Altought it was introduced in 2004 [1], so far I had always seen the Citadel II encryption algorithm occur in 3G-ALE/STANAG-4538 contexts which use the circuit mode service [2][3]; conversely, in 3G-ALE/S-4538 packet mode service (xDL protocols), and just few times in async S-4285 and MS-110A transmissions, I met the Citadel I algorithm. Of course this doesn't mean that Citadel II is only used in S-4538 circuit mode: it's just a commentary on my experiences. Finally, after almost one year since the last "Citadel detection", some interesting recordings show the use of Citadel II also in a 2G-ALE/MS-110A context (1).
Transmissions were recorded a few days ago on 11480.0 KHz/USB thanks to the EA5JGN KiwiSDR located in Hondon Valley (Spain) [4]: that frequency - as is known - is largely used by the Algerian Air Defence/Territorial Air Defence (say Algerian AF), as confirmed by the decoding of the 2G-ALE 188-141A exchanged messages (2).
Fig. 1 |
Figures 2,3 show the decoded bitstreams of the first two MS-110A segments of Figure 1 (T08_02_07Z recording) before and after the removal of the well-known sync sequence
0x [1E 56 1E 56 1E 56 1E 00 1A 5D 1A 5D 1A 5D 1A 5D]
In both the cases, 12-byte/96-bit length Initialization Vectors (3 times repeated) are used.
Fig. 2 |
Fig. 3 |
The 3d MS-110A segment in Figure 1 is the most interesting one since - curiously - its decoded bitstream shows an async 8N1 framing: perhaps the related file comes from a different workstation of the network, also connected to the same messaging server. Figure 4 shows the 12-byte Initialization Vector after start/stop bits and sync sequence were removed.
Fig. 4 |
As I mentioned before, Algerian AF network (in this example nodes CNC and CM3) usually uses this frequency as well as MS-110A asynchronous transmissions; for this reason I went to search for similar transmissions in my files and found - right in the blog - a post dated December 2017 [5]. The analysis of the bitstream shows that Citadel II encryption was already used since then in that network. At that time I was a bit less experienced and probably I focused on the particular 8-bit pattern, neglecting to search for other possible sequences.
Fig. 5 |
https://disk.yandex.com/d/BwSBToYfOJp5TA
(1) please note that although Citadel I and II are referred to as algorithms, they are actually ASIC chips (Application-Specific Integrated Circuit), ie algorithms rendered in hardware, which are embedded - for example - in L3Harris Falcon II, Falcon III family radios.
(2) collected ALE Address
BLD: [Air Defense] Blida
TDF: [Air Defense] Tinduf
COF: [Air Defense] Cheraga
ANB: [Air Defense] Annaba
CM5: Commandement de la 5e Région Militaire, Constantine
CM3: Commandement de la 3e Région Militaire, Bechar
CNC: Commandement des Forces Aériennes d'Alger, Cherage
[1] https://www.cryptomuseum.com/crypto/harris/citadel2/
[2] http://i56578-swl.blogspot.com/2023/05/harris-citadel-ii-secured-traffic.html
[3] http://i56578-swl.blogspot.com/2023/06/harris-citadel-ii-secured-transmissions.html
[4] http://ei2hh.proxy.kiwisdr.com:8073/
[5] http://i56578-swl.blogspot.com/2017/12/a-ms-110a-modem-running-in-async-mode.html
No comments:
Post a Comment