Re: Satellite eavesdropping of 802.11b traffic
On May 27, 2004, at 12:35 PM, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? Is there some simple reference that would easily let me figure out whether transmitters at a given power are in danger of eavesdropping by satellite? If you assume a perfect vacuum (and note that the athmosphere is fairly opaque at 2.4 Ghz) and perfect antenna's etc - then the specific detectivity needed in space suggests a not unresonably sized (m2's) and cold antenna (below 180k) by very resonably NEP which is commercially available. Given the noise from the earth background (assuming a black body radiator) at 2.4, the Sun and the likelyhood that that largish antenna catches a fair chunk of exactly that then you are at the edge of what would be realistic. However with some clever tricks and processing, like a phase array, you certainly should be able to at least detect that short (1-2mseconds) 100Khz wide 2.4Ghz transmisison at 0.1 watt is happening - assuming you know where to look. Listening in over a country-sized swath over a prologned periods of time is an entirely different story. Given that you then need to be at least 3-4 order's of magnitude better - and that you only get at best square root when increase the easy things like detector size etc, at best - my guess would be that some flying or earthbound is a heck of a lot cheaper and more realistic. There are some good papers on Lidar and Radar detections of clouds in the 3Ghz range at 12km which should give you more of an idea of the spatial resolution you could accomplish. When looking at these - bear in mind that the 2-3kWatt used is reflected by the ice particles - so what gets back is 30-40dBZ less - and that you can use a phased locked loop amplifier easily. Dw - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Satellite eavesdropping of 802.11b traffic
Why worry about satellites when car/plane/neighbor unpiloted remote controlled airplanes work so well? You're free-radiating electronic emissions. That's all a determined adversary needs. Or an opportunistic war-driving script-kiddie, for that matter. John Kelsey [EMAIL PROTECTED] 5/27/2004 12:35:00 PM Guys, Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? Is there some simple reference that would easily let me figure out whether transmitters at a given power are in danger of eavesdropping by satellite? Thanks, --John - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Satellite eavesdropping of 802.11b traffic
R. A. Hettinga At 12:35 PM -0400 5/27/04, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? It seems to me that you'd need a pretty big dish in orbit to get that kind of resolution. The Keyholes(?) are for microwaves, right? Cheers, RAH I don't claim great expertise, but 802.11b/g operates in the microwave range - My home net falls over every time my kid heats up a burrito (It comes right back, though). GSM phones run at a MAX of 0.25 watts (GSM900) or 0.125 watts (GSM1800), but it is normal for the power used to be one hundredth of this maximum or less. However, the base stations are much more powerful - 50 watts. I suspect the spy-from-orbit stuff looks at this, not the phone transmitter. 802.11b/g typically runs around 0.1 watt, and there is no high-power base station. If this is the case, then the power in an 802.11b/g net is 1/500th of that for GSM phones - which seems to fit in with the difference in range. Phones operate with kilometers to the base station, while 802.11b/g is lucky to cover a whole house. A big antenna would obviously be a lot of help, but a smaller one a lot closer would be better. If you insist on listening from orbit, geosync is probably not the way to go - you'd want something like the Iridium constellation of low-orbit sats (600 miles up). Clarke orbit (geosync) is about 35800 km up. You'd get a 10,000 fold advantage by putting your spysats at only 358km. I suspect that eavesdropping on 802.11b/g from orbit is pretty hard. The power levels are very low, and there may be several nets running on the same channel within a satellites' antenna footprint. My summary: Very tough. Probably not impossible. Peter - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Satellite eavesdropping of 802.11b traffic
At 9:19 PM -0400 5/27/04, Perry E. Metzger wrote: R. A. Hettinga [EMAIL PROTECTED] writes: At 12:35 PM -0400 5/27/04, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? It seems to me that you'd need a pretty big dish in orbit to get that kind of resolution. The Keyholes(?) are for microwaves, right? Dunno if it would work in orbit,, but you can get surprising results right here on earth using phased arrays. Vivato is selling very long range phased array equipment as long range/high quality 802.11 basestations, but you could do precisely the same trick to eavesdrop instead of to communicate. With enough computing power, one device could listen in on every 802.11 communication in a very large radius. I don't know how practical it would be to set up some sort of large scale phased array in orbit -- I suspect the answer is not practical at all -- but the principle could apply there, too. I would say quite practical. A huge advantage for the attacker is that 802.11b/g is in a fixed frequency band. A half-wave dipole is 6.25 cm long. A large phased array could be assembled out of printed circuit board tiles, each with many antennas. The outdoor range for 802.11 is up to 100 m. Low earth orbit is about 150 km. That is a factor of 1500. Power attenuation is the square of that, which works out to a 64 db loss. Throw in another 10 db for slant range, building attenuation, etc. The loss has to be made up by a combination of antenna gain, improved receiver performance and better signal processing. That doesn't sound undoable. A single LEO satellite would only have a few minutes of visibility per day over any one location on Earth. That suggests an active attack, where the satellite looks for files or even changes data. The satellite's ability to transmit at much higher power levels is an advantage. A third option is spot jamming. Here high power means one can get away with a smaller antenna, perhaps wrapped around a cheaper spin stabilized satellite. Such a system could be used to briefly disable 802.11-based security systems, perhaps allowing a spy to gain access to a building. Other interesting possibilities include long endurance remotely-piloted aircraft, balloons and small receiving stations that could be planted by spies or even parachuted into position. I'm sure 802.11 has given the SIGINT community much joy. Arnold Reinhold - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Satellite eavesdropping of 802.11b traffic
On Fri, May 28, 2004 at 01:19:15PM -0500, Matt Crawford wrote: Don't dismiss possibilities for wireless data eavesdropping without considering the possibilities of this new chip http://pr.caltech.edu/media/Press_Releases/PR12490.html and its friends http://www.chic.caltech.edu/ If you want to fly a LEO constellation of them, you need a very sparse structure (or a huge density of pongsats, which doesn't agree with observations). -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpjSdYUSaXAn.pgp Description: PGP signature