27 December 2020

async 5N1.5 STANAG-4481F in cleartext

Yet another interesting STANAG-4481F signal, this time operated in async 5N1.5 mode and in cleartext(!): first time I see a not encrypted S-4481F transmission (obviously except FABs/CARBs). Signal spotted on 11123.55 KHz (CF) at 2220Z a few days ago (24th Dec) thanks to the AI6VN/KH6 KiwiSDR at Kahakuloa, Maui, HI.

Fig. 1

Curiously, since the poor quality of the signal, the bitstream sometimes appears as 5N1 and sometimes as 5N2 (Figure 2).

Fig. 2 - 5N1 and 5N2 bitstreams

The decoded text concerns the AOMSW exercise in the Arabian Gulf on December 21 [1] and since the title ("Navy News Stories of the day" ) and the text, I think it's probably a kind of "press review" for the fleet at sea. 

Fig. 3 - decoded text

Don't know which USN/NATO station operates on that frequency (11223.55 KHz, CF) and unfortunately I went late on that transmission so I didn't have time to DF the signal.

[1] https://www.centcom.mil/MEDIA/NEWS-ARTICLES/


22 December 2020

An odd STANAG-4481F link

Odd STANAG-4481F transmissions consisting of (apparently) continuous KG-84/KIV-7 64-bit sync sequence, spotted on 11222.0 Khz (CF): this is the first stime I hear S-4481F on that frequency. These transmissions have been going on h24 for days and always keeping the same modality.

Fig. 1 - note the oscillations during the mark-space switch

As pointed out by my friend cryptomaster, although k500 decoder recognizes the KG-84 64-bit sync sequence, actually the stream consists of the 63-bit m-sequence generated by the polynomial x^6+x^5+1, or its counterpart x^6+x+1 (Figure 2); this way, the KG-84 sync sequence is obtained by adding one "1" bit. Otherwise, the KG-84 sync sequence may be obtained assuming (as the decoder does) the last bit "1" of the sequence n as the first bit of the sequence n+1, i.e. as if that bit were "in common" bewteen two consecutive sequences (Figure 3). In a few words, decoders are tricked by that 63-bit sequence.
In my opinion, the choice to send that m-sequence is not a "casual" one - they could have used any other test pattern - but raher it's a deliberate choice since its closeness to the KG-84 sync sequence (just one bit) and the fact that KG-84 is largely used in S-4481F links. Interestingly, the stream resulting after the removal of the scrambler consists of  bits all set to "1"; as above, they could have used any other scrambler polynomial.
Fig. 2
Fig. 3
Fig. 4 - a STANAG-4481F decoder working the 11222.0 KHz transmission

It's difficult to say what it is exactly: maybe tests in view of the setup of a new link,  a frequency marker or maybe some trials. Every attempt to find the Tx site by using TDoA method is different, almost surely it's somewhere in the North-East of US, most likely NSS/AFA Davidsonville (Figure 5).
I will update the post as soon as something new comes out. 
Fig. 5a - according to these DF attempts, TX seems located north of Baltimore (likely Davidsonville)
Fig. 5b - other TDoA attempt obtained by selecting receivers from east to west (...still Davidsonville)

16 December 2020

Unid MFSK-13 system

Unid MFSK-13 system running at different speeds (31/62.5/125 Baud) and intervals (125/250 Hz) spotted on Twente WebSDR on ~10625, ~9091, ~7779 KHz/USB thanks to friend radiotehnikaT101

Fig. 1
Fig. 2

It's to be noticed the quick change of the waveform in the 10625 KHz recording (from 31Bd/250 to 125Bd/126): maybe the first part could be the "call" segment. I tried a rough demodulation by replacing the Hex characters (0...C) with their binary value (0000...1100) but I didn't find anything interesting in the bitstreams except some patterns in the 31Bd/250 segment (88/176 bit period).
Most likely  these are experimental transmissions in the network of the Ministry of Foreign Affairs of the Russian Federation. 

Fig. 3


11 December 2020

unid 216-bit Initialization Vectors


Interesting MIL 188-110A segments which transport encrypted data. The bitstreams corresponding to the eigth segments - after 110A removal - are shown in Fig. 2; unless segments e and f, each bitstream consists of an initial block followed by encrypted data.

Fig. 2 - demodulated bitstreams

The initial blocks consist of a 216-bit (27 bytes) sequence, most likely the initialization vector, which is 3 times repeated: obviously, the initialization vectors are different in each segment. It's to be notice thatsegment h (the last) is preceeded and followed by 3G-HF Fast Link Setup bursts (FLSU, BW5 waveform); most likely it's an incomplete recording of a 3G-HF Circuit Service mode using 110A.

Fig. 3 - 3x216-bit IV


30 November 2020

unid 200Bd/400 MFSK-4

Yet another interesting signal sent me by my friend Eddy from Australia. The transmission has been recorded on 16320.0 KHz/USB at 0520Z and consists of 200Bd/400 FSK-4 segments (the signal in between does not carry information). Figure 1 shows the measurement of the relevant FSK parameters. 

Fig. 1

The first two segments A,B (the shorter ones) could probably act as selcall. Indeed, after the removal of the polynomial x^5+x^4+x+1, the stream exhibits an interesting 8-bit structure where repeated initial patterns can be seen.

Fig. 2

The longest segment has an interesting structure. In my opinion, the initial part is formed of a 118-bit initial sequence followed by a block consisting of a 192-bit (24 bytes) sequence which is four times repeated; probably it's the synch + initialization vector section of the message.

Fig. 3

After the removal of the initial part, the stream shows a 504-bit period but with several alternate sequences (Fig. 4). The same 8-bit structure is visible after the removal of the polynomial x^5+x^4+x+1 (Fig. 5 ). Most likely it's a Chinese waveform, although there are not more informations about it. Recently these transmissions have also been listened on the Twente websdr (and just on the same frequency).

Fig. 4
Fig. 5


24 November 2020

unid 200Bd/400 FSK bursts

Interesting 200Bd/400 FSK bursts heard on 12087.4 KHz/USB and reported by my friend Eduard (Eddy) Waters from Australia. The bitstream consists of repeated sequences of 32 bit; I did not find a suitable polynomial.

Fig. 1

Probably a kind of telecontrol sending the same values, for example 4-bit groups (assuming 1001 as the first group):
1001 0011 0001 1101 1011 0010 1100 1100
1001 0011 0001 1101 1011 0010 1100 1100
1001 ...
or groups of 8/16 bits.

Fig. 2

We wonder what that was all about, seems strange it has not come back on.


18 November 2020

unid 318000Bd/228 GFSK (UHF)

Unid 318000Bd/228 GFSK spotted on 428 MHz and sent me by a friend of mine

Fig. 1

After the removal of the scrambler x^9+x^4+1, the bitstream shows an interesting 228-bit (or 12 x 19-bit groups) period.

Fig. 2 - 19-bit grouped stream
Fig. 3 - 228-bit period stream


13 November 2020

OFDM 17-tone PSK4 62.5 Bd, "struna" HF (струна)

Heard on 10994.0/USB (10995.5 CF) starting from 1020Z on Twente WebSDR. That "Struna" HF waveform consists of OFDM 17-tone modulation using PSK4 at 62.5 Bd, tones are 62.5 Hz spaced. Struna transmissions take place on a pool of frequencies at .10, .20 and. 30 minutes every hour. Thanks to cryptomaster for the tip and radiotehnikaT101 for warning about the on-air signal presence.



a new toy

Just bought (and alreday at home) the compatible Arduino™ Mega 2560 R3  board: a microcontroller board based on the ATmega2560. It has 54 digital I/O pins (14 of which can be used as PWM outputs), 16 analogue inputs, 4 UARTs (serial hardware interfaces), a 16-MHz crystal oscillator, a USB interface, a power connection, an ICSP header and a reset button.

Really hope to do something useful with it for signals and analysis, as well as fool the time during covid-19 lockdown.

5 November 2020

A not easily classifiable burst waveform

The burst waveform has been monitored on 8118.0 KHz/USB for several days and is part of a multi-mode system which also uses OFDM and MFSK modulations [1]. According to some friends and milcomm listeners, OFDM and MFSK are used for data/ARQ while the bursts act as "sounding/probing" for the communication frequencies. The bursts have a fixed length and are modulated at the data rate of 2400 Baud; bursts are formed of (~) a 55ms TLC section probably used for transmitter level control and receiver AGC settling, a 45ms acquisition preamble and 22 data blocks; each data block has a duration of 20 msec and therefore consists of 48 symbols (Figure 1).

Fig. 1

For what concerns the framing and the used modulation, a bit more accurate analysis is needed. Ruled that the total length of one frame is 48 symbols (Figure 2), the time durations inevitably have small inaccuracies that do not allow a definitive measurement of the symbols used for the data (Unknown Symbols, UK) and consequently the number of the symbols used for the probes (Known symbols, K): milliseconds matter! The framings that we can reasonably suppose, indicated in the form [UK + K], are: [35 + 13] and [34 + 14]; although the [32 + 16] framing is possible, it appears in my opinion a little too "generous" since it takes 6.66 msec to transmit 16 symbols. I point out that the patterns in Figure 2 are a function of time and therefore do not depend on the modulation used. 

Fig. 2
The structure of the frames can also be drawn from the analysis of the bitstream resulted after demodulating the bursts, and here things get complicated. The question to be resolved is whether it is a 4-ary or 8-ary modulation.
At first glance, the absolute constellation looks like a PSK8 modulation, although the four states 45°,135°,225°, 315° are clearly less dense and unstable. Moreover, looking at the transitions more carefully, the paths between those states and the π/4 adjacent ones are almost completely missing. The three lines in the harmonics spectrum at 2^ power and the transitions in differential demodulation are a good clue in favor of a 4-ary modulation. It could be said that it's a π/4-DQPSK modulation, but the zero-crossing transitions rule out this modulation.
Me and friends cryptomaster and KarapuZ have discussed this aspect. In my opinion, it seems that they use a PSK4 modulation and two symbols sets [0-2-4-6] and [1-3-5-7] (ie π/4 shifted) for probes and data; the symbols are then directly mapped to a PSK8 constellation without pre-scrambling them with pseudo-random three bit numbers. This way, the two π/4 shifted PSK4 constellations appear superimposed in the phase plane, giving the impression that it's a PSK8 constellation. With this assumption, the few transitions between the two sets of states find an explanation (switching from data to probe and viceversa).

Fig. 3
Obviously, demodulation shall produce a 96-bit period stream in case of  PSK4 (2-bit symbols x 48) or a 144-bit period stream in case of PSK8 (3-bit symbols x 48). Me and cryptomaster tried a differential PSK4 demodulation and results are indeed interesting. A [UK + K] = [33 + 15] framing clearly emerges from the bitstreams reported in Figures 4 and 5, and - specifically - the 15 symbols that form a  single probe consist of the 30-bit sequence:
(the 22 probes can be clearly identified in Figure 5).
Even more interesting is to note the repeated presence of the same sequence also in the preamble bits: it means that what I named as "probes" are most likely "preamble re-insertions". 
Fig.4 - 96-bit stream after dPSK4 demod (I56578)

Fig. 5- 96-bit stream after dPSK4 demod (thanks to cryptomaster)
As said above, symbols appear not mapped to a PSK8 constellation thus a final scrambler - if present - is not used in the same way as in 188-110; anyway, we have found some success with the generator polynomial x^3+x^2+x+1. Assuming the classic chain of functional blocks FEC -> interleaver -> symbol formation -> scrambler going further in the analysis is a mission impossible in the absence of specific documentation.
Friend KarapuZ preferred go down the road of a differential PSK8 modulation (Figure 6): the bitstream shows a [32 + 16] framing but, in that case, the same 16-symbol pattern forming the probes
is not visible in the preamble. It's to notice that after removing the probes, an interesting 48-bit pattern shows up with a further phasing element consisting of two "ones" value columns.
Fig. 6- 144-bit stream after dPSK8 demod (thanks to KarapuZ)
As regards the monitored frequency (8018.0 KHz/usb) the bursts are transmitted according to the scheme 3-2-3 represented in Figure 7; no other wavfeorm (OFDM  or MFSK) was however heard.
Fig. 7 - timings 


28 October 2020

250Bd/500 FSK embedded channels, likely Ukr nets

Three 250Bd/500 FSK "embedded" channels, 1000 Hz spaced, spotted on 6775.0 KHz (CF) and originating north of Rivne, Ukraine; probably trials or experimental transmissions.

Fig. 1
 It's to notice that the 105-bit streams share the same 43-bit preamble/sequence:


Fig. 2

My friend cryptomaster informed me that he too listened to a similar signal (3 x 250Bd/500 FSK), but spacing between channels was 500 Hz); his analysis can be read here:


24 October 2020

two new 50Bd/850 FSK broadcast channels

It seems that the Turkish friends (or "stars and stripes" friends in Turkey) have activated two new 50Bd/850 FSK broadcast channels on 8788.0 and 8792.0 KHz (cf), or likely 8090.0 KHz in ISB mode. Spotted them on 22th October for the first time. 

Fig. 1

Fig. 2

As expected, since the 50Bd/850 waveform, both the channels are KW-46/KIV-7 secured. The "business card" consists of the pseudo-random sequence generated by the polynomial x^31+x^3+1, those bits replace the stop bits and are used by KW-46 cryptographic equipment to provide synchronization (figure 3).

Fig. 3

Tx site (or Tx sites ?) is in Turkey; unfortunately there are no KiwiSDR in the southern Mediterranean, they would have allowed a more accurate DF.

Fig. 4



21 October 2020

KW-46 secured traffic over 188-110A, MHFCS Townsville

Long 110A Serial transmission heard on 6345.50 KHz/usb and used for KW-46/KIV-7 secured fleet broadcast, task usually performed by S4285/S-4481 in NATO Navy.
The analysis of the frame structure (Figure 1) confirms 110A operations at low datarates: each frame is composed of 40 tribit symbols, or 120 bits, (20 symbols for miniprobe + 20 symbols for data). In low datarate modes, from 150 to 1200 bps, the 480-bit length of the 110A scrambler exactly matches four frames (i.e.: 4 x 120 bits) and so it produces the strong 66.67ms spikes which are visible in the auto-correlation function.

Fig. 1 - MIL 188-110A Serial Tone framing

The most interesting aspect is the use of KW-46/KIV-7 encryption to secure data transfers: its use is revelaed by the presence of the pseudo-random sequence generated by the polynomial x^31+x^3+1 (Figure 2). It's worth noting that, usually, the KW-46 crypto device is used in USN/NATO fleet broadcast with FSK 50Bd/850 or S4285 modems. A similar MHFCS transmission was reported here.

Fig. 2 - x^31+x^3+1 pseudo-random sequence

TDoA runs say Australian MHFCS [1] node at Townsville as the Tx site (Figure 3):

Fig.3 - TDoA results

The Bohle Transmitter Station site [2] is a site of approximately 484 hectares, located 10 kilometres west of Townsville (Figs. 4,5). As said, the station is a communications facility used by Defence and forms part of the Modernised High Frequency Communications System.

Fig. 4 - site of the MHFCS (google earth)
Fig. 5 - https://www.flickr.com/photos/csipete/3055234661/in/photostream/


[1] https://i56578-swl.blogspot

12 October 2020

STANAG-4538 to forward 188-220 App.D (SINCGARS) Tx frames to HF

6898 KHz/USB seems to be a good place to catch transmissions which deal with STANAG-4538 3G-HF and COMSEC. After the 256-bit Initialization Vectors encryption, it happened to hear some STANAG-4538 transmissions that used the LDL protocol: nothing particularly interesting except for the transported datagrams that are certainly attributable to SINCGARS traffic which is usually exchanged, however, between 30 and 88 MHz! Indeed, after the analysis of the LDL bitstreams, it turned out that MIL 188-220 App. D "COMMUNICATIONS SECURITY STANDARDS" (shortly idicated as 188-220/D) exactly describes the structure of the transmitted datagrams.
In short, SINCGARS (Single Channel Ground and Airborne Radio System) [1] is a VHF Combat Net Radio (CNR) [2] WF providing secure voice and data communications; MIL 188-220 [3] is a military standard that governs the use of Combat Net Radios and covers layers 1 through 3 (physical, data link, and network) of the OSI stack.

Fig.1 - STANAG-4538 LDL session

LDL protocol analysys
Each LDLn transfer consists of a TX Frame consisting of one data packet. A data packet is defined as a fixed-length sequence of n-byte data (n = 32,64,96,...,512) followed by a 17-bit Sequence Number plus an 8-bit Control Field (presently unused), both added by the LDL protocol. Each TX Frame is sent using burst waveform BW3. During the construction of BW3, a 32-bit CRC is computed across the data bits of each data packet and is then appended to it. Then, 7 flush bits having the value 0 are added to ensure that the encoder is in the all-zero state upon encoding the last flush bit. Sumarizing, the on-air LDLn bits are equal to 8n + (17+8+32+7)  or  8n + 64 (n  =  32,64,96,...,512).

That said, we can go back to the original datagram by inspecting the last 64 bits (17-bit Sequence Number + 8-bit Control Field + 32-bit CRC + 7 flush bits) of the four BW3 bursts (Figure 2). In this sample the values of the Packet Number fields are: 0,0,1,1: most likely, each TX Frame is sent twice to improve the reliability of the transfer (the receive station discards the duplicated packets). Correspondly, the values of the single Packet Byte Count fileds are 415 (110011111) and 346 (101011010): this means that LDL416 protocol is used and therefore the original datagram was splitted into two packets each of 416 and 347 bytes (the Packet Byte Count field contains the number of user bytes -1). 

Fig. 2 - LDL overhead bits

Datagram analysis
The original datagram can be retrieved by reshaping the bitstream in a 3392-bit period (ie (8 × 416) + 64),  isolating the four rows, removing either the duplicated packets and the 64 overhead bits: the resulting bitstream is shown in Figure 3.

Fig. 3 - the original 15-bit period datagram

As said, 188-220/D exactly describes the regular patterns which compose the datagram, particularly the COMSEC preamble field that consist of three components: the bit synchronization subfield (it may consists of a string of alternating ones and zeros), the Frame Synchronization subfield, and a Message Indicator (or Initialization Vector, IV) subfield (Figure 4).

Fig. 4 - traditional COMSEC transmission frame structure (MIL 188-220 App.D)

As per 188-220/D #D., frame sync subfield, and Message Indicator are encoded using Phi patterns, a method of redundantly encoding data bits :
a logical "1" data bit is encoded as a Phi(1) = 111101011001000
a logical "0" data bit is encoded as a Phi(0) = 000010100110111
A simple majority voting process may be performed at the receiver to decode the Phi-encoded patterns to their origlnal format. 
It's to notice that the Phi patterns are generated by the polynomial x^4+x+1 [initial state 1,1,1,1]: this could be misleading if you are looking for a suitable descrambler for the preamble.

I extracted the original datagrams from three STANAG-4538 transmissions heard on 6898 KHz, removed the initial (long) bit sync subfields and placed the bitstreams side by side for better visibility of the COMSEC Frame Sync and IV subfields (Figure 5).
Fig. 5 - COMSEC preambles

As you see the Frame Sync subfield is the same in the three datagrams, this subfield is 465 bits long and consists of 31 Phi-encoded bits (as per 188-220/D): 
01) 111101011001000 → 1
02) 111101011001000 → 1
03) 111101011001000 → 1 
29) 111101011001000 → 1
30) 111101011001000 → 1
31) 000010100110111 → 0 
As expected, the pattern resulting after Phi-decoding matches exactly the one reported in 188-220/D:
The Initialization Vector subfield, a stream of random bits, is redundantly encoded using Phi patterns and is 1305 bits long (87 Phi-encoded bits) in all the three datagrams:

The ecrypted data block follows the Initialization Vector subfield, the external crypto device is presumably KY-57 [4] or the more advanced KY-99.
The same frame structure, and the same subfields lengths, was found in
- SINCGARS transmissions heard on 33 MHz (low VHF, GFSK 16000 Baud) (Figure 6)
- SATCOM transmission heard on 261.5 MHz (UHF, FM 16000 Baud) [5]

Fig. 6 - frame structure of a SINCGARS transmission
i.e. just where do you expect to find it (V/UHF).
Conclusions are hard to draw from such observations: since the LDL packets transport whole 188-220/D frames "as is", STANAG-4538 appears to be used as a kind of "bridge or relay" between V/UHF and HF (Figure 7).
Fig. 7
It sounds quite weird and unusual but however this is what was on-air. What is it, then? 
Since this type of transmission occurred several times and for some days, I tend to exclude that it was an operator mistake or a malfunction of the equipment: both would have been noticed and perhaps fixed. Maybe some kind of tests? Anyway, I find it difficult to think that such a mix is possible by using a "traditional" setup. Indeed, I think that using a SCA-based Software Defined Radio a skilled operator could instantiate a 188-220/D + S4538 session, but... why? Using a such SDRs configuration would be possible outrun the transmission range of (VHF line-of-sight) SINCGARS, but honestly such a solution seems rather crude and impractical. Maybe it was just occasional needs to forward 188-220/D frames to a certain HF endpoint.

In conclusion, at present I don't have a clear explanation and comments will be greatly appreciated. For completeness, it should be added that in these days I have tried some sporadic monitoring but I have not been able to hear these transmissions anymore (at least on 6898 KHz).
A big thank to my friend KC9FFV Marco (Forney, TX USA) who allowed me to use his KiwiSDR beyond the 120 minute time limit [6].