[fc-discuss] Financial Cryptography Update: Spooks' corner: listening to typing, Spycatcher, and talking to Tolkachev

iang@iang.org iang@iang.org
Sun, 11 Sep 2005 13:39:00 +0100 (BST) 

 Financial Cryptography Update: Spooks' corner:  listening to typing, Spycatcher, and talking to Tolkachev 

                           September 11, 2005


------------------------------------------------------------------------

https://www.financialcryptography.com/mt/archives/000550.html



------------------------------------------------------------------------

A team of UCB researchers have coupled the sound of typing to various
artificial intelligence learning techniques and recovered the text that
was being typed.  This recalls to mind Peter Wright's work.  Poking
around the net, I found that Shamir and Tromer started from here:

http://www.wisdom.weizmann.ac.il/~tromer/acoustic/

=======8<===========8<===========8<====
Preceding modern computers, one may recall MI5's "ENGULF" technique
(recounted in Peter Wright's book Spycatcher), whereby a phone tap was
used to eavesdrop on the operation of an Egyptian embassy's Hagelin
cipher machine, thereby recovering its secret key.
=======8<===========8<===========8<====

I haven't _Spycatcher_ to hand, but from memory the bug was set up by
fiddling the phone in the same room to act as a microphone, and the
different sounds of the typewriter keys hitting being pressed on the
cipher machine were what allowed the secret key to be recovered. 
Here's some more of Wright's basic techniques:

http://www.five.org.uk/security/mi5org/spycatch.htm

=======8<===========8<===========8<====
One of Peter Wright's successes was in listening to (i.e. bugging) the
actions of a mechanical cipher machine, in order to break their
encryption.  This operation was code-named ENGULF, and enabled MI5 to
read the cipher of the Egyptian embassy in London at the time of the
Suez crisis. Another cipher-reading operation, code-named STOCKADE,
read the French embassy cipher by using the electro-magnetic echoes of
the input teleprinter which appeared on the output of the cipher
machine. Unfortunately, Wright says this operation "was a graphic
illustration of the limitations of intelligence" - Britain was blocked
by the French from joining the Common Market and no amount of bugging
could change that outcome. 

Particularly interesting is MI5's invention code-named RAFTER, which is
used to detect the frequency a radio receiver is tuned to, by tracing
emissions from the receiver's local oscillator circuit. RAFTER was used
against the Soviet embassy and consulate in London to detect whether
they were listening in to A4-watcher radios. Wright also used this
technique to try to track down Soviet "illegals" (covert agents) in
London who received their instructions by radio from the USSR.
=======8<===========8<===========8<====

Unlike Wright's techniques from the 60s, the UCB team and their
forerunners have the ability to couple up their information to vastly
more powerful processing.  They manage to show how not only can the
technique extract pretty accurate text, it can do so after listening to
only 10-15 minutes of typing without prior clues.

http://www.freedom-to-tinker.com/?p=893
http://www.cs.berkeley.edu/~tygar/papers/Keyboard_Acoustic_Emanations_R
evisited/preprint.pdf

That's a pretty impressive achievement!  Does this mean that next time
a virus invades your PC, you also need to worry about whether it
captures your microphone and starts listening to your password typing? 
No, it's still not that likely, as if the audio card can be grabbed
your windows PC is probably "owned" already and the keyboard will be
read directly.	Mind you, the secure Mac that you use to do your online
banking next to it might be in trouble :-)

While we are on the subject, Adam also points (at Bruce who points) at
the CIA's Tolkachev case, the story of an agent who passed details on
Russian avionics until caught in 1985 (and executed a year later for
high treason).

http://www.cia.gov/csi/studies/vol47no3/article02.html

The tradecraft information in there is pretty interesting.  Oddly, for
all their technical capability the thing that worked best was
old-fashioned systems.	At least the way the story reads, microfilm
cameras, personal crypto-communicators and efforts to forge library
passes all failed to make the grade and simpler systems were used:

=======8<===========8<===========8<====
In November 1981, Tolkachev was passed a commercially purchased
shortwave radio and two one-time pads, with accompanying instructions,
as part of an "Interim-One-Way Link" (IOWL) base-to-agent alternate
communication system.  He was also passed a demodulator unit, which was
to be connected to the short wave radio when a message was to be
received.
Tolkachev was directed to tune into a certain short wave frequency at
specific times and days with his demodulator unit connected to his
radio to capture the message being sent.  Each broadcast lasted 10
minutes, which included the transmission of any live message as well as
dummy messages.  The agent could later break out the message by
scrolling it out on the screen of the demodulator unit.  The first
three digits of the message would indicate whether a live message was
included for him, in which case he would scroll out the message,
contained in five-digit groups, and decode the message using his
one-time pad.  Using this system, Tolkachev could receive over 400
five-digit groups in any one message.
Tolkachev tried to use this IOWL system, but he later informed his case
officer that he was unable to securely monitor these broadcasts at the
times indicated (evening hours) because he had no privacy in his
apartment.  He also said that he could not adhere to a different
evening broadcast schedule by waiting until his wife and son went to
bed, because he always went to bed before they did.
As a result, the broadcasts were changed to the morning hours of
certain workdays, during which Tolkachev would come home from work
using a suitable pretext.  This system also ran afoul of bad luck and
Soviet security.  Tolkachev's institute initiated new security
procedures that made it virtually impossible for him to leave the
office during work hours without written permission.  In December 1982,
Tolkachev returned his IOWL equipment, broadcast schedule,
instructions, and one-time pad to his case officer.  The CIA was never
able to use this system to set up an unscheduled meeting with him.
=======8<===========8<===========8<====

Sounds like a familiar story!  The most important of Kherchkoffs' 6
laws is that last one, which says that a crypto-system must be usable. 
The article also describes another paired device that could exchange
encrypted messages over distances of a few hundred metres, with similar
results (albeit with some successful message deliveries).

-- 
Powered by Movable Type
Version 2.64
http://www.movabletype.org/