|
From: Michael Dwyer (n0zap, yahoo dot com) Date: 2001.03.08 - 23.04 MST
Here is how I look at the signal: 1. No changes in amplitude 2. No changes in frequency 3. Signal hits zero once every T. 4. Signal is sine-wave looking A 300 baud modem uses Bell103/FSK -- It would show different frequencies of sound. However, it is interesting in this: "Positive sine wave at 1070Hz to send 0 and negative sine wave at 1270Hz to send a 1" With the exception of the lack of obvious differences in frequency, these phase shifts we are seeing could be described as a sign wave being negated on 2T boundaries. 1200bps [Bell 212A] modems use a single frequency (1200Hz). It groups the bits two at a time and sends one of the four possibly values by selecting the coresponding phase of the sine wave. (PSK) -- This is remarkably similar to what we are seeing, except they we are only seeing 2 distinct phases instead of four. 600bps modem? 2400bps [V.22bis] modems combine phase and amplitude keying -- 3 different amplitudes, and 12 phases. WAY too complex. We certainly are not seeing different amplitudes and phases. v32, etc modems are likely even more complex than the 2400 modem, so it is likely that we're not seeing any of these. Ethernet [802.11] modems use manchester encoding, where the signal drops from 1 to 0 to signal a 0, and rises from 0 to 1 to signal a 1. During the clock pulse, the signal jumps to the level required by the next transition. We could be seeing this, but I doubt it o Ethernet is usually shown as square waves, with a 0 and 1 component. We're seeing sine waves with a +1/-1 component. o Ethernet is typically not called a Modem, and the exercise calls it "an unprotected modem" o Real-world simple modems (like the 300/1200 ones above) don't use manchester. So, I theorize that timing happens at "tits", and the bit is read on the phase of the signal -- or more simply, wx it is rising or falling midway between timing marks. Here is some further theorizing: We only see one stream. There is no duplex connection coming back, so we are probably safe to assume that this connection is half duplex. This is important because it means that error checking is pretty simplistic. I'm not sure I can explain this, but without an obvious reply, a CRC wouldn't make sense. There is no way for the host to reply, and no obvious waiting for a reply. Lemme try this again: The paper says "ERROR CHECKING" and not "ERROR CORRECTING". Which is to say, that the best we can hope for is parity bits at this physical layer. The actual message may hold its own CRC, but as far as the layer we're looking at goes, parity is the only existing option. Encryption is also at a higher layer, and can be ingnored for the time being. I propose we transcribe the signals as if it was a 2-phase PSK modem, then try to parse it for parity. n81 is kind of standard, but the paper intimates that some form of error checking must exist... I'll look at it some more... __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ -- This is the mod-chal mailing list. To unsubscribe, email majordomo, cryptofreak dot org with message body 'unsubscribe mod-chal'. Or, for more information, visit http://www.cryptofreak.org/.
This archive was generated by hypermail 2b30 : 2001.09.26 - 14.03 MDT |