Communications Question

Discussion in 'Survival Communications' started by Seacowboys, Dec 18, 2007.

  1. Seacowboys

    Seacowboys Senior Member Founding Member

    Could a group use fax machines as a secure means of communications by using an encryption program to encrypt the message, print it out, fax it to a receiver with the same encryption key to be scanned back into thier computer?
  2. ghrit

    ghrit Bad company Administrator Founding Member

    That could work (as long as the wires are still up.) Most computers also have fax capability, so the machine itself may not be needed. Getting around the wires or lack thereof could be problematic. A little more thinking along those lines might yield some more ideas. I know squat about encryption, but a simple substitution code would pretty well do for a start. It took the army of occupation a LONG time to figure out the Confederate symbol code.
  3. Tango3

    Tango3 Aimless wanderer

    Would depend on the original encryption, I think we've seen from news stories. any thing on wire canand probably is being siphoned off courtesy of AT&T and the NSA anything important enough can be broken with enough time and computer power. (at least that's what I believe).
    If you want to slip some thing past the sys admin or your roomate it may buy time. Even gov secured filling cabinet ("safes") are rated in man hours to withstand various attacks. drilling/peeling/ manipulation etc.Better than standing up and scream! "Theres something hidden here!!!you may want to think about hiding the message in plain sight:
  4. Evenglischatiest

    Evenglischatiest Monkey+++

    A fax is little more than a PDF file. It's no more secure inherently than a mildly compressed e-mail. But it probably is less likely to be intercepted. It's probably more than secure enough if you're worried about individuals.

    If you want security that would hold up to government code breakers, my suggestion would be somewhat lower tech. Mail hand written encryption keys out ahead of time. When you need to send a message, just send an encrypted e-mail or fax. Send a second, unencrypted message with no information other than which key to use. Never use the same key twice. With a random, non-repeating key, that system is as secure as any in existence. But as T3 said, anything can be cracked eventually.

    Or, you could always learn Navajo. [beer]
  5. Seacowboys

    Seacowboys Senior Member Founding Member

    Computer fax emulators are not what I am talking about. I am talking about a simple old fax machine that has nothing to do with bianery code. A computer encryption of a page faxed over a telephone line and scanned manually into another computer with the same encryption program and the key is what I am asking will work? There are no flag-words to draw attention and no way of even ascertaining what encryption program was used.
  6. Evenglischatiest

    Evenglischatiest Monkey+++

    That's not secure, it's just disguised. The computer fax emulators generate and read the same signals as any normal fax. That's why you can't send a fax with a standard modem. A fax-modem is basically a normal fax machine, minus the scanner and printer. Once the signal is in the phone lines, it makes no difference what type of machine generated it. It can be read by any machine capable of receiving a fax.
  7. Tango3

    Tango3 Aimless wanderer

    Read this in a spy novel once."book code":I.E. The Alabama Tennis Appreciation Society has a regional tournament and hands out the exact same copy of "improving your back hand by Billie jean king" 2nd,edition copyright 2001to senior members.A member posts a message in a classified ad:"1220612;1101517;10011820;1500703from left first 3 digit page#,2nd digits lines from the top, next 2 digits word.only a 110 page book?any thing over 110 has a special instruction attached. never use same location twice. compromise the book and the whole bunch goes to the gallows.
    even so any coded english gramar can be decoded just from patterns and occurrances of words in common english. what did the commitees of correspondance use ?
  8. Seacowboys

    Seacowboys Senior Member Founding Member

    That is correct and that is my point. My question is whether an encryption program will be able to accept and decrypt a scanned document, rather than getting the note-pad bi-nary file? I was wondering if you would have to use a character recognition program to save the fax as data or if the encryption program would recognize the characters from a fax? I can figure this out myself, I have the encryption programs and multiple computers, but really didn't want to take the time if someone already knows.
  9. monkeyman

    monkeyman Monkey+++ Moderator Emeritus Founding Member

    Like mentioned it would be secure from most average folks BUT basicly if they have the ability to intercept the fax, then unless it is a matter of trying to slip it past a system administrator, then they should have little or no problems breaking the code even without computer help in a matter of an hour or 2 especialy unless its a stacked code. I would have to go back and look up the stats to some point but basicly there are simple formulas as to the most common letters to appear in the english language, and very limited words with say less than 3 letters. So you find the 1 letter words and you know that character is an 'I' or 'A', 'T' or 'S' (IIRC dont recall which in which order) are 2 of the most recuring letters so you look for the most recuring characters and replace them with those letters and do so in order untill you have several words figured out then apply that to the message and decrypt the whole thing. With a computer with the algorythems in it for this then decryption should only take a few seconds. I have done it with pen and paper to decrypt a page of coded info in an hour or so when I was in school.

    Now if its a stacked code then it may make it a bit more difficult. kind of like the code talkers speaking Navaho, they didnt have words for a tank so it was something like a turtle and plains bombers were firebirds and so on. So even IF the enemy had figured out the word they would likely have thought they had a wrong key and kept looking since the words they said didnt make sense. So if you used encryption as say a replacement code and used abreviations for most of the words (kind of like texting or chat talk that would change the recurence patterns of letters) and the abreviations were for words that were symbols of other words then maybe stackthat further by ading a seperately delivered key code that would tell which words were of value and which were to discard or the order of the words to read the message and mix say 5 words of jiberish (encrypted in the same way as the rest) with the message and only the intended recipient knew which wors were to be read or in what order, THEN even when they break the encryption (which will become more difficult since with lots of abreviations the recurrance rates change and noe of it appears correct when they do decrypt it) then the message is still justa lot of abreviations they hopefuly dont understand and there is no context especialy if the words of the message are not in order and have to be picked out with a key code similar to the one mentioned as being used with the book.

    So in short, the computer with proper software should have no problem at all decrypting the message but neither would anyone who intercepts it unless it is a stacked code with seperate key that has not been compromised.
  10. Seacowboys

    Seacowboys Senior Member Founding Member

    I'll give you a hint: this is an encryption of my favorite rife. Solve it if you think you can, It really is a simple and basic algorythm.

    These do no work like childrens secret ring coders.
  11. melbo

    melbo Hunter Gatherer Administrator Founding Member

    give me a hint on the encryption password and I bet I can figure it out ;)
  12. melbo

    melbo Hunter Gatherer Administrator Founding Member

    Yes. What you are talking about would work the way you envision. It's as secure as the AES Rinjdal Twofish algorithms themselves. But, you would need to take the faxed hard copy and then somehow get that scanned into your system for the decryption. I don't think the sending of it by fax is any different than email. so it may not be necessary to use the fax.

    Unless you could get a hold of some fax machines that already have encryption built into them? I doubt that Bill Gates sends a fax or email that is readable by anyone but the intended recipient.

    I've come to the conclusion that stenography is going to be our best bet. That may be what tango has linked above and I used to play around with it in the past. Hidden text files in a picture.
  13. monkeyman

    monkeyman Monkey+++ Moderator Emeritus Founding Member

    I havent plaid with encryption for years and dont remember most of it. Something like shown WOULD make it very hard for an individual to decrypt but I would still imagine that if its the boys at Langley one was concerned with however that their computers and techs would find most of the stuff on the civilian market about the same as the decoder ring unless it had an uncompromised key and or was stacked code. It dose appear that the encryption you use is somewhat stacked (unless there is a LOT more info there than just the name of the weapon) but if its a comercialy available software application I would imagine they have a copy that decrypts it. Not saying it wouldnt help, just that I wouldnt assume it would be impossible for them to intercept and decode but I suppose thats somewhat true of any form of comms now days.
  14. mage2

    mage2 Monkey+++

    Being part of the tech world, and attending tech (hacker) conferences i would say the only thing i would trust would be PGP with a rather large key set. PGP being open source has the advantage for us tin-foil hat types that its been taken apart and analyzed by other tinfoil hats to ensure there is no backdoors or other hanky panky going on. That leaves only brute force. Bruteforce is the worst option for breaking encryption.

    anything that a human can encrypt can be broken by a human using any of many methods its just a matter of time, with a computer in the toolset of the person attacking the encryption, anything a human can encrypt can be toasted quickly.
  15. Evenglischatiest

    Evenglischatiest Monkey+++

    I heard the .gov demanded a back door in PGP. Are you saying they didn't get it? [beer]
  16. hartage

    hartage Monkey+++

    They want a backdoor on everything. Hopefully some companies out there have the huevos to not be cattle.
  17. Seacowboys

    Seacowboys Senior Member Founding Member

    Ames Laboratory researchers detect secret files lurking within digital images

    AMES, Iowa – Keeping computer files private requires only the use of a simple encryption program. For criminals or terrorists wanting to conceal their activities, however, attaching an encrypted file to an e-mail message is sure to raise suspicion with law enforcement or government agents monitoring e-mail traffic.

    But what if files could be hidden within the complex digital code of a photographic image? A family snapshot, for example, could contain secret information and even a trained eye wouldn’t know the difference.

    That ability to hide files within another file, called steganography, is here thanks to a number of software programs now on the market. The emerging science of detecting such files – steganalysis – is getting a boost from the Midwest Forensics Resource Center at the U.S. Department of Energy’s Ames Laboratory and a pair of Iowa State University researchers.

    Electronic images, such as jpeg files, provide the perfect “cover” because they’re very common – a single computer can contain thousands of jpeg images and they can be posted on Web sites or e-mailed anywhere. Steganographic, or stego, techniques allow users to embed a secret file, or payload, by shifting the color values just slightly to account for the “bits” of data being hidden. The payload files can be almost anything from illegal financial transactions and the proverbial off-shore account information to sleeper cell communications or child pornography.

    “We’re taking very simple stego techniques and trying to find statistical measures that we can use to distinguish an innocent image from one that has hidden data,” said Clifford Bergman, ISU math professor and researcher on the project. “One of the reasons we’re focusing on images is there’s lots of ‘room’ within a digital image to hide data. You can fiddle with them quite a bit and visually a person can’t see the difference.”

    “At the simplest level, consider a black and white photo – each pixel has a grayscale value between zero (black) and 255 (white),” said Jennifer Davidson, ISU math professor and the other investigator on the project. “So the data file for that photo is one long string of those grayscale numbers that represent each pixel.”

    Encrypted payload files can be represented by a string of zeros and ones. To embed the payload file, the stego program compares the payload file’s string of zeros and ones to the string of pixel values in the image file. The stego program then changes the image’s pixel values so that an even pixel value represents a zero in the payload string and an odd pixel value represents a one. The person receiving the stego image then looks at the even-odd string of pixel values to reconstruct the payload’s data string of zeros and ones, which can then be decrypted to retrieve the secret file.

    “Visually, you won’t see any difference between the before and after photo,” Davidson said, “because the shift in pixel value is so minor. However, it will change the statistical properties of the pixel values of the image and that’s what we’re studying.”

    Given the vast number of potential images to review and the variety and complexity of the embedding algorithms used, developing a quick and easy technique to review and detect images that contain hidden files is vital. Bergman and Davidson are utilizing a pattern recognition system called an artificial neural net, or ANN, to distinguish between innocent images and stego images.

    Training the ANN involved obtaining a database of 1,300 “clean” original images from a colleague, Ed Delp, at Purdue University. These images were then altered in eight different ways using different stego embedding techniques – involving sophisticated transfer techniques between the spatial and wavelet domains – to create a database of over 10,000 images.

    Once trained, the ANN can then apply its rules to new candidate images and classify them as either innocent or stego images.

    “The ANN establishes kind of a threshold value,” Bergman said. “If it falls above the threshold, it’s suspicious.
    “If you can detect there’s something there, and better yet, what method was used to embed it, you could extract the encrypted data,” Bergman continued. “But then you’re faced with a whole new problem of decrypting the data … and there are ciphers out there that are essentially impossible to solve using current methods.”

    In preliminary tests, the ANN was able to identify 92 percent of the stego images and flagged only 10 percent of the innocent images, and the researchers hope those results will get even better. An investigator with the Iowa Department of Criminal Investigation is currently field-testing the program to help evaluate its usefulness and a graphical user interface is being developed to make the program more user friendly.

    “Hopefully we can come up with algorithms that are strong enough and the statistics are convincing enough for forensic scientists to use in a court of law,” Bergman said, “so they can say, ‘There’s clearly something suspicious here,’ similar to the way they use DNA evidence to establish a link between the defendant and the crime.”

    The project is funded by the Midwest Forensics Resource Center. The MFRC, operated by Ames Laboratory, provides research and support services to crime laboratories and forensic scientists throughout the Midwest.

    Ames Laboratory is operated for the Department of Energy by Iowa State University. The Lab conducts research into various areas of national concern, including energy resources, high-speed computer design, environmental cleanup and restoration, and the synthesis and study of new materials.
  18. BTPost

    BTPost Stumpy Old Fart Snow Monkey Moderator

    Just a few NOTES, here... PGP and it's open source children, are fairly secure in that there are NO BackDoors in the code, simply because it is Open Source, so everyone can see the code. HOWEVER it can be brutforced, but it takes time and MASSIVE computer power to do it, so as long as the content is time sensitive, by the time they get it decrypted the information is stale.....
    There are other Cyptographic systems that are better than PGP and it's children, but they may or may not have BackDoors in them. One SigIntel Guy I know, says that some of the best ways to move secure data is to embed it in a JPEG picture, and send it that way. It looks like a picture of Aunt Martha and Uncle Ralph, but encoded in the Bits is the secure message. There ARE programs to do this, out on the internet, and it is very hard to determine if there is something in there or NOT.... .... YMMV....
    VisuTrac likes this.
  19. Clyde

    Clyde Jet Set Tourer Administrator Founding Member

    I believe the embedding of picture is called stenography.
    VisuTrac likes this.
  20. melbo

    melbo Hunter Gatherer Administrator Founding Member

    I think that's shorthand. You want Steganography

    - Sent from my iPhone using Tapatalk
survivalmonkey SSL seal warrant canary