Analogue techniques of voice scrambling usually do not require more
bandwidth, than unencrypted speech, thus may be inserted into most
narrowband voice channel, regardless of analog or digital transmission
layer. On that score, analog encryption has strategic advantage
over many all-digital or even IP-based voice crypto solutions. (The
latter ones are often considered 'state of the art', but
most voice crypto applications present high infrastructural
requirements and suffer from potential and well-known vulnerabilities
of PC- or mobile platforms. Worst of all: None of the commercial
solutions is fully disclosed, therefore they are not trustworthy at
It is the thesis of this project, that the audio signal of human speech
gains significant cryptographic complexity by application of rapid
time domain scrambling
- long blocks
- many partitions
- different transposition tables for every single block
The proposed hardware
consists of an inexpensive AVR-microcontroller
with extra SRAM and only few analog components around.
This constitutes for an autonomous, transparent,
experimentation-friendly and inexpensive platform.
The proposed firmware
(=programming) digitizes the analog
keeps exact timing, and, of course, performs that complex variant of
time transposition ciphering with large blocks and comparably high
This project is and will ever be open source.
In the current configuration, HEKTOR is set up as a symmetrical
whoose initial keys are decimals numbers of up to
. These symmetric keys are entered directly into a keypad
on the device.
No external smartcards nor other additional storage needed.
Passwords or decimals are in fact some comparably human-friendly
(memorable) sort of key. The user is enabled to keep all key-management
tasks in a straightforward, transparent, conservative
and conspirative manner...!
With 16 decimals we have access to 10^16 different starting conditions
(10 quadrillions). This equals to a binary keyspace of "only" 53 bits.
Yet, since cryptoanalysis on such a complex analog
a trivial task and implies some additional complications for an
attacker. We will discuss some of these aspects later on. Foreclosing
and subjective statement of the author: the overall security of this
variant of time domain scrambling is well above what is normally
considered 'tactical security'.
TO-DOs: The system may be extended by some means of asymmetric
key-agreement that could then replace manual key entry. Yet
this is only 'an idea' so far. Me personally would not completely
forego the option of using symmetric numerical keys - since it
to use the encryptor with minimum channel requirements, i.e. without
the need for an errorfree exchange of digital data prior to
establishment of the semi-analog encrypted communications session.
Indeed, the current minimalistic protocol, only consisting of analog
timing-synchros, has proven quite robust in several applications now.
Analog encryption properties
In this project, we use a block partition scheme of 128 positions
for a very huge subset of applicable cryptographic keys
(i.e. tables that ensure random distribution of the signal wavelets).
The sheer number of possible keys will render any exhaustive
probing futile, but also the more sophisticated methods, dealing with
signal-analysis and correlations, will be very time-consuming for most
All transposition tables have good pseudorandom characteristics and
change with every block of speech; no transposition
scheme will be identical to the previous one or any other transposition
within the same session.
The system applies some additional frequency 'modulation' on the
sampling frequency of speech digitizer. This results in a frequency
spreading of the audio in addition to their random placement in the
time domain. While all means of frequency-related manipulation will be
cryptographically weak as a standalone method, they can provide
additional security to a time-transposition scheme. Signal gets even
more unintelligible and gains robustness against frequency selective
channel fading. Speaker identification and signal-analytic attacks
should be even more difficult because of its 'fuzzy' time pattern.
Besides, the naming "HEKTOR"
is no far-fetched
acronyme; it's actually the greek prefix "hekto" (which means "a
with a fancy "R" attached, not only for artistic purposes but also to
express the radical
application of transposition with some
symbol rate of approximately 100 transpositions per second.
(See Table 1
on top of this
page for the other basic parameters.)
slowly is known to deteriorate the security of a
system that uses time domain scrambling, for obvious reasons.
Also, any time transposition scheme depends strongly on a good
synchronization method, since the receiver cannot decrypt some
transmission without knowing exactly where the block of
transposed speech begins (and, of course, which transposition table is
to be applied). This will demand for a good medium-term timing accuracy
on the communications channel. Still these requirements for
frequency response and timing accuracy should be covered by
international minimum standards for voice telephony. Problems
could arise with very poor analog/short wave radio channels, and with
digital channels that use rapid compression, like GSM and some
All encrypted communication will start as an unencrypted P2P call using
the regular telephone set. Then, both may power up their
encryption devices, enter the secret session key and activate crypto
Now both should change the telephone receiver with the headset of the
This is because the encryption device will completely take over the
safely disconnect the phone from network. Switching to a separate
encrypted communication is a reasonable measure to separate crypto from
normal hardware. The latter may be 'buggy', while crypto utilities may
be further protected by physical means of locks, seals or even blasting
caps... (You know, more phantasy is better than more technology in that
Due to the double buffering (first in the transmitting
device, minimum delay on the channel, last in the receiving device) and
because there is always
additional synchronisation signals needed, the overall signal delay
will accumulate up to 2.6 seconds in the proposed system
Of course, this is definitely too long for a "full-duplex"
quarrel, so we have to do it "half-duplex". Actually, operation
principles are very similar to ordinary voice radio with PTT
This hardware version
This project was first published in the german magazine FUNKAMATEUR
. The original article suggested a set of two PCBs, one for the
encryptor itself and one extra 'interface board' to provide a tailored
interface to connect with different radios or telephones. Yet, there
was not too much experimentation on this topic, and my personal
activities got a little stuck with that...
However, a simple and proven method for connectivity with the plain old
telephone system existed from the beginning, and so it has been
integrated with the HEKTOR base circuit. This version is comparably
compact and fits onto single PCB
of only 75 x 100 mm. This hardware had then been named
NOTE: Hardware and functionality of this project referred to as
"HEKTOR-kompakt" and "HEKTOR-128" are widely the same.
In particular, the microcontroller's firmware is
directly interchangeable between the two variants, since the
peripherals and port assignments have not been changed and thus are
100% identical. (I will do my
very best to keep further firmware compatible to that