[Cryptography] Hacking spread spectrum clocking of HW ?

grarpamp grarpamp at gmail.com
Wed May 25 14:50:45 EDT 2016


On 5/25/16, dj at deadhat.com <dj at deadhat.com> wrote:
> It depends on the application.
> CAZAC codes for stealth canaries anyone?
> Cryptographic spreading codes and wide bandwidths are seen in military
> *radiations*.

*This*, moar liek this.

Imagine noise radiator capable of making your spectrum analyzer
look like /dev/urandom across the board. There's no center frequency,
no clock, no freq hopping, no spreading, no observables, no off the
shelf wireless hardware or reference design... it's not based on
that. To any viewer, it's just noise. To you and your peers who
hold, say, a shared XOR key for data and a seed for DRBG noise, it
looks like data... lots of data ;-) With achievable datarate, error
correction, and unjammability governed by the range of spectrum you
can generate noise over. You could even mimic within existing spectra
if need be. The amplifiers and radiators to cover the spectrum are
hardware. Everything else is SDR.

There is at least one good paper on this, particularly involving
GNURadio style SDR as the enabling basis, but I forgot the magic
search terms to find it again.

While not the one in mind (and not necessarily from the new SDR
guerrilla crowd), these are somewhat relavant...

Digital Chaotic Communications
https://smartech.gatech.edu/bitstream/handle/1853/34849/michaels_alan_j_200908_phd.pdf

Synchronization in Cognitive Overlay Systems
http://lib.tkk.fi/Dipl/2012/urn100685.pdf

Covert Ultrawideband Random Noise papers by Jack Chuang and Ram Narayanan...
https://etda.libraries.psu.edu/files/final_submissions/3142


More information about the cryptography mailing list