Monday, January 18, 2010

How to recognize KG-84 encryption in a NATO-75 transmission?

Recently on the UDXF group Dan asked:

"in a NATO-75 transmission how do you recognize KG-84 Encryption?"

Our friend Jim in the UK provided this great answer (used here with his permission:

It depends on the transmission!

If the transmission is continuous, without any interruptions, it isn't possible to be certain of the encryption being used. However, if a pseudo-random transmission (ACF=0) runs at 75 Bauds with an 850 Hz shift, it is reasonable to assume that it is NATO-75 with KG-84 encryption.* KG-84 is a NATO standard for FSK printer circuits and can also be seen on STANAG-4285 systems.

If the transmission is intermittent, as is necessary where a secure broadcast or a ship's input transmission is concerned, then it is easier. Each message or individual transmission will commence with (usually) a single tone (mark or space alone) followed by one or two seconds of reversals (REVs) which is then followed in turn by several repeated sequences before the system outputs the encrypted message.

A good example of an intermittent message-block transmission is the NATO MATELO broadcast from the NATO Maritime HQ at Northwood via DHFCS transmitters, on these frequencies: 82.8 (kHz), 4732, 6759, 8988, 11213 and 23238 kHz. The long-wave transmission is narrow-shift, the HF ones 850 Hz.

Use an RTTY decoder set to 75 Bauds, 850 Hz shift. Although NATO-75 is a synchronous system and RTTY is asynchronous, the RTTY decoder will display the reversals as RYRYRY.. and the following repeated sequence will be easily recognized although the characters displayed by the RTTY decoder will not be the actual characters transmitted by the NATO-75 system. With some practice it's possible to recognise blocks of KG-84 by ear without requiring the decoder!

Don't try to decode a system which is running without breaks, as you'll only get days or weeks of pseudo-random rubbish.

Bear in mind also that there is, understandably, little in the public domain regarding everyday cryptographic use of KG-84.

* Note that NATO systems running at 50 and 100 Bauds have also been logged on UDXF and be aware too that there are French naval broadcasts using 50 Baud encrypted FSK systems with 850 Hz shift which do not use KG-84 crypto.

Two links for additional information:

http://en.wikipedia.org/KG84

http://www.proc.ca/kg84.html