Holographic Sonar Cryptography

Atomic Snarl writes: "New Scientist.com has this story on how to encrypt a underwater sonar message using multiple sound path timing. By detecting and adapting for the current variations on underwater sound channels, the transmitted message can be received intelligibly only at a single point. This holographic approach suggests a method of web encryption using multiple hop paths and ping times to create a message which can only be decoded when received at a specific target node!"

Secrecy by Delocalization

[Spootnik]

Exactly, they aimed more at reliability -- even though the codes were lossy and reliability was achieved mainly by coherent en/decoding, because noise is incoherent. However, much of that was dropped in favor of faster and better (in that approach) use of homomorhic processing and other DSP techniques.

Further, Holocomm's "delocalization" feature can be seen also in SHA-1, where *all* output bits change when one changes a *single* input bit. However, SHA-1 hopelessly mixes and merges all the data (as it is intended to do), while Holocomm allows for reversible and selective delocalization.

Thus, in two contrast points to former pure holographic codes, Holocomm aims at (1) non-lossy reversible (2) selective delocalization -- which also allows interoperation with all known cryptography algorithms (that require exact data for decoding). The reliability feature is also further enhanced by the non-lossy aspect of it. As mentioned, Holocomm can also work in lossy modes, including lossy compression -- which can be quite useful.

Holocomm is the first example of a practical quantum mechanical communication and encoding system that affords privacy and reliability, to a high degree, while also offering compression and selective information delocalization.

As such, it naturally has many parallels in several things that are based on wave functions or on the Schroedinger equation .. which essentially defines wave phenomena ... as the theoretical basis of Holocomm, as stated.

Radio?

[redcliffe]

Could this be used to secure wireless networking? This would be an ideal way, because it is only understandable at one location. I don't know if it would work well though on Seattle Wireless or Brismesh style 802.11 networks.

David

The web is not wet, and is there a risk here

[bLanark]

The internet lag times on each leg vary from moment to moment, so there's not the same degree of certainty that the speed of sound in water has. This probably wouldn't work. Plus, we've got asymetric crypto, which works very well, thank you.

Also, in the sonar field, would it be possible to guess at the location of a recipient by catching some of the signals? One wouldn't want to give away the location of your subs, would one?

Doubt that it would be useful..

[Bowie J. Poag]

A well-seasoned network admin friend of mine and I once had a conversation over dinner about an idea I had brewing -- An application that would attempt to guesstimate where you were on earth based on triangulating distances from known servers by means of measuring ping time. A small network database that contained, say, a hundred servers nationwide that constantly maintained a list of ping times to a hundred other machines would provide enough coverage and enough data to allow a single machine to guesstimate where it is on earth based upon simple trig.

The only problem with this idea is that A) Network latency times can change erratically from moment to moment, and B) Some nodes may even drop out of the network due to upgrades or flaming death. Depending upon how fine-grained the mesh is, and depending how accurate you want the guesstimate to be, you could be reasonably certain of at least being able to determine your location within a couple hundred miles.

Not useful for you and I, I know.. But it would be kinda cool if people could buy PCs, set up them straight out of the box, and the box goes out on the mesh and figures out where it is in the U.S., and sets the time accordingly, suggests local IPs, other stuff.

Amazing what you can discuss over a bacon cheeseburger, eh?

Cheers, and yes, PROPAGANDA is still up,

net encryption

[ruppel]

Supposing one intercepted the signal underwater it could still be decrypted. Admittedly this would require formidable computing power since one would have to simulate the geometry of sender and reciever in a continuous medium.

In communications across the net this kind of playing around with different routings and time delays would not be as effective since once intercepted the decoding would be assuming a descreet medium (only so many different pathways). It isn't clear whether the effort put in this kind of scheme would be worth it, ie. it could bne much more effective to refine the encryption algorithm.

One should note that in descreet systems, like electronic locks that open when a transmitting key is waved in front of it, the principle of asynchronous signaling is already in use. These systems use clockless processors to make the recording and decoding of the transmitted signals near impossible.

Impossible.

[bornie]

"This holographic approach suggests a method of web encryption using multiple hop paths and ping times to create a message which can only be decoded when received at a specific target node!"

This implies that all routes are static and no routers ever will go down. It also implies that pingtimes are constant between routers/hosts. Both with are false.

If the IP of all intermediate routers are used in the encryption (which isn't clear) a change of route will make the current 'key' unusable. Further, the ping-time between hosts/routers vary alot as the use of internet vary and will also make this system unusable. A simple DoS-attack will completly destroy any encrypted data in transit which will make it only more insecure.

--
Börnie

Asymmetric routing makes this moot anyway

[Kenneth Stephen]

Even if you could eliminate the problems with the latency, the asymmetric routing that exists in the internet will kill this technique. This communication technique depends on the forward and the reverse path being identical - something which is not true when asymmetric routing is used.

Re:Speed of sound versus ping times

[Spootnik]

I will let you calculate it. The following are empirical equations from Kinsler and Frey.
t is in degrees C and c is in m/sec.

In Fresh water c = 1403 + 5t - 0.06t^2 + 0.0003t^3
Good for 0 to 60 degrees C.

In sea water
c = 1449 +4.6t - 0.055t^2 + 0.0003t^3 + (1.39 - 0.012t)(S - 35) + 0.017d

Where S is the salinity expressed in parts per thousand, and d is the depth below the surface in meters.

Ideas anyone?

[sperling]

I'm not a cryptographer at all, but i'm familiar with the basics and quite interested in the logics behind cryptographic techniques. I wonder, if anyone here have any ideas on a scheme that would let us use the routes (assuming they're static) or the pingtimes (assuming they vary very little) to improve security of a communcation channel? Maybe in a setup with 5-6 different computers all working together in a model designed to do key exchange and validations, to let a new computer into the circle.

If you think in term of a small distributed network with all point to point secure connections established, how can this be utilized to verify the identity of a new participant?

Re:Radio?

[sandgroper]

Could this be used to secure wireless networking?

Secure??? Who knows. What it should allow with radio is something I've been calling "Space Division Multiple Access". In effect, using scatterers in the environment (e.g. buildings, mountains, what have you) the "cell size" could be brought down to a few tens of meters using the same number of base-station transceivers as currently exist. Who needs more spectrum when you can focus the same bandwidth on multiple physical locations?

BTW, the New Scientist article is talking about kinda old work. NS had a blurb on this back in '97 or so.

Internet version probably not workable

[Gumshoe]

Although it is a fascinating idea, I seriously doubt you could
use a similar method for encrypting traffic on the present day
Internet.

The biggest show stopper will be the lack of reliable source
routing. Unless you can reliably specify the route the packet
takes (or alternatively, predict the route), the whole schema is
unworkable. IP/4 simply does not support source routing to any
usable degree. IP/6 does IIRC, but even then, I suspect the ping
times will not be consistant enough.

Secondly, a serious change will have to be made to the TCP stacks
as the time interval between the arrival of packets will be an
important factor in this system. Again, I don't see how you can
rely on the transit time given the infrastruture of the Internet.
Don't forget that this infrastructure is what gives the Internet
it's power.

Finally, in the Internet scenario (as opposed to the SONAR
version) this is as about as secure as private key encryption.
Unless my machine is multi-homed, there's likely to be at least
one router that sees every packet my machine sees. This is
fundamentally different to the SONAR version, where you have to
be a precise physical location to be be able to "hear" the
transmission.

Cute idea, but not feasible.

Better article: Scientific American Nov 1999

[Alsee]

A much more detailed (7 pages) article on time-reversed acoustics appeared in the November 1999 issue of Scientific American.

I pasted the summary below, but here's a link [sciam.com] to the summary just to make it official.
Time-Reversed Acoustics
Mathias Fink
Record sound waves, then replay them in reverse from a speaker array, and the waves will naturally travel back to the original sound source as if time had been running backward. That process can be used to destroy kidney stones, locate defects in materials and communicate with submarines.

I thought it was so cool that I wrote a program to simulate the effect. It simulates 1 or more waves emitted by 1 or more sources, and records the waves at 1 or more "microphones". It then treats the "microphones" as "speakers" and plays back the time reversal of the recording. At first the screen is filled with chatoic expanding circles, but after a while the expanding (and fading) circles combine to create a CONTRACTING and STRENGTHENING circle!

I wrote it for my own curiosity, and the code is "dirty". If there's some real intrest here I could dig it out and clean it up a bit.

Re:Doubt that it would be useful..

[kc0dby]

Much more reliable a method would be to use a traceroute and look at suffixes until a 'listed' suffix appeared. Just set it up to trace to a few different hosts, and see where the routes begin to diverge.

This has been quite useful for air based wireless-

The theory behind it is even a standard part of amateur packet radio. When your using typically 50 watts (or even 1500 watts, legally) you tend to connect to some interestingly distant stations that you'd have no idea where they were if they didn't leave a little identifying information in their 'hostname'

Ah, yes. Manual routing of packets. Really makes one appreciate all the neat tools we use now..

Re:Speed of sound versus ping times

[Ronin Developer]

The sonar conditions vary considerably through time. There are inversion layers and tunnels that are formed due to the differences in the index of refraction for the audio signals.

In optical holography, you are recording the interference patterns resulting from a reference beam and reflected light. When you shine a laser of the right wavelength through or off the hologram, the interference patterns are "replayed" thus reproducing the image.

Little if any information can be gleamed from a single intererence pattern.

In the case of sonar, you are recording audio interference patterns. However, unlike in an optical holographic environment, the conditions change drastically under water depending upon weather condition and seasonal (or even geophysical (i.e earthquakes and volcanos) variations.

In a controlled scenario as described in the article, it works because the replay occurs in a very short time period and the interference patterns may not change much. Without an initial reference signal, it may be very hard to get a good mapping of the sonar environment.

As for the security, I wonder if you recorded the signal eminating from a single transducer at short range if you could actually receive the message at a spot other than intended.

RD

I dispute the premise

[MarkusQ]

I dispute the premise of the original article.

Their logic seems similar to that of "whisper" chambers, but they break one of the assumptions when they start sending a steady stream of phase encoded ones and zeros. Now instead of having to reconstruct a complex wave form, all an eavesdropper has to do is:

1) Listen for pink-noise with a strong 1kHz component.

2) Play with the (recorded) signal a bit (e.g. adding 1us delayed copies to the original) until you can decompose it into two types of 1us segments--call them A & B.

3) Now you have a stream of As and Bs, and two possibilities; either A=0 and B=1, or visa versa. Test both.

-- MarkusQ