Communications > Computer COMSEC Lessons
Encryption - Do you Need it
Jackalope:
Well, to start with, I avoid the need for encryption by using meet space, as much as possible. I assume ALL internet and cell phone traffic is intercepted and analyzed. My gut feeling is that encryption will draw unwanted attention from the NSA and other alphabet agencies. Once that happens, then you will always be watched. One time pads would probably be a good way to get a message out(https://amrron.com/2018/03/18/amrron-dark-labs-otp/ ). If using a radio, a short one time burst using a digital mode on a pre-coordinated frequency with the frequency chosen in relation to expected propagation and distances involved. An armed courier is another alternative, but a courier can be intercepted as well. As I stated previously, the only sure method of communication is meet space, and then you have to be concerned about eavesdropping with sophisticated monitoring equipment. I'm also a firm believer in KISS, keeping everything as simple as possible leaves less room for errors.
In another life, I was a contractor, with the highest security clearance for some government agencies working primarily with data encryption. Even at the highest, most secure levels of encryption there were holes in the system. You need to have a plan in the event that your encryption is broken, be prepared. As an old school type of guy, I've always preferred a book cipher for encryption, as it is simple.
JohnyMac:
There is encryption that is 100% none breakable. I will give two examples.
Example 1
Using a Brevity matrix that changes by mission, month, or quarter is unbreakable for a period of time. Before a military team leaves the wire, part of the SOI (Standing Operation Instructions) would be a new Brevity Matrix for communicating from the field to the TOC (Tactical Operations Center). Now of course the TX (Transmitting) and RX (Receiving) teams have to have the same matrix.
Example II
Now take your Brevity Matrix and then transfer the verbiage to numbers like you might have done using the aforementioned shifted alphabet code. This use to be done by throwing 10 sided dice. You can only imagine how long that would take BUT this is strategy that can not be broken without the key.
If you do not want to roll 10-sided dice you can use what Jackalope suggested, a OTP (One Time Pad). I own one from Dark Labs and it is slick!
http://youtu.be/A26KeZ7nJZw
Thank you bennington.camper for pointing out my omission for the asterisk. I fixed it; However, you are 100% correct sending a coded message on a amateur radio frequency is a violation of 97.113 a 4 FCC Amateur Radio rules and regulations. I am not advocating breaking these rules BUT the FCC does a very poor job of monitoring the air waves. Case in point - Nellie Ohr (Fusion GPS), Bruce Ohr (#4 at the DOJ) wife was communicating with British spy Christopher Steele via ham radio and a Brevity Matrix. To learn more go here.
So a quick SALUTE (Size, Activity, Location, Unit, Time And Equipment) report on a previously agreed upon frequency at a agreed upon time, not using a station call sign or a fake one, would not be detected by anyone and could not be RDF'd. I confirmation could be given on a completely different band/frequency.
For you digital ladies and gentlemen, you could use digital encrypted with your Brevity Matrix and OTP key sent at the end of a BCC, RFA (Radio Free America), RFE (Radio Free Europe), et cetera and nobody would be the wiser.
By the way, this discussion would get you shot or at the minimum locked up, in many countries. Just think about it.
Now their was a comment from one of the folks about the need for encryption. I think it is imperative especially when "a" or "the" reset happens. We need folks around the country that can safely send accurate updates on what is happening in their AO (Area Of Operations) rather then only relying on the main stream media. A great example would be what is happening at the border with the caravan right now.
If you think my comments have merit, now is the time to practice not when the SHTF.
With that diatribe in the hopper, Jackalope what is "meet space"?
Double D:
I would say encryption is useful in pre and post SHTF periods. I have procured an ADL-1 and I am very impressed with its simplicity and function. I am producing OTP for practice use on alternative modes such as text and chat. It takes some practice to become proficient. The idea is to get like minded folks who you associate with up to speed. Meat-space is a great place to share those pieces of paper that need to be shared for this to work well. A code book would also be useful as JohnyMac describes.
From AMRRON, a good primer:
https://www.amrron.com/wp-content/uploads/2015/05/one_time_pad.pdf
A very useful link. I advise printing out in full:
http://citizenmilitem.com/wp-content/uploads/2015/05/SignalsVOL_1.pdf
Authenticating in a SHTF environment is vital. I discussed this with friends the other day. In certain situations, we would depart from amateur rules. We would need to clean up our digi modes by using tactical call signs, turning off PSKReporter and disconnecting from the internet entirely to maintain security.
It is not enough to assume others will not record a transmission. Although the mode we are using may not be identifiable immediately, once recorded it is available to be analyzed. It is possible to DF HF. Mobility would be necessary in certain circumstances.
Using encryption in email and for internet is almost always a good idea as long as we can legally do so. It is not at all certain this will remain the case.
For tactical radios, commercial options exist with some levels of encryption. Frequency hopping radios such as the Motorola DTR 550 provide excellent security against almost any listener without expensive .gov equipment. I use digital radios in my home set-up that few are going to be listening to and it is possible to select encryption modes on those as well.
On the other hand, encryption designates you as a target of interest. This is true on email and internet transmission. The use of TOR is one that gets noticed by ISPs. Anonymity is hard to come by. If you are trying to stay anonymous it is difficult but not impossible. Using chat apps like Signal is good trade craft but might indicate suspicious behavior to an adversary.
I use VPN for internet. My employer seems to have blocked this option recently.
Back to radio, encryption and comsec are good things. I need to practice more.
JohnyMac:
Holy Crap D2 great stuff!
Thanks for sharing :cheers:
zeerf:
:bravo: Great info and links D2, thank you!
Navigation
[0] Message Index
[*] Previous page
Go to full version