Episode 22-39 is Part 2 of a series, covering non-permissive radio operations environments and ‘when ham radio is banned’.
AmRRON POLICY: AmRRON OPERATIONS ARE LEGAL AND LAWFUL, and when using Amateur Radio bands, FCC rules apply.
We don’t use encryption over radio. There’s no need to. There’s no need to use tactical callsigns. But we do practice with it using the internet and other platforms where it’s perfectly legal.
- More on authentication
- Authentication using PGP key signatures for files
- Tactical Callsigns (COMSEC/PERSEC/OPSEC); the alternative to using FCC callsigns when protecting your identity is necessary.
- ‘Modding’ your radio (aka. Open banding, opening up, MARS modding, your radio to operate outside amateur radio bands)
Authentication (Two-way)
The Ten-Letter Word authentication
The following is a visual of the one-way authentication example as used in the podcast:
Figure 1
The Dryad
The image below (Figure 2) is an example of a ‘Dryad’, found in military CEOIs, and was used for two-way authentication and enciphering numbers. There is VERY little information available open source (on the internet) discussing or explaining most components of a CEOI. However, American Partisan has a series of articles for the Raspberry Pi enthusiasts, for generating tactical callsigns, dryads, and more. Today, authentication and encryption is loaded into modern military radios, and these soldier comms skills are (were) a dying art. We’re bringing them back.
Figure 2
Instructions on using the dryad will not be covered here, but will be covered in the near future.
The following two links cover NCScout’s postings at AmericanPartisan… an excellent resource for modern patriots, including radio operators.
Note, it is a script for generating dryads, callsigns, etc. on a Raspberry Pi, for those of you savvy with using R-Pi.
R-Pi OTP/DRYAD True Hardware RNG How-To
New stuff for the R-Pi OTP/DRYAD – CEOI ADDITIONS, Jefferson Thomas
One-way Authentication
This is based on the three-letter authentication described in the podcast, Episode 22-29.
ONE-WAY AUTHENTICATION
PGP key Signatures (video)
Clear Signing with PGP For Ham Radio (15 minutes)
This explains how to use PGP (Specifically GnuPG) to create small keys for low overhead. This makes Winlink [or any file transfer protocol with FEC] messages unspoofable. I go over the basics of using PGP in general, so it is applicable anywhere.
How long does it take to break 1024-bit encryption? A LONG time. https://www.quora.com/How-long-does-it-take-to-break-1024-bit-encryption
ONE-WAY AUTHENTICATION (CONT.)
Three-Character authentication allows a one-way authentication which helps receiving stations know that the message or report came from the unit believed to be the actual sending unit. For example:
Day-02
UNIT AUTHENTICATION
1st PLT/2nd BN INF BMK DWK RPW JYK PSQ XPV UWJ
1st PLT/2nd BN INF UAR VXM LTQ NNT PBL VXN WHD
1st PLT/2nd BN INF FYE YZG CUK LGT RJT JTG VCC
As each unit sends a message or report, and uses one of the three-letter authentication sets, the sending and receiving parties cross the authentication set off and never use it twice. If a receiving party receives traffic and sees that the authentication had been used previously, they should make every attempt to request re-authentication from the sender, and in many cases, consider the communique to be compromised until verified.
Using the above information: If I were the RTO (radio operator) for 1st Platoon, it is the 22nd of November, and I needed to send a message to another unit who could not (or should not) transmit back to me, or was otherwise unable to perform two-way authentication with them, I would use the Day 02 authentication table, and choose an unused three-letter set. Using the table above, I would select ‘RPW‘. As you can see, BMK and DWK are crossed off, indicating they have already been used. I would then strike through RPW to avoid using it again.
More on tactical callsigns (and code names)
Code Names generally don’t change
Tactical Callsigns change (or should) regularly.
Your unit team members’ code names (or ‘handles’) below. These are not tactical callsigns.
Team lead code name: Gunner Actual
Comms lead: Sparky
Medic: Doc
Units may have code names as well. Depending on the mission planners and/or manager responsible for generating your unit’s comms plans (SOI or CEOI), your units may be listed by name (1stPLT 2nd BN INF), or by code name (in this example, your unit is ‘PainTrain-12’)
Your FOB (Forward Operating base), code named ‘Sanctuary’
1st Platoon, 2nd Infantry Battalion = PainTrain-12
2nd Platoon, 2nd Infantry Battalion = PainTrain-22
3rd Platoon, 2nd Infantry Battalion = PainTrain-32
TACTICAL CALLSIGNS
Below is an example of how you would format the tactical callsigns for the units in your SOI/CEOI. The example covers a three-day period so you can see the format. An actual CEOI should cover a ten-day period, and should not be used twice other than training purposes. The calendar date would dictate which day to use. If your operations take place on November 2nd, or the 12th, or the 22nd, you would use Day 02.
Unit Day 01 Day 02 Day 03 Day 04 Day…
1stPLT/2ndBN INF A7S D0B E9A …
(or, PainTrain-12)
Changing callsigns and frequencies daily denies the enemy the ability to easily determine which units are which, who is who, and who is where.
Using the data above, if I were the radio operator for 1st Platoon, 2nd Infantry Battalion, on November 22nd (as this is being written), I would refer to Day 02 in the CEOI, and use the callsign ‘D0B’, or spoken, “Delta Zero Bravo”
‘MODDING’ your radio THIS IS STRONGLY RECOMMENDED TO DO
This subject will be explored in more detail later. However, there are some main points know now
Modifying your transceiver (also commonly called a “MARS mod” will allow you to operate outside the allocated FCC bands/frequencies assigned for amateur radio use.
- It’s perfectly legal. There are numerous legitimate reasons for this:
- You may wish to explore volunteering for, and joining, the Military Auxiliary Radio Service (MARS)
- If you operate marine craft on the ocean, you may want to have Marine HF band capabilities
- In an genuine emergency when danger of loss of life exists, and there is no other way to communicate, anyone is allowed to use any means necessary to communicate.
- It is NOT legal in other circumstances, so don’t do it
- When you purchase a new transceiver, pay the extra ($40-$50) and have it professionally modded. This is usually listed as a ‘MARS mod’ as one of the options. AND IT WON’T VOID YOUR WARRANTY like doing it yourself will.
- Software Defined Radio transcievers can be open banded with a simple firmware update.
- You can do it yourself, either by crushing a resister (such as with needle nose pliers), or the MUCH preferred method of DEsoldering the resister and removing it. With some radios, the parts are tiny. Hone your fine-tip soldering skills, or have someone with the experience and tools to do it for you. If you do a mod yourself, you do it at YOUR OWN RISK. AmRRON, nor anyone else, accepts responsibility if you do it wrong and end up bricking your radio.
- Amplifier considerations. Linear amplifiers for ham radio are made specifically for operating in the ham radio bands. Unless you acquire or build or modify an amplifier for the bands on which you intend to operate (say, if you get your Marine HF license), don’t use one.
- Antenna considerations. If you are not using a wide band antenna with an antenna tuner, you will need to build an antenna for the band you expect to use. This is a good excuse for you to start learning about antenna theory and building, including what bands will, and will not, resonate well with the length you choose.
- A quick internet search for keywords such as ‘<your radio make and model>, full band, MARS mod, modification’, is sure to turn up several resources, including tutorial videos covering the correct step-by-step instructions and demonstrations of modding your transceiver.
He has full disk encryption directions for the Pi in another add-on article too. https://www.americanpartisan.org/2022/01/g6-pi-and-x37-by-jefferson-thomas/