Slashdot Mirror
Crack A "Numbers" Station
boss soul writes: "On Friday, NPR did an excellent story
on those infamous 'Numbers Stations' that broadcast on shortwave radio. Since the 1950s,
these stations have been broadcasting nothing but an unidentified human voice reading a string of
numbers. Though most people believe that these broadcasts are used by intelligence agencies to
communicate with their agents abroad, there has never been any way to confirm this ... until now!
The makers of "The Conet Project" (a four-CD set of numbers-station recordings) have thrown down the proverbial gauntlet and announced a
series of "cryptographic
challenges" -- the object of which is to crack an actual numbers station
broadcast. Dust off your Crypto caps, everyone -- I want to see a slashdotter win this one! "
The previous run of this story is ref'd, but the discussion did center around use of codes on insecure channels during WWII. A good book, for the interested party, is Between Silk and Cyanide, by Leo Marks (ISBN 0684864223).
I'd have to echo the pessimistic sentiments of others in this discussion, though, and state that there's probably not a lot of hope in 'cracking' these transmissions, given that we have no knowledge of their origin or purpose.
The Attitude Adjuster, I hate me, you can too.
I'm just wondering how many spy agencies around the world have ~50 years of contiguous recordings stacked up for each station.
--
Sheesh, evil *and* a jerk. -- Jade
I can see it now. Half a dozen GRU (or KGB, I suppose) in an underground bunker in the midwest, huddled over a transmitter, still sending intelligence information, blind to the fact that the Soviet Union has fallen and the Cold War is theoretically over. Just watch, when someone decodes this stuff, it's going to turn out to be "FROM NEVADA 314 STOP TO MOSCOW STOP CURRENT AMERICAN PROPOGANDA IS THAT MOTHERLAND HAS COLLAPSED STOP PLEASE SEND MORE VODKA STOP" or some such.
Nothing against Russians, mind, i'm proud to sort of be one, but this would make such a great spy novel.
===
-J
Karma: T-rexcellent.
Actually, no. The story is now archived and always displayed with the highest ranked comments first.
73758 40855 40850 (encoded plaintext)
64270 19371 16214 (one time pad)
37928 59126 56064 (encrypted message)
The encoded plaintext is added to the one time pad with modulo 10 arithmetic, a single digit at a time. The result is the encrypted message, ready for transmission. The recipient of the message reverses the process by subtracting the one time pad from the received message, again with modulo 10 arithmetic, a single digit at a time.
37928 59126 56064 (encrypted message)
64270 19371 16214 (one time pad)
73758 40855 40850 (encoded plaintext)
Assuming the one time pad was properly generated from a true random number source, there are no statistical anomalies in the encrypted message that could aid a cryptanalyst.
Mea navis aericumbens anguillis abundat
Has anybody checked that the 4-cd set isn't just audio? wouldn't that been a good joke to pull on the crypto community ;)
Also you have to encrypt using their PGP key, not yours, so you aren't 'proving your identity'
Unless you use the encrypt/digital sign function.
Some still do "live" transmissions, the Bored Man and Babbler stations come to mind.
Visit http://www.spynumbers.com for more information about spy numbers stations.
I have a CDROM out, with about ten hours of recordings, and lots of information, all organized as a web site, so it's cross platform.
As a little birthday gift to myself, I picked up a fairly high-end handheld digital shortwave radio like a week ago. Its an amazing little device, when you think about it.. In your hands you hold a box capable of opening a window into the communications of every technologically advanced culture on the planet, runs on three AA batteries, and will run forever if you take care of it. Not a bad deal for $219.00
That being said, here's a little something about numbers stations: Alot of them have already been linked directly to intelligence agencies, so, thats not a rumor anymore. Its a fact. Our on CIA, and Israel's Mossad are among a growing list of agencies known to be running numbers stations, as the broadcast source has been proven to be on land owned by these agencies.
On a totally different not, my own father ran crypto for the Navy (even had clearance at the Pentagon for a short time!) for a few years during the mid-late 1950's. During his stint in the Navy, he was stationed in Adak, Alaska where he and and a bunch of other guys jobs' were to monitor Russian shortwave radio traffic..mostly stuff in the Bering Strait, and from stations in and around the Kamchatka. To this day he can copy morse code by hand fast as fuck.
Whatever that means.
Bowie J. Poag
Bowie J. Poag
The U.S. Air Force Strategic Air Command had something similar with their "Sky King" broadcasts on the high frequency bands. They sent out coded messages at regular intervals using SSB (single sideband) voice. This was one of the systems for sending EAMs (emergency action messages) to SAC's nuclear armed bombers. When listening, you never knew if the message was "testing" or "nuke Moscow".
Mea navis aericumbens anguillis abundat
There are 5 different messages to crack :
1.E3 (The Lincolnshire Poacher)
2.E5 (CIA Counting Station)
3.E22 (New Station!)
4.E10 (Phonetic Alphabet Station)
5.G2 (The Swedish Rhapsody)
And (look at the last line) " The Prize for the first person to email us a deciphered text along with the method employed in the crack will be an ancient Gold Roman coin. The Judges decision is final. "
Also you have to encrypt using their PGP key, not yours, so you aren't 'proving your identity', just (hopefully) making sure nobody besides them can read your email. However that doesn't mean the NSA/Men In Black won't say hello if you crack it.
When confronting KGB, agent must throw >18 2D20 to save vs. unusual persuasion. Use freq. 376.125 for throw.
When captured by KGB, agent must throw >22% to save vs. truth serum. Use freq 377.375 for percentile digits.
Chance encounters with gelatinous cube, cube appears >19 2D20. If east of Iron Curtain, use freq. 272.5 for throw. If west of IC, use 377.75.
One possible theory not mentioned here is that the OTP is actually a book: like a well-known piece of literature that is easy to get. Then the cypher will be the page number, line(or paragraph) number, and a word number smashed together. To decode you need to know which book and which print (to keep pages in sync) or possibly go with print-independent numbers: chapter/paragraph/word combination. This possibility was mentioned in one of the Russian cold-war era spy movies.
MSK
Doing something impossible twice is pretty impressive, 'specially if the second time they do it it's even worse than the first. :) So this crypto stuff - quite possible. :)
-------
CAIMLAS
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
That has got to be one of the worst jobs ever, reading a very long string of numbers... I can only assume they recorded 'em though,
"One Five Seven...no Two...sorry. Eight"
...it's just a language with really long words. Probably the damn Eskimos.
-
It would seem that there must somehow be a way to implement distribute.net into solving this (if there is any solution). Why work against each other if we can all work together and nail this?
I'm not a crytpo-expert, but my guess is that you would need to use a wide variety of formulaes to even ever discern that there is a pattern, let alone what the patterns signify. But the formulae could be well-tested on a mass-scale via distributed.net and then once a group of likely candidates is discovered, attack them on a massive scale and see if anything hits.
But like I say, I'm not an expert whatsoever. This just sounds like a way to approach it. But, unlike RC5 and DSS, this doesn't have a known answer hiding somewhere with any manner of known mathamatical processes of resolution, so brute-force would be out of the question, no? Unless there is a way to massively process *methods* and *formulaes* to see if they're even appropriate to ever do brute-force decryption along side.
---
icq:2057699
seumas.com
2) A one-time pad usually encodes phrases, not letters or single words. A complex one can have multiple phrases available from which one can construct a complete message, ie 48 = "meet me," 47 = "at the courthouse steps," 97 = "at phillip's house," and so on. Both the numbers and the phrases can be chosen arbitrarily, and can be changed every week or even every day.
No!
That's a codebook, not a one-time pad. If you'll notice, the frequencies of different digit pairs (using your example) will likely be different. That's no good. A one-time pad is a long string of true random numbers. They would most often be combined with the message with a simple XOR algorithm, although something else might be more appropriate when using pencil and paper. The point of a "one-time" pad is that the same numbers are never used more than once, hence the name one-time. It's not changed once a day or week, it's destroyed immediatelly after use!
There were ciphers in the 1950s (probably quite crackable now) and they may have used a OTP in the past.
However there's no reason they haven't changed things and now use a computerised cipher -- after all, with encrypted data, we'd never notice a switch between two good ciphers (without cracking it, anyway).
I somehow doubt the exact same set-up has been running 50 years.
The task of being _able_ to search the entire world's printed matter (in each particular edition) for the past thousand years or so is in itself a massive undertaking. To be able to use such a database in a meaningful way would also be very very difficult.
But if we pull it off, I suppose we've just done a great deal of good for the Library of Congress, have we not? ;)
---
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Hey, I found a online book here (Secret Signals) with loads of information, dechiffered messages and so on.
Over at shmoo.com, we've been running our own number station contest for over a month now. We're not using a OTP, so it is very solvable. The hard part is we have streaming audio feeds, so you actually need to do a bit of transscription. ;)
Anyhoo, if you're interested, tune in to a number station you actually have a chance at cracking. BTW: the prize is currently 2 DVD's.
I'm down with that, as it were
Salon had an article last year about the number stations.
--
Unselfish actions pay back better
Thanks to google cache!!!! You can view it at: http://realmofdarkness.org/otp/
some guys probably just got together and recorded this insane wino from the alley behind my house. All fucking day he goes on with this shit
"one, four, twenty, bhgrrarg" (he usually seizures for a minute or two)"fifteen, three..."
Sometimes he does it in french. i think he was in the war
"quatre, dix, vingt..."
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
"It is seldom that liberty of any kind is lost all at once." -David Hume
Of course that could be the goal. If you really want to mess with the other guys, you could use a scheme like this to do it. The process would be pretty simple:
All it takes is a bit of effort: one cryptographic algorithm, a creative guy or two to write bogus messages, and a bunch of people you can hire pretty cheap to read off your lists of numbers. If you're lucky, you can tie up several capable cryptographers trying to decode it, which is probably a net win. If you're really lucky, they'll succeed, buy it hook, line, and sinker, and you can start using it to give them disinformation. Sounds like a reasonable thing to try.
There's no point in questioning authority if you aren't going to listen to the answers.
Credit goes to our top codebreaker, Ralphie.
1) Get yourself elected president 2) Call the directors of the CIA and NSA into your office and ask them
Yes, the "numbers stations" are almost certainly using one-time pads, but there are levels of obscurity they may use that go beyond that:
1) There is no reason all the numbers broadcast 24/7 must have any meaning, so a "key" could contain instructions that tell a recipient to listen for the string "24 41 00 65" after 12:32 p.m. and that the numbers between that string and "24 41 00 56" are the message.
2) A one-time pad usually encodes phrases, not letters or single words. A complex one can have multiple phrases available from which one can construct a complete message, ie 48 = "meet me," 47 = "at the courthouse steps," 97 = "at phillip's house," and so on. Both the numbers and the phrases can be chosen arbitrarily, and can be changed every week or even every day.
3) The date/time key can be kept separate from the decode key; that is, which strings to listen to, and when to listen for them, can be kept as a "key book" in an embassy safe, while the number/phrase "code book" can be in the possession of a staff member who does not live or work on the premises. If someone gets hold of the key book it does them no good without the code book, and vice versa.
This is good old-fahioned human stuff. To "decode" a message, you have to both suborn the embassy staff and find the code book. And if the person who has the code book doesn't report in, that code won't be used again, so capturing a code book does not allow you to decode future messages. Key books, too, can be changed if there is any suspicion that one has fallen into wrong hands.
Bill Gates might be able to crack this kind of code - not with computers, but by bribing both embassy staff members and the outside people to whom the actual messages are being sent, assuming the above message-passing method is the one being used, which may not be the case.
Humans are always the weak link. Even with "unbreakable" codes or ciphers, if the person who writes the original message is an enemy agent all the transmission security in the world won't keep it away from the enemy (or commercial competitor).
In light of all this, if I wanted to "prove" I could crack a "number station" code, I'd bribe someone at the transmitting end to send a message with content I already knew, at a predetermined time that I also knew.
This is not a particularly original thought, BTW. It's been used in at least a few spy novels as a way for a turncoat agent to gain a new master's trust.
- Robin
I just finished "The Puzzle Palace" and "The Code Book" and I would disagree with you. There was a detailed story about a tech at GCHQ who was selling data to the East Germans. They gave him a briefcase with several years of one-time-pads, and the schedule for one of their Numbers Stations. The briefcase had a false bottom and also contained secret writing material with fake letters that he could send to a maildrop in Germany for return communication.
Key distribution is not so much of a problem if you only intend to communicate once a week or so, and you wouldn't even have to use all those keys--just have an identifier that says "No messages for you today!"
BTW: Sent from one of those QNX bootdisks! Fast teeheehee.
-- Remember: Wherever you go, there you are!
With so many nations and agencies broadcasting number stations, some of them have to be solely for disinformation purposes.
If these are actual encryptions are using one-time pads as keys, then a brute-force attack (ala distributed.net) would be worthless, unless they're actually using the 'one-time' pads more than once.
What seems more approachable is taking a look at these streams of numbers, looking for the patterns inherient in random number generators. If the method of generating random numbers can be found (which really shouldn't be that hard if the 'disinformation code' is being generated by two guys in a hut and an old PC), then specific stations can be singled out as disinformation stations, sending out 'predictable' random numbers.
Chances are that most of these stations are just that, disinformation beacons.
On the other hand, if they're not, then there must be some header information to identify whether a given broadcast is intended for you (a specific spy) or another agent. This sort of info would likely be the first step of a decryption process, because it would be unlikely that they would force every agent to use up part of a one-time pad at every broadcast just to determine if the broadcast was for them. More likely, there would be some algorithm performed on the header, so an agent can get a reasonably certain idea if the broadcast is meant for them.
My first guess would be something combinitorial, like multiplying the 'agent IDs' of each agent the message applies to, so the agents have only to take the header numbers and see if it's divisable by their number. If so, grab a pen and dig out your one-time pad.
I wonder how many of these sorts of things are already on the net. It makes me want to start a page (that people should mirror, for obfuscation's sake) with random numbers that change every day. Heck, LavaRand is probably doing that right now. Sure they say it's coming from lava lamps, but it could just as easily be messages to spies all over the world, and with 50,000 hits every day, who could trace each one down to find a mobile spy?
Kevin Fox
Kevin Fox
Sometimes the people sending the messages screw up and make mistakes, such as distributing a pad more than once or using a defective random number generator. The NSA cracked a large number of KGB/GRU messages (see VENONA) when the Soviets ran low on one time pads and issued duplicate one time pads. The rumor is that the person responsible for this disaster was shot.
Mea navis aericumbens anguillis abundat
Wow, I didn't think anybody on slashdot would know so little about the history of computers.
Didn't you know that computers have been around since the early 40's? The first being Colossus. It's main purpose was to decypher German cryptography.
So, tell me why they wouldn't use computers for these sequences when 10 years previously computers had proven themselves usefull for cryptographical purposes?
Assuming this isn't just a giant hoax,
This has been going on for 30 years, and it is clearly intended to be received by field agents who do not have access to heavy equipment. This is enough to know it's going to be a one time pad.
Consider: the people running this know that their opponents have computer, have cryptographer, and have lots of time. Not knowing the algorithm will slow them down for a while, but remember that this has to be an algorithm that can be done by hand. It can't be DES. It has to be something the average spy could do in the basement. Solitaire shows that it is possible to create a secure algorithm without a computer, but it has limits (more text makes it easier to break, encrypting with the same key twice makes it trivial to break). I doubt the government came up with anything fundamentally better 30 years ago. With any of the systems, key management would probably be way to painful to be useful.
But a one time pad is easy. Just write the nunbers on a dozen sheets of tissue paper, and it's pretty easy to hide. You won't go through the OTP very quickly either. You don't need to have every transmission have actual information. As a bonus, a one time pad is easy. All you have to do is modular arithmetic.
So you aren't going to be able to break it. The governments made all the stupid mistakes in WWII, and they're quite competent by now.
Ok, first off, I don't pretend to be an expert, but I do know some things. Isn't it theoretically possible to just use random radio noise for the OTP ciphers? Maybe it would be better to tune into a bunch of similar frequencies, and then pipe 'em all through one channel, seeing as the constructive and destructive interference would chage according to wavelength and amplitude.
Think --> Think Different --> Think OSS
D'oh! IANACE either, but I was looking forward to showing off my limited knowledge of this topic by pointing that out first. You beat me to it.
I agree, it seems very likely that these stations are using one-time-pad encryption, particularly since the messages are so short, and (presumably) intended to be decoded by hand. I thought that was pretty common knowledge. It makes me wonder why they'd even bother... Although a thought just occurred to me: with a little imagination, I'm sure you could "decode" these broadcasts and find messages about alien abductions, government conspiracies, terrorist plots, or anything else. It's just like the "Bible Code"... a modern-day Rorsarch test.
MSK
Hey,
If you want my opinion, even with the entire of distributed.net's computing power, cracking this message would be impossible. Distributed.net is looking for a known message with a known algorithm at low - 64-bit - encryption. They are, at the current rate, looking at roughly 2,000 days total at the current rate. If the encryption is simply algorithmic, the keyspace of about 5 algorithms would have to be exhausted, asuming it's a publically-availiable algorithm. That would be over 10,000 days, assuming the encryption is only 64-bit. If I was doing top-secret spy communications, I would use at least 256-bit key, maybe more. That would involve literally millions of keys. Then, of course, there's the book cryptography method. That would be near-unbreakable, even if we had quickly downloadable copies of every book in existance. Or maybe it's a vernam-cipher (one-time pad) system. I doubt an entire country's inteligence budget would flinch at the cost of a hardware RNG.
So, let's recap:
1) We barely have the facility to crack a 64-bit message.
2) This message could have any strength of encryption.
3) This message could use any of a wide range of algorithms.
4) This message could use an algorithm we don't know of.
5) We have no way of knowing if we have managed to crack a message as we don't know the content.
6) There could be multiple layers of encryption using varying, unknown algorithms.
7) They may well use one-time pads.
8) Said one-time pads cound be totaly random.
In conclusion, cracking number-station messages could and probably would be emmensely close to impossible using today's technology, assuming the security is good, which it would almost certainly be.
You're welcome to try, but I don't think it's possible.
Michael
"Goodness me, how unlike the FBI to abuse the trust of the American public." -- The Onion
The reason for this is that if you suddenly go on the air and start broadcasting, you tip the other side that something going on. I suppose you could go off and on at "random", but that doesn't conceal as much information as just broadcasting all the time. For example, the other side could perform specific provocative acts to see if the channel would go on in response. Then, they'd know whether the given channel is to address the particular provocation.
It may be that there is some other external source, such as a quick message on another frequency, something planted in a news report, etc., that tells the receiver when to start listening and for how long.
The 4-cd set may have exactly no content whatsoever. It could well be just random numbers, or even more maddening a very complicated encrypted message that resolves down to a nonsense message.
-Jordan Henderson
IMHO, this is the first clue that we have. Cyphers are great for electronic or mechanical delivery, but don't work so well with the spoken word. The output isn't designed that way. Codes, on the other hand, are optimised to be spoken or written, and are often not much more than simple substitution.
Let's assume, then, that these numbers are some kind of basic word or phrase substitution. How many numbers there are in the transmission will give you a much clearer indication of what kind of code is being used. This is the second clue. Lots of numbers = a simple meaning for each. Few numbers = a complex meaning for each.
This brings me to the third clue. The more numbers the simpler the difference between each of the transmissions. If you've only one or two numbers, you can have some very complex operations going on but if you're using lots, then you can't. The message HAS to be decypherable in a practical length of time, BY HAND, BY A HUMAN. Humans are not designed to be memory gurus.
Now for the final clue. The messages have been sent since the 1950's. This was at the height of Cold War paranoia. At that time, I doubt anybody in an intelligence agency would have trusted short wave radio -that- much. Too unreliable, especially over the distances that would be implicitly involved.
But the military weren't the only ones gripped in psychotic paranoia, gun-fever and a cult-like power craze. Most of America was (and is) gripped in exactly the same delusion.
Now, short-wave radio to communicate between gun cults is entirely believable. Far more so than to believe the CIA or whoever would care for such primitive tools.
IMHO, it's more likely a splinter faction of the NRA than the CIA. More believable still is that it is groups of survivalists, trying to avoid Government mind-control rays with tin-foil helmets and earthed pick-ups (with the obligatory dog in the back).
The most extreme possibility I can think of, which remains plausable, is that some survivalists have convinced themselves that World War 3 happened in the 1950's, and that all evidence to the contrary is an enemy plot to lure them out from their shelters. (Sufficiently isolated areas, and leaders every bit as charismatic as David Koresh -might- be able to pull that kind of stunt off. Those Dr Who fans in the audience might also like to re-read "Enemy of the World".)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
This page has pictures of what they claim are the one time pads taken from captured foreign agents. They were hidden in hollowed out bars of soap and talcum powder containers.
http://www.btinternet.com/~simon .mason/page30.html
-kms1
is that the numbers are really random - they are simply channelsquatting. The HF spectrum is an expensive resource because it's quite narrow and it propagates to such long distances. If you want to ensure you have your channel when you really need it just keep it busy. It's not that different than cybersquatting except that it's harder to argue with a foreign government and a few kilowatts of RF power.
----
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
involves a scanner buff who moved to a rural district whose police dept scrambled transmissions. Not to be left out he bought, at great expense, a voice de-scrambler and got it all installed and the first intercept he taped and played it back thru the device and was finally able to clearly hear, "Chief, did you say you wanted mustard on that pastromi sandwich?"
Seriously, numbers stations sound like a great way to get messages to foreign operatives 'behind enemy lines', all you need is a common shortwave set, your one time pad and lots of patience - no phone lines to trace or tap, no microfilm to hide or lose, no contacts to verify, you get and decode the signals in private, the source is verified and can't be easily 'spoofed', etc.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
You covered this last September.
If this is indeed a one-time pad as most of the people who have studied these codes think, we might as well save our breath to cool our porridge.
:-(
Perhaps traffic analysis might be a more fruitful approach. Of course, as Schneider pointed out on the show, we know who's sending, but we don't know who's listening
---
icq:2057699
seumas.com
Someone needs to have an insight as to a useful crypanalytic attack, to use all that hardware.
I would guess that these numbers form a really long one-time-pad. The agents using them pick a starting point and then XOR (or add mod 10) their message with the stream of digits. Then they only have to transmit their starting point in a complicated cipher. The agents only have to listen to the radio to get the sequence from their selected starting point, and home base either records the whole thing or has the script.
There might be an interesting pattern in the numbers if the random number generator is only pseudo-random, but I would guess they'd use a physical process instead of a mathematical one, given that the indend to send out digits for years on end.
You are confusing "security through secrecy"
with "security through obscurity".
One works, one doesn't.
-fb Everything not expressly forbidden is now mandatory.
Why not triangulate one of these stations, go there, and ask the guy what the hell he thinks he's doing?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I love Google!
-- @rjamestaylor on Ello
"Thanks for cracking the code! Your prize is a bullet in the head from a black helicopter in your back yard."
Well, IANACEBIHTGC. (I am not a crypto expert but I've had two graduate classes. In cryptographic protocols and advanced cryptanalysis.
These strings of numbers are very likely to be from a one time pad which given certain assumptions are fundamentally unbreakable. The assumptions are: you never lose the pad (codebook), you never reuse the pad, the pad is truly cryptographically random. The proof of this is fundamental information theory.
If they are not one time pads, then it is possible, but a brute force attack like distributed net only works when you know the algorithm or the general family of them anyway. Also, it helps alot if you know something of the plaintext that you're after. If say, the number stations are transmitting encrypted random data such as the encryption keys for other other communications, then how the hell would you know that you'd found something when you decrypted it.
There just isn't enought information to do anything but put a bunch of smart people in front of the data and see what they can figure out.
a8dmldk38f7ekal3973jdm43kaeqq
could be either:
my hovercraft is full of eels
or:
Hello, I love Natalie Portman
or a million other phrases that fit within the length limitation.
I notice they don't describe the prize, and require: All email concerning this challenge must be PGP encrypted.
I wonder just how wise it would be to try to claim victory:
Personally, I can't wait until the NSA has its own IPO - what, with all the demand for privacy-invading software and hardware, employers spying on employee e-mail and phone calls. I'd daresay it might even fund Echelon II ("This time, it's really, really personal").
I honestly don't see how someone could hope to succeed at this. Let's say you get distributed.net to jump on the bandwagon. Great. Now what exactly are you going to do? You have arbitrary strings of numbers. This could be a fragment of a single text, parts of multiple texts, multiple complete texts, and so on. Sure, you could scan for patterns first and try to identify delimiters, but were I sending data through this, I wouldn't do you the favor of using a fixed separation string. I'd base it on conditions at the time of broadcast, or on some computation on the ciphertext, or some other thing that's not trivially detectable. In short, you don't know which decryption method to try. It's been pointed out that it's probably a one-time pad anyway.
Even if you can find an algorithm, how big are the keys? How will you know when you've got the plaintext? Something transmitted by the NSA is likely to be in highly obfuscated English at best. Like the handmade strong crypto challenge, the true plaintext might be very strange. How will you recognize that this is the correct decryption and not just a coincidental decryption into random gibberish?
Finally, while I agree that some numbers stations probably are espionage related, I'll bet they keep the noise very high. Many of them are probably reading right off the random number generator of the nearest computer. Did the challenge supervisors pick ones that are actual signal?
This is not to say it's impossible, but the benefit/difficulty ratio seems so high that anybody wizardly enough to succeed should probably be working on developing better algorithms for us instead.
So what is going on here. This is the first time I've ever heard of this and I must say that it is totally amazing. But what are things like from a 17yo geek's point of view? Well here are just a few things to ponder: 1. First of all because they broadcast (mostly) 24/7, they obviously have a computer with samples for each number/etc (1.wav, 2.wav....) so why does one person have to sit there recording it? Can't a computer be taught to listen and compare the samples to get the numbers for us? The samples never change (for a given station) so why not? 2. Not only are the codes probably one time only, but how do we know what language they are meant for? Just because a station's voice is in French doesn't mean the data is in English, Pig-Latin, or a totally invented language that is not natively spoken anywhere. It could even be a language that is now dead and was never recorded. If an old computer of sort is doing this stuff automatically, what's to say that any of it is still readable? 3. Has anyone compared the numbers being listed from different stations at the same time (say midnight GMT), or at the same time local (like 5pm from wherever the station is broadcasting) to see if they are the same? Maybe you must do something with the different sequences from multiple stations (such as XORing). 4. Do the numbers go to a certain range? Do they stop at 8? 32? 109324? Maybe if the base isn't 10 then converting it would cause it to make much more sense. 5. Who says the numbers represent words/letters? What if the represent syllables? What if it depends on the hour you tune in? Maybe the letters/words/syllables are reversed! Or alternating? 6. What is the prize? Simple! You'll be world famous for being the geek who cracked what might possibly be the world's most pointless code (see below). Maybe it's a subliminal message. 7. What could it possibly say? Good question! What if it's just variations of "Drink Coca-Cola all the time" or even something as out-dated as "Cure the flu with a Marlboro or two!" There are just points to ponder. Have fun!
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
Of course they are intelligence broadcasts. That has been known for a long time. What has not been known until this day is that it is not crypto. They are just playing Bingo
0 1 2 3 4 5 6 .
S N E G O P A
7 B C D F H I J
8 K L M Q R T U
9 V W X Y Z /
The letters on the first line (S N E G O P A) are encoding to the single digits 0 through 6. The letters on the second, third and fourth lines are encoded to double digit numbers. For example:
F = 73
I = 75
R = 84
S = 0
T = 85
P = 5
O = 4
S = 0
T = 85
In code groups:
73758 40855 4085X
(X indicates null padding to fill last group)
Mea navis aericumbens anguillis abundat
Knowing the US government's penchant for doing things in the most expensive way possible, it is not inconcievable that other nations could be using numbers stations as a very cheap way to tie up resources at US intelligence agencies. Think about it - supercomputers are spendy, crypto experts are spendy, coming up with a random bunch of numbers and broadcasting them over shortwave is incredibly cheap. So, I can immagine that for every dollar Cuba spends on numbers broadcasts, the US spends 1000 or even 10,000 times that to track and (try to?) decode the transmitions. Sure, you and I think, "Why bother trying to decode these if they are one-use keys?" But remember, this is the US 'intelligence' community that have no accountability for their budgets.
These are breasts; this is source code.
Why do you have a problem with those two things belonging to one person?
You fool! You see global conspiracy everywhere!
I've been thrilled by the mystery of numbers stations since I was a young'un. I think it's the simplicty that makes them so fascinating. So many conspiracy theories and supernatural phemonena (crop circles, alien abductions, JFK, etc.) are complex and full of half-truths and hoaxes.
/. a few months ago, but I think they're great. It takes a lot of time to study this kind of stuff, with no likely returns from the work.
:) But at least I'm posting at 1 instead of 2...
Numbers stations are so simple, elegant, yet mysterious. (Therefore mysterious?) You can have any theory that you want (and they're all probably far more interesting than the truth), and there's little evidence on way or the other.
I only discovered The Conet Project through
Like I said, useless post.
-Waldo