

 http://www.google.com/search?q=iraq+radio+intercept


 (I regard it as more
 likely that they were doing traffic analysis and direction-finding than
 actually cracking the ciphers.)

IIUC, spread-spectrum communication is not much stronger than the
background noise, and thus the traffic analysis is not that easy
either.

My guess that at least some information was leaked due to cellular
phones (the solders were routinely calling their families).

Besides radio transmissions, the official said Hezbollah also
 monitored cell phone calls among Israeli troops. But cell phones are
 usually easier to intercept than military radio, and officials said
 Israeli forces were under strict orders not to divulge sensitive
 information over the phone.

Even if one don't care what was said over the phone, a lot of
information can be extracted from mere location of a phone
(especially, if one knows the owner of each phone):

Israeli officials said the base also had detailed maps of northern
 Israel, lists of Israeli patrols along the border and cell phone
 numbers for Israeli commanders.

-- 
Regards,
ASK

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Did Hezbollah use SIGINT against Israel?

2006-09-20 Thread Steven M. Bellovin
http://www.newsday.com/news/printedition/stories/ny-wocode184896831sep18,0,7091966,print.story

That isn't supposed to be possible these days...  (I regard it as more
likely that they were doing traffic analysis and direction-finding than
actually cracking the ciphers.)

--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]