upvote

points

by NitpickLawyer8 hours ago |
comments
upvoteby daneel_w3 hours ago|
next
[-]
> "I'm sure that even before LLMs one could find a way to create a story where certain numbers / code words would be embedded without altering the underlying story too much."

It's called steganography, and it's a centuries if not millennia old technique.

reply
upvoteby shagie2 hours ago|
parent|
[-]
I recall reading about this in The Code Book by Simon Singh when I was dabbling with writing single and double substitution cypher solvers.

https://en.wikipedia.org/wiki/Steganography#History

> The first recorded uses of steganography can be traced back to 440 BC in Greece, when Herodotus mentions two examples in his Histories. Histiaeus sent a message to his vassal, Aristagoras, by shaving the head of his most trusted servant, "marking" the message onto his scalp, then sending him on his way once his hair had regrown, with the instruction, "When thou art come to Miletus, bid Aristagoras shave thy head, and look thereon." Additionally, Demaratus sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing of a wax tablet before applying its beeswax surface. Wax tablets were in common use then as reusable writing surfaces, sometimes used for shorthand.

reply
upvoteby anigbrowl33 minutes ago|
prev|
next
[-]
Because you can drive intel analysts crazy with this one weird trick. They know you can't decrypt one time pads, but they can't resist checking for entropy and trying to match it to known OTPs they may have acquired through intelligence channels. Running and programming the shortwave transmitter is dirt cheap; tying up some of opponents' SIGINT resources on a wild goose chase is good value for money.
reply
upvoteby coldpie8 hours ago|
prev|
next
[-]
Seems to me like coordinating with an entity outside of the spooks' control, such as the BBC, would give more opportunities for leaks. It would also reveal some information about who is controlling the signal--someone with some kind of relationship with the broadcaster.
reply
upvoteby red_admiral1 hours ago|
parent|
[-]
During WWII, the BBC would daily have a section after the news dedicated to "personal messages" - which everyone knew were instructions to the resistance in France, or similar. "William waits for Mary" was one of the more famous ones related to D-Day, I think.
reply
upvoteby zitterbewegung8 hours ago|
prev|
next
[-]
Shortwave propagates better and also its just a one time pad being distributed so embedding doesn't matter as much as long as the one time pad is longer than the intended message to send. There is no way to decrypt it because once you encrypt a message using a one time pad it is impossible to decrypt without the exact one time pad that it was encrypted with.
reply
upvoteby SAI_Peregrinus3 hours ago|
parent|
next
[-]
It's not a one-time pad being distributed, because leaking the pad leaks all your communications. It's almost certainly the actual messages being distributed, at specific times of day. The listener records the numbers for the known time period to get the message, then decodes it with their pad for that period. Then they destroy that pad. Continually broadcasting numbers makes it impossible to tell the length of the messages.
reply
upvoteby bluGill4 hours ago|
parent|
prev|
next
[-]
One time pads work only if only the sender and receiver have a copy of the pad - and they destroy each sheet on use. Distributing the pads is hard, but often it can be done easier than the message.

Distributing a one time pad like this is a stupid idea: it isn't hard to collect everything you ever send, and it takes a computer a few ms to check every encrypted message against every possible sequence. That is breaking a distribute one time pad via shortwave like this is something a single layperson can do, it doesn't even need a government scale attacker to break it.

Don't get me wrong, this can be used for good encryption. However it isn't a one time pad they are doing, it is something more complex.

reply
upvoteby pclmulqdq4 hours ago|
parent|
[-]
Every message is equally likely when you attempt this kind of brute-force decryption with a one-time pad. The code you get is actually 100% unbreakable if the pad isn't intercepted.
reply
upvoteby BenjiWiebe3 hours ago|
parent|
[-]
I think there's some confusion in this thread. GGP talks about distributing the one time pad via the numbers station. GP (rightly) says that's a stupid idea.

The numbers station should be transmitting a message encoded with a one time pad. The one time pad itself should be physically given in person to the spies who you want to communicate with.

reply
upvoteby bell-cot51 minutes ago|
parent|
[-]
Or, if one is uncertain whether to trust the courier between you and your spy - one can send two different one time pads by two different couriers. If the spy is trained to xor those pads together before using, an enemy must intercept both pads to be able to read your messages.

There are many variants on this, including pads which you hope your enemy will intercept.

reply
upvoteby zikduruqe2 hours ago|
parent|
prev|
[-]
And it is faster than the internet. That's why high speed traders are starting to use HF.

https://spectrum.ieee.org/wall-street-tries-shortwave-radio-...

reply
upvoteby b00ty4breakfast8 hours ago|
prev|
next
[-]
who's to say they aren't doing both? They may not even be sending anything over the number station; these stations will continue on a schedule even when there is nothing to say and nobody is listening because it makes it harder to eek out a foothold in the event of a weakness in the encryption.
reply
upvoteby red_admiral1 hours ago|
parent|
[-]
Even if the encryption is one-time pads, if you broadcast a bit every day then you don't warn the enemy that something's up by the fact that you're transmitting at all.
reply
upvoteby nhecker8 hours ago|
prev|
next
[-]
I can't find it immediately, but I've read about something even sneakier than this. A standard broadcast station was modified such that its carrier signal was modulated by a PSK signal. The intended listener would use e.g., a PSK-31 modem to listen to the carrier signal and would be able to obtain the encoded digital data. Everyday listeners would hear the regular broadcast. The station involved _might_ have been a BBC station, but I don't recall.
reply
upvoteby mbirth3 hours ago|
parent|
[-]
You could technically just transmit data via RDS, too. Change a letter here and there and nobody would know whether that’s a decoding error or actual ciphertext. (Would need some kind of checksum or so, of course.)

@windytan did a fascinating audio clip highlighting the RDS data stream in a radio recording some while ago:

https://soundcloud.com/windytan-1/rds-mixdown

reply
upvoteby some_random4 hours ago|
prev|
next
[-]
I think you're massively overestimating the amount of control the US has over news broadcasters.
reply
upvoteby user9822 hours ago|
prev|
next
[-]
The previous time that the US and UK overthrew Iran's government (https://en.wikipedia.org/wiki/1953_Iranian_coup_d'%C3%A9tat), they used the BBC in that way.

  Roosevelt told the Shah that he was in Iran on behalf of the American and British secret services, and that this would be confirmed by a code word the Shah would be able to hear on the BBC the next night. Churchill had arranged that the BBC would end its broadcast day by saying not 'it is now midnight' as usual, but 'it is now exactly midnight'
reply
upvoteby fortran773 hours ago|
prev|
next
[-]
I think they do this, too.

However, the numbers stations transmissions are never a big secret. They're intentionally powerful so someone can pick them up on simple equipment without raising suspicion. A person can modify an off-the-shelf AM radio to pick up shortwave, for example, even in an oppressive regime.

It's a one-time pad, so the encryption is unbreakable.

reply
upvoteby gorfian_robot8 hours ago|
prev|
next
[-]
regular AM/FM stations are not broadcasting on shortwave bands
reply
upvoteby NitpickLawyer8 hours ago|
parent|
next
[-]
Sure, but that would be a benefit, I would think. Most old cars come with an AM/FM radio, most cheap phones now have FM (? I don't know about AM, don't think so) and so on. So it would be more inconspicuous to listen to a regular radio than to a special station on special hardware. You don't even have to broadcast from EU, you could probably purchase some Radio Quatar Classical Rock or something :)
reply
upvoteby JohnFen7 hours ago|
parent|
[-]
Radios capable of receiving shortwave bands aren't exactly rare among normal people. They're not really "special hardware". Just owning one would not be inherently suspicious.

What would be suspicious is being in possession of the one-time pad needed to decode the messages, regardless of which media those messages are transmitted through.

For the record, "numbers stations" can be found in nearly every communication medium, including the web. The advantage of using shortwave (range, primarily) are large enough that the benefits outweigh the drawbacks.

reply
upvoteby ErroneousBosh2 hours ago|
parent|
[-]
> What would be suspicious is being in possession of the one-time pad needed to decode the messages

Would it though?

All you need is something with sufficient entropy. I reckon you could do a "good enough" job with any plausible-looking data you have lying around on your hard disk right now. Say for example if you took a couple of sha256s of any random image you might post on social media, you'd have quite a lot of key right there.

reply
upvoteby lxgr8 hours ago|
parent|
prev|
[-]
There are still quite a few shortwave radio stations broadcasting.
reply
upvoteby zikduruqe2 hours ago|
prev|
[-]
[dead]
reply