16 March 2018

unid 32-bit secondary protocol

The analysis is related to a 3G-HF STANAG-4538 transmission in which the traffic service is “Circuit Mode” and spotted on 7961 KHz/USB, 188-110A Serial is used as the traffic waveform. After demodulation of 188-110A, the stream obtained shows a series of data blocks, corresponding to the transmitted bursts, characterized by a 32-bit length period which is due to the headers of each block (Fig. 1). Comparing the headers gives a common structure of 120 bytes that differs by 32 bytes (Fig. 2).

Fig. 1
Fig. 2
A proposed byte-framing (LSB-> MSB) is presented below:

initial 176-bit length sequence of "0" followed by 2-byte sequence (SYN sequence?)
0x81 0x18 (10000001 00011000)

23-byte idle pattern 0x55  starting with 0x27

21-byte (preamble?):
0xD5 0x68 0xF1 0x90 0x70 0xEF 0x96 0x8E 0x70 0x11 0x0F 0x09 0xF7 0x6E 0xE9 0x68 0x17 0xF1 0x90 0x70 0xEF 

32-byte block, this block is different in each burst  as shown in Figure 2 (message identifier?, addresses?)

3-byte sequence 0x68 0xF1 0x90 followed by 4-byte sequence repeated four times (encoder key?)
0xF0 0x68 0xF1 0x90 (00001111 00010110 10001111 00001001)  

user-data follow


it is interesting to note that the sequence 0x68 0xF1 0x90 (00010110 10001111 00001001)  is repeated several times (also starting from byte fourty-nine).
This is an hand-made mapping since I do not own a protocol analyzer/dissector tool: comments are welcome.

No comments:

Post a Comment