Re: Wither Air-Sea Battle

Frankly - the distinction is quite minor.

Inability to protect outliers doesn't matter in a single engagement - but it matters a lot in a real conflict.

Once again - the theory of sacrificing all your pawns to protect your king carrier works great against guys in caves. Doesn't work so great against an actual industrial opponent.

The problem is - communications didn't just pop up last night. There has been tremendous evolution there - and none of it can deal with actively hostile environments well.

Not true. A high end encryption increases video bandwidth tremendously because unlike for text - where substitution and replacement can be offset by compression - in video, compression is very much more difficult with poorer results.

Think about how much video is of sky - every one of those bits is like the letter 'e' in the English language.

Now let's expand the existing 2.5mbps necessary for a single stream video feed to what would be necessary for a 100 mile radius coverage, then quadruple or quintuple it to add high end encryption.

The bandwidth requirements aren't trivial.

For that matter - try and do some encryption of video on your own. Take any later generation cellphone - one with 720p or greater HD capability.

Take 1 minute of footage, then try and compress that puppy.

Re: Wither Air-Sea Battle

Lost Cruise fears save Obama on Syria
By Gregory Sinaisky

US President Barack Obama's reversal on the bombing of Syria took the world by surprise. For a long time, he was talking about the use of chemical weapons by Bashar Al-Assad's regime being "a red line". There was a feeling that Obama's talk about chemical weapons use in Syria was like a proverbial "Chekhov's gun" - in a well-written play, if a gun is seen in the first act hanging from a wall, in the last act it must shoot.

Obama certainly knew for a long time that most Americans and were against involvement in Syria. He himself said that he was not obliged to ask the Congress permission for a remote-control war. Then suddenly the reversal. It certainly looks like something happened that he did not expect.

Nobody in the mainstream media had analyzed technical aspects of the attack, and nobody to my knowledge doubted the ability of America's armed forces to execute it. Yet this author's analysis, based mainly on data from open sources and technical common sense, shows that the reason for this reversal can very likely be found in limitations in military capability to execute a "clean" overwhelming strike on Syria.

If this is true, it would be understandable that Pentagon generals if did not want to bring the bad news to Obama, in the hope that something would happen that would get them out of the predicament. Only as the moment of truth was approaching, perhaps, was Obama notified that his strike plan could not be executed for technical reasons.

It was announced that the American attack on Syria would be conducted with an opening salvo of several hundred Tomahawk missiles launched from US Navy ships deployed in the Mediterranean sea. This is a tactic usually used by the US against an adversary with a credible air defense system. Only after enemy air defenses are degraded to the point that losses of manned aircraft are unlikely does aerial bombing start, followed if necessary by ground troops or local US allies. This approach allowed the US to conduct its recent campaigns in Iraq and Libya with astonishingly low losses.

The Tomahawk is a weapon that is not suitable for area bombing due its high cost. Its use makes sense only for precise destruction of high-value targets. At an announced US$1.5 million per shot, even the US cannot afford to use more than several hundreds of these weapons. In contrast, the cost of an aviation bomb, including delivery, is probably in the tens of thousands of dollars.

The claimed accuracy of Tomahawk is to 10 meters. It is further claimed that 90% of engaged targets are destroyed. How is this precision achieved?

The Tomahawk has multiple guidance systems - GPS (Global Positioning System), INS (Inertial Navigation System), TERCOM (Terrain Contour Matching), DSMAC (Digital Scene Matching Area Correlation). TERCOM uses radar altimeter data to compare with a stored map of the terrain. It is clear that it cannot work over flat terrain or over water, and even over a more feature-rich terrain it probably has a large probability of loosing orientation.

DSMAC is based on comparing a stored image of the target area with the image produced by the on-board optical camera. DSMAC may work to identify an isolated building in a desert, but this author doubts it works reliably in complex scenery, especially in an urban environment.

Both of the above methods require data to be available and loaded into the missile computer in advance, while GPS-identified targets can be programed in flight. It is not clear if the US Army can produce data for DSMAC out of satellite data or if aerial reconnaissance is required for every target.

Modern INS for civilian airplanes has a nominal position error of two nautical miles an hour. There is no reason to believe that military systems are at present more accurate. This means that in the absence of a GPS signal for a substantial period of time, necessary guidance precision is lost. A military airspace journal quotes an official saying that loss of precision occurs after 30 seconds of GPS signal loss. [1]

One can conclude that the precision, flexibility, and ease of re-targeting of Tomahawk missiles are based on GPS, and that all auxiliary guidance systems do not work universally and may not be suitable at all under certain circumstances, depending on such aspects as the type of terrain between the launcher and the target.

This problem is acknowledged in specialized publications. Military and Aerospace Electronics [1] quotes unnamed officials from the US Defense Advanced Research Projects Agency (DARPA) as saying that "military reliance on GPS signals for precision positioning, navigation, and timing (PNT) information is crucial for a wide range of military weapons".

In a book published by the US National Defense University [2] adds that "the military establishment has already identified and acknowledged the susceptibility of their newest generation GPS-assisted weapons to jamming. Without the availability of precision munitions and the conditions necessary for their successful employment, the requirement for numbers of sorties and the risk associated with every strike increases exponentially."

That last statement was made in 2002, but quite recently in Military and Aerospace Electronics [3] an Air Force official, Dan Faulkner, admitted that the problem is very far from being solved. According to Faulkner, the US is developing guidance systems that can operate without GPS, but these systems that are 20 to 30 years away from becoming operational.

On April 16, 2012, DARPA announced that it is soliciting research on Chip-Scale Combinatorial Atomic Navigator (C-SCAN). To quote, "the program seeks to address challenges associated with the long-term drift, dynamic range, and start-up time of chip-scale components for positioning, targeting, navigation, and guidance tasks." [4]

This is supposed to be an advanced INS system that would allow precise weapon guidance without necessity in any external signal. This system, however, is not going to be available soon. In the meantime, US adversaries are undoubtedly putting much effort into creating systems capable of neutralizing "smart" weapons.

In 2009 at the Moscow International Aviation and Space Salon, a Russian company exhibited GPS jammers for military application. This author spoke with the chief engineer of the company, who claimed that its equipment was employed in Iraq in 2003 and initially caused Tomahawk missiles to fly wildly off course as far as Turkey. According to him, Iraq's mistake was to buy only a small number of jamming devices, which the Americans were able to destroy before resuming use of GPS-guided missiles.

GPS jamming devices should not be expensive in mass production. It should be possible to buy hundreds or thousands of them for the price of one Tomahawk missile.

There are two currently available systems to increase resistance of GPS devices to jamming. One seeks to achieve a tight coupling between GPS and INS using advanced software. [5] This method can help when GPS jamming is intermittent, but not when the missile flies through a continuous zone where GPS is completely suppressed. The second method is using a directional antenna to block reception in the direction of one or several jamming sources. One such system [6] is offered by Canadian company NovAtel. However, it is doubtful that such a system, even if it is already installed on Tomahawks, would work against multiple sources and strong jamming signals.

We can suppose that Syria learned from Iraqi and Libyan experience and obtained a sufficient amount of GPS jamming devices from Russia. Hundreds or thousands of these devices can easily cover a large area around Damascus and other important areas, so that cruise missiles would fly off course by hundreds of kilometers. The GPS jamming zone can start over water, where TERCOM and DSMAC guidance surely do not work. With the use of small boats, a jamming zone can be extended hundreds kilometers from the shore.

An additional restriction is that the presence of advanced anti-ship missiles supplied by Russia does not allow American ships to come close to Syrian shores for the attack, so missiles have to fly long distances over water, likely without a GPS signal, and this will lead to difficulties in resuming TERCOM navigation when overland.

In these conditions, Pentagon generals could not guarantee the clean and impressive victory Obama had expected. Of course, nobody can predict the results of Tomahawk strikes with complete certainty, but in all likelihood it would be inconclusive at best. What could the poor generals do next? Send bombers into mostly intact anti-aircraft defenses and risk substantial aircraft losses and further embarrassment?

A far more reliable solution would be to make a virtue out of necessity, and ask a reluctant Congress to approve the strike, and after being rebuffed announce another great victory for American democracy.

Notes: 1. Military & Aerospace Electronics, DARPA seeks to wean smart weapons off GPS with hybrid inertial navigation system-on-a-chip, By John Keller, April 18, 2012.
2. Globalization and Maritime Power, edited by Sam J Tangredi, National Defense University, Chapter 18, Globalization and Naval Aviation, by J Kevin Mattonen, 2002.
3. Military & Aerospace Electronics, Electronic warfare: the cat-and-mouse game continues, by J R Wilson, September 9, 2013.
4. Chip-Scale Combinatorial Atomic Navigator (C-SCAN), Solicitation Number: DARPA-BAA-12-44, April 16, 2012.
5. Aviation International News, GNSS Advances, Despite Setbacks, by John Sheridan, September 2013.
6. GAJT, GPS Anti-Jam Technology, NovAtel Inc., Calgary, Alberta, Canada.

Re: Wither Air-Sea Battle

Pentagon report rips Texas F-35 fighter jet plant
Published: October 2, 2013 Updated 4 hours ago


By James Rosen — McClatchy Washington Bureau
WASHINGTON — A new report from the Pentagon’s internal watchdog strongly criticizes managers and workers at the Fort Worth, Texas, plant that makes the F-35 fighter jet for an alleged lackadaisical attitude that it says has led, on average, to more than 200 repairs for each aircraft and cost taxpayers millions of dollars.

----
Jeez, they really are the JPM of the MIC.

Re: Wither Air-Sea Battle

Unless you're talking about a raw video stream, I don't believe that encrypting a stream of video data is going to quadruple or quintuple the bandwidth required. The video is most likely already encoded in a compressed form and encryption will only slightly increase the size of the total data transmitted.

Re: Wither Air-Sea Battle

If you don't pad out the e's - i.e. the blue sky bits, then the encryption scheme is much, much easier to crack.

Re: Wither Air-Sea Battle

Not if you have a feedback into the cipher. The only example I can think of right now would be the difference between using Triple DES in Electronic Code Book mode versus Cipher Block Chaining or Cipher Feedback mode.

Re: Wither Air-Sea Battle

Feedback in a cipher can work well in a small range of variable scenario - which is what most Internet traffic is.

Video bits, however, are not small range variables.

More importantly - triple DES does significantly increase output size. Have you ever actually looked at what input vs. output is from tripleDES?

The theoretical minimum is 5 bytes to 8 bytes, which is a 60% increase in size right there.

Re: Wither Air-Sea Battle

If I understand the explanation on this link correctly, the overhead is rather minimal when using TLS_RSA_WITH_AES_128_CBC_SHA.

Re: Wither Air-Sea Battle

This is, for me at least, an absolutely new perspective. Was convinced Tomahawks were absolutely precise and very difficult to down-interfere with weapons.

Re: Wither Air-Sea Battle

http://www.theregister.co.uk/2013/08...ewark_airport/

GPS is a very low power system. It ain't hard to jam.

Furthermore accuracy is not to be assumed either. There are inherent accuracy limitations due to distortions caused atmospheric turbulence for the air through which GPS radio signals reach Earth - which is why most public systems have a 3.5 meter accuracy limit.

Even without jamming, you have additional sources of error due to environment: hills, trees, large masses of metal or metal oxides, etc etc.

To get an idea of the magnitude in error - here are some slides from GPS testing I've done:

Slide2.jpg
Slide3.jpg
Slide4.jpg
The middle data is taken using the device I've created - one which accesses all of the present public global positioning systems in order to derive position. It still has the 3.5 meter fundamental accuracy limitation, but suffers far less from the inability to access US-GPS satellites - which is a common problem in urban canyons, hilly/mountainous areas, or areas with lots of large trees.

The US GPS system has 30 satellites up; the additional systems add a significantly redundant 42 satellites (so far).

Re: Wither Air-Sea Battle

I don't understand what you're saying about large-range and small-range variables; it's terminology I have not encountered before.

However, I'm fairly certain that Triple DES does not impose a 60% penalty in increased size/bandwidth. Perhaps you're thinking of something else other than encryption algorithms? In particular, TDES is nothing but a bit-shuffling algorithm with a bit of XORing if one of the feedback modes is used. That is not going to cause the size of the cipher text to balloon up some multiple of the plain text size. At most, there will be an overhead of 8 bytes for padding.

And, yes, I have looked at input/output from TDES before so I kind of know what I'm talking about.

Re: Wither Air-Sea Battle

Variable sizes affect the range over which a cipher crack must search. This is why the NSA seeks to muck with 'random' generators; by removing much of the variability, the ability to crack a cipher - irregardless of strength of encryption - is greatly enhanced. Kind of like guessing what card is picked by a person out of a deck when the deck is only 4 different types of cards, vs the normal 52.

As for encryption output:

DES is a block cipher - all it does is encrypt some size of data. This size is fixed for any given implementation - thus the expansion in data size is a function of how large the overall data is vs. the DES block size.

Thus while for a given block - say 32 bit - DES may not increase the data size significantly, the block itself causes the data size to increase by some amount.

The sizes of the blocks themselves also affect overall data size: the blocks need headers so that they can be stitched together into the original file.

Here's a decent example of what the various categories mean:

http://www.obviex.com/Articles/CiphertextSize.aspx

Note that the data size during transmission is the issue: the file size pre-encryption (i.e. direct from the sensor/camera) and post-encryption (i.e. after transmission is received and decoded) is only relevant as a base reference.

Re: Wither Air-Sea Battle

You're talking about an initialization vector which in the case of TDES is 8 bytes of random information. For each cipher, the size of the initialization vector is a fixed size. So one of the things the NSA has tried to subvert is the algorithm used in pseudo random number generators to make their outputs predictable.

For any but the most trivially small amount of data (tens of bytes), the overhead imposed by TDES and other block ciphers is absolutely trivial for when used against large data like video. Specifically, I had mentioned that the maximum overhead for TDES is the padding length of up to eight bytes. For any message M being put through a TDES cipher, the length of the cipher text is ||M|| + len(padding) where the length of the padding is from one to eight bytes.

For all intents and purposes, sending an encrypted video is not going to require any more bandwidth than sending the same video in unencrypted form.

Re: Wither Air-Sea Battle

Really? So that's why Adobe has a paid product which specifically highlights that its encryption/security scheme will significantly reduce bandwidth through transmission?

I'd also note that the statement above implies that the division of video data into blocks mimics the block cipher division precisely - i.e. that one set of headers is all that is necessary to decipher/re-stitch multiple blocks together - and that since you need one header anyway to restitch video, that said data size increase is minimal.

While that certainly can happen, I'd think this type of linearity is a vulnerability itself.

If on the other hand, you have different headers between video stitch and encryption, then extra set of headers itself will comprise a non-trivial amount of overhead.

Re: Wither Air-Sea Battle

I am not familiar with what Adobe is doing but my very limited experience with their products suggests that their encryption/security technology's need for significantly more bandwidth is likely because their software is lousy.

The linearity you speak of is not really an issue although one thing is true: the more data you pump through a cipher, the greater the probability that an observer might be able to determine the key. This was the problem with WEP: it used a weak cipher to begin with and then when you transmit a ton of data, you can eventually bust the encryption. Using a stronger cipher like TDES (I'm not aware of this being used for streaming because it's slow) or Rjindael drastically reduces that problem. Furthermore, there are systems (such as NASA's communications to their space vehicles) that periodically re-key to prevent attacks based on being able to observe a large amount of cipher text.

Encrypting of video (or any other data) only trivially increases the size of the sent data. If that weren't the case, then things such as VPNs and YouTube-over-HTTPS would be prohibitively bandwidth-expensive compared to running things in plain text; they are not.