unid 2000Bd PSK8 burst transmission (720 symbols frames)

Unid burst transmission recorded on 5330.50 KHz/USB (60 mt HAM band) using a remote KiwiSDR locate at Oita, Japan [1]. The bursts have a duration of about 2606 ms with an interval of 3390 ms, the occupied bandwidth is 2200 Hz (Figure 1).

Fig. 1

 

The measured symbol rate is 2000 Bd on a 1274 Hz carrier: most likely 1200 Hz is the right value. The transitions diagram and the harmonic spectrum in Figure 2 show the use of PSK2 and PSK8 modulations, in particular PSK2 seems to be used for the initial preamble and for the inserts (miniprobes?) preceding the data blocks, the latter being modulated using PSK8. Obviously, PSK2 dibits are scrambled to appear on air as PSK8 tribit symbols.

 

Fig. 2 - PSK analysis

 

Bitstream analysis of a single burst, after the removal of the preamble, reveals the use of six frames (as indeed visible in the previous Figure 2) each characterized by a length of 2160 bits or 720 symbols. More precisely, each frame consists of a first sequence of 72 known symbols, followed by 72 unknown symbols (use of 720/72 symbols is curious) and finally by another 576 unknown symbols (216+216+1728 bit). Figure 3 clearly shows this frame structure. By the way, the initial 72 symbols sequence can be descrambled by the polynomial x^9+x^6+x^3+1 (1).

 

Fig. 3 - bitstream analysis

Symbols-oriented analysis of Figure 4 helps to better define the composition of the frames and particularly the used modulations. Indeed, looking at the 144 symbols diagram, the first 72 symbols are PSK8 modulated while the following 72 symbols are clearly modulated using PSK2.  Thus, each 720 symbols frame consists of an initial 72 known symbols sequence with PSK8 modulation, 72 unknown symbols with PSK2 modulation and 576 unknown symbols with PSK8 modulation.

 

Fig. 4 - symbols analysis

As from Figure 2, each burst has a duration of 2606 ms that - at the symbol rate of 2000 Bd - makes a total of 5212 symbols. Since each burst consists of six 720 symbols length frames, ie 4320 symbols, it follows that the initial preamble is composed of (5212 - 4320) = 892 symbols. Figure 5 shows the preamble and its symbols analysis, from which it can be seen that PSK2 modulation is used (except for some initial "uncertainties" due the SA generic PSK demodulator I used). Preamble can be descrambled using the polynomial x^6+x^3+1 (1).

 

Fig. 5 - preamble analysis

Evidence of Direction Finding (TDoA algorithm) indicate an area of the transmission site that could be compatible with Guam Island (Figure 6). However, in evaluating the goodness of such results it must be taken into account that the survey area is not densely populated with KiwiSDR receivers, especially in the East direction, and that the transmission was not continuous but - in fact - a train of bursts (although quite close together).

Fig. 6 - some Direction Finding (TDoA algo) results

https://disk.yandex.com/d/zu3AE6Ossjl_gQ 

(1) SA is a signal analyzer and not a decoder, therefore its phase-plane demodulator does not sync any particular sequence, as it happens for "suited" decoders, and phase-offset errors are possible. 

[1]  http://flydog.web-sdr.net/

unid 15.66Bd/120 FSK system

This is a new FSK signal for me that can be heard starting mid-morning, at least on that frequency, with a good SNR using a KiwiSDR located in the UK [1]. Coming to the signal' main parameters, the FSK central frequency is 6938.55 KHz, 120 Hz shift and an apparently(!) keying speed of 31 Baud (or bps, since the FSK mode): Figure 1 show these values.

Fig. 1

I wrote "apparent modulation speed" because by demodulating the signal at a speed of 31 Baud, duplicate bit values are obtained, as can be seen in Figure 2: a sign that the real speed is half that detected with a superficial analysis.

Fig. 2

Indeed, the duration of a bit of information is about 64 ms, while the "raster" of 8 bits measures 511.4 ms (Figure 3): some very simple calculations indicate a modulation speed of 15.6 Baud. As expected, in this case the obtained bitstream correctly shows the reversals "01"s sequence (Figure 4).

Fig. 3

Fig. 4

Direction Finding attempts (TDoA algorithm) seem to point to an area in South West England as a possible transmitter site (Figure 5). Difficult to say something about the users and the purposes.

Fig. 5

As a final note, Figure 6 shows that the phases of the two frequencies are not constant and change after every switch: sign that a single oscillator, maybe a VCO, is used (if two distinct generators were used we would see no phase changes).

By the way, since Figure 6 shows the durations of two periods, it's possible to come back to the two tones frequency:

2: 0.003427 = 583.6 Hz
2: 0.004315 = 463.5 HZ

ie just 120 Hz shift.

Fig. 6

 https://disk.yandex.com/d/lAp4MSgpbVRZ7g

[1] http://websdr.uk:8060/

wideband Akula

A dear friend of mine sent me a very very interesting recording of a short Akula transmission consisting of the usual Akula 500Bd/1000 FSK preceeded by 15 DBPSK modulated tones, symbol rate of 500Bd (as Akula II).

Fig. 1

As already discussed in a previous post [1] the 15 DBPSK channels and the FSK segment transport the same data (Figure 2), probably using such a width signal - about 30 kHz - should provide good noise immunity. 

Figure 2

Most interestingly, the signal was recorded using an SDR receiver near Kiev, so given that:
1) Akula waveforms are used for subcomms
2) signal strength is impressive (Figure 3)
the presence of Russian subs in the Black Sea could be assumed...

Figure 3 - waterfall image, thanks to my friend who recorded the signal

https://disk.yandex.com/d/HrJYX195Q9kRDw

[1] https://i56578-swl.blogspot.com/2021/02/15-channel-30khz-cis-akula-shark.html

Harris Citadel II secured transmissions, 12/32 bytes length IVs

Continuing the monitoring and analyzing the receivable signals around 7 MHz band, I am increasingly convinced that the Harris Citadel II is the encryption algorithm used for these transmissions. In the analysis of the bitstreams published in the previous post [1], I have spotted patterns that look like 32 bytes Initialization Vectors:  the 256 bits are split in two 128 bits parts, each 3 times repeated, sent just after the Citadel sync sequence and prepended the ciphertext (Figure 1). 

Fig. 1 - 32 bytes (256 bits) IV

This type of encrypted transmissions occurs when the STANAG-4538 circuit mode service is used, in the packet mode service (L/HDL protocols) - although Citadel is also used there - the bitstreams do not show any repeating pattern: my guess is that in such a case the Citadel I algorithm is being used.
That said, I took care of catching & recording only the circuit mode transmissions, still within the same portion of HF band. Bitstreams analysis turned out to be very useful, especially the transmissions recorded on 6769.5 and 6772.5 KHz/USB; indeed, in these transmissions the used Initialization Vector (IV) is 12 bytes (96 bits) length and it's three times repeated (Figure 2): this is really interesting since I would have expected to see 32 bytes IV as in other similar recordings.

Fig. 2 - 12 bytes (96 bits) IVs after removal of the initial sync sequences

I have verified this characteristic in all transmissions recorded on that frequency, Figure 2 lists only a few for brevity.

Fig. 3

So far, I've observed the following format (related to S-4538 circuit mode services):

16 bytes start/sync sequence 1E561E561E561E001A5D1A5D1A5D1A5D (Citadel)
12 bytes Initialization Vector, 3 times repeated                         
                                       - or-                                            
32 bytes Initialization Vector, 2x128 bits parts each 3 times repeated       
ciphertext                                                               
8 bytes end sequence 1E561E561E561E08 (Citadel)   

The different lengths of the used Initialization Vectors (12 and 32 bytes) suggest that the Citadel II algorithm (if this is the case) can be configured for different block cipher modes with different block lengths; moreover it's backward compatible with its predecessor Citadel I, given the coexistence of circuit/packet modes within the same logical link (see the comment in previous post). Anyway, different configurations of the algorithm in different frequencies make me think about field tests: indeed war theaters are formidable test-beds not only for weapons but also for milcomm technologies, new waveforms and COMSEC.

The few informations I could find by googling the web seem confirm my guess, even if I've still no confirm: "The Citadel II algorithm can be operated using any block cipher traffic mode [...] include Cipher Feedback mode (CFB), Counter Mode and Self Synchronizing Cipher Feedback Mode (SSCFB). The 256-bit Citadel II algorithm provides a configuration that is interoperable with current Citadel I-based applications and a configuration that is fully disclosable" [2]. Note that although Citadel I and II  are referred to as algorithms, they are actually ASIC chips (Application-Specific Integrated Circuit), ie algorithms rendered in hardware, which are embedded - for example - in Harris Falcon II, Falcon III family radios. 

It is still not clear to me why the (presuemed) Citadel II encryption is not used in packet mode transmissions, ie in LDL/HDL protocols: I don't think it's due to problems acquiring the IVs since at the upper layer surely sits a data link protocol like S-5066 which is able to assemble the received packets.

Obviously - as said - these are just a my speculation and comments are welcome: further recordings and bit luck may help...

https://disk.yandex.com/d/2ceYFGyy0LWdJA

[1] https://i56578-swl.blogspot.com/2023/05/harris-citadel-ii-secured-traffic.html
[2] https://www.researchgate.net/...