16 May 2018

MIL 188-220 Appendix D, standards for COMSEC transmissions

A recent post in radioscanner (my nickname is "ansanto" there), and some interesting discussions with a friend of mine, gave me the opportunity to study that signal and deepen the theme that is dealt with by MIL 188-220. In particular, the signal in question (courtesy by KarapuZ) concerns a transmission with link encryption provided by external COMSEC devices, in accordance with what is reported in the Appendix D of the cited standard, ie "transmission frame structure in either external and embedded COMSEC modes".

In short, in external COMSEC transmission frame the clear-text (not encrypted) part of the transmission frame is the "COMSEC Preamble", depicted below, which consists of the subfields: 
a. COMSEC Bit Synchronization
b. COMSEC Frame Synchronization
c. Message Indicator (MI)

The COMSEC Frame Synchronization subfield is used to provide a framing signal indicating the start of the encoded MI to the receiving station. This subfield is 465 bits long, consisting of 31 Phi-encoded bits. The Phi patterns are a method of redundantly encoding data bits. The logical data bits 1 and 0 are encoded as shown in figure. 

The Message Indicator subfield (MI) contains the COMSEC-provided MI, a stream of random bits that are redundantly encoded using Phi patterns.

Alternatively, in the embedded COMSEC transmission frame the clear-text part, depicted below, is composed of the following components:
a. Phasing
b. Frame synchronization (Standard Frame Sync or Robust Frame Sync)
c. Robust Frame Format (RCP only)
d. Message Indicator (MI)

Back to the signal, it was heard by KarapuZ in the 33 MHz band and it is a GFSK modulation at a rate of 16000 Baud that can be easily processed using SA (Fig. 1).

Fig. 1
Once demodulated it turns out to be a transmission with link encryption provided by external COMSEC: indeed, the COMSEC Preamble can be easily identified as well as the three subfields Bit Synchronization, Frame Synchronization and Message Indicator (Fig. 2).

Fig. 2 - COMSEC Preamble
The use of the redundant 15-bit encoding is shown in Figure 3

Fig. 3
Since 188-220 is based on the VINSON algorithm, the used encryption is presumably KY-57 and taking into account the band where it was listened... everything points to the SINCGARS radio (Single Channel Ground and Airborne Radio System) [1]. By the way, a dear friend of mine sent me a 188-220 recording but once demodulated it uses 16 bits encoding patterns frames instead of 15 bits ones (Fig. 4). "I guess it is some modern crypto using a backwards compatibility mode, the clue is that it could be KY-99 that is the replacement for KY-57 in SINCGARS, but that point is unconfirmed. More signals and work will be necessary to clarify these points", my friend says. 

Fig. 4
It is interesting to see how NATO KG-84 encryption relates to 188-220 Appendix D (Fig. 5).
KG-84 is similar to the emebedded COMSEC transmission frame, although the 64-bit pattern of KG-84 Standard Frame sync 
is different from the patterns reported in Appendix D for Standard and Robust Frame sync. Moreover, the Message Indicator is not encoded using the Phi 15 bits, although it is redundantly encoded. That's probably ok since KG-84 is based on SAVILLE algorithm and 188-220 is VINSON based. Note as in some KG-84 "detectors" the Standard Frame sync is termed as "SYNC" and the MI data as "Initialization vectors".

Fig. 5 - NATO KG-84 encryption and 188-220 embedded COMSEC
The Turkish-Mil FSK, also using KG-84, deserves aside consideration (Fig. 6). Perhaps they encode the Mesage Indicator field using Golay and do not use redundant n-bit encoding, but it's only IMO. However "the encoding with Phi patterns is used for backward compatibility", 188-220 says.

Fig. 6 - Turkish-Mil FSK and 188-220 embedded COMSEC

(to be continued)

[1] http://www.cryptomuseum.com/radio/sincgars/

1 comment:

  1. Great job, Antonio.
    Very interesting post.