Updated version of DRYAD generator

A “Bombe” early computer, used to break the German Enigma code

After I released the DRYAD generator, I received  few reports that it would generate the same output every time.    This is not good, even for training.   Work, family, and life put my programming efforts on the back burner for a while.   When I finally got back to it, I discovered that I committed an amateur programming mistake. 

I forgot to seed the random generator

Computers are “deterministic” machines.   That means that every action has a predictable action, or that the actions are “determined” by the programming.   That is a good thing because computers would not be very useful if their output changed at random.   However for generating cryptographic materials you need good randomness.   In order to create the appearance of randomness computers use a “Pseudo Random Number Generator” (PRNG).   A PRNG basically takes a number as input called the “seed”, and then runs it through a complicated series of mathematical equations that gives you a result that seems random, with no correlation to the input seed.   For example, a seed of “1” might yield a result of “72542” while a seed of “2” might result in “17”.

My DRYAD bug

I forgot to add a line defining a seed, so most likely it would default to “0”
resulting in the same DRYAD page being generated every time the program was run.

The Seed is the key

In order to get pseudo randomness that does not repeat, many programming classes teach using a value of time as the random seed.   Computers keep time by counting the number of seconds since some predetermined date/time reference (called an “epoch”)
Since real time does not repeat I.E. it will only be 12:01 PM on January the 1st, 2017 once, using it as a seed guarantees that our seed is never repeated.   
This is what I have added to the 1.01 version of the DRYAD generator.
Link HERE!

While it is pseudo random, it is still not good enough

While this is unpredictable enough for video games and entertainment, it sucks for real cryptography.   For a single line on a DRYAD sheet, there are 403,291,461,126,605,635,584,000,000 possible combinations.   That is over 403 Septillion combinations.   However there are only just over 35 million seconds in a year.   If you know the formula a given crypto uses, and you know it uses “time” as the seed, then you can run the formula and simply increment the seed, starting at the earliest possible time the computer was used.   A modern computer can test years of “time” based seed in a few minutes, leaving a searchable database of every possible DRYAD sheet that could be generated in a given year.   Not very secure by a determined adversary.

This is why the current version of the DRYAD generator should be limited to training purposes ONLY!

I hope to have an improved version later that will solve the “seed” problem.
An ideal crypto-secure seed would come from a very large unpredictable source.   Government grade high level crypto use special devices that use an “entropy” source.
“Entropy” is defined as “lack of order or predictability.”  

Imagine a very sensitive thermometer that can accurately read to 1/1000 of a degree.   If that thermometer is in a computer case, it will measure the fluctuations of temperature inside.      The temperature is affected by ambient room temperature, how hard the CPU and graphics cards are running, fan speed, etc.   The temperature can fluctuate by as much as twenty degrees.   twenty degrees doesn’t sound like a lot, a fluctuation between 100.0001 and 100.9999 degrees overs a much larger range of unpredictability. 

Government certified entropy devices have been designed AND tested to insure that they are truly entropic (unpredictable) and evenly distributed. (if they generate a number between 1 and 10, a sample of a million tests should have roughly equal quantities of each value.)   

Because of the value of entropic seeds in generating random numbers for cryptography, most modern computer operating systems now have “entropy pools” to be used in seeding PRNGs.   These entropy pools combine mouse movements, keyboard timings, temperatures, hard drive seek times, and other unpredictable sources to populate the pool.

The next version of the DRYAD generator

I hope to include strong entropy and a better PRNG for the next version of the DRYAD generator.   After that, I hope to add a GUI.   I won’t put a timeframe on it, because if I do, life will guarantee that I won’t make the deadline.

P.S.   The big numbers:

The number of possible combinations on a single DRYAD line:
aka 403.29 Septillion

The number of possible combinations for a full DRYAD sheet:
I can not count that high.   

Number of seconds in a year: (and possible time based random seeds for a given year)
aka 31.54 Million

Estimated age of the universe:
13.82 Billion years old
Number of Seconds in the universe so far:
About 484,000,000,000,000,000
aka 484 Quadrillion
aka orders of magnitude fewer seconds in the history of the universe, than possible combinations for a single line of a DRYAD sheet!

OPSEC and RF Security

Modern radios are made to be used by people with little training or experience. Usually if two radios are set to the same frequency, two people can start using them effectively in very little time. Radios are used in warehouses, department stores, hotels, film sets, and a myriad of other locations. The information in this blog may seem to be overkill, but these procedures are intended to work in a high threat environment where bad radio procedures put lives at risks. Here, we will look at some of the security implications that come about from radio use.


Operational Security, (OPSEC) is the process of keeping information that could be used against you from your adversaries. There are several broad categories of information that we will focus on. We want to deny our enemies information that can reveal the following information:

1) Capabilities. By knowing what your group is capable of, an enemy can act so as to negate your strengths, or deny you employing your capabilities to their fullest effect. If an enemy knows you are capable of shooting down helicopters, they will limit their use of helicopters in your area of operations to deny your group those kills.

2) Limitations. By knowing what your group is not capable of, an opponent can exploit those limits for their own gain. If your opponent knows you can not shoot down helicopters, they may use more helicopters to move about, so as to avoid ground based IED’s, and ambushes.

3) Identification. Personal and functional identification can both help an adversary against you. a)Functional identification is identifying the purpose of a group or unit. Observing a bunch of men in uniform is some information, but being able to determine if they are a logistics company, vs a medical treatment team, vs special forces unit all dictate different reactions.
b) Personal identification is identifying individual people within a group. Knowing that the commander of a unit is Captain John Doe, of 1234 main street, Anytown, would allow an adversary to possibly pressure or otherwise compromise Captain Doe’s family, and thus gain an advantage.

4) Location. Knowing where a unit is allows an opposition force (OPFOR) to maneuver to intercept, block, avoid, attack, or follow that group. If OPFOR knows you are based on north ridge of Candy Mountain they can plan an appropriate attack.

5) Intentions. Knowing what a group plans to do allows for the enemy to take actions to reduce the effectiveness of those actions. If your enemy knows you plan to attack an outpost tomorrow at dawn, they can move in reinforcements, or set a trap, or move to intercept before you arrive, ect…

6) Activities. Knowing what you are doing at the current time allows your adversary to adjust their plans accordingly. If your adversary knows you are currently setting up a camp, then they can probably assume you are not about to attack them, and operations they carry out at that time are safer to execute.

7) Effects of enemy action. Knowing what effect their own actions have had on your group will allow an enemy to adjust their planning and operations to better effect. If an enemy knows that their last attack was very effective, then they will continue to carry out the same kind of attacks, where as if an attack had little or no effect, they may change their methods.

Information from any of the above categories may also give the enemy information in other categories. Knowing your intent to go to a certain position at some time in the future, reveals a future location. Identifying a units function hints at some capabilities and limitations. That is why it is crucial for OPSEC to protect this information.

Imagine the following radio exchange between an infantry platoon, B1, and their command, B6:

B6: “Team 1, Team 1, this is command, do you copy? Over.

B1: “Command, this is Team 1, go ahead. Over.

B6: “Hey Bob, we took a licking from OPFOR yesterday out by Candy Mountain. They destroyed our HF radio, so we do not have any long range commo at the moment. Well, anyway, we are going to attack their outpost on the north side of Happy Valley tomorrow morning. Rendezvous at Grid 1213141589 at 0500. We will place the mortars just east of that location, and attack at 0600. Over.

B1: “Roger, We copy all that, Frank. We will head out tonight, and layup about an hour south of the rendezvous, until 0400, and then head in. see ya there, and stay safe. Over

B6: “Roger that Bob. Team 1, this is command. Over and out

The above exchange is full of OPSEC violations. Personal ID of Frank, and Bob; functional ID. of command and team; capabilities of having mortars, limitations of command not having a HF radio; locations of the rendezvous, layup, and mortar positions, intent of their plan and the effect of the previous attack. It is a goldmine of information for the OPFOR. Based on this information, the OPFOR can ambush Team 1 in route to their layup, or rendezvous, or sabotage the mortar position, or attack the rendezvous before Team 1 links up, or reinforce their outpost, or vacate it and lay traps, ect…

We can mitigate these OPSEC violations by following the standard operating procedures (SOP’s) found in Volume 1 of the Signals Handbook.    By only transmitting what is necessary, and by following the proper format, The above exchange becomes the following:

B6: “Bravo 1, Bravo 1, This is Bravo 6, Over.

B1: “Bravo 6, This is Bravo 1, go ahead, Over

B6: “Rally at Grid 121314589, at 0500. Over.

B1: “Wilco, Out.

We can see with this new exchange, we have eliminated a lot of the OPSEC compromises. There is still a location, and some intent, but it is a lot less actionable than the first exchange. Any additional information about the attack, or mortar positions can be exchanged by B1 and B6 in person at the rendezvous.

By following good SOP’s we can reduce, but not entirely eliminate OPSEC compromises. We can further reduce our OPSEC compromises by employing good COMSEC.


Communications Security (COMSEC) is the process of protecting the content of our communications. There are a number of approaches that can be used to implement COMSEC, from technological to procedural. Technological methods include encrypted radios, frequency hopping radios, steganography (hiding communications within other messages), and certain bands or modes of radio communication. Procedural methods include using codewords, codebooks, and manual encryption.
Good COMSEC lets us achieve better OPSEC.

Looking at the exchange above, we see that the OPSEC compromises still there are the grid location, and time to be there. Since “Bravo 1” and “Bravo 6” are following army convention then it also hints that B6 is command, compromising functional identification, so just by adding code names and DRYAD based encryption (As discussed in Volume 1 ) we can remove the rest of the OPSEC compromises:

B6: “Whirlwind, Whirlwind, This is Thunderhead. Over.

B1: “Thunderhead, this is Whirlwind. Go ahead. Over.

B6: “Rally at grid I set Charlie, November, Quebec, Yankee, Alpha, Foxtrot, Juliett, X-Ray, Bravo, Hotel, at time, I set: Lima, India, November, Foxtrot, Victor. Over.

B1: “Wilco. Out.

Now our transmission only tells them that we will be going somewhere, sometime. By using the DRYAD encryption we are denying them information about location and time. If we deem that even that little bit of information is too much of a compromise of OPSEC, we can either encrypt the whole message via a one time pad, or use the a codebook and the DRYAD sheet to also encrypt the “rally” and “time” parts of the message.


Another part of the OPSEC plan should include transmission security (TRANSEC.) Because an opponent may be using signals intelligence, (SIGINT) we need to take measures to minimize the radio signals they can detect. The longer a radio is transmitting, the greater chance the opponent’s SIGINT element will detect it, and possibly radio locate, or radio direction find the transmitting radio.

The simple fact that a radio transmission is being received at all, may give a rough idea of the location of the transmitter, and radiolocation can pinpoint it, compromising the location. This is a breach of OPSEC. Even if everything is encrypted, link analysis (keeping track of who talks to who) can allow an analyst to get some general functional identification of units, such as defining what element is the command and control element. This breach of OPSEC would allow a small enemy force to determine which unit to attack yields the biggest reward.

There are a number of methods that help improve TRANSEC. The most important method is to only transmit when absolutely necessary for the mission, or the security of other friendly or allied units.

When transmissions must be made, keeping them short helps TRANSEC, as well as changing frequencies at regular intervals. Use the lowest transmit power needed to make the communication. Use directional antennas. Use unusual bands or modes.

D) Threat SIGINT Capabilities

The United States armed forces employ high levels of TRANSEC and COMSEC technology, and procedures when operating in a hostile environment. Those technologies and procedures are supported by thousands of personnel at every echelon of the force. Unfortunately, a small team does not have the resources to execute every COMSEC and TRANSEC measure. For the purpose of this handbook, we will divide threat forces SIGINT capability into 5 categories.

1) None. When there is no adversary or opponent, there is no one to offer any SIGINT threat. We operate in this condition for some administration and camp duties. It is also appropriate for training that is not focused on communications. For example, range safety officers communicating with each other over a large rifle range.
We do not need to take any special precautions in a no SIGINT threat environment.

2) Low. We consider it a low SIGINT threat when we do not have a defined opponent, or our opponent is not likely to have any active SIGINT capability. A looting gang in the aftermath of a natural disaster would be an example of a low SIGINT threat. In this environment, our biggest danger is “inadvertant SIGINT” If some people in the threat group are using some commonly available radios such as FRS/GMRS or CB radios, and our group also uses those same types of radios, then there is a chance that we accidentally end up on the same channel as the threat group, and they may hear our transmissions.
Precautions to take in a low SIGINT threat environment include using radio SOP’s to keep transmissions short and to the point. Code words and code names generally provides enough COMSEC to foil any OPFOR listening to our transmissions. If available, use radios that are not as common as CB, and FRS/GMRS.

3) Medium. We define a medium SIGINT threat as a group that has nascent SIGINT capabilities. This may include professional criminal organizations, or other small tactical teams/groups. The equipment used would most likely be one or several handheld radio scanners. Most commercially available radio scanners these days can scan or search the VHF and UHF radio bands, and can listen to FM analog voice transmissions. Some of the newer (and more expensive) scanners can also decode the APCO/P25 digital voice transmissions that many public safety agencies are switching to. If the public safety agency is using encryption on their radios, however, the scanner cannot decode it. Medium SIGINT threat groups may also have persistance, and record radio intercepts, and perform intelligence analysis on radio activity. Basic link analysis may be employed.
Precautions that should be taken against medium SIGINT threats include using radios that do not use analog FM voice, or P25 digital. Using unusual frequencies, and of course keeping transmissions to a minimum will help with TRANSEC. If you are able to use non-P25 digital modes, then code words and code names should suffice for COMSEC. If you must use analog or P25, then you should employ full COMSEC measures including one time pads, and DRYAD/code book encryption.

4) Advanced. Advanced SIGINT threats are groups that contain as members: radio experts, avid scanner hobbyist, or communications professionals with access to professional level equipment. They will have more capabilities than can be offered by just having scanners. They may have surveillance receivers, spectrum analyzers, frequency counters, wideband receivers, or computer based “software defined radio” (SDR) receivers. An advanced SIGINT capability may be able to decode any non-encrypted digital communications, and may have radio direction finding and radiolocation systems. They will also perform intelligence analysis on all radio activity.
Precautions against advanced capabilities include all “medium” precautions, but only employing full COMSEC. Nothing should be sent un-encrypted.

5) High/professional. High SIGINT threat opponents include professional military, and large government law enforcement agencies. They will have well funded SIGINT capabilities with multiple professional staff. They will be able to call on experts around the world and devote tremendous resources to breaking your OPSEC. They may have computer hackers, and technologists that can derive OPSEC information from other electronic sources.
Precautions against professional SIGINT threats: do not use computers or radios. If you absolutely must, then keep use to a minimum, and be crafty. Expect being crafty to fail.

Hack a TYT MD-380 radio for DMR scanner

Jailbreak firmware now available for cheap digital walkie-talkie allowing DMR scanning


In the last years, DMR and MOTOTRBO (a.k.a. TRBO a Motorola Solutions branded DMR Radios ) has become a very popular digital voice mode on the UHF and VHF bands and the MD380 radio is the latest cheap DMR walkie-talkie to come out of China.

The question is, is it any good? The longer answer is slightly more complicated, and involves discussing the difference in price between this radio and other more expensive, but higher quality, radios. But i can tell you that a group of hams here recently purchased the Beihaidao DMR radio (also sold under brands like Tytera, KERUIER or Retevis) and have been having excellent results with them.

Every once in a great while, a piece of radio gear catches the attention of a prolific hardware guru and is reverse engineered. A few years ago, it was the RTL-SDR, and since then, software defined radios became the next big thing. Last Shmoocon, Travis Goodspeed presented his reverse engineering of the MD380 digital handheld radio.
The rest HERE! <— clickable link

The list of U.S. government cell monitoring equipment


THE INTERCEPT HAS OBTAINED a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

More at the link at top.