25 May 2018

NATO naval broadcast and KW-46 encryption

This post follows up and completes the one of Christoph where he noticed the presence of LFSR delimited 7-bit frames in STANAG-4285 payloads. 
Given that: 

1) the HF waveform STANAG-4285 is largely used for NATO naval broadcasts;

2) the markers consist of the bits of pseudo-random sequence generated by the polynomial x^31+x^3+1, as specified by STANAG-5630 and already seen in FSK 50Bd/850;

3) those bits (termed "Fibonacci bits") are used by KW-46 cryptographic equipment to provide  synchronization; 

we can assume that NATO naval broadcasts are secured with KW-46 encryption. 

We analyzed several STANAG-4285 transmissions in both 600L and 1200L sub-modes picked up in well-known frequencies belonging to British, Danish, Dutch, French, German, Norwegian and Spanish Navy as (frequency USB/S4285 sub-mode):
05361.8/600L
07554.6/1200L
08170.2/600L
08408.2/600L
08612.2/600L
09095.0/1200L
10186.2/1200L
10264.1/1200L
10733.3/600L
11538.3/600L
12958.3/600L
13057.7/600L
13410.1/1200L 

and in all we verified the presence of the Fibonacci bits.

STANAG-4285 bitstreams after deinterleaving and convolutional decoding
Fibonacci bits (before descrambling) 


By the way, NATO naval broadcast consists of a continuous coded stream of data which is typically be transmitted over multiple HF frequencies at the same time, providing an uninterrupted data flow from shore to ships. In the absence of messages to be transmitted, "jam" messages (pseduo-random chars) is injected into the data stream.

28 May update
NATO RATT (4481-F) 75Bd/850, same story as above, ie:
"taps" 1000000000000000000000000000100 = polynomial x^31+x^3+1 = KW-46 encryption. 
This stream has been processed using Octave scripts and Christoph's C++ code.



 

No comments:

Post a Comment