Matt Blaze's
EXHAUSTIVE SEARCH
Science, Security, Curiosity
Archives: 2021 - 2022

A 1935 Radio Orphan Annie's Secret Society decoder badge resting on a souvenir mug from the CRYPTO '93 conference.

Between 1935 and 1949, many North American children (and adults) got their introduction to cryptography through encrypted messages broadcast at the ends of episodes of two popular radio adventure serial programs: Little Orphan Annie and Captain Midnight. Dedicated listeners could join Radio Orphan Annie's Secret Society or (later) Captain Midnight's Secret Squadron, whereupon they would be sent a decoder that would allow them to decrypt each week's messages (generally a clue about what would happen in the next episode).

Orphan Annie (and her Secret Society members) fought crime, battled pirates, solved mysteries, and had other typical American pre-adolescent adventures. Captain Midnight (with his Secret Squadron) used his aviation prowess to perform daring rescues and emergency transports, and, with the outbreak of WWII, was commissioned by the government to lead secret missions behind enemy lines.

The main qualification for membership in (and issuance of a decoder for) Radio Orphan Annie's Secret Society and Captain Midnight's Secret Squadron involved drinking Ovaltine, a malted milk flavoring containing the vitamins and nutrients then understood to be needed by growing secret operatives, or at least to be profitable for its manufacturer (which sponsored the broadcasts). Proof of sufficient Ovaltine consumption was established by mailing in labels from Ovaltine packages. New pins and badges were issued annually, requiring additional labels to be sent in each year. (The devices are sometimes remembered as decoder rings, but in fact they took the form of pins, badges, and the occasional whistle or signal mirror.)

Orphan Annie's Secret Society produced decoders (variously called "Super Decoder pins", "Telematic Decoder Pins" and other names from year to year) from 1935 through 1940. From 1941 through 1949, the decoders were rebranded as "Code-O-Graphs" and distributed by Captain Midnight's Secret Squadron. These years corresponded to Ovaltine's sponsorship of the respective programs. Although the decorative elements and mechanical designs varied, the underlying cryptographic principles were the same for all the decoders.

Encrypted messages were included in the broadcasts roughly once per week, usually at the end of Thursday's show (which typically ended with a cliffhanger). Unfortunately, there does not appear to be an easily available full online archive of the broadcasts. However, you can listen to (and, with the information below, decode) airchecks of several original messages here (note the year to ensure you use the correct decoder badge parameters):

1936 Orphan Annie 1936 Pin (1)
Orphan Annie 1936 Pin (2)
1938 Orphan Annie 1938 Pin (1)
Orphan Annie 1938 Pin (2)
Orphan Annie 1938 Pin (3)
1942 Captain Midnight 1942 Badge (1)
Captain Midnight 1942 Badge (2)
Captain Midnight 1942 Badge (3)
1947Captain Midnight 1947 Badge (1)

These decoders have endured as iconic examples of simple, "toy" cryptography, even among those (like me) born well after the golden age of radio. And while they are indeed vulnerable to weaknesses that make them unsuitable for most "serious" use, that doesn't mean we shouldn't take them seriously. In fact, the underlying cryptographic and security principles they embody are important and subtle, part of the foundations for much of "modern" cryptography, and the badges combine multiple techniques in interesting ways that repay a bit of careful study. Indeed, they were almost certainly the most cryptologically sophisticated breakfast premiums ever produced. And, by understanding them sufficiently well, we can cryptanalyze and decode messages without needing to buy Ovaltine or scour Ebay. The rest of this post explains how.



Back in the not-so-distant past, if you were patient and knowledgeable enough, you could reverse engineer the behavior of almost any electronic device simply by inspecting it carefully and understanding the circuitry. But those days are rapidly ending. Today, virtually every aspect of complex electronic hardware is controlled by microprocessors and software, and while that's generally good news for functionality, it's also bad news for security (and for having any chance of being sure what, exactly, your gadgets are doing, for that matter). For devices like smartphones, software runs almost every aspect of the user interface, including how and when it's powered on and off, and, for that matter, what being "off" actually means.

Complex software is, to put it mildly, hard to get right (for details, see almost any other posting on this or any other security blog). Especially for gadgets that are rich with microphones, cameras, location and environmental sensors, and communication links (such as, you know, smartphones), errors and security vulnerabilities in the software that controls them can have serious privacy implications.

The difficulty of reliably turning software-based devices completely off is no longer merely a hypothetical issue. Some vendors have even recognized it as a marketable feature. For example, certain Apple iPhones will continue to transmit "Find My Device" tracking beacons even after they've ostensibly been powered off. Misbehaving or malicious software could enable similar behavior even on devices that don't "officially" support it, creating the potential for malware that turns your phone into a permanently on surreptitious tracking device, no matter whether you think you've turned it off. Compounding these risks are the non-removable batteries used in many of the latest smartphones.

Sometimes, you might really want to make sure something is genuinely isolated from the world around it, even if the software running on it has other ideas. For the radios in phones (which can transmit and receive cellular, wifi, bluetooth, and near field communication signals and receive GPS location signals), we can accomplish this by encasing the device inside a small Faraday cage.

A Faraday cage severely attenuates radio signals going in or out of it. It can be used to assure that an untrustworthy device (like a cellphone) isn't transmitting or receiving signals when it shouldn't be. A Faraday cage is simple in principle: it's just a solid conductive container that completely encloses the signal source, such that the RF voltage differential between any two points on the cage is always zero. But actually constructing one that works well in practice can be challenging. Any opening can create a junction that acts as an RF feed and dramatically reduces the effective attenuation.

There are somewhat pricey (USD40-USD80) commercial Faraday pouches made specifically for cell phones, and there are a variety of improvised shielding methods that make the rounds as Internet folklore. The question is, then, how well do they actually work? It can be hard to reliably tell without access to a fairly specialized RF test lab. But fortunately, I sort of have one of those. While I can't compete with a full-scale commercial EMC test lab, my modest setup can make moderately accurate measurements of the signal attenuation provided by various commercial shielding pouches and home-brewed designs at most of the frequencies we care about.

I tested three commercial pouches as well as three commonly-recommended makeshift shielding methods. Read on for the results. (Note that I have no connection with any vendor mentioned here, and I do not endorse any of the products discussed for any particular purpose. Caveat emptor.)