In the academic sphere the favored, publicly released, applications of these technologies has been to improve spectrum utilization and jamming resistance. However, these same technologies can also confir covertness. While encryption can protect the content of communication covertness can deny an eavesdropper the more important metadata of who is talking with whom and when.

It is well known that early Spread Spectrum (SS) methods (both frequency hopping, FHSS, and direct sequence, DSSS) were initially created for military purposes though are now part of wireless industry standards. There are other SS techniques, like chirp, chaotic and UWB, which have yet to find broad use in commercial or consumer products. There are yet other SS methods which are still either experimental or used only in military / government applications. Sometimes these approaches can be combined to significantly increase effectiveness. 
 
There is a general acknowledgement of relationships, in wired communications, between certain characteristics (e.g., latency) privacy and security. The same generally holds true for wireless. In addition,  wireless links must often deal with varying and unpredictable channel conditions.

Conversely, non-compliant wireless links (the only types of interest here) can dynamically choose whatever spectrum fits within the hardware and software capabilities and best suits the conversation at hand. It is also free of service provider restrictions and costs. 

One prominent way for wireless communications to acquire the covert characteristics needed is by effectively masquerading as noise. This noise can be from natural sources (e.g., lightning), non-communication radio emissions (e.g., discharge type street lamps), unintentional communication emissions or an uncontrolled mixture.

SIGINT analyst Eve may use a variety of specialized spectrum analysis tools including Bragg Cell, electroptical, steering receivers to quickly scan wide swaths of spectrum for signals of interests which can then be investigated using narrower band devices. These devices can be terrestrial or mounted on satellites.

All receivers have design tradeoffs mostly due to frequency coverage, instantaneous bandwidth, noise figures, etc. Automated identification and classification of unknown signals is an advancing art but still an inexact science. If Alice and Bob use weak (very low spectral density), intermittent, signals with very close similarity to noise they are, individually, problematic for Eve. As the number of simultaneous, unrelated and uncoordinated, parties share the spectrum the difficulty for Eve is magnified even if she records the spectrum and attempts non-realtime analysis. Despite massive SIGINT investments she is at disadvantage but the intel agency narratives would have others believe they are all-seeing all-knowing. 

With proper covert tech the advantage can shift asymmetrically in favor of Alice and Bob. The situation has similarities to mixing of blockchain transactions. It's also similar to the challenge faced by parties defending their online servers from hackers. The defenders must block any intrusions the attackers must only find one good exploit to win.

To be continued...

On Sun, Oct 27, 2019, 3:03 PM Steven Schear <schear.steve@gmail.com> wrote:
By choosing a different physical transport means a different and, I maintain, better set of security tradeoffs become available. Unlike approaches which invariably depend on the Internet and heavily monitored commercial gateways, I propose using infrastructure-less or non-permissioned commercial, single-hop, relays. It's not the electromagnetic spectrum isn't also monitored but that the efficacy of that monitoring is, unlike the former environment, much more limited by physics, channel conditions, information theory and the proper application of tradecraft by possible targets.

Both as a hobbyist and professional I've delved into the practicality of utilizing and building on commonly available, even consumer grade, Software Defined Signal Processing  (SDSP, the use of the term SDR is verboten in my world due to its inherent regulatory implications) hardware and open source software. My investigations (some openly shared at Cypherpunk-oriented tech conferences) have led me to believe that even a moderate uptake of these SDSP technologies would effectively neutralize most or all SIGINT against parties who aren't already the subject of individual targeting. 

These technologies aren't some magical new creation but rather the integration and adoption of ideas already well studied and reported in academia but whose implementations are often not openly available for tailoring and testing, mostly due to unfounded fears of regulatory actions. 

To be continued...

Join