18 March 2024

3G-HF Fast Traffic Manager (FTM) at work

This sample provides an example of the use of 3G-HF (STANAG-4538) Fast Traffic Manager (FTM) protocol, which is sometimes referred to as simply FLSU (Fast Link SetUp). More precisely, FLSU is used to set up links, and it includes the traffic type that will be used immediately after the link set up is complete; FTM is used after the FLSU for cases in which the traffic type needs to be changed, or to negotiate channel access among linked stations.
As stated in S-4538 Annex-C Edition1 Amendment2, if a link has been established for delivery of packet traffic using the HDL+ data link protocol (BW7), all FTM and FLSU Protocol Data Units (PDUs) transmitted for the remaining duration of the packet link shall be transmitted using the BW6 burst waveform: thus, since the use of BW6, the link was initialized for HDL+ protocol. But, as you can see in Figure 1, at some point an FTM negotiation causes the change of the traffic type: from HDL+  (BW7 waveform) to LDL (BW3 waveform).

Fig. 1 - traffic type change

It's worth noting the use of BW4 waveform bursts after LDL data delivery, it's requested by the #4.6.5 Dual Demodulation condition: "Under no circumstances shall stations be required to simultaneously demodulate more than two waveforms. Any scenario requiring more than dual-demodulation is either an error in the specification or an error in interpretation" (1).

 
By the way, the BW3 burst transports a L3Harris "Citadel" encrypted message (Figure 2).

Fig. 3

https://disk.yandex.com/d/YCupV-cFBXOmqQ

(1) HDL+ states is missing in the Table 4.6.5-1: however, since BW6 burst waveform is used for Ack/EOM/Term messages, Master and Slave stations expect to receive a BW6 or a BW7 waveform.

26 February 2024

(unid) synchronous transfer protocol over MS-110A & FED-1052 DLP

Durings the last few days I have monitored the frequency 7762.0 KHz/U and collected very interesting recordings of transmissions regarding a (possible) synchronous transfer protocol which sits at a higher layer than the datalink one. All transmissions use MS-110A as the HF waveform and most of them use FED-1052 App.B as Data Link Protocol (DLP)(1): Figure 1 is an example in this regard. Since the use of FED-1052 DLP, the HF waveform could likewise be FED-1052 serial (single-tone) given that the two waveforms are interoperable. Links are performed using 2G-ALE handshakes (MS-141A), logged callsigns are K01, k02, K03, K08, K13, and K14. 

Fig. 1

1. The demodulated bitstreams of the first four Tx segments ("A" in Figure 1) have a common 26-byte (10+16) length initial sequence which may be seen as consisting of the two Hex strings/sequences shown in Figure 2:

[16 16 16 16 16 16 16 16 16 16] [8E 5C 0B AA 97 30 56 E6 93 A2 B3 FB 6D 1A E2 01] 

Fig. 2 - initial Hex sequences

The two initial strings are followed by an apparently random 224-bit/28-byte sequence which is 3 times repeated: that sequence is unique for each Tx segment so that it could be an Initialization Vector (IV): the repetitions are indeed a good clue (Figure 3):

[54 6A 59 86 D8 0D 5E EE 94 AF B7 25 C1 DB 44 A8 BF 4B F9 DF AF F4 BF 1D 94 F9 6D 3F]
[FA D6 B4 C8 3D 50 BA 06 F1 E7 4C 22 02 A5 86 48 F9 6D AA 76 29 3C 0A E0 51 E8 61 FF] 
[58 FC 4A D4 09 C2 82 9B 75 93 16 2D 8A 11 B1 D3 8A DE F1 55 79 2E 52 E1 53 02 E2 B5]
[A7 55 A7 B1 8E E9 68 96 84 DF 57 FA AF A2 09 E9 EA DB D5 53 16 9F 20 E7 93 75 24 86]

Fig. 3 - 28 bytes sequences

The bitstreams end with a 20-byte string of 0x16, just the double of the length of the initial 0x16 sequence:

[16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16]

Fig. 3 - ending Hex sequences

Since these Tx segments are sent using the 2400bps/voice mode, the data blocks between the (presumed) IVs and and the ending sequences could consist of secure digital voice. The Shannon entropy value computed on data blocks (7.792888420337759) could suggest encrypted or compressed files. Just to be thorough, I thought about checking whether the repeated 28-bytes sequences were SHA-224 digests (64 rounds, by default) of the following data blocks, but the results did not confirm this hypothesis.

2. The bitstreams resulting after demodulating the other 12 Tx segments ("B" in Figure 1) are recognized as FED-1052 App. B "DLP Data Link Protocol" frames (also known as HF Data Link Protocol, HFDLP). Quoting FED-1052 standard #50.1.1.1 Frame sync pattern:  Each new transmission over the physical channel shall begin with a three byte (24-bit) frame synchronization pattern to identify the following traffic as DLP processed traffic. The frame synchronization sequence in hexadecimal format, shall be "5C5C5C". The sync pattern shall be transmitted such that the first eight bits in order of transmission are "00111010" (see Figure 4).

Fig. 4 - FED-1052 DLP sync patterns

Looking at the Source and Destination Address fields (2) in the hexdumps of Figure 5, it's possible to see the exchanges of DLP frames between the addresses 03 (0x3330, ASCII 30) and 01 (0x3130, ASCII 10): forward and reverse directions are due to the ARQ feature of DLP protocol. Notice that the DLP addresses 01 and 03 match the ALE callsigns K01 and K03 used during the link setup process (Figure 5).

Fig. 5 - DEF-1052 DLP frames exchanges

More precisely, each DLP transfer consists of 3 frames (Figure 6):  the first is a data frame (bytes block delimited by 0x16) while the 2nd and 3th are control frames.

Fig. 6

DLP data frames consist of 56-bytes "packages", thus the re-assembly process produces files that have lengths in multiples of 56 (112, 168, 224, ...). By the way, packages are the result of a "fragmentation" of messages received from the user (or from a higher-layer protocol).

The small files resulting after the re-assembly process (and the removal of FED-1052 DLP overhead) are not in clear-text... and here things get interesting. 

The files start with a common 18-byte (10+8) sequence which may be seen as consisting of two Hex strings:

[16 16 16 16 16 16 16 16 16 16] [DF 73 0D 1D 5B 22 53 81]

and term with the 20 bytes Hex sequence:

[16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16] 

Also in this case, the ending 0x16 sequence is the double of the length of the initial 0x16 sequence (Figure 7):

Fig. 7

The 0 value bytes are padding bytes added to the last package to obtain the 56-byte size: it can easily be verified for each packet by subtracting the "data" bytes from the "received" ones. Quoting FED-1052 standard #50.4.3.1.2: All data frames shall be of the same size [...] this implies that the last data frame of a message may need to be padded with fill bits. The receive terminal will use the transmit message size information to determine where the message is to be truncated in order to remove the fill bits from its output data stream. The 16-bit graphic rapresentations are shown in Figure 8.

Fig. 8

 
Data consist of a few bytes, I do not think they are compatible with digital voice or "informal messages", maybe they are numerical data even if some format does not emerge.

3. I know that 0x16 is the <SYN> "Synchronous Idle" (TC9) ASCII control character. It is used in synchronous transmission systems to provide a signal from which synchronous correction may be achieved between data terminal equipments, particularly when no other character is being transmitted. The SYNC char was also used in syncrhonous modems at start and end of info blocks. So, the initial sequences of SYNC make me think of a kind of "synchronous transfer protocol" sitting at higher-layer.
Moreover, from the bitstreams analysis, it seems to me that the protocol is used to send different type of data and in different modalities: some types of data (Tx segments "A" in Figure 1) are forwarded directly to the MS-110A/FS-1052 modem, other types of data (Tx segments "B" in Figure 1) are first managed by FED-1052 DLP and then forwarded to the MS-110A/FS-1052 modem. Maybe the two initial strings announce the type of the following data blocks, but it's only a my guess.

By the way, the long durations of the 2G-ALE scanning call provide some indications about the number of the available channels: assuming full compatibility(!) with MS-141, the collected scan lists should be >= 20 channels (3). User should be Dutch MIL... but it's not confirmed.

Fig. 9 - 2G-ALE MS-141 scan call

 

https://disk.yandex.com/d/CrXu2QY4-AP9vQ 

(1) The HFDLP is a selective repeat ARQ protocol with the ability to adaptively vary several parameters in response to changing channel conditions. A transmission usually consists of a data series, containing several data frames, or a single control frame. Every frame contains a CRC. Before data transfer commences, HFDLP terminals exchange control frames to negotiate the number of data bytes per data frame (56 to 1023), the number of data frames per data series (1 to 255), and a few other characteristics of the data transfer procedure.

(2) As per FED-1052 standard, Source Address and Destination Address fields are restricted to two bytes each, LSB first. 

(3) 188-141 A.5.5.3.1 "If the called station (JOE) is known to be listening on the chosen channel (not scanning), the calling station (SAM) shall transmit a single-channel call that contains only a leading call and a conclusion (see upper frame in figure A-29). Otherwise, it (SAM) shall send a longer calling cycle that precedes the leading call with a scanning call of sufficient length to capture the called station’s receiver as it scans (lower frame in figure A-29). The duration of this scanning call shall be 784ms for each channel that the called station is scanning.

20 February 2024

KW-46 secured fleet broadcast over S-4285 in ISB mode (Humpty Doo, MHFCS)

Interesting fleet broadcast from the MHFCS (Modernised High Frequency Communications System) site in Humpty Doo, Northern Territory - Australia. The transmissions use STANAG-4285 600bps/L in ISB mode and are audible on 11145.0 KHz (Figure 1).

Fig. 1

Bitstream of the LSB channel (Figure 2) is a "classic" broadcast which is encrypted using KW-46 (or compatible) cipher device given the presence of the m-sequence generated by the polinomyal x^31 + x^3 +1 (KW-46T uses that M-sequences to synch the KW-46R receive devices).

Fig. 2 - bitstream of the LSB channel

The bitstream of the USB channel is more interesting since it consists of 12-bit strings where all the bits have the same logical value, likely originated by the GA-205 12-channel time division multiplexer: I already met such signal some years ago [1] but that time from the "Naval Communication Station Harold E. Holt" (NCS HEH) 6 km north of Exmouth. USB channel too transports a KW-46 secured traffic: as shown in Figure 3, I filtered out 11 channels and reshaped a single "column" into a 7-bit pattern then I successfully checked the presence of the x^31 + x^3 +1 m-sequence.

Fig. 3 - bitstream of the USB channel

As said, in this case the transmission is source by a Tx located in Humpty Doo, Northern Territory Australia.

Fig. 4 - DirectionFinding results (TDoA algorithm)
 

https://disk.yandex.com/d/cd6YKgpc18NPrw

[1] http://i56578-swl.blogspot.com/2019/05/kw-46kiv-7m-secured-fleet-broadcast.html


1 February 2024

MIL 188-220 App.D (Combat Net Radio) compliant transmissions in HF band

MIL-STD 188-220 suite (here indicated as MS-220D) was developed to meet the requirements for mobile Combat Net Radios (CNR) such as SINCGARS (Single Ground and Airborne Radio System) or more recent JTRS (Joint Tactical Radio System). The radios can handle voice and data communication, both secure and non-secure. SINCGARS radios work in the lower VHF band (30 to 88 MHz), with 25 kHz channel spacing and can operate on a single channel as well as in Frequency Hopping mode (FH). It's therefore rather rare to find transmissions in HF that use this protocol suite, especially in the low HF band (7 MHz)... but it may happen. Indeed, I was lucky enough to catch such transmissions on the same day (1030Z and 1058Z) on 7510 KHz/U (and it's not the first time it occurs).
The transmissions under consideration (Figure 1) are in STANAG-4538 "circuit service" mode, where link setup is performed by FLSU request/confirm exchanges (BW5 bursts) and MIL-STD 188-110A is the used traffic waveform.

Fig. 1 - STANAG-4538 Circuit Service mode

Appendix D of of MIL-STD-188-220 regards Communications Security Standards (COMSEC) and describes the requirements of the transmission frame structure when link encryption is provided by "external COMSEC" (traditional COMSEC) or by "embedded COMSEC" devices. The demodulated bitstreams perfectly fit the COMSEC preamble for external COMSEC (Figs. 2,3), ie when link encryption is provided by external devices.

Fig. 2 - Traditional COMSEC transmission frame structure (FIGURE D-1, MS-220D)


Fig. 3 - The COMSEC preambles of the demodulated bitstreams

Bit Synchronization subfield is used to provide a signal for achieving bit synchronization and for indicating activity on a data link to the receiver.  The  subfield consists of the data-rate clock signal, a string of alternating ones and zeros.

Frame Synchronization subfield is used to provide a framing signal indicating the start of the encoded MI (Message Indicator) to the receiving station. As for MS-220D "this subfield shall be 465 bits long, consisting of 31 Phi-encoded bits (1 encoded bit = 15 bits). The Phi patterns are a method of redundantly encoding data bits, a logical 1 data bit shall be encoded as Phi(l)=111101011001000, and logical 0 data bit shall be encoded as Phi(0)=000010100110111. A simple majority voting process may be performed at the receiver to decode the Phi-encoded frame pattern to its original format". Figure 4 shows the Frame Sync subfield of the demodulated bitstreams: as one can easily verify, the Phi-decoded content matches perfectly the sync pattern indicated in Figure D.2 of MS-220D (#D.5.1.1.2). 

Fig. 4 - Phi-encoded frame sync

Message Indicator subfield contais the COMSEC-provided MI (or Initialization Vector), a stream of 87 random bits that are redundantly encoded using the Phi patterns seen above. Cryptographic synchronization is achieved when the receiver acquires the correct MI. Decoding can be easily achieved (Figure 5).

Fig. 5 - Message Indicator subfield

Since the COMSEC preambles of the analyzed bitstreams match the "external COMSEC" frame structure, likely the encrypted parts (voice/data) are secured by an external crypto unit such as the KY-57 (Vinson) or the more advanced KY-99.
Such uncommon (in HF band) transmissions are maybe a forward from a VHF link, who knows.

https://disk.yandex.com/d/-_3GnxUV_XKN9Q

27 January 2024

QPSK (Link-22) & PSK8 (unid) bursts

Since some days on 7907.0 KHz/USB, starting in the morning, it's possible to hear long sessions of 2400Bd burst signals which use different modulations and ways. Signal "A" in Figure 1 consists of 4-segment bursts, each segment lasting about 420 ms.

Fig. 1

Modulation used is PSK8 at the rate of 2400Bd. The demodulated bitstream has a period length of 18 bits (6 PSK8 symbols, Figure 2) that can be reduced to 3 bits or even 2 bits if the "1s" column is removed.

Fig. 2 - demodulated bitstream of a PSK8 burst

Signal "B" in Figure 3 is the same as the above but in this case two station are involved, as it's easy to figure out looking at the different strengths of the bursts and their fading patterns. The "2-stations" mode starts randomly after a while but w/out a sort of schedule: in my opinion the time-slot paradigma (or Time Division Multiple Access mode, TDMA) is used (1).

Fig. 3

Signal "C" (Figure 4) use QPSK modulation instead (again 2400Bd) and 550 ms bursts with a "duty cycle" of 50%. 

Fig. 4

The demodulated bitstreams have a period length of 540 bits (270 PSK4 symbols, Figure 5) with a clearly visible framing consisting of 8 sections "Data-MiniProbe" of different durations. The 270-symbol frames and the durations of the eight "Data-MP" sections are the same of the STANAG-4539 TDMA waveform WF2 (see Table I), thus the recording "C" is definitely a Link-22 transmission (2).

Table I

Fig. 5

All my direction finding tries (TDoA algorithm with 5 receivers!) point to an area near Nuremberg (Nürnberg), Germany. Probably it's the USAG (U.S. Army Garrison) Ansbach base which is located in northern Bavaria, approximately 40 kilometers southwest of Nuremberg [1].

Fig. 6 - Direction Finding tries

For what concerns the PSK8 bursts, bitstreams and TDMA mode make me think about a Tactical Data Link (TDL), even if the analyzed waveforms do not match the standards Link-11 or Link-22 (atleast the ones I know). Anyway, given the lack of other information, it cannot be ruled out that it could be telemetry signals.

Monitoring has been made thanks to KiwiSDRs of OE3AKB (Landersdorf, AUSTRIA) e OZ1BFM (Vejby, Denmark) [2][3].

https://disk.yandex.com/d/b04EpZUQIO5GIw

(1) In TDMA mode each user is allowed to transmit only within specified time intervals named as "Time Slots" so that different users transmit in differents time slots.

(2) #2.3.2 Media Code Frame structure, Annex D to STANAG-4539 

[1] https://installations.militaryonesource.mil/.../ansbach-united-states-army-garrison
[2] http://oe3akb.ddns.net:8073/
[3] http://oz1bfm.proxy.kiwisdr.com:8073/
 


18 January 2024

ISR Navy PSK8/2400Bd (datalink protocol)

Just some notes about the datalink protocol used by Israeli Navy (IDF) and their proprietary PSK8/2400Bd modem.
The datalink protocol transfers data using "Tx-Frames" formats consisting of 6, 12 and 18 fixed length packets of 55 bytes (440 bits) for a total room of 330, 660, and 990 bytes per Tx-Frame. The choice of the Tx-Frame to use (TF6, TF12, TF18) depends on the size of the data to be transmitted, taking into account the minimum possible waste of bytes; indeed, if the size of data is of a shorter length, a sequence of null bytes (of value zero) is appended to the data so as to extend it to the legth of the chosen Tx-Frame (Figs 1,2). Thus, a generic Tx-Frame may be seen as a n-position array, in which n is a multiple of 6 and each position can accommodate a single 55-byte packet: 

- TF6 accomodates six 55-byte packets
- TF12 accomodates twelve 55-byte packets
- TF18 accomodates eighteen 55-byte packets

probably also a TF24 exists, but so far I have not seen a such format during my monitorings.

Fig. 1 - TF6 type TX-Frames (7 bursts)
 
Fig. 2 - TF12 type TX-Frames (7 bursts)

The first packet of a Tx-Frame contains a 56-bit/7-byte synchronization sequence (please note the curious progression):

10001111010011111100111100101111101011110110111110000000 (0xF1F2F3F4F5F601)

Fig. 3

Each Tx-Frame is transmitted using a single burst waveform, therefore a transmission is made up of as many bursts as the number of the data messages to be sent. All the types of Tx-Frames can coexist within the same transmission (Figure 4): since null value bytes filling is used, this could mean that fragmentation is not foreseen, i.e. if the size of the data to be sent is greater than the TF(n) then TF(n+1) it's used. 

Fig. 4 - three types of Tx-Frames used in a same transmission

The protocol does not appear to be an ARQ sysem but rather a FEC broadcast with the add of redundancy; for example, sometimes is possible to see that multiple copy of the same datagrams are sent within the same transmission (Figure 5). Obviously, the receiver shall discard the repeated Tx-Frames.

Fig. 5 - a six bursts transmission bearing  3-times repeated Tx-Frames

Burst Waveform
The HF modem generates a burst waveform consisting of two signal formats: parallel and serial, that's why the designation "hybrid/mixed" modem. The initial part of the waveforms consists of 4 or 7 tones where the 3rd and 4th respectively indicate the 1800-Hz of the audio subcarrier being modulated. Tones are likely used in the receive modem for the detection of the signal present, correction of doppler and identification of the beginning of the preamble (Figure 6).

Fig. 6 - initial tones

The segment following the 4/7 tones is modulated at the rate of 75 Bd using a parallel QPSK waveform (Figure 7); although the bursts may have different lengths, it has always the same duration. The analysis of a single channel' bitstream shows a well-defined 96-bit/82-byte framing with an initial sync sequence: this segment is probably a "preamble" aimed to provide synchronization and parameters related to the following data segment (autobaud waveform?).

Fig. 7 - analysis of a single QPSK/75Bd channel

The following segment has the same ACF (66.6ms) and parameters (PSK8 2400 Bd) of a MIL 188-110A serial modem, although a specific MS-110A demodulator doesn't not recognize the waveform as such. The 160-symbol ACF pattern indicates a data rate from 150 up to 1200 bps (1). This is the data segment of the burst waveform.

Fig. 8 - analysis of the serial segment

In order to prove that the QPSK parallel segment is actually a preamble, and not about the data, I randomly cut off a portion of that segment obtaining a "reduced burst": resulting bitstreams remain unaffected by the shorter duration of the segment (Figure 9).

Fig. 9

In my opinion, extra bytes (such as : CRC string, number of packets in the Tx-Frame, position of the packet within the Tx-Frame, first/last packet,...) are appended to each data packet during the formation of the burst waveform: these extra bytes are omitted in the bitstreams.

 

(1) In case of MS-110A low data rates (from 150 up to 1200 bps) the data frames are structured as a 40-symbol pattern: each frame consisting of a data block consisting of 20 data symbols, followed by a probe consisting of 20 symbols of known data. The expected ACF value is then 16.67 ms, but the actual one is 66.67 ms ie four times greather (Figure 5). The reason is that four groups of the pairs data + probe  count 160 symbols (4×40) and they are just "in sync" with the scrambler length (160 symbols) causing the strong 66.67 ms ACF spikes.

2 January 2024

unid PSK8 waveform

Unid PSK8 2400Bd serial waveform heard on 6987.0 KHz/USB, data transfers appear to occur in ARQ mode (Figure 1).

Fig. 1

The larger signal' segments have strong 66.66ms ACF spikes that make a 160-symbol framing consisting of 32 known symbols (mini-probe?) followed by 128 symbols of data. 

Fig. 2 - 66.66ms ACF and relative 160-symbol frame

The analysis of the frame' symbols (Figure 3) reveals that the mini-probes consist of a 16-symbol sequence which is repeated two times.

Fig. 3 - analysis of the frame symbols

Short segments too, maybe ACKs or some other negotiation messages, are PSK8 modulated and have a period of 768-bit/256-symbol length: at glance, it looks like a Walsh Orthogonal modulation mode (Figure 4).
 
Fig. 4

 

https://disk.yandex.com/d/fNYT-NOu7CPfbw

23 December 2023

Swedish Defence, unid datalink protocol over MS-110A

The analysis concerns short transmissions monitored on 3824.0 KHz/USB within the 80mt Ham Band (1) thanks to SM1OTX Airspy HF+ in Sweden and OZ1AEF KiwiSDR in Denmark. According to my observations, at least on this channel (3824 KHz/USB), daytime transmissions occur at intervals of 15 minutes but not with a fixed schedule (for sample: hh05, hh20, hh35, hh50; hh10, hh25, hh40, hh55; hh08, hh23, hh38, hh53) and if there are messages to be sent. The transmissions seem less frequent at night, but I don't have enough IQ monitoring to say for sure; however I have noticed that - at night - the same frequency is sometimes occupied by CIS-12 transmissions.

I ran several Direction Finding tests using the TdoA algorithm and all the results point to an area south from Stockholm, probably the NAVCOMMCEN of the Sweden Defence (Figure 1).

Fig. 1 - Direction Finding results

In this regard, it's worth noting the use of the 3824 KHz frequency. Indeed , at that high latitudes, due to the long dark periods and the sun low on the horizon during winter, the low portion of HF must be used (lack of F layers).  The 80 meter band is certainly the best choice for medium distance contacts (eg  ships in Baltic Sea or Gulf of Bothnia) as it guarantees 100% reliability over 24 hours (Figure 2) and is suitable for NVIS (Near Vertical Incidence Skywave) mode propagation for local contacts.

Fig. 2 - Circuit Reliability for 80 mt comms between medium distances

Below the results of my analysis, aimed to understand and write down the Protocol Data Units (PDUs) of the datalink protocol and the way their fields are encoded. Please notice that the "designations" used are only mine and are introduced just for convenient reference.

The MIL-STD 110A (MS-110A) 1200bps Short Interleaver is the used HF waveform (Figure 3).

Fig. 3 - MS-110A waveform and ACF (66.6 ms)

Sometimes it may happens to see fast exchanges (bursts 1-4) before a "usual" data transfer: judging by the fading patterns in Figure 4, two nodes are involved.

Fig. 4 - fast exchanges before a data transfer

Discarding the MS-110A waveform overhead, the bitstreams exhibit a 104-bit period: data blocks, well-defined structures and repeated patterns are clearly visible in Figure 5.

Fig. 5 - a bitstream after the removal of MS-110A waveform

Blocks are delimited by long series of logical "1s" and are composed of up to 17 datagrams. Each datagram starts with a synchronization-type PDU (S_PDU) followed by data-type PDUs (D_PDU):

Fig. 6 - general structure of a MS-110A transmission

synchronization-type PDU (S_PDU)
The S_PDU consists of a common 40-bit/5-byte sync sequence (2)

[0111111001111110100010111001100010111001] 0x7E7E8B98B9

followed by a 104-bit/13-byte chunk of data which is  repeated three times. After synchronizing the bitstreams on the sync sequence and a length of 144 bits (ie: sync + ACF), the 13-byte chunk is formed of (Figures 7,8):

- a specific 8-bit field h (designated a header)
- a 40-bit/5-byte field m
- a common (!) 32-bit/4-byte sequence s
[11101010011010100010001001100010] 0xEA6A2262
- a 3 bits ("000") string
- a 21 bits field n

Fig. 7 - a synched bitstream (first 144 bits)
 
Fig. 8 - bit-field map of the synchronization-type PDU (S_PDU)
 
data-type PDU (D_PDU)
The D_PDU consists of 80-bit/10-byte field p (designated a payload) followed by a 3 bits "000" string and a final 21 bits field q (Figures 9,10): notice that the final part is the same as the one of the S_PDU.
 
Fig. 9 - datagrams consisting of a S_PDU followed by D_PDUs
 
Fig. 10 - bit-field map of the data-type PDU (D_PDU)

 The general structure of a datagram is shown in Figure 11:

Fig. 11

I spent some days studying the bitstreams and trying to understand the meaning of the fields of  both  S_PDU and D_PDU, and I came to the following conclusions.  

Header field
The argument of the 8-bit header field of the S_PDU is coded as described in CCITT V.42 paragraph 8.1.2.2, which specifies that the least significant bit of a 1-byte argument shall be transmitted first. Therefore, after its conversion into a decimal number xyz, I found that the field it indicates the number of the useful bytes of the datagram and the eventual presence of a filler in the last D_PDU of the datagram.
Given that:
- each D_PDU has a payload of 10 bytes (40 bits)
- the header field of the S_PDU is a 8-bit field
the system is designed so that each datagram may contain up to 255 bytes of data (11111111). For example (see Figure 12):

xyz = 130: 130 useful bytes, 13 complete D_PDUs, no padding
xyz = 126: 126 useful bytes, 12 complete D_PDUs + 6 useful bytes in the 13th D_PDU (the remaining space is filled with four 0 value bytes)
xyz = 118: 118 useful bytes, 11 complete D_PDUs + 8 useful bytes in the 12th D_PDU (the remaining space is filled with two 0 value bytes)

So, the max value of the header field (255) stands for: 255 useful bytes, 25 complete D_PDUs + 5 useful bytes in the 26th D_PDU (the remaining space is filled with five 0 value bytes).

Fig. 12 - meaning of the header field of S_PDU

That meaning of the header field is also confirmed by analyzing the bistreams of the bursts in Figure 4 

- burst 1 (header: 01101110) carries 110 bytes of data within a single datagram of 11 D_PDUs
- bursts 2,3,4 (header: 00001110) carry short 14-byte "messages" in 2 D_PDUs and six padding bytes

Fig. 13

(It is practically impossible to define the nature of these short 14-byte messages, one can only assume that it involves some form of negotiation between the two nodes. Likewise, it cannot be said whether these messages are due to the operator intervention or whether they are automatically generated by the protocol, as is the case with STANAG-5066) 

FEC
The argument of field q of the D_PDU  consists of the 21-bit Cyclic Redundancy Check (CRC) applied and computed on the first 83 bits (ie payload p + "000"). The same consideration can be made up regarding the S_PDU, where the argument of field n is the 21-bit CRC field and fields h+m+s + "000" form the 83 bits which shall be coded.
Indeed, thanks to the help of my friend cryptomaster, we found a (104,21) matrix generated by the polynomial: 

x^21+x^18+x^17+x^15+x^14+x^12+x^11+x^8+x^7+x^6+x^5+x+1

which is well suited to the specific case.

Fig. 14 - (104,21) matrix used for CRC

I coded a short Octave script and tested the check sub-matrix on the first 83 bits of both the types of  PDUs, results are shown in Figures 15,16: the check-matrix works like a charm! So, if we consider that fields are structured in bytes, the 000 bits act as kind of padding added to the word being coded and a (104,83) FEC coding is used (BCH? LDPC?).

Fig. 15 - check matrix applied to the S_PDUs

Fig. 16- check matrix applied to the D_PDUs

Encryption
In this regard  I extracted and merge together more than 500 D_PDU payloads into a single stream then I performed some tests on it.  The quality of the cryptography can be evaluated with a statistical method or by calculating the Shannon Entropy (3) and the Index of Coincidence (IC) (4) of the stream.
The statistical test (Figure 17) determines the randomness, the number of single bits in the stream is counted, then the double bits, then the triple bits and so on to the end. The result is a graph: if the information is not systematic, the adjacent columns should be half the size of the previous ones. The test shows good encryption quality. 

Fig. 17

The measure of the Shannon Entropy can be used, in a broad sense, to detect whether data is likely to be structured or unstructured. 8 is the maximum, representing highly unstructured, 'random' data. Properly encrypted or compressed data should have an entropy of over 7.5 while a low IC generally means that the text is random, compressed or encrypted (Figure 18):

Shannon entropy: 7.948409571238646
Index of Coincidence: 0.039349499261437125

Fig. 18 - Shannon Entropy and Index of Coincidence

If my guess is correct, the string m of the S_PDU is an Initialization Vector (repeated 3 times) of a stream cipher and thus the preamble is actually a COMSEC preamble consisting of bit sync, header, Initialization Vector, frame sync and a final CRC field.

A Secure Text system?
According my analysis, the PDUs of the used datalink protocol consists of the following formats (please notice that the 3-bit field encoded with the value "0" could be specified as NOT USED):

Fig. 19

But what kind of comms we are speaking about?
 
- although a datagram may contain up to 255 bytes of data, according my recordings each datagram is composed of no more than 130 bytes of data: such brevity could mean that the datagrams are made up of short text messages;
- transmissions occur almost regularly every 15 minutes, as if the sender station collects  messages coming from one link and then group and forward them into another link;
- transmissions are in a "blind" way, i.e. they are not preceded by 2G/3G ALE neither by voice calls and are not followed by ACKs: this could mean transmissions addressed to "stared" receiver(s);
 
the above issues make me think of a Secure Text system, ie a system that allows text and data exchange up to and including the level of secret and protected by cryptographic devices (5).
A good point in favor of my guess is that Swedish Armed Forces currently use a variety of national secure text messages that are not interoperable with international systems and are distributed just through the MaRA Naval Communications Centre (NAVCOMMCEN) for maritime platforms and operations [1].

...some speculations
Since Sweden Defence use  national crypto for domestic comms (6), what about the MGZI "Kryptomodem 1401" (Kryapp 1401, Crypto Modem for serial communication) commissioned by FMV (Swedish Defense) to Sectra [2]?

Fig. 20

The Swedish Defence Materiel Administration (Swedish: Försvarets materielverk, FMV)[3] is a Swedish government agency that reports to the Ministry of Defence. The agency is responsible for the supply of materiel to the Swedish defence organisation. In this case they also provide Kryptomodem 1401 to the Swedish Navy. Notice in Figure 21 that maybe the "Stri 8000" could be identified with the HF-8000 SDR Radio System prioduced by ELBIT (ELBIT Sweden is one of the supplier of Swedish Defence).

Fig. 21

 

 https://disk.yandex.com/d/3qW7_b3IbdkEGw 

(1) The 80-meter or 3.5 MHz band is a band of radio frequencies allocated for amateur radio use, from 3.5 to 4.0 MHz in IARU Region 2, and generally 3.5 to 3.8 or 3.9 MHz in Regions 1 and 3 respectively. European common allocation is AERONAUTICAL MOBILE (OR) FIXED LAND MOBILE 

(2) It must be said that in many messages the sync sequence seems to be 48 bits starting with [00000000] 0x00

(3) In the context of information theory, Shannon's entropy is a measure of the rate at which information is produced by a source of data. It can be used, in a broad sense, to detect whether data is likely to be structured or unstructured. 8 is the maximum, representing highly unstructured, 'random' data. English language text usually falls somewhere between 3.5 and 5. Properly encrypted or compressed data should have an entropy of over 7.5

(4) 0 represents complete randomness (all characters are unique), whereas 1 represents no randomness (all characters are identical). English text generally has an IC of between 0.67 to 0.78 whereas 'Random' text is determined by the probability that each letter occurs the same number of times as another. A low IC generally means that the text is random, compressed or encrypted. 

(5) Secure text systems enable the armed forces to transmission and receipt military request, reports, orders, plans and policies and can be achieved in different ways, both regarding the format of the message and its method of transmission.

(6) A few words on Swedish cryptology
For two centuries Sweden has upheld neutrality in the sense that the country has not been member of any military alliance. Only recently did the country apply for NATO membership although it has been a public secret that Sweden since the end of WWII has had an informal, but quite strong collaboration with NATO countries, especially the Scandinavian countries including Finland with which strong historical, cultural and linguistic bonds exist. The cooperation has manifested itself in the area of signals intelligence, exchange of intercepted information and interoperability of communications equipment including crypto equipment, and more recently in a close collaboration with NSA.
The credibility of neutrality has been supported by strong defense forces, including cryptologic efforts. A few cases serves to lustrate this: In spite of its neutrality, Sweden was able to just a short time after Germany attacked Denmark and Norway in April 1940 by systematic interception to reading German military telegraph traffic, which transited Sweden, by cracking the so called Geheimschreiber (a kind of substitution cipher where the key was changing with each character and the initialization vector was altered with a few days’ interval) primarily based on the attack by a mathematical genius, Arne Beurling. 
Another feat was the successful evacuation – operation Stella Polaris - of the entire (nearly) Finnish SIGINT staff, their families and crypto analytic material and equipment after the Russo-Finnish war in 1944 ended in Finnish defeat.
Already in 1942, all cryptological and cryptanalytic effort were concentrated in FRA, Försvarets Radioanstalt (Defense Radio Establishment).
Thus, for many years the crypto efforts of Sweden's defence forces and government communications have had a high priority as a national endeavour, mainly due to the centuries long Swedish neutrality, as described above. Today, as Swedish membership of NATO is imminent pending ratification by the Turkish parlament, this collaboration of long duree ensures that the transition from neutrality to NATO mebership will be smooth. There is no doubt that the navy of Sweden in the actual geopolitical situation will play an important regional role in the Baltic Sea and the approaches to this ocean area.
The designations of Swedish crypto equipment is quite straightforward: 

MXY[Z] - Maskinkrypto; Machinegenerated crypto
X - G = Gemensamt (common for all service branches), M - Marinen (navy), L - Flygvapnet (air force)
Y - Typ Y; Type Y
[Z] - Optional designator; Z =  I, for international use, Z = U, for use abroad
The equipment is graded according to its degree of signal protection (Sw., SG, signalskyddsgrad), i.e. SG R(estricted), C(onfidential), S(secret) and T(op) S(ecret).


[1] https://docplayer.net/45022367...internet.html
[2] https://communications.sectra.com/case/encryption-solutions-for-the-swedish-defence/
[3] https://www.fmv.se/english/