SvenSvensonov
PROFESSIONAL
- Joined
- Oct 15, 2014
- Messages
- 1,617
- Reaction score
- 207
- Country
- Location
After a brief hiatus, we are heading back to the technical stuff.
All warfare is based on deception . . . hold out baits to entice the enemy. Feign disorder, and crush him. —SUN TZU, THE ART OF WAR, 1.18–20
Force, and Fraud, are in war the two Cardinal Virtues. —THOMAS HOBBES
Introduction
For decades, electronic warfare has been a separate subject from computer security, even though they have some common technologies (such as cryptography). This is starting to change as elements of the two disciplines fuse to form the new subject of information warfare. The military’s embrace of information warfare as a slogan over the last years of the twentieth century has established its importance—even if its concepts, theory, and doctrine are still underdeveloped.
There are other reasons why a knowledge of electronic warfare is important to the security professional. Many technologies originally developed for the warrior have been adapted for commercial use, and there are many instructive parallels. In addition, the struggle for control of the electromagnetic spectrum has consumed so many clever people and so many tens of billions of dollars that we find deception strategies and tactics of a unique depth and subtlety. It is the one area of electronic security to have experienced a lengthy period of coevolution of attack and defense involving capable motivated opponents.
Electronic warfare is also our main teacher when it comes to service denial attacks, a topic that computer security people have largely ignored, but that is now center stage thanks to distributed denial-of-service attacks on commercial Web sites. As I develop this discussion I’ll try to draw out the parallels. In general, while people say that computer security is about confidentiality, integrity and availability, electronic warfare has this reversed and back-to-front. The priorities are:
1. Denial of service, which includes jamming, mimicry and physical attack.
2. Deception, which may be targeted at automated systems or at people.
3. Exploitation, which includes not just eavesdropping but obtaining any operationally valuable information from the enemy’s use of his electronic systems.
Basics
The goal of electronic warfare is to control the electromagnetic spectrum. It is generally considered to consist of:
• Electronic attack, such as jamming enemy communications or radar, and disrupting enemy equipment using high-power microwaves.
• Electronic protection, which ranges from designing systems resistant to jamming, through hardening equipment to resist high-power microwave attack, to the destruction of enemy jammers using anti-radiation missiles.
• Electronic support which supplies the necessary intelligence and threat recognition to allow effective attack and protection. It allows commanders to search for, identify and locate sources of intentional and unintentional electromagnetic energy.
These definitions are taken from Schleher [677]. The traditional topic of cryptography, namely communications security (Comsec), is only a small part of electronic protection, just as it is becoming only a small part of information protection in more general systems. Electronic support includes signals intelligence (Sigint), which consists of communications intelligence (Comint) and electronic intelligence (Elint). The former collects enemy communications, including both message content and traffic data about which units are communicating, while the latter concerns itself with recognizing hostile radars and other non-communicating sources of electromagnetic energy.
Deception is central to electronic attack. The goal is to mislead the enemy by manipulating his perceptions in order to degrade the accuracy of his intelligence and target acquisition. Its effective use depends on clarity about who (or what) is to be deceived, about what and how long, and—where the targets of deception are human—the exploitation of pride, greed, laziness, and other vices. Deception can be extremely cost-effective and is also relevant to commercial systems.
Physical destruction is an important part of the mix; while some enemy sensors and communications links may be neutralized by jamming (soft kill), others will often be destroyed (hard kill). Successful electronic warfare depends on using the available tools in a coordinated way.
Electronic weapon systems are like other weapons in that there are sensors, such as radar, infrared and sonar; communications links, which take sensor data to the command and control center; and output devices such as jammers, lasers, and so on. I’ll discuss the communications system issues first, as they are the most self-contained, then the sensors and associated jammers, and finally other devices such as electromagnetic pulse generators. Once we’re done with e-war, we’ll look at the lessons we might take over to i-war.
Communications Systems
Military communications were dominated by physical dispatch until about 1860, then by the telegraph until 1915, and then by the telephone until recently [569]. Nowadays, a typical command and control structure is made up of various tactical and strategic radio networks, that support data, voice, and images, and operate over point-to-point links and broadcast. Without situational awareness and the means to direct forces, the commander is likely to be ineffective. But the need to secure communications is much more pervasive than one might at first realize, and the threats are much more diverse.
• One obvious type of traffic is the communications between fixed sites such as army headquarters and the political leadership. The main threat here is that the cipher security might be penetrated, and the orders, situation reports and so on compromised. This might result from cryptanalysis or—more likely—equipment sabotage, subversion of personnel, or theft of key material. The insertion of deceptive messages may also be a threat in some circumstances. But cipher security will often include protection against traffic analysis (such as by link encryption) as well as of the transmitted message confidentiality and authenticity. The secondary threat is that the link might be disrupted, such as by destruction of cables or relay stations.
• There are more stringent requirements for communications with covert assets such as agents in the field. Here, in addition to cipher security issues, location security is important. The agent will have to take steps to minimize the risk of being caught as a result of communications monitoring. If she sends messages using a medium that the enemy can monitor, such as the public telephone network or radio, then much of her effort may go into frustrating traffic analysis and radio direction finding.
• Tactical communications, such as between HQ and a platoon in the field, also have more stringent (but slightly different) needs. Radio direction finding is still an issue, but jamming may be at least as important; and deliberately deceptive messages may also be a problem. For example, there is equipment that enables an enemy air controller’s voice commands to be captured, cut into phonemes and spliced back together into deceptive commands, in order to gain a tactical advantage in air combat [324]. As voice-morphing techniques are developed for commercial use, the risk of spoofing attacks on unprotected communications will increase. Therefore, cipher security may include authenticity as well as confidentiality and/or covertness.
• Control and telemetry communications, such as signals sent from an aircraft to a missile it has just launched, must be protected against jamming and modification. It would also be desirable if they could be covert (so as not to trigger a target aircraft’s warning receiver), but that is in tension with the power levels needed to defeat defensive jamming systems.
The protection of communications will require some mix, depending on the circumstances, of content secrecy, authenticity, resistance to traffic analysis and radio direction finding, and resistance to various kinds of jamming. These interact in some rather unobvious ways. For example, one radio designed for use by dissident organizations in Eastern Europe in the early 1980s operated in the radio bands normally occupied by the Voice of America and the BBC World Service—and routinely jammed by the Russians. The idea was that unless the Russians were prepared to turn off their jammers, they would have great difficulty doing direction finding.
Attack also generally requires a combination of techniques, even where the objective is not analysis or direction finding but simply denial of service. Owen Lewis summed it up succinctly: according to Soviet doctrine, a comprehensive and successful attack on a military communications infrastructure would involve destroying one third of it physically, denying effective use of a second third through techniques such as jamming, trojans or deception, and then allowing one’s adversary to disable the remaining third in attempting to pass all his traffic over a third of the installed capacity [500]. This applies even in guerilla wars: in Malaya, Kenya, and Cyprus, the rebels managed to degrade the telephone system enough to force the police to set up radio nets [569].
In the 1980s, NATO developed a comparable doctrine, called Counter-Command, Control and Communications operations (C-C3, pronounced C cubed). It achieved its first flowering in the Gulf War; the command and control systems used there are described in [643]. (Of course, attacking an army’s command structures is much older than that; it’s a basic principle to shoot at an officer before shooting at his men.)
Signals Intelligence Techniques
Before communications can be attacked, the enemy’s network must be mapped. The most expensive and critical task in signals intelligence is identifying and extracting the interesting material from the cacophony of radio signals and the huge mass of traffic on systems such as the telephone network and the Internet. The technologies in use are extensive and largely classified, but some aspects are public.
In the case of radio signals, communications intelligence agencies use receiving equipment, that can recognize a huge variety of signal types, to maintain extensive databases of signals—which stations or services use which frequencies. In many cases, it is possible to identify individual equipment by signal analysis. The clues can include any unintentional frequency modulation, the shape of the transmitter turn-on transient, the precise center frequency, and the final-stage amplifier harmonics. This RF fingerprinting technology was declassified in the mid-1990s for use in identifying cloned cellular telephones, where its makers claim a 95% success rate [341, 677]. It is the direct descendant of the World War II technique of recognizing a wireless operator by his fist—the way he sent Morse code [523].
Radio direction finding (RDF) is also critical. In the old days, this involved triangulating the signal of interest using directional antennas at two monitoring stations. Spies might have at most a few minutes to send a message home before having to move. Modern monitoring stations use time difference of arrival (TDOA) to locate a suspect signal rapidly, accurately, and automatically by comparing the phase of the signals received at two sites. Nowadays, anything more than a second or so of transmission can be a giveaway.
Traffic analysis—looking at the number of messages by source and destination—can also give very valuable information, not just about imminent attacks (which were signalled in World War I by a greatly increased volume of radio messages) but also about unit movements and other routine matters. However, traffic analysis really comes into its own when sifting through traffic on public networks, where its importance (both for national intelligence and police purposes) is difficult to overstate.
If you suspect Alice of espionage (or drug dealing, or whatever), you note everyone she calls and everyone who calls her. This gives you a list of dozens of suspects. You eliminate the likes of banks and doctors, who receive calls from too many people to analyze (your whitelist), and repeat the procedure on each remaining number. Having done this procedure recursively several times, you have a mass of thousands of contacts, which you sift for telephone numbers that appear more than once. If (say) Bob, Camilla, and Donald are Alice’s contacts, with Bob and Camilla in contact with Eve, and Donald and Eve in touch with Farquhar, then all of these people are considered to be suspects. You now draw a friendship tree, which gives a first approximation to Alice’s network, and refine it by collating it with other intelligence sources.
This is not as easy as it sounds. People can have several numbers; Bob might get a call from Alice at his work number, then call Eve from a phone booth. (In fact, if you’re running an IRA cell, your signals officer should get a job at a dentist’s or a doctor’s or some other place that will be called by so many different people that they will probably be whitelisted. But that’s another story.) Also, you will need some means of correlating telephone numbers to people. Even if you have access to the phone company’s database of unlisted numbers, prepaid mobile phones can be a serious headache, as can cloned phones and hacked PBXs. I’ll discuss these in the chapter on telecomms security; for now, I’ll just remark that anonymous phones aren’t new. There have been public phone booths for generations. But they are not a universal answer for the crook, as the discipline needed to use them properly is beyond most criminals, and in any case causes severe disruption.
Signals collection is not restricted to agreements with phone companies for access to the content of phone calls and the communications data. It also involves a wide range of specialized facilities ranging from expensive fixed installations, which copy international satellite links, through temporary tactical arrangements. A book by Nicky Hager [368] describes the main fixed collection network operated by the United States, Canada, Britain, Australia, and New Zealand. Known as Echelon, this consists of a number of collection stations that monitor international phone, fax, and data traffic using computers called dictionaries. These search the passing traffic for interesting phone numbers, network addresses, and machine-readable content; this is driven by search strings entered by intelligence analysts. The fixed network is supplemented by tactical collection facilities as needed; Hager describes, for example, the dispatch of Australian and New Zealand navy frigates to monitor domestic communications in Fiji during military coups in the 1980s. Egmont Koch and Jochen Sperber discuss U.S. and German installations in Germany in [464]; David Fulghum describes airborne signals collection in [324]; satellites are also used to collect signals, and there are covert collection facilities that are not known to the host country.
Despite this huge capital investment, the most difficult and expensive part of the whole operation is traffic selection, not collection [490]. Thus, contrary to naïve expectations, cryptography can make communications more vulnerable rather than less (if used incompetently, as it usually is). If you just encipher all the traffic you consider to be important, you have thereby marked it for collection by the enemy. On the other hand, if everyone encrypted all their traffic, then hiding traffic could be much easier (hence the push by signals intelligence agencies to prevent the widespread use of cryptography, even if it’s freely available to individuals). This brings us to the topic of attacks.
Attacks on Communications
Once you have mapped the enemy network, you may wish to attack it. People often talk in terms of “codebreaking,” but this is a gross oversimplification.
First, although some systems have been broken by pure cryptanalysis, this is fairly rare. Most production attacks have involved theft of key material as when the U.S. State Department code book was stolen during World War II by the valet of the U.S. ambassador to Rome or errors in the manufacture and distribution of key material as in the U.S. “Venona” attacks on Soviet diplomatic traffic [428]. Even where attacks based on cryptanalysis have been possible, they have often been made much easier by errors such as these, an example being the U.K./U.S. attacks on the German Enigma traffic during World War II [429]. The pattern continues to this day. A recent history of Soviet intelligence during the Cold War reveals that the technological advantage of the United States was largely nullified by Soviet skills in “using Humint in Sigint support”—which largely consisted of recruiting traitors who sold key material, such as the Walker family [51].
Second, access to content is often not the desired result. In tactical situations, the goal is often to detect and destroy nodes, or to jam the traffic. Jamming can involve not just noise insertion but active deception. In World War II, the Allies used German speakers as bogus controllers to send German nightfighters confusing instructions, and there was a battle of wits as authentication techniques were invented and defeated. More recently, as I noted in the chapter on biometrics, the U.S. Air Force has deployed more sophisticated systems based on voice morphing. I mentioned in an earlier chapter the tension between intelligence and operational units: the former want to listen to the other side’s traffic, and the latter to deny them its use [63]. Compromises between these goals can be hard to find. It’s not enough to jam the traffic you can’t read, as that tells the enemy what you can read!
Matters can, in fact, be simplified if the opponent uses cryptography—even in a competent way. This removes the ops/intel tension, and you switch to RDF or link destruction as appropriate. This can involve the hard-kill approach of digging up cables or bombing telephone exchanges (both of which the allies did during the Gulf War), the soft-kill approach of jamming, or whatever combination of the two is economic. Jamming is a useful expedient where a link is to be disrupted for a short period, but is often expensive; not only does it tie up facilities, but the jammer itself becomes a target. (There are cases where it is more effective, such as against some satellite links where the uplink can be jammed using a tight beam from a hidden location using only a modest amount of power.)
The increasing use of civilian infrastructure, and in particular the Internet, raises the question of whether systematic denial-of-service attacks might be used to jam traffic. (There are anecdotes of Serbian information warfare cells attempting such attacks on NATO Web sites.) This threat is still considered real enough that many Western countries have separate intranets for government and military use.
Protection Techniques
As should be clear from the above, communications security techniques involve not just protecting the authenticity and confidentiality of the content—which can be achieved in a relatively straightforward way by encryption and authentication protocols—but also preventing traffic analysis, direction finding, jamming and physical destruction. Encryption can stretch to the first of these if applied at the link layer, so that all links appear to have a pseudorandom bitstream on them at all times, regardless of whether there is any message traffic. But link-layer encryption alone is not in general enough, as enemy capture of a single node might put the whole network at risk.
Encryption alone cannot protect against interception, RDF, jamming, and the destruction of links or nodes. For this, different technologies are needed. The obvious solutions are:
• Dedicated lines or optical fibers.
• Highly directional transmission links, such as optical links using infrared lasers or microwave links using highly directional antennas and extremely high frequencies, 20 GHz and up.
• Low-probability-of-intercept (LPI), low-probability-of-position-fix (LPPF), and antijam radio techniques.
The first two of these options are fairly straightforward to understand, and where feasible, they are usually the best. Cabled networks are very hard to destroy completely, unless the enemy knows where the cables are and has physical access to cut them. Even with massive artillery bombardment, the telephone network in Stalingrad remained in use (by both sides) all through the siege.
The third option is a substantial subject in itself, which I will now describe (albeit only briefly).
There are a number of LPI/LPPF/antijam techniques that go under the generic name of spread spectrum communications. They include frequency hoppers, direct sequence spread spectrum (DSSS), and burst transmission. From beginnings around World War II, spread-spectrum has spawned a substantial industry, and the technology (especially DSSS) has been applied to numerous other problems, ranging from high-resolution ranging (in the GPS system) through copyright marks in digital images (which I’ll discuss later). Let’s look at each of these three approaches in turn.
Frequency Hopping
Frequency hoppers are the simplest spread-spectrum systems to understand and to implement. They do exactly as their name suggests: they hop rapidly from one frequency to another, with the sequence of frequencies determined by a pseudorandom sequence known to the authorized principals. Hoppers were invented, famously, over dinner in 1940 by actress Hedy Lamarr and screenwriter George Antheil, who devised the technique as a means of controlling torpedos without the enemy detecting them or jamming their transmissions [484]. A frequency-hopping radar was independently developed at about the same time by the Germans [686]; in response to steady improvements in British jamming, German technicians adapted their equipment to change frequency daily, then hourly, and finally, every few seconds [627].
Hoppers are resistant to jamming by an opponent who doesn’t know the hop sequence. Such an opponent may have to jam much of the band, and thus needs much more power than would otherwise be necessary. The ratio of the input signal’s bandwidth to that of the transmitted signal is called the process gain of the system; thus, a 100 bit/sec signal spread over 10 MHz has a process gain of 107/102 = 105 = 50 dB. The jamming margin, which is defined as the maximum tolerable ratio of jamming power to signal power, is essentially the process gain modulo implementation and other losses (strictly speaking, process gain divided by the minimum bit energy-tonoise density ratio). The optimal jamming strategy, for an opponent who can’t predict the hop sequence, is partial band jamming—to jam enough of the band to introduce an unacceptable error rate in the signal.
Although hoppers can give a large jamming margin, they give little protection against an opponent who merely wants to detect their existence. A signal analysis receiver that sweeps across the frequency band of interest will often intercept them. (Depending on the relevant bandwidths, sweep rate, and dwell time, it might intercept a hopping signal several times).
However, because frequency hoppers are simple to implement, they are often used in combat networks, such as man-pack radios, with slow hop rates of 50–500 per second. To disrupt their communications, the enemy will need a fast or powerful jammer, which is inconvenient for the battlefield. Fast hoppers (defined in theory as having hop rates exceeding the bit rate; in practice, with hop rates of 10,000 per second or more) can pass the limit of even large jammers.
DSSS
In direct sequence spread spectrum, we multiply the information-bearing sequence by a much higher-rate pseudorandom sequence, usually generated by some kind of stream cipher. This spreads the spectrum by increasing the bandwidth The technique was first described by a Swiss engineer, Gustav Guanella, in a 1938 patent application [686], and developed extensively in the United States in the 1950s. Its first deployment in anger was in Berlin in 1959.
Like hopping, DSSS can give substantial jamming margin (the two systems have the same theoretical performance). But it can also make the signal significantly harder to intercept. The trick is to arrange things so that at the intercept location, the signal strength is so low that it is lost in the noise floor unless you know the spreading sequence with which to recover it. Of course, it’s harder to do both at the same time, since an antijam signal should be high power and an LPI/LPPF signal low power; the usual modus operandi is to work in LPI mode until detected by the enemy (for example, when coming within radar range), then boost transmitter power into antijam mode.
There is a large literature on DSSS; and the techniques have now been taken up by the commercial world as code division multiple access (CDMA) in various mobile radio and phone systems. DSSS is sometimes referred to as “encrypting the RF,” and it comes in a number of variants. For example, when the underlying modulation scheme is FM rather than AM, it’s called chirp. (The classic introduction to the underlying mathematics and technology is [616].) The engineering complexity is higher than with frequency hop, for various reasons. For example, synchronization is particularly critical. Users with access to a reference time signal (such as GPS or an atomic clock) can do this much more easily; of course, if you don’t control GPS, you may be open to synchronization attacks; and even if you do, the GPS signal might be jammed. (It has recently been reported that the French jammed GPS in Greece in an attempt to sabotage a British bid to sell 250 tanks to the Greek government, a deal in which France was a competitor. This caused the British tanks to get lost during trials. When the ruse was discovered, the Greeks found it all rather amusing [757].) Another strategy is to have your users take turns at providing a reference signal.
Burst Communications
Burst communications, as their name suggests, involve compressing the data and transmitting it in short bursts at times unpredictable by the enemy. They are also known as time-hop. Usually, they are not so jam-resistant (except insofar as the higher data rate spreads the spectrum), but they can be difficult to intercept; if the duty cycle is low, a sweep receiver can easily miss them. They are often used in radios for special forces and intelligence agents.
An interesting variant is meteor burst transmission (also known as meteor scatter). This relies on the billions of micrometeorites that strike the Earth’s atmosphere each day, each leaving a long ionization trail that persists for about a third of a second, and providing a temporary transmission path between a “mother station” and an area that might be a hundred miles long and a few miles wide. The mother station transmits continuously, and whenever one of the “daughters” hears mother, it starts to send packets of data at high speed, to which mother replies. With the low power levels used in covert operations, it is possible to achieve an average data rate of about 50 bps, with an average latency of about 5 minutes and a range of 500–1,500 miles. With higher power levels, and in higher latitudes, average data rates can rise into the tens of kilobits per second.
As well as special forces, the U.S. Air Force in Alaska uses meteor scatter as backup communications for early warning radars. It’s also used in civilian applications such as monitoring rainfall in Lesotho, Africa. In niche markets, where low bit rates and high latency can be tolerated, but where equipment size and cost are important, meteor scatter can be hard to beat. (The technology is described in [676].)
Combining Covertness and Jam Resistance
There are some rather complex trade-offs between different LPI, LPPF, and jam resistance technologies, and other aspects of performance such as their resistance to fading and multipath, and the number of users that can be accommodated simultaneously. They also behave differently in the face of specialized jamming techniques such as swept-frequency jamming (where the jammer sweeps repeatedly through the target frequency band) and repeater jamming (where the jammer follows a hopper as closely as it can). Some types of jamming translate; for example, an opponent with insufficient power to block a signal completely can do partial time jamming on DSSS by emitting pulses that cover most of its utilized spectrum, and on frequency hop by partial band jamming.
There are also engineering trade-offs. For example, DSSS tends to be about twice as efficient as frequency hop in power terms, but frequency hop gives much more jamming margin for a given complexity of equipment. On the other hand, DSSS signals are much harder to locate using direction-finding techniques [287].
System survivability requirements can impose further constraints. It may be essential to prevent an opponent who has captured one radio and extracted its current key material from using this to jam a whole network.
A typical modern military system will use some combination of tight beams, DSSS, hopping and burst.
• The Jaguar tactical radio used by U.K. armed forces hops over one of nine 6.4 MHz bands, and has an antenna with a steerable null that can be pointed at a jammer or at a hostile intercept station.
• Both DSSS and hopping are used with Time Division Multiple Access (TDMA) in the Joint Tactical Information Distribution System (JTIDS), a U.S. data link system used by AWACS—the Airborne Warning and Control System—to communicate with fighters [677]. TDMA separates transmission from reception, and lets users know when to expect their slot. The DSSS signal has a 57.6 KHz data rate and a 10 MHz chip rate (and so a jamming margin of 36.5 dB), which hops around in a 255 MHz band with a minimum jump of 30 MHz. The hopping code is available to all users, while the spreading code is limited to individual circuits. The rationale is that if an equipment capture leads to the compromise of the spreading code, this would allow jamming of only a single 10 MHz band, not the full 255 MHz.
• MILSTAR is a U.S. satellite communications system with 1-degree beams from a geostationary orbit (20 GHz down, 44 GHz up). The effect of the narrow beam is that users can operate within three miles of the enemy without being detected. Jam protection is from hopping; its channels hop several thousand times a second in bands of 2 GHz.
• A system designed to control MX missiles (but not in the end deployed) is described in [337] and gives an example of extreme survivability engineering. To be able to withstand a nuclear first strike, the system had to withstand significant levels of node destruction, jamming, and atmospheric noise. The design adopted was a frequency hopper at 450 KHz with a dynamically reconfigurable network.
• French tactical radios have remote controls. The soldier can use the handset a hundred meters from the radio. This means that attacks on the high-power emitter don’t endanger the troops so much [216].
There are also some system-level tricks, such as interference cancellation, where the idea is to communicate in a band you are jamming and whose jamming waveform is known to your own radios, so they can cancel it out or hop around it. This can make jamming harder for the enemy by forcing him to spread his available power over a larger bandwidth, and can make signals intelligence harder, too [644].
@Nihonjin1051 @levina @Slav Defence @Neptune @RescueRanger @Oscar @Jungibaaz @AUSTERLITZ
All warfare is based on deception . . . hold out baits to entice the enemy. Feign disorder, and crush him. —SUN TZU, THE ART OF WAR, 1.18–20
Force, and Fraud, are in war the two Cardinal Virtues. —THOMAS HOBBES
Introduction
For decades, electronic warfare has been a separate subject from computer security, even though they have some common technologies (such as cryptography). This is starting to change as elements of the two disciplines fuse to form the new subject of information warfare. The military’s embrace of information warfare as a slogan over the last years of the twentieth century has established its importance—even if its concepts, theory, and doctrine are still underdeveloped.
There are other reasons why a knowledge of electronic warfare is important to the security professional. Many technologies originally developed for the warrior have been adapted for commercial use, and there are many instructive parallels. In addition, the struggle for control of the electromagnetic spectrum has consumed so many clever people and so many tens of billions of dollars that we find deception strategies and tactics of a unique depth and subtlety. It is the one area of electronic security to have experienced a lengthy period of coevolution of attack and defense involving capable motivated opponents.
Electronic warfare is also our main teacher when it comes to service denial attacks, a topic that computer security people have largely ignored, but that is now center stage thanks to distributed denial-of-service attacks on commercial Web sites. As I develop this discussion I’ll try to draw out the parallels. In general, while people say that computer security is about confidentiality, integrity and availability, electronic warfare has this reversed and back-to-front. The priorities are:
1. Denial of service, which includes jamming, mimicry and physical attack.
2. Deception, which may be targeted at automated systems or at people.
3. Exploitation, which includes not just eavesdropping but obtaining any operationally valuable information from the enemy’s use of his electronic systems.
Basics
The goal of electronic warfare is to control the electromagnetic spectrum. It is generally considered to consist of:
• Electronic attack, such as jamming enemy communications or radar, and disrupting enemy equipment using high-power microwaves.
• Electronic protection, which ranges from designing systems resistant to jamming, through hardening equipment to resist high-power microwave attack, to the destruction of enemy jammers using anti-radiation missiles.
• Electronic support which supplies the necessary intelligence and threat recognition to allow effective attack and protection. It allows commanders to search for, identify and locate sources of intentional and unintentional electromagnetic energy.
These definitions are taken from Schleher [677]. The traditional topic of cryptography, namely communications security (Comsec), is only a small part of electronic protection, just as it is becoming only a small part of information protection in more general systems. Electronic support includes signals intelligence (Sigint), which consists of communications intelligence (Comint) and electronic intelligence (Elint). The former collects enemy communications, including both message content and traffic data about which units are communicating, while the latter concerns itself with recognizing hostile radars and other non-communicating sources of electromagnetic energy.
Deception is central to electronic attack. The goal is to mislead the enemy by manipulating his perceptions in order to degrade the accuracy of his intelligence and target acquisition. Its effective use depends on clarity about who (or what) is to be deceived, about what and how long, and—where the targets of deception are human—the exploitation of pride, greed, laziness, and other vices. Deception can be extremely cost-effective and is also relevant to commercial systems.
Physical destruction is an important part of the mix; while some enemy sensors and communications links may be neutralized by jamming (soft kill), others will often be destroyed (hard kill). Successful electronic warfare depends on using the available tools in a coordinated way.
Electronic weapon systems are like other weapons in that there are sensors, such as radar, infrared and sonar; communications links, which take sensor data to the command and control center; and output devices such as jammers, lasers, and so on. I’ll discuss the communications system issues first, as they are the most self-contained, then the sensors and associated jammers, and finally other devices such as electromagnetic pulse generators. Once we’re done with e-war, we’ll look at the lessons we might take over to i-war.
Communications Systems
Military communications were dominated by physical dispatch until about 1860, then by the telegraph until 1915, and then by the telephone until recently [569]. Nowadays, a typical command and control structure is made up of various tactical and strategic radio networks, that support data, voice, and images, and operate over point-to-point links and broadcast. Without situational awareness and the means to direct forces, the commander is likely to be ineffective. But the need to secure communications is much more pervasive than one might at first realize, and the threats are much more diverse.
• One obvious type of traffic is the communications between fixed sites such as army headquarters and the political leadership. The main threat here is that the cipher security might be penetrated, and the orders, situation reports and so on compromised. This might result from cryptanalysis or—more likely—equipment sabotage, subversion of personnel, or theft of key material. The insertion of deceptive messages may also be a threat in some circumstances. But cipher security will often include protection against traffic analysis (such as by link encryption) as well as of the transmitted message confidentiality and authenticity. The secondary threat is that the link might be disrupted, such as by destruction of cables or relay stations.
• There are more stringent requirements for communications with covert assets such as agents in the field. Here, in addition to cipher security issues, location security is important. The agent will have to take steps to minimize the risk of being caught as a result of communications monitoring. If she sends messages using a medium that the enemy can monitor, such as the public telephone network or radio, then much of her effort may go into frustrating traffic analysis and radio direction finding.
• Tactical communications, such as between HQ and a platoon in the field, also have more stringent (but slightly different) needs. Radio direction finding is still an issue, but jamming may be at least as important; and deliberately deceptive messages may also be a problem. For example, there is equipment that enables an enemy air controller’s voice commands to be captured, cut into phonemes and spliced back together into deceptive commands, in order to gain a tactical advantage in air combat [324]. As voice-morphing techniques are developed for commercial use, the risk of spoofing attacks on unprotected communications will increase. Therefore, cipher security may include authenticity as well as confidentiality and/or covertness.
• Control and telemetry communications, such as signals sent from an aircraft to a missile it has just launched, must be protected against jamming and modification. It would also be desirable if they could be covert (so as not to trigger a target aircraft’s warning receiver), but that is in tension with the power levels needed to defeat defensive jamming systems.
The protection of communications will require some mix, depending on the circumstances, of content secrecy, authenticity, resistance to traffic analysis and radio direction finding, and resistance to various kinds of jamming. These interact in some rather unobvious ways. For example, one radio designed for use by dissident organizations in Eastern Europe in the early 1980s operated in the radio bands normally occupied by the Voice of America and the BBC World Service—and routinely jammed by the Russians. The idea was that unless the Russians were prepared to turn off their jammers, they would have great difficulty doing direction finding.
Attack also generally requires a combination of techniques, even where the objective is not analysis or direction finding but simply denial of service. Owen Lewis summed it up succinctly: according to Soviet doctrine, a comprehensive and successful attack on a military communications infrastructure would involve destroying one third of it physically, denying effective use of a second third through techniques such as jamming, trojans or deception, and then allowing one’s adversary to disable the remaining third in attempting to pass all his traffic over a third of the installed capacity [500]. This applies even in guerilla wars: in Malaya, Kenya, and Cyprus, the rebels managed to degrade the telephone system enough to force the police to set up radio nets [569].
In the 1980s, NATO developed a comparable doctrine, called Counter-Command, Control and Communications operations (C-C3, pronounced C cubed). It achieved its first flowering in the Gulf War; the command and control systems used there are described in [643]. (Of course, attacking an army’s command structures is much older than that; it’s a basic principle to shoot at an officer before shooting at his men.)
Signals Intelligence Techniques
Before communications can be attacked, the enemy’s network must be mapped. The most expensive and critical task in signals intelligence is identifying and extracting the interesting material from the cacophony of radio signals and the huge mass of traffic on systems such as the telephone network and the Internet. The technologies in use are extensive and largely classified, but some aspects are public.
In the case of radio signals, communications intelligence agencies use receiving equipment, that can recognize a huge variety of signal types, to maintain extensive databases of signals—which stations or services use which frequencies. In many cases, it is possible to identify individual equipment by signal analysis. The clues can include any unintentional frequency modulation, the shape of the transmitter turn-on transient, the precise center frequency, and the final-stage amplifier harmonics. This RF fingerprinting technology was declassified in the mid-1990s for use in identifying cloned cellular telephones, where its makers claim a 95% success rate [341, 677]. It is the direct descendant of the World War II technique of recognizing a wireless operator by his fist—the way he sent Morse code [523].
Radio direction finding (RDF) is also critical. In the old days, this involved triangulating the signal of interest using directional antennas at two monitoring stations. Spies might have at most a few minutes to send a message home before having to move. Modern monitoring stations use time difference of arrival (TDOA) to locate a suspect signal rapidly, accurately, and automatically by comparing the phase of the signals received at two sites. Nowadays, anything more than a second or so of transmission can be a giveaway.
Traffic analysis—looking at the number of messages by source and destination—can also give very valuable information, not just about imminent attacks (which were signalled in World War I by a greatly increased volume of radio messages) but also about unit movements and other routine matters. However, traffic analysis really comes into its own when sifting through traffic on public networks, where its importance (both for national intelligence and police purposes) is difficult to overstate.
If you suspect Alice of espionage (or drug dealing, or whatever), you note everyone she calls and everyone who calls her. This gives you a list of dozens of suspects. You eliminate the likes of banks and doctors, who receive calls from too many people to analyze (your whitelist), and repeat the procedure on each remaining number. Having done this procedure recursively several times, you have a mass of thousands of contacts, which you sift for telephone numbers that appear more than once. If (say) Bob, Camilla, and Donald are Alice’s contacts, with Bob and Camilla in contact with Eve, and Donald and Eve in touch with Farquhar, then all of these people are considered to be suspects. You now draw a friendship tree, which gives a first approximation to Alice’s network, and refine it by collating it with other intelligence sources.
This is not as easy as it sounds. People can have several numbers; Bob might get a call from Alice at his work number, then call Eve from a phone booth. (In fact, if you’re running an IRA cell, your signals officer should get a job at a dentist’s or a doctor’s or some other place that will be called by so many different people that they will probably be whitelisted. But that’s another story.) Also, you will need some means of correlating telephone numbers to people. Even if you have access to the phone company’s database of unlisted numbers, prepaid mobile phones can be a serious headache, as can cloned phones and hacked PBXs. I’ll discuss these in the chapter on telecomms security; for now, I’ll just remark that anonymous phones aren’t new. There have been public phone booths for generations. But they are not a universal answer for the crook, as the discipline needed to use them properly is beyond most criminals, and in any case causes severe disruption.
Signals collection is not restricted to agreements with phone companies for access to the content of phone calls and the communications data. It also involves a wide range of specialized facilities ranging from expensive fixed installations, which copy international satellite links, through temporary tactical arrangements. A book by Nicky Hager [368] describes the main fixed collection network operated by the United States, Canada, Britain, Australia, and New Zealand. Known as Echelon, this consists of a number of collection stations that monitor international phone, fax, and data traffic using computers called dictionaries. These search the passing traffic for interesting phone numbers, network addresses, and machine-readable content; this is driven by search strings entered by intelligence analysts. The fixed network is supplemented by tactical collection facilities as needed; Hager describes, for example, the dispatch of Australian and New Zealand navy frigates to monitor domestic communications in Fiji during military coups in the 1980s. Egmont Koch and Jochen Sperber discuss U.S. and German installations in Germany in [464]; David Fulghum describes airborne signals collection in [324]; satellites are also used to collect signals, and there are covert collection facilities that are not known to the host country.
Despite this huge capital investment, the most difficult and expensive part of the whole operation is traffic selection, not collection [490]. Thus, contrary to naïve expectations, cryptography can make communications more vulnerable rather than less (if used incompetently, as it usually is). If you just encipher all the traffic you consider to be important, you have thereby marked it for collection by the enemy. On the other hand, if everyone encrypted all their traffic, then hiding traffic could be much easier (hence the push by signals intelligence agencies to prevent the widespread use of cryptography, even if it’s freely available to individuals). This brings us to the topic of attacks.
Attacks on Communications
Once you have mapped the enemy network, you may wish to attack it. People often talk in terms of “codebreaking,” but this is a gross oversimplification.
First, although some systems have been broken by pure cryptanalysis, this is fairly rare. Most production attacks have involved theft of key material as when the U.S. State Department code book was stolen during World War II by the valet of the U.S. ambassador to Rome or errors in the manufacture and distribution of key material as in the U.S. “Venona” attacks on Soviet diplomatic traffic [428]. Even where attacks based on cryptanalysis have been possible, they have often been made much easier by errors such as these, an example being the U.K./U.S. attacks on the German Enigma traffic during World War II [429]. The pattern continues to this day. A recent history of Soviet intelligence during the Cold War reveals that the technological advantage of the United States was largely nullified by Soviet skills in “using Humint in Sigint support”—which largely consisted of recruiting traitors who sold key material, such as the Walker family [51].
Second, access to content is often not the desired result. In tactical situations, the goal is often to detect and destroy nodes, or to jam the traffic. Jamming can involve not just noise insertion but active deception. In World War II, the Allies used German speakers as bogus controllers to send German nightfighters confusing instructions, and there was a battle of wits as authentication techniques were invented and defeated. More recently, as I noted in the chapter on biometrics, the U.S. Air Force has deployed more sophisticated systems based on voice morphing. I mentioned in an earlier chapter the tension between intelligence and operational units: the former want to listen to the other side’s traffic, and the latter to deny them its use [63]. Compromises between these goals can be hard to find. It’s not enough to jam the traffic you can’t read, as that tells the enemy what you can read!
Matters can, in fact, be simplified if the opponent uses cryptography—even in a competent way. This removes the ops/intel tension, and you switch to RDF or link destruction as appropriate. This can involve the hard-kill approach of digging up cables or bombing telephone exchanges (both of which the allies did during the Gulf War), the soft-kill approach of jamming, or whatever combination of the two is economic. Jamming is a useful expedient where a link is to be disrupted for a short period, but is often expensive; not only does it tie up facilities, but the jammer itself becomes a target. (There are cases where it is more effective, such as against some satellite links where the uplink can be jammed using a tight beam from a hidden location using only a modest amount of power.)
The increasing use of civilian infrastructure, and in particular the Internet, raises the question of whether systematic denial-of-service attacks might be used to jam traffic. (There are anecdotes of Serbian information warfare cells attempting such attacks on NATO Web sites.) This threat is still considered real enough that many Western countries have separate intranets for government and military use.
Protection Techniques
As should be clear from the above, communications security techniques involve not just protecting the authenticity and confidentiality of the content—which can be achieved in a relatively straightforward way by encryption and authentication protocols—but also preventing traffic analysis, direction finding, jamming and physical destruction. Encryption can stretch to the first of these if applied at the link layer, so that all links appear to have a pseudorandom bitstream on them at all times, regardless of whether there is any message traffic. But link-layer encryption alone is not in general enough, as enemy capture of a single node might put the whole network at risk.
Encryption alone cannot protect against interception, RDF, jamming, and the destruction of links or nodes. For this, different technologies are needed. The obvious solutions are:
• Dedicated lines or optical fibers.
• Highly directional transmission links, such as optical links using infrared lasers or microwave links using highly directional antennas and extremely high frequencies, 20 GHz and up.
• Low-probability-of-intercept (LPI), low-probability-of-position-fix (LPPF), and antijam radio techniques.
The first two of these options are fairly straightforward to understand, and where feasible, they are usually the best. Cabled networks are very hard to destroy completely, unless the enemy knows where the cables are and has physical access to cut them. Even with massive artillery bombardment, the telephone network in Stalingrad remained in use (by both sides) all through the siege.
The third option is a substantial subject in itself, which I will now describe (albeit only briefly).
There are a number of LPI/LPPF/antijam techniques that go under the generic name of spread spectrum communications. They include frequency hoppers, direct sequence spread spectrum (DSSS), and burst transmission. From beginnings around World War II, spread-spectrum has spawned a substantial industry, and the technology (especially DSSS) has been applied to numerous other problems, ranging from high-resolution ranging (in the GPS system) through copyright marks in digital images (which I’ll discuss later). Let’s look at each of these three approaches in turn.
Frequency Hopping
Frequency hoppers are the simplest spread-spectrum systems to understand and to implement. They do exactly as their name suggests: they hop rapidly from one frequency to another, with the sequence of frequencies determined by a pseudorandom sequence known to the authorized principals. Hoppers were invented, famously, over dinner in 1940 by actress Hedy Lamarr and screenwriter George Antheil, who devised the technique as a means of controlling torpedos without the enemy detecting them or jamming their transmissions [484]. A frequency-hopping radar was independently developed at about the same time by the Germans [686]; in response to steady improvements in British jamming, German technicians adapted their equipment to change frequency daily, then hourly, and finally, every few seconds [627].
Hoppers are resistant to jamming by an opponent who doesn’t know the hop sequence. Such an opponent may have to jam much of the band, and thus needs much more power than would otherwise be necessary. The ratio of the input signal’s bandwidth to that of the transmitted signal is called the process gain of the system; thus, a 100 bit/sec signal spread over 10 MHz has a process gain of 107/102 = 105 = 50 dB. The jamming margin, which is defined as the maximum tolerable ratio of jamming power to signal power, is essentially the process gain modulo implementation and other losses (strictly speaking, process gain divided by the minimum bit energy-tonoise density ratio). The optimal jamming strategy, for an opponent who can’t predict the hop sequence, is partial band jamming—to jam enough of the band to introduce an unacceptable error rate in the signal.
Although hoppers can give a large jamming margin, they give little protection against an opponent who merely wants to detect their existence. A signal analysis receiver that sweeps across the frequency band of interest will often intercept them. (Depending on the relevant bandwidths, sweep rate, and dwell time, it might intercept a hopping signal several times).
However, because frequency hoppers are simple to implement, they are often used in combat networks, such as man-pack radios, with slow hop rates of 50–500 per second. To disrupt their communications, the enemy will need a fast or powerful jammer, which is inconvenient for the battlefield. Fast hoppers (defined in theory as having hop rates exceeding the bit rate; in practice, with hop rates of 10,000 per second or more) can pass the limit of even large jammers.
DSSS
In direct sequence spread spectrum, we multiply the information-bearing sequence by a much higher-rate pseudorandom sequence, usually generated by some kind of stream cipher. This spreads the spectrum by increasing the bandwidth The technique was first described by a Swiss engineer, Gustav Guanella, in a 1938 patent application [686], and developed extensively in the United States in the 1950s. Its first deployment in anger was in Berlin in 1959.
Like hopping, DSSS can give substantial jamming margin (the two systems have the same theoretical performance). But it can also make the signal significantly harder to intercept. The trick is to arrange things so that at the intercept location, the signal strength is so low that it is lost in the noise floor unless you know the spreading sequence with which to recover it. Of course, it’s harder to do both at the same time, since an antijam signal should be high power and an LPI/LPPF signal low power; the usual modus operandi is to work in LPI mode until detected by the enemy (for example, when coming within radar range), then boost transmitter power into antijam mode.
There is a large literature on DSSS; and the techniques have now been taken up by the commercial world as code division multiple access (CDMA) in various mobile radio and phone systems. DSSS is sometimes referred to as “encrypting the RF,” and it comes in a number of variants. For example, when the underlying modulation scheme is FM rather than AM, it’s called chirp. (The classic introduction to the underlying mathematics and technology is [616].) The engineering complexity is higher than with frequency hop, for various reasons. For example, synchronization is particularly critical. Users with access to a reference time signal (such as GPS or an atomic clock) can do this much more easily; of course, if you don’t control GPS, you may be open to synchronization attacks; and even if you do, the GPS signal might be jammed. (It has recently been reported that the French jammed GPS in Greece in an attempt to sabotage a British bid to sell 250 tanks to the Greek government, a deal in which France was a competitor. This caused the British tanks to get lost during trials. When the ruse was discovered, the Greeks found it all rather amusing [757].) Another strategy is to have your users take turns at providing a reference signal.
Burst Communications
Burst communications, as their name suggests, involve compressing the data and transmitting it in short bursts at times unpredictable by the enemy. They are also known as time-hop. Usually, they are not so jam-resistant (except insofar as the higher data rate spreads the spectrum), but they can be difficult to intercept; if the duty cycle is low, a sweep receiver can easily miss them. They are often used in radios for special forces and intelligence agents.
An interesting variant is meteor burst transmission (also known as meteor scatter). This relies on the billions of micrometeorites that strike the Earth’s atmosphere each day, each leaving a long ionization trail that persists for about a third of a second, and providing a temporary transmission path between a “mother station” and an area that might be a hundred miles long and a few miles wide. The mother station transmits continuously, and whenever one of the “daughters” hears mother, it starts to send packets of data at high speed, to which mother replies. With the low power levels used in covert operations, it is possible to achieve an average data rate of about 50 bps, with an average latency of about 5 minutes and a range of 500–1,500 miles. With higher power levels, and in higher latitudes, average data rates can rise into the tens of kilobits per second.
As well as special forces, the U.S. Air Force in Alaska uses meteor scatter as backup communications for early warning radars. It’s also used in civilian applications such as monitoring rainfall in Lesotho, Africa. In niche markets, where low bit rates and high latency can be tolerated, but where equipment size and cost are important, meteor scatter can be hard to beat. (The technology is described in [676].)
Combining Covertness and Jam Resistance
There are some rather complex trade-offs between different LPI, LPPF, and jam resistance technologies, and other aspects of performance such as their resistance to fading and multipath, and the number of users that can be accommodated simultaneously. They also behave differently in the face of specialized jamming techniques such as swept-frequency jamming (where the jammer sweeps repeatedly through the target frequency band) and repeater jamming (where the jammer follows a hopper as closely as it can). Some types of jamming translate; for example, an opponent with insufficient power to block a signal completely can do partial time jamming on DSSS by emitting pulses that cover most of its utilized spectrum, and on frequency hop by partial band jamming.
There are also engineering trade-offs. For example, DSSS tends to be about twice as efficient as frequency hop in power terms, but frequency hop gives much more jamming margin for a given complexity of equipment. On the other hand, DSSS signals are much harder to locate using direction-finding techniques [287].
System survivability requirements can impose further constraints. It may be essential to prevent an opponent who has captured one radio and extracted its current key material from using this to jam a whole network.
A typical modern military system will use some combination of tight beams, DSSS, hopping and burst.
• The Jaguar tactical radio used by U.K. armed forces hops over one of nine 6.4 MHz bands, and has an antenna with a steerable null that can be pointed at a jammer or at a hostile intercept station.
• Both DSSS and hopping are used with Time Division Multiple Access (TDMA) in the Joint Tactical Information Distribution System (JTIDS), a U.S. data link system used by AWACS—the Airborne Warning and Control System—to communicate with fighters [677]. TDMA separates transmission from reception, and lets users know when to expect their slot. The DSSS signal has a 57.6 KHz data rate and a 10 MHz chip rate (and so a jamming margin of 36.5 dB), which hops around in a 255 MHz band with a minimum jump of 30 MHz. The hopping code is available to all users, while the spreading code is limited to individual circuits. The rationale is that if an equipment capture leads to the compromise of the spreading code, this would allow jamming of only a single 10 MHz band, not the full 255 MHz.
• MILSTAR is a U.S. satellite communications system with 1-degree beams from a geostationary orbit (20 GHz down, 44 GHz up). The effect of the narrow beam is that users can operate within three miles of the enemy without being detected. Jam protection is from hopping; its channels hop several thousand times a second in bands of 2 GHz.
• A system designed to control MX missiles (but not in the end deployed) is described in [337] and gives an example of extreme survivability engineering. To be able to withstand a nuclear first strike, the system had to withstand significant levels of node destruction, jamming, and atmospheric noise. The design adopted was a frequency hopper at 450 KHz with a dynamically reconfigurable network.
• French tactical radios have remote controls. The soldier can use the handset a hundred meters from the radio. This means that attacks on the high-power emitter don’t endanger the troops so much [216].
There are also some system-level tricks, such as interference cancellation, where the idea is to communicate in a band you are jamming and whose jamming waveform is known to your own radios, so they can cancel it out or hop around it. This can make jamming harder for the enemy by forcing him to spread his available power over a larger bandwidth, and can make signals intelligence harder, too [644].
@Nihonjin1051 @levina @Slav Defence @Neptune @RescueRanger @Oscar @Jungibaaz @AUSTERLITZ
