> Here, we demonstrate a covert communications method in which photon emission is rapidly electrically modulated both above and below the level of a passive blackbody at the emitter temperature. The time-averaged emission can be designed to be identical to the thermal background, realizing communications with zero optical signature for detectors with bandwidth lower than the modulation frequency
It sounds like maybe they're modulating the emissivity of a diode up and down so that over time, its IR spectrum looks like black body radiation. Only someone looking at the intensity of the thermal radiation coming from the diode at really fast timescales (kilohertz or megahertz) would notice that there was a signal being transmitted.
> We do have encryption methods, but at the same time we’re always having to create new encryption methodologies when bad actors find new decryption strategies.
> But if someone doesn’t even know the data is being transferred, then it’s really very hard for them to hack into it. If you can send information secretly then it definitely helps to prevent it being acquired by people you don’t want to access it.
Very strange framing. Symmetric cryptography has been "unhackable" for a while now, for all intents and purposes. The real advantage is surely that nobody notices you're transmitting data at all?
The cypher may be prefectly impenetrable, but the software running on the transmitter or receiver may be more brittle. You cannot attack what you don't even know exists nearby.
In practice you can infer a lot. The payload of a TLS stream is formally indistinguishable from random data, but you can still tell on the wire that it's TLS. There aren't a lot of widely-used TLS implementations. It's been a while since I looked at the specifics, but I bet there's a lot of more specific signature data in the plain-text parts of the protocol like supported ciphers. You can make some good guesses from the metadata.
In the case of a physical interception, you can probably infer more. If you, after reading this article, spot an enemy drone that doesn't have any obvious emissions, then, well, there might only be one option for the software running on that drone, namely The Software that your enemy uses on their drones.
Anyway, it's not clear to me from the article whether the source object from the signal will necessarily be invisible. I think every transmitter still at least looks like a point source of blackbody radiation. The signal may not be detectable from thermal background radiation, but if the background itself is coming from a big obvious drone, well, you know it "exists nearby".
You do have to try, though, is the point. It's not automatic just because the output of the cipher itself is cryptographically random. And when you do try, the lack of metadata will itself be a clue as to the software generating it.
> transmitter still at least looks like a point source of blackbody radiation
The whole trick is that on average it is a source of blackbody radiation exactly like any other piece of matter next to it, same temperature. It does not produce a light or dark spot on an IR camera image. It turns hotter ("positive light") and colder ("negative light") with a very high frequency, in a controllable way.
But once you've located the device, you can use a number of electronic warfare approaches to crack into it, not necessarily through its main radio interface. For instance, electromagnetic interference, heating, etc, all can inject a subtle hardware failure that the software is not ready to handle.
It adds a layer of obscurity, but not real security. If somebody is looking, neither sender or receiver can detect it or know if their ciphertext was intercepted. Depending on the methods used, the cipertext might not be immediately crackable with currently known algorithms and resources. However, it can be archived and broken at a later date, or by an actor who has access to algorithms/resources that aren't currently public.
Covert transmission is security. Think of a spy or North Korean dissident, mere detection of a transmission means compromise; Eve will extract the plain text using the trusty $10 wrench.
harvest-now-decrypt-later attacks aren't much of a concern for modern symmetric cryptography. heck, even known-broken ciphers like rc4 aren't easy to break in a non-interactive setting with modest ciphertext sizes and no key reuse.
Sure, but for symmetric ciphers it's not hard to hit the "by anyone, for my lifetime" threshold. NIST does not define a sunset date for AES-256, for example.
Maybe I skipped over it, but the (suspected) narrow band emission of their diodes is something that could be detectable.
Electronic warfare is not about listening, but just seeing the location of the emitter. If you had someone with a different thermal camera/ camera with SWIR, you might see that something is just not right.
The big claim in general appears to be that the signal is not obvious because it averages out to normal background radiation noise. The article doesn't communicate this well though.
The bit that you quoted, I think that's just a random sentence that looks dumb out of context. I don't think it means anything special.
In general, it is very easy to detect that radio signals are present.
A better comparison is with radio signals for which a method of spread-spectrum modulation has been used, chosen such as to have a bandwidth so wide that the averaged signal falls below the thermal noise level.
Such radio signals will also not be detectable without special detectors.
WiFi and Bluetooth use spread-spectrum modulation methods but they have relatively low bandwidths, so they can be easily distinguished from thermal noise. Much wider bandwidths are required to prevent detection.
While this is equivalent with "gets cold as well as hot", there is a critical difference.
Modulating the infrared emission by cooling and heating a body is slow, so the transmission rate is low and it is also easy to detect, because any infrared detector will show pulsed infrared light.
The whole point of the article is that they have found a method for modulating the infrared emission that is much faster than cooling and heating, so because the modulation frequency is so high any normal infrared detector will not see anything, it would just detect the normal infrared emission that corresponds with the ambient temperature.
They exploit a phenomenon that exists in infrared LEDs made for a low frequency (high wavelength), which when biased forward emit infrared light, like any LED, but when biased backward the reverse happens, i.e. their infrared emission is lower than it should be for a black body at ambient temperature, because a part of the thermally emitted photons are reabsorbed by the semiconductor, generating electron-hole pairs that are separated by the electric field, being thus prevented to recombine and emit again a photon.
Because the increases and decreases in infrared luminosity are done by changing the bias voltage of a LED, they can be done orders of magnitude faster than by cooling and heating.
I do not know whether this proposed application in steganography would ever be worthwhile, but this is certainly a very cool development.
Or you can call it encryption along different axis. Much like extracting GPS signals from below thermal floor level - you can do it if you 1) know it's there, and 2) know exactly how to key in. It's impressive as heck, but you can always rephrase it in terms of information theory in ways that makes it sound like slightly different shade of mundane.
I don't believe you're missing anything. This is just stegenography with a possibly new covert channel, right? Apparently the secret depends on advisaries not noticing the special hardware deployed on each end. Would using spread sprectum techniques would work just as well?
I think the reason the negative luminance is potentially important for secrecy is that it means the average of the signal you’re transmitting is zero, making it indistinguishable from noise.
This is basically spread-spectrum / CDMA, but in a different frequency range? As others have mentioned in comments here, GPS signals are already far below the thermal noise floor.
I don't understand what makes it hidden if anyone with the right equipment can pick it up. That's like calling X-rays hidden because most cameras can't pick them up.
True. I think the novel point is that on average, the emitter just isn't emitting. Normally, you can have a very simple piece of equipment that can pick up the fact that a signal source is emitting something, but then you need to get a more specialised piece of equipment to actually collect and decode the transmission. This just raises the stakes to having to have the specialised equipment to see that there is a transmission at all.
A lot of spy movies or police procedural movies show someone coming with a magic detector for hidden spying cameras or microphones that is used to sweep a room and remove all offending devices.
The device presented in the parent article would be undetectable by any classic detectors.
However, if such a method would ever become widely used in reality, it would not be difficult to make detectors for it. So it could have a window of opportunity, between the first development of spying devices based on it and the development of countermeasures.
Another example: in some regimes merely using Tor is illegal, or say in the US using it is enough to justify a search warrant for probable cause, with no evidence of any actual wrongdoing. The EU Chat Control lobby is also trying very hard to criminalize encryption. The simple act of trying to communicate privately is taken as indicative of criminal wrongdoing in the modern world. Being able to communicate without adversarial parties knowing you're communicating is a boon.
+1. As another example see https://en.wikipedia.org/wiki/Numbers_station -- people can't decipher the messages, but they strongly suspect something spy-y is going on. If they couldn't even detect it, there would be no suspicion.
Also hi StevenWaterman, I recognize you from previous comments! I think this is the first time that's happened to me on HN
Also even if they know you are transmitting, it may still be beneficial to prevent them from knowing how much you are transmitting.
Imagine the enemy detects some of your transmission, even knowing it's encrypted, they can still look at the data rate (or estimate order of it):
- 5 bps = probably a random transmitter, maybe audio spy device, maybe remote detonated weapon
- 5 Mbps = probably a feed from military hardware or personnel
Similar inferences can be made about volume, if they can identify distinct transmissions. Etc. If tricks like these can make the enemy confuse 5 Mbps TX for a 5 bps one, it has obvious tactical utility.
DSSS is sort of both security and obscurity at the same time. The very act of spreading your spectrum out via a secret key also has the effect of reducing the amplitude of your transmission, ideally below the noise floor. A receiver on the other side wouldn't see anything except noise unless they had the same key.
The same is true for any other method of spread spectrum modulation, e.g. for FHSS (frequency-hopping spread spectrum) or for ultra-wideband pulses.
The detection of weak signals requires long integration times, which remove from the output any spread spectrum signal present in the input, unless you know and apply before the integration the correct scrambling or frequency-hopping sequence.
From the abstract:
> Here, we demonstrate a covert communications method in which photon emission is rapidly electrically modulated both above and below the level of a passive blackbody at the emitter temperature. The time-averaged emission can be designed to be identical to the thermal background, realizing communications with zero optical signature for detectors with bandwidth lower than the modulation frequency
It sounds like maybe they're modulating the emissivity of a diode up and down so that over time, its IR spectrum looks like black body radiation. Only someone looking at the intensity of the thermal radiation coming from the diode at really fast timescales (kilohertz or megahertz) would notice that there was a signal being transmitted.
> But if someone doesn’t even know the data is being transferred, then it’s really very hard for them to hack into it. If you can send information secretly then it definitely helps to prevent it being acquired by people you don’t want to access it.
Very strange framing. Symmetric cryptography has been "unhackable" for a while now, for all intents and purposes. The real advantage is surely that nobody notices you're transmitting data at all?
In the case of a physical interception, you can probably infer more. If you, after reading this article, spot an enemy drone that doesn't have any obvious emissions, then, well, there might only be one option for the software running on that drone, namely The Software that your enemy uses on their drones.
Anyway, it's not clear to me from the article whether the source object from the signal will necessarily be invisible. I think every transmitter still at least looks like a point source of blackbody radiation. The signal may not be detectable from thermal background radiation, but if the background itself is coming from a big obvious drone, well, you know it "exists nearby".
For example, Noise protocol + Elligator + constant bandwidth, is indistinguishable.
The whole trick is that on average it is a source of blackbody radiation exactly like any other piece of matter next to it, same temperature. It does not produce a light or dark spot on an IR camera image. It turns hotter ("positive light") and colder ("negative light") with a very high frequency, in a controllable way.
Electronic warfare is not about listening, but just seeing the location of the emitter. If you had someone with a different thermal camera/ camera with SWIR, you might see that something is just not right.
So all an eavesdropper has to do is setup the right equipment then? I guess it is only invisible until the technology becomes more widely available.
The big claim in general appears to be that the signal is not obvious because it averages out to normal background radiation noise. The article doesn't communicate this well though.
The bit that you quoted, I think that's just a random sentence that looks dumb out of context. I don't think it means anything special.
A better comparison is with radio signals for which a method of spread-spectrum modulation has been used, chosen such as to have a bandwidth so wide that the averaged signal falls below the thermal noise level.
Such radio signals will also not be detectable without special detectors.
WiFi and Bluetooth use spread-spectrum modulation methods but they have relatively low bandwidths, so they can be easily distinguished from thermal noise. Much wider bandwidths are required to prevent detection.
Radio broadcasts to everyone.
Light you can block off to a single direction.
Oh wait, directional radio antennas exist. Nevermind, yes. Exactly like radio waves.
Sorta, kinda. You're really only just attenuating things a lot. It's tricky to actually block it off fully.
Same with radio waves, as light is literally the same phenomena as radio waves, it's just shaking faster.
Modulating the infrared emission by cooling and heating a body is slow, so the transmission rate is low and it is also easy to detect, because any infrared detector will show pulsed infrared light.
The whole point of the article is that they have found a method for modulating the infrared emission that is much faster than cooling and heating, so because the modulation frequency is so high any normal infrared detector will not see anything, it would just detect the normal infrared emission that corresponds with the ambient temperature.
They exploit a phenomenon that exists in infrared LEDs made for a low frequency (high wavelength), which when biased forward emit infrared light, like any LED, but when biased backward the reverse happens, i.e. their infrared emission is lower than it should be for a black body at ambient temperature, because a part of the thermally emitted photons are reabsorbed by the semiconductor, generating electron-hole pairs that are separated by the electric field, being thus prevented to recombine and emit again a photon.
Because the increases and decreases in infrared luminosity are done by changing the bias voltage of a LED, they can be done orders of magnitude faster than by cooling and heating.
I do not know whether this proposed application in steganography would ever be worthwhile, but this is certainly a very cool development.
The device presented in the parent article would be undetectable by any classic detectors.
However, if such a method would ever become widely used in reality, it would not be difficult to make detectors for it. So it could have a window of opportunity, between the first development of spying devices based on it and the development of countermeasures.
For a contrived example, imagine I'm in a warzone:
- Secure = Enemies can't read my messages. Good. But they can still triangulate my position.
- Covert = Enemies don't know I exist
Also hi StevenWaterman, I recognize you from previous comments! I think this is the first time that's happened to me on HN
Imagine the enemy detects some of your transmission, even knowing it's encrypted, they can still look at the data rate (or estimate order of it):
- 5 bps = probably a random transmitter, maybe audio spy device, maybe remote detonated weapon
- 5 Mbps = probably a feed from military hardware or personnel
Similar inferences can be made about volume, if they can identify distinct transmissions. Etc. If tricks like these can make the enemy confuse 5 Mbps TX for a 5 bps one, it has obvious tactical utility.
In the real world, obscurity is the cornerstone of security.
The detection of weak signals requires long integration times, which remove from the output any spread spectrum signal present in the input, unless you know and apply before the integration the correct scrambling or frequency-hopping sequence.