Altought it was introduced in 2004 [1], so far I had always seen the Citadel II encryption algorithm happen in 3G-ALE/STANAG-4538 contexts which usage the circuit mode service [2][3]; conversely, in 3G-ALE/S-4538 packet mode service (xDL protocols), and just fewer times in async S-4285 and MS-110A transmissions, I met the Citadel I algorithm. Of course this doesn't mean that Citadel II is only utilized in S-4538 circuit mode: it's just a commentary on my experiences. Finally, after almost 1 year since the last "Citadel detection", any interesting recordings show the usage of Citadel II besides in a 2G-ALE/MS-110A context (1).
Transmissions were recorded a fewer days ago on 11480.0 KHz/USB thanks to the EA5JGN KiwiSDR located in Hondon Valley (Spain) [4]: that frequency - as is known - is mostly utilized by the Algerian Air Defence/Territorial Air Defence (say Algerian AF), as confirmed by the decoding of the 2G-ALE 188-141A exchanged messages (2).
 |
| Fig. 1 |
Figures 2,3 show the decoded bitstreams of the first 2 MS-110A segments of Figure 1 (T08_02_07Z recording) before and after the removal of the well-known sync sequence
0x [1E 56 1E 56 1E 56 1E 00 1A 5D 1A 5D 1A 5D 1A 5D]
In both the cases, 12-byte/96-bit dimension Initialization Vectors (3 times repeated) are used.
 |
| Fig. 2 |
 | |
| Fig. 3 |
The 3d MS-110A section in Figure 1 is the most interesting 1 since - curiously - its decoded bitstream shows an async 8N1 framing: possibly the related file comes from a different workstation of the network, besides connected to the same messaging server. Figure 4 shows the 12-byte Initialization Vector after start/stop bits and sync series were removed.
 | |
| Fig. 4 |
As I mentioned before, Algerian AF network (in this example nodes CNC and CM3) usually uses this frequency as well as MS-110A asynchronous transmissions; for this reason I went to search for akin transmissions in my files and found - right in the blog - a post dated December 2017 [5]. The analysis of the bitstream shows that Citadel II encryption was already utilized since then in that network. At that time I was a bit little experienced and most likely I focused on the peculiar 8-bit pattern, neglecting to search for another possible sequences.
 | |
| Fig. 5 |
https://disk.yandex.com/d/BwSBToYfOJp5TA
(1) delight note that although Citadel I and II are referred to as algorithms, they are actually ASIC chips (Application-Specific Integrated Circuit), i.e. algorithms rendered in hardware, which are embedded - for example - in L3Harris Falcon II, Falcon III household radios.
(2) collected ALE Address
BLD: [Air Defense] Blida
TDF: [Air Defense] Tinduf
COF: [Air Defense] Cheraga
ANB: [Air Defense] Annaba
CM5: Commandement de la 5e Région Militaire, Constantine
CM3: Commandement de la 3e Région Militaire, Bechar
CNC: Commandement des Forces Aériennes d'Alger, Cherage
[1] https://www.cryptomuseum.com/crypto/harris/citadel2/
[2] http://i56578-swl.blogspot.com/2023/05/harris-citadel-ii-secured-traffic.html
[3] http://i56578-swl.blogspot.com/2023/06/harris-citadel-ii-secured-transmissions.html
[4] http://ei2hh.proxy.kiwisdr.com:8073/
[5] http://i56578-swl.blogspot.com/2017/12/a-ms-110a-modem-running-in-async-mode.html
