Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
NitpickLawyer 9 hours ago

I wonder why they keep using a dedicated numbers station instead of embedding the code in a regular radio broadcast on a traditional channel? I'm sure that even before LLMs one could find a way to create a story where certain numbers / code words would be embedded without altering the underlying story too much. And they could probably get BBC / whatever station to air it. It would be a bit less inconspicuous to listen to BBC than to a dedicated numbers station, even if the message would be undecryptable either way.

daneel_w 3 hours ago | parent | next [-]

> "I'm sure that even before LLMs one could find a way to create a story where certain numbers / code words would be embedded without altering the underlying story too much."

It's called steganography, and it's a centuries if not millennia old technique.

shagie 2 hours ago | parent [-]

I recall reading about this in The Code Book by Simon Singh when I was dabbling with writing single and double substitution cypher solvers.

https://en.wikipedia.org/wiki/Steganography#History

> The first recorded uses of steganography can be traced back to 440 BC in Greece, when Herodotus mentions two examples in his Histories. Histiaeus sent a message to his vassal, Aristagoras, by shaving the head of his most trusted servant, "marking" the message onto his scalp, then sending him on his way once his hair had regrown, with the instruction, "When thou art come to Miletus, bid Aristagoras shave thy head, and look thereon." Additionally, Demaratus sent a warning about a forthcoming attack to Greece by writing it directly on the wooden backing of a wax tablet before applying its beeswax surface. Wax tablets were in common use then as reusable writing surfaces, sometimes used for shorthand.

anigbrowl 32 minutes ago | parent | prev | next [-]

Because you can drive intel analysts crazy with this one weird trick. They know you can't decrypt one time pads, but they can't resist checking for entropy and trying to match it to known OTPs they may have acquired through intelligence channels. Running and programming the shortwave transmitter is dirt cheap; tying up some of opponents' SIGINT resources on a wild goose chase is good value for money.

coldpie 9 hours ago | parent | prev | next [-]

Seems to me like coordinating with an entity outside of the spooks' control, such as the BBC, would give more opportunities for leaks. It would also reveal some information about who is controlling the signal--someone with some kind of relationship with the broadcaster.

red_admiral 2 hours ago | parent [-]

During WWII, the BBC would daily have a section after the news dedicated to "personal messages" - which everyone knew were instructions to the resistance in France, or similar. "William waits for Mary" was one of the more famous ones related to D-Day, I think.

zitterbewegung 8 hours ago | parent | prev | next [-]

Shortwave propagates better and also its just a one time pad being distributed so embedding doesn't matter as much as long as the one time pad is longer than the intended message to send. There is no way to decrypt it because once you encrypt a message using a one time pad it is impossible to decrypt without the exact one time pad that it was encrypted with.

SAI_Peregrinus 3 hours ago | parent | next [-]

It's not a one-time pad being distributed, because leaking the pad leaks all your communications. It's almost certainly the actual messages being distributed, at specific times of day. The listener records the numbers for the known time period to get the message, then decodes it with their pad for that period. Then they destroy that pad. Continually broadcasting numbers makes it impossible to tell the length of the messages.

bluGill 5 hours ago | parent | prev | next [-]

One time pads work only if only the sender and receiver have a copy of the pad - and they destroy each sheet on use. Distributing the pads is hard, but often it can be done easier than the message.

Distributing a one time pad like this is a stupid idea: it isn't hard to collect everything you ever send, and it takes a computer a few ms to check every encrypted message against every possible sequence. That is breaking a distribute one time pad via shortwave like this is something a single layperson can do, it doesn't even need a government scale attacker to break it.

Don't get me wrong, this can be used for good encryption. However it isn't a one time pad they are doing, it is something more complex.

pclmulqdq 4 hours ago | parent [-]

Every message is equally likely when you attempt this kind of brute-force decryption with a one-time pad. The code you get is actually 100% unbreakable if the pad isn't intercepted.

BenjiWiebe 4 hours ago | parent [-]

I think there's some confusion in this thread. GGP talks about distributing the one time pad via the numbers station. GP (rightly) says that's a stupid idea.

The numbers station should be transmitting a message encoded with a one time pad. The one time pad itself should be physically given in person to the spies who you want to communicate with.

bell-cot an hour ago | parent [-]

Or, if one is uncertain whether to trust the courier between you and your spy - one can send two different one time pads by two different couriers. If the spy is trained to xor those pads together before using, an enemy must intercept both pads to be able to read your messages.

There are many variants on this, including pads which you hope your enemy will intercept.

zikduruqe 2 hours ago | parent | prev [-]

And it is faster than the internet. That's why high speed traders are starting to use HF.

https://spectrum.ieee.org/wall-street-tries-shortwave-radio-...

b00ty4breakfast 8 hours ago | parent | prev | next [-]

who's to say they aren't doing both? They may not even be sending anything over the number station; these stations will continue on a schedule even when there is nothing to say and nobody is listening because it makes it harder to eek out a foothold in the event of a weakness in the encryption.

red_admiral 2 hours ago | parent [-]

Even if the encryption is one-time pads, if you broadcast a bit every day then you don't warn the enemy that something's up by the fact that you're transmitting at all.

nhecker 8 hours ago | parent | prev | next [-]

I can't find it immediately, but I've read about something even sneakier than this. A standard broadcast station was modified such that its carrier signal was modulated by a PSK signal. The intended listener would use e.g., a PSK-31 modem to listen to the carrier signal and would be able to obtain the encoded digital data. Everyday listeners would hear the regular broadcast. The station involved _might_ have been a BBC station, but I don't recall.

mbirth 4 hours ago | parent [-]

You could technically just transmit data via RDS, too. Change a letter here and there and nobody would know whether that’s a decoding error or actual ciphertext. (Would need some kind of checksum or so, of course.)

@windytan did a fascinating audio clip highlighting the RDS data stream in a radio recording some while ago:

https://soundcloud.com/windytan-1/rds-mixdown

some_random 5 hours ago | parent | prev | next [-]

I think you're massively overestimating the amount of control the US has over news broadcasters.

user982 2 hours ago | parent | prev | next [-]

The previous time that the US and UK overthrew Iran's government (https://en.wikipedia.org/wiki/1953_Iranian_coup_d'%C3%A9tat), they used the BBC in that way.

  Roosevelt told the Shah that he was in Iran on behalf of the American and British secret services, and that this would be confirmed by a code word the Shah would be able to hear on the BBC the next night. Churchill had arranged that the BBC would end its broadcast day by saying not 'it is now midnight' as usual, but 'it is now exactly midnight'
fortran77 4 hours ago | parent | prev | next [-]

I think they do this, too.

However, the numbers stations transmissions are never a big secret. They're intentionally powerful so someone can pick them up on simple equipment without raising suspicion. A person can modify an off-the-shelf AM radio to pick up shortwave, for example, even in an oppressive regime.

It's a one-time pad, so the encryption is unbreakable.

gorfian_robot 9 hours ago | parent | prev | next [-]

regular AM/FM stations are not broadcasting on shortwave bands

NitpickLawyer 8 hours ago | parent | next [-]

Sure, but that would be a benefit, I would think. Most old cars come with an AM/FM radio, most cheap phones now have FM (? I don't know about AM, don't think so) and so on. So it would be more inconspicuous to listen to a regular radio than to a special station on special hardware. You don't even have to broadcast from EU, you could probably purchase some Radio Quatar Classical Rock or something :)

JohnFen 7 hours ago | parent [-]

Radios capable of receiving shortwave bands aren't exactly rare among normal people. They're not really "special hardware". Just owning one would not be inherently suspicious.

What would be suspicious is being in possession of the one-time pad needed to decode the messages, regardless of which media those messages are transmitted through.

For the record, "numbers stations" can be found in nearly every communication medium, including the web. The advantage of using shortwave (range, primarily) are large enough that the benefits outweigh the drawbacks.

ErroneousBosh 3 hours ago | parent [-]

> What would be suspicious is being in possession of the one-time pad needed to decode the messages

Would it though?

All you need is something with sufficient entropy. I reckon you could do a "good enough" job with any plausible-looking data you have lying around on your hard disk right now. Say for example if you took a couple of sha256s of any random image you might post on social media, you'd have quite a lot of key right there.

lxgr 8 hours ago | parent | prev [-]

There are still quite a few shortwave radio stations broadcasting.

zikduruqe 2 hours ago | parent | prev [-]

[dead]