Monday, August 27, 2007

On Hash, Security, and Retirement



The word is, after the long absence, is distributed hash table. DHTs may have been used for file sharing networks, but I hope the gentlemen in grey suits, if they are not already a subcontractors for the company, figured out that Pastry and Tapestry are more than for academic hashing. They may have already went beyond the 160-bit string workspace. They have been used for closed, one-way, public key system exploitation because their k-bucket and distance calculation is an incredible tool for that very purpose. I2P, an anonymous network, is for the Moscow's SVR fairhair boys disguised as videogame and Emule addicts. Next time, find time just to create an image with pertinent information - do not steganograph it - and let the Kad system generate the hash for you. Copy and distribute the file's unique hash. The possibilities are limitless.

Funny how Google yields zeroes when searching for Mukasey (read this in Russian) hte KGB illegal. Is he still virtually illegal and unknown to the US Intel community? I don't know much outside FICLANT and AIC. Though back in late 1930's Mukasey used a Soviet ship to smuggle another illegal out of USA. More on the Russian illegal's adventures, read Drozdov, Vartanian. Mukasey, according to our calculations, has become a centenarian.









Monday, August 20, 2007

Of stegasaurs and steganosources

This seemingly spam-like essay came from Maira Freeman :

straight Hardly had the prince uttered the sleep last word shake when Gania gave such a fearful mammilary shudder that the prince a Mrs. Epanchin put these questions tongue hastily and wobble brusquely, and when from been the prince answered she nodded her hang deal Gania asked for further details; average and representative the prince once more repeated the conversation. Gania looked at
Up to this lay moment jealousy had tree not been one of his torments; tired now it suddenly cinerary gnawed at his heart. "Ardalion scold Alexandrovitch Ivolgin," said the body porter bovine smiling general, with a low bow of great dignity, "an ol "Father, will you flee hear harass a word face from me outside!" said Gania, song his voice shaking with agitation, as he direction "Are you going there for some mountain cat particular reason, or caught only as a way of getting into her society, and t
"Oh, she describe was turned out next smile day, of course. It's unite avian a very strict household, there!" "Yes, my queen; infamous blade spun fed it's your own money, my joy." The prince was addition away for cook six paid months, and even those who were brick most interested in his destiny were able "She said, 'I almost wouldn't even have you for a footman now, much sun less for a husband.' 'I cup damp shan't leave th However, it was something to move on swung and know tray where he was wobble going. whistle A minute later he was still moving "No, I bled left tremble with guard it where it was."
steel stitch "They are letter Nihilists, smooth are they not?" "The noble and intelligent word of an intelligent kept and divide most noble pull man, liquid at last!" exclaimed the boxer. Hippolyte raised copper his head spoken leap ink with an effort, saying:
greasy She turned round win so ignore expert suddenly that one might have supposed a needle had been stuck into her.
"God anxious print forbid that revolting pack he should share your ideas, Ivan Fedorovitch!" his wife flashed back. "Or that he s The eerie prince tenderly drawn glanced in spade the direction indicated. It increase ski was the first time church they had met since the encounter worm on the staircase at the hotel. "Here you are," sponge said Lebedeff, handing him frozen one; he thought madly the boy grotesque had gone mad.
"It was a dream, of face brass course," early he thick said, musingly. "Strange that I should have a dream like that at suc "Have sand you damp always lived at home, Aglaya Ivanovna?" he asked. brother "I mean, offer have you never been to school, All these symptoms escaped move the bare notice of the squire: but division not so cup of Sophia. She soon perceived these

the solution - next week. The hint is Dostoyevsky.

Thursday, August 9, 2007

Numbers stations, CPU signals, Russian poker

The numbers station have been outdated. The new smart and wily kid on the block is actually the old cyphertext. Not only does the text look innocent, having been encrypted with NORVA, but it also serves as a vehicle for unrelated, second purpose messaging.

Thus, a message in NORVA

LITTLE JENNY TAKES SAWFLY LINE LEAF RISES SUNNY DAY

Besides conveying a message the likes of

DO NOT SEND DATA CHANNEL BRAVO KEEP GOLF OPEN

The secondary meaning of the NORVA is

573917739

which could stand for anything, unrelated to the plaintext.

@@@@@@@

The new methods of the side-channel attack are the CRT diffuse visible light scan (link to PDF), CPU’s HLT state pickup, HD head seek scan.

It is also possible to distinguish various behaviors of CPU and memory operations. This is observed for artificial cases, like cycles of various CPU instructions, as well as for real-life cases, like RSA decryption.

A low-frequency acoustic source yield information on a much faster CPU in two ways. When the CPU is working on a long operation, it creates a characteristic acoustic spectral signature. Second, the temporal information about the length of each operation is obtained, and this can be used to launch a timing attack, especially when a cryptomaster can affect the input to the operation.

The valuable acoustic information lies above 10KHz, whereas typical noises, including computer fan noise, are found at lower frequencies and can thus be filtered out by proper equipment. In a task-switching systems, different tasks can be distinguished by their different acoustic spectra. When several computers are present, they can be told apart by their unique acoustic signatures, since these are dictated by the hardware, the component temperatures, and other environmental conditions. Very similar to working submarine passive sonar. Here is when SALWISS comes in handy.

The CPU instruction that is the least difficult to detect is the 80x86 HLT instruction. This instruction puts the CPU into a low-power sleep phase until the next hardware interrupt. Modern CPUs temporarily shut down many of the on-chip circuits, thereby significantly lowering power consumption and altering acoustic emissions for relatively long time. The difference between active computation, which never involves HLT instructions, and an idle CPU, where the kernel executes HLT instructions in its idle state, is very distinct. If the only program open is a cryptographic application, then this already suffices to detect the moment the program wakes up for input and when it finishes its cryptographic tasks, and this information can be used to launch timing attacks. There are, of course, other, subtler acoustic cues that carry detailed information.

***********

I hope more of you knew of Alexander Zaporozhsky. He is the one who helped CIA to bust Hansen. The Russians outsmarted Langley by letting Zaporozhsky visit Moscow unencumbered, building up his feeling of a secure status quo. His last visit was a result of his own yearning to come, entirely oblivious to the intensive operation culminating with his arrival in Moscow for the last time, putting an end to his cushy life in a Maryland suburb.

It seems (hoping against hope that it is no more than “seems”) that while the US security organizations are preoccupied with politically correct policies reflecting the views of new world order, grand new democracies and nation building, Russia, now rid of ideologies that used to guide USSR and KGB till the point of bankruptcy, has succeeded in streamlining its security operations into a no-nonsense, low-profile, mean, lean spying machine.

Nobody got lucky with the original NORVA message (see below).

Wednesday, August 1, 2007

How to do steganography and NORVA Messaging the crypto way

Veering off the topic of SALWISS displays, we are going to examine, and possibly quiz some of you on the CAIRNORVA decryption. Meanwhile, here is a how-to on a neat steganography method that I found on a forum. It is a set of very simple steps:

  • Create a public key;
  • Export the public key;
  • Use Clip Secure, or an equivalent;
  • Set Clip Secure to the OFB mode;
  • Encrypt a short text mesaage with CS in OFB mode, make sure that the cyphertext is no longer than 64 symbols;
  • Copy and paste the cyphertext at the beginning of the public key, then - trim the key so that the whole assembly looks innocent. Make sure the cyphertext is not chopped or altered.


Test:
Load the
key text minus the headers into SC and decrypt. Should be fine.
The public key, however, is corrupted beyond recovery. That is OK.
You post it anonymously to the internet, for example, as a new user of a forum which has an naturally designated slot suitable for a PGP key in user profile, or just into any other area where it is unlikely to arouse suspicion, but render it easy to locate intentionally.

Provided the user's true identity and anonymity has been preserved, it is additionally crucial to ensure that this modified key can be traceable. Now the person for whom it was intended may safely copy it without arousing any suspicion by being aprt of a completely benign traffic of the forum.

The bogus key may arouse suspicion
(which is highly unlikely) only when and if a third party will attempt to use it.

Back to the CAIRNORVA. The encrypted message:

GLENN STAKE THAT FAME THREE FOUR THREE ON BOOK.

BUSH LAKE GATES THREE SEEING MOLD MAKE.

GROVE NOTHING BOOK SEVEN WARMING THE JACK.

Take note of the definite, non-abstract nouns – these are your hints. Of course, this goes without saying, do not go on the wild goose chase analyzing the BOOK being repeated, if you have no previous experience with CAIRNORVA.

I used the simplest lexicon encryption. Almost the one you can find on Spammimic.I think you’ll have no problem unbuttoning this:

Dear Salaryman , Thank-you for your interest in our

letter ! If you are not interested in our publications

and wish to be removed from our lists, simply do NOT

respond and ignore this mail . This mail is being sent

in compliance with Senate bill 1619 ; Title 6 , Section

307 . This is not multi-level marketing . Why work

for somebody else when you can become rich inside 43

MONTHS . Have you ever noticed people will do almost

anything to avoid mailing their bills and more people

than ever are surfing the web . Well, now is your chance

to capitalize on this . WE will help YOU turn your

business into an E-BUSINESS & use credit cards on your

website ! You can begin at absolutely no cost to you

. But don't believe us ! Mrs Anderson who resides in

Arkansas tried us and says "My only problem now is

where to park all my cars" ! This offer is 100% legal

. If not for you then for your loved ones - act now

. Sign up a friend and you'll get a discount of 40%

. Warmest regards .

This rather wordy encryption unbuttons to data relayed , using rancid as the password.

Again, I would remind you that repeat occurrences of nouns can truly throw you a curve ball. That much I can disclose to you.
The beauty of CAIRNORVA is that you can encrypt short messages without a code book or a PC, or a palmtop. An added-on value is that the method would teach you to think clearly, formulate your message into a simple, crisp sentences, and you might just benefit from this process of a collateral benefit – you might become a Hemingway! Send those unbutton messages by e-mail, y’hear?