Monday, August 27, 2007
On Hash, Security, and Retirement
The word is, after the long absence, is distributed hash table. DHTs may have been used for file sharing networks, but I hope the gentlemen in grey suits, if they are not already a subcontractors for the company, figured out that Pastry and Tapestry are more than for academic hashing. They may have already went beyond the 160-bit string workspace. They have been used for closed, one-way, public key system exploitation because their k-bucket and distance calculation is an incredible tool for that very purpose. I2P, an anonymous network, is for the Moscow's SVR fairhair boys disguised as videogame and Emule addicts. Next time, find time just to create an image with pertinent information - do not steganograph it - and let the Kad system generate the hash for you. Copy and distribute the file's unique hash. The possibilities are limitless.
Funny how Google yields zeroes when searching for Mukasey (read this in Russian) hte KGB illegal. Is he still virtually illegal and unknown to the US Intel community? I don't know much outside FICLANT and AIC. Though back in late 1930's Mukasey used a Soviet ship to smuggle another illegal out of USA. More on the Russian illegal's adventures, read Drozdov, Vartanian. Mukasey, according to our calculations, has become a centenarian.
Monday, August 20, 2007
Of stegasaurs and steganosources
the solution - next week. The hint is Dostoyevsky.
Thursday, August 9, 2007
Numbers stations, CPU signals, Russian poker
The numbers station have been outdated. The new smart and wily kid on the block is actually the old cyphertext. Not only does the text look innocent, having been encrypted with NORVA, but it also serves as a vehicle for unrelated, second purpose messaging.
Thus, a message in NORVA
LITTLE JENNY TAKES SAWFLY LINE LEAF RISES SUNNY DAY
Besides conveying a message the likes of
DO NOT SEND DATA CHANNEL BRAVO KEEP GOLF OPEN
The secondary meaning of the NORVA is
573917739
which could stand for anything, unrelated to the plaintext.
It is also possible to distinguish various behaviors of CPU and memory operations. This is observed for artificial cases, like cycles of various CPU instructions, as well as for real-life cases, like RSA decryption.
A low-frequency acoustic source yield information on a much faster CPU in two ways. When the CPU is working on a long operation, it creates a characteristic acoustic spectral signature. Second, the temporal information about the length of each operation is obtained, and this can be used to launch a timing attack, especially when a cryptomaster can affect the input to the operation.
The valuable acoustic information lies above 10KHz, whereas typical noises, including computer fan noise, are found at lower frequencies and can thus be filtered out by proper equipment. In a task-switching systems, different tasks can be distinguished by their different acoustic spectra. When several computers are present, they can be told apart by their unique acoustic signatures, since these are dictated by the hardware, the component temperatures, and other environmental conditions. Very similar to working submarine passive sonar. Here is when SALWISS comes in handy.
The CPU instruction that is the least difficult to detect is the 80x86 HLT instruction. This instruction puts the CPU into a low-power sleep phase until the next hardware interrupt. Modern CPUs temporarily shut down many of the on-chip circuits, thereby significantly lowering power consumption and altering acoustic emissions for relatively long time. The difference between active computation, which never involves HLT instructions, and an idle CPU, where the kernel executes HLT instructions in its idle state, is very distinct. If the only program open is a cryptographic application, then this already suffices to detect the moment the program wakes up for input and when it finishes its cryptographic tasks, and this information can be used to launch timing attacks. There are, of course, other, subtler acoustic cues that carry detailed information.
***********
I hope more of you knew of Alexander Zaporozhsky. He is the one who helped CIA to bust Hansen. The Russians outsmarted Langley by letting Zaporozhsky visit Moscow unencumbered, building up his feeling of a secure status quo. His last visit was a result of his own yearning to come, entirely oblivious to the intensive operation culminating with his arrival in Moscow for the last time, putting an end to his cushy life in a Maryland suburb.
It seems (hoping against hope that it is no more than “seems”) that while the US security organizations are preoccupied with politically correct policies reflecting the views of new world order, grand new democracies and nation building, Russia, now rid of ideologies that used to guide USSR and KGB till the point of bankruptcy, has succeeded in streamlining its security operations into a no-nonsense, low-profile, mean, lean spying machine.
Wednesday, August 1, 2007
How to do steganography and NORVA Messaging the crypto way
Veering off the topic of SALWISS displays, we are going to examine, and possibly quiz some of you on the CAIRNORVA decryption. Meanwhile, here is a how-to on a neat steganography method that I found on a forum. It is a set of very simple steps:
- Create a public key;
- Export the public key;
- Use Clip Secure, or an equivalent;
- Set Clip Secure to the OFB mode;
- Encrypt a short text mesaage with CS in OFB mode, make sure that the cyphertext is no longer than 64 symbols;
- Copy and paste the cyphertext at the beginning of the public key, then - trim the key so that the whole assembly looks innocent. Make sure the cyphertext is not chopped or altered.
Test:
Load the key text minus the headers into SC and decrypt. Should be fine.
The public key, however, is corrupted beyond recovery. That is OK.
You post it anonymously to the internet, for example, as a new user of a forum which has an naturally designated slot suitable for a PGP key in user profile, or just into any other area where it is unlikely to arouse suspicion, but render it easy to locate intentionally.
Provided the user's true identity and anonymity has been preserved, it is additionally crucial to ensure that this modified key can be traceable. Now the person for whom it was intended may safely copy it without arousing any suspicion by being aprt of a completely benign traffic of the forum.
The bogus key may arouse suspicion (which is highly unlikely) only when and if a third party will attempt to use it.
GLENN STAKE THAT FAME THREE FOUR THREE ON BOOK.
BUSH LAKE GATES THREE SEEING MOLD MAKE.
GROVE NOTHING BOOK SEVEN WARMING THE JACK.
Take note of the definite, non-abstract nouns – these are your hints. Of course, this goes without saying, do not go on the wild goose chase analyzing the BOOK being repeated, if you have no previous experience with CAIRNORVA.
I used the simplest lexicon encryption. Almost the one you can find on Spammimic.I think you’ll have no problem unbuttoning this:
Dear Salaryman , Thank-you for your interest in our
letter ! If you are not interested in our publications
and wish to be removed from our lists, simply do NOT
respond and ignore this mail . This mail is being sent
in compliance with Senate bill 1619 ; Title 6 , Section
307 . This is not multi-level marketing . Why work
for somebody else when you can become rich inside 43
MONTHS . Have you ever noticed people will do almost
anything to avoid mailing their bills and more people
than ever are surfing the web . Well, now is your chance
to capitalize on this . WE will help YOU turn your
business into an E-BUSINESS & use credit cards on your
website ! You can begin at absolutely no cost to you
. But don't believe us ! Mrs Anderson who resides in
Arkansas tried us and says "My only problem now is
where to park all my cars" ! This offer is 100% legal
. If not for you then for your loved ones - act now
. Sign up a friend and you'll get a discount of 40%
This rather wordy encryption unbuttons to data relayed
Again, I would remind you that repeat occurrences of nouns can truly throw you a curve ball. That much I can disclose to you.
The beauty of CAIRNORVA is that you can encrypt short messages without a code book or a PC, or a palmtop. An added-on value is that the method would teach you to think clearly, formulate your message into a simple, crisp sentences, and you might just benefit from this process of a collateral benefit – you might become a Hemingway! Send those unbutton messages by e-mail, y’hear?