Analogue techniques of voice scrambling usually do not require more bandwidth, than unencrypted speech, thus may be inserted into most narrowband voice channel, regardless of analog or digital transmission layer. On that score, analog encryption has strategic advantage
over many all-digital or even IP-based voice crypto solutions. (The latter ones are often considered 'state of the art', but most voice crypto applications present high infrastructural requirements and suffer from potential and well-known vulnerabilities of PC- or mobile platforms. Worst of all: None of the commercial solutions is fully disclosed, therefore they are not trustworthy at all.)
It is the thesis of this project, that the audio signal of human speech gains significant cryptographic complexity by application of rapid time domain scrambling
- long blocks
- many partitions
- different transposition tables for every single block
The proposed hardware
consists of an inexpensive AVR-microcontroller
with extra SRAM and only few analog components around.
This constitutes for an autonomous, transparent, experimentation-friendly and inexpensive platform.
The proposed firmware
(=programming) digitizes the analog waveforms, keeps exact timing, and, of course, performs that complex variant of time transposition ciphering with large blocks and comparably high chopping frequency.
This project is and will ever be open source.
In the current configuration, HEKTOR is set up as a symmetrical cryptosystem
whoose initial keys are decimals numbers of up to 16 digits
. These symmetric keys are entered directly into a keypad
on the device. No external smartcards nor other additional storage needed. Passwords or decimals are in fact some comparably human-friendly (memorable) sort of key. The user is enabled to keep all key-management tasks in a straightforward, transparent, conservative and conspirative manner...!
With 16 decimals we have access to 10^16 different starting conditions (10 quadrillions). This equals to a binary keyspace of "only" 53 bits. Yet, since cryptoanalysis on such a complex analog
signal is not a trivial task and implies some additional complications for an attacker. We will discuss some of these aspects later on. Foreclosing and subjective statement of the author: the overall security of this variant of time domain scrambling is well above what is normally considered 'tactical security'.
TO-DOs: The system may be extended by some means of asymmetric key-agreement that could then replace manual key entry. Yet this is only 'an idea' so far. Me personally would not completely forego the option of using symmetric numerical keys - since it allows to use the encryptor with minimum channel requirements, i.e. without the need for an errorfree exchange of digital data prior to establishment of the semi-analog encrypted communications session. Indeed, the current minimalistic protocol, only consisting of analog waveforms and timing-synchros, has proven quite robust in several applications now.
Analog encryption properties
In this project, we use a block partition scheme of 128 positions
. This provides for a very huge subset of applicable cryptographic keys
(i.e. tables that ensure random distribution of the signal wavelets). The sheer number of possible keys will render any exhaustive (brute-force) key probing futile, but also the more sophisticated methods, dealing with signal-analysis and correlations, will be very time-consuming for most realistic scenarios.
All transposition tables have good pseudorandom characteristics and change with every block of speech; no transposition scheme will be identical to the previous one or any other transposition within the same session.
The system applies some additional frequency 'modulation' on the sampling frequency of speech digitizer. This results in a frequency spreading of the audio in addition to their random placement in the time domain. While all means of frequency-related manipulation will be cryptographically weak as a standalone method, they can provide additional security to a time-transposition scheme. Signal gets even more unintelligible and gains robustness against frequency selective channel fading. Speaker identification and signal-analytic attacks should be even more difficult because of its 'fuzzy' time pattern.
Besides, the naming "HEKTOR"
is no far-fetched acronyme; it's actually the greek prefix "hekto" (which means "a hundred") with a fancy "R" attached, not only for artistic purposes but also to express the radical
application of transposition with some quite rapid
symbol rate of approximately 100 transpositions per second.
(See Table 1
on top of this page for the other basic parameters.)
slowly is known to deteriorate the security of a system that uses time domain scrambling, for obvious reasons.
Also, any time transposition scheme depends strongly on a good synchronization method, since the receiver cannot decrypt some transmission without knowing exactly where the block of transposed speech begins (and, of course, which transposition table is to be applied). This will demand for a good medium-term timing accuracy on the communications channel. Still these requirements for frequency response and timing accuracy should be covered by international minimum standards for voice telephony. Problems could arise with very poor analog/short wave radio channels, and with digital channels that use rapid compression, like GSM and some VoIP-Codecs.
All encrypted communication will start as an unencrypted P2P call using the regular telephone set. Then, both may power up their encryption devices, enter the secret session key and activate crypto mode.
Now both should change the telephone receiver with the headset of the encryptor.
This is because the encryption device will completely take over the line and safely disconnect the phone from network. Switching to a separate device for encrypted communication is a reasonable measure to separate crypto from normal hardware. The latter may be 'buggy', while crypto utilities may be further protected by physical means of locks, seals or even blasting caps... (You know, more phantasy is better than more technology in that business!)
Due to the double buffering (first in the transmitting device, minimum delay on the channel, last in the receiving device) and because there is always additional synchronisation signals needed, the overall signal delay will accumulate up to 2.6 seconds in the proposed system
. Of course, this is definitely too long for a "full-duplex" quarrel, so we have to do it "half-duplex". Actually, operation principles are very similar to ordinary voice radio with PTT (push-to-talk) button.
This hardware version
This project was first published in the german magazine FUNKAMATEUR . The original article suggested a set of two PCBs, one for the encryptor itself and one extra 'interface board' to provide a tailored interface to connect with different radios or telephones. Yet, there was not too much experimentation on this topic, and my personal activities got a little stuck with that...
However, a simple and proven method for connectivity with the plain old telephone system existed from the beginning, and so it has been integrated with the HEKTOR base circuit. This version is comparably
compact and fits onto single PCB of only 75 x 100 mm. This hardware had then been named "HEKTOR-kompakt".
NOTE: Hardware and functionality of this project referred to as "HEKTOR-kompakt" and "HEKTOR-128" are widely the same. In particular, the microcontroller's firmware is directly interchangeable between the two variants, since the Microcontroller's peripherals and port assignments have not been changed and thus are 100% identical. (I will do my very best to keep further firmware compatible to that hardware platform!)