19 March 2016

HARRIS 'Citadel' cryptographic engine

This is a classic example of automatic aink setup (ALE) and subsequent traffic forward performed through the use of the well-known couple MS188-141A & MS188-110A Serial Tone: the calls in the play belongs to Romanian Military,  the trasmission has been caught on 8000.5 KHz on USB. Sorcerer decoder prints out the bitstream as it appears after having removed the "carrier" waverform MS188-110A (pic. 1).

pic. 1
The protocol used at Data Link layer is FED-1052 Appendix B,  the transferred files  are encrypted by the HARRIS "Citadel"  system encryption as revealed by the bitstream analyzer in pic. 2.

pic. 2

Some logs in the web report the pattern "]]]VVV" as a sort of footprint related to Citadel encryption: maybe this is right but I did not not find such pattern, or any particular sequence, in the ASCII output of this signal. So, as in the KG-84 encryption, I processed some bitstreams that exhibit the Citadel encryption just to find the its discriminating sequence and I think to have identified it in the 128-bit lenght pattern highlighed in pic. 3 and 4:

Pic. 3
Pic. 4
 Curiously, in some cases the first 64 bits of the pattern is repeated two times as visible in pic. 5:
Pic. 5
"The Citadel cryptographic engine provides military-grade encryption for non-Type 1 applications for U.S. and international users. It is approved for export with configurable key lengths and multiple algorithm options, making it an ideal encryption solution for a broad range of modern communications products. Citadel has three algorithm options: a standard Citadel high-grade algorithm; a Harris-configured, customer-unique Citadel algorithm; and a customer-configurable unique Citadel algorithm. All Citadel cryptographic algorithms are based on a mixed-mode, arithmetic block cipher and support both communications security and transmission security functions."


No comments:

Post a Comment