Baz January 4, 2012 9:03 AM

Sortof related, it occurred to me last night that you can use “XEP-0301: In-Band Real Time Text” similarly. XEP-0301 is an XMPP extension that includes typing delays, to give the illusion of real-time chat while sending a max of 1 message per second. (see eg

The availability of this extra channel of numbers obviously lets you send covert messages, though I wonder how you’d do it practically (so that you don’t have obvious delays from trying to keep 2 conversations going at once) – eg have 2 people at each end, one pair having the real conversation while the other is the cover? Replay an old conversation as the cover for the real one? Or simply use it to send a one-way message, like this stamp code.

Studiolum January 4, 2012 9:08 AM

Two excellent questions: the basic ones in this matter, in my opinion. As I wrote in the post quoted, one should examine the society journals and lectures of the period to see how prevalent this actually was. My guess in this moment is that this was somehow “in the air” as an option, just as we try to remember some basic rules when we occasionally buy flowers for somebody, but these postcards which included “the rules”, facilitated the use of a code actually suggested by them. That’s why we can find on philatelic sites so many postcards with the signal code on the one side and with the actual use of the stamp as proposed by them on the other – and so few ones on other types of cards.

Space Rogue January 4, 2012 9:26 AM

Ok, I’m gonna date myself with this but there is a ‘Hardy Boys’ (there I said it) mystery when the kids realize that their father is in trouble because of a letter they receive with a postage stamp that is upside down. Evidently something their father would never do. I’m to lazy to look up the actual reference but there ya go.

boog January 4, 2012 9:29 AM

And such a wasted code system too. Really, how many different stamp placements does a person require in order to say roughly the same message: “I love you.”

PG January 4, 2012 1:05 PM

Your picture on this blog looks sort of stamp-like. You could periodically adjust it to send us a message.

jackmanbob January 4, 2012 3:50 PM

You’re already sending a letter/postcard… with words. Why do you need a secret code? Besides, if it’s a secret code that everyone knows, it’s not all that private, is it?

vldlbk January 4, 2012 4:09 PM

“And I notice that a lot of the code systems don’t have a placement that indicates “no message; this is just a stamp.”

Actually, Russian take at it clearly indicates this option, it is the most obvious one, too.
The “standard” placement is to be taken as “insignificant”.
Number 4 in the legend says the following: “Stamp placement is insignificant” and it seems to correspond to the “upright” position to the right of the address, no to be confused with the same but to the left: “cannot wait to see you”, oops …

Gabriel January 4, 2012 7:53 PM

Got to the end of the post, and of course, Godwin’s law. The nazi’s put their mark on EVERYTHING.

For all of the real world examples, too bad we have no context to understand which “code” they were using. I suppose if a stream of post cards between two participants were available, it would be easier to analyze. I’m guessing for the most part, the sender was just trying to be cute, rather than a serious attempt to communicate discreetly.

AC2 January 4, 2012 11:29 PM

Struggling to recall the fictional/ non-fictional reference of someone sending a secret message via a microdot that was hidden under the stamp pasted on the envelop…

Paeniteo January 5, 2012 4:51 AM

Ah, imagine the possible misunderstandings if sender and receiver use different encoding tables… 😉

That’s probably the reason why real-world examples are so often seen only on postcards that have the encoding printed on them.

Google January 5, 2012 4:56 AM

I would not trust Bitlocker, File Vault, or PGP.

Symantec now owns PGP. When they marketed Diskreet, they lied. It wasn’t 56 bit DES as they claimed. It was 30 bits (yes, I had the src)

So there is your answer why I don’t trust PGP. (closed source)

Who do I trust? NO ONE 🙂

It looks like Symantec makes PGP 10.0 source code available. Will try to build and compare with the release this month.

Clive Robinson January 5, 2012 6:10 AM

@ Baz,

The availability of this extra channel of numbers obviously lets you send covert messages, though wonder how you’d do it practically

Have a look on Matt Blaze’s web site ( ) and look down for jitter bugs.

It has been discused on this blog a number of times before but under a different name of “keybugs”. Have a Google of,

[ keybugs]

It exploits a differential time based channel that many quite complex systems are compleatly transparent to due to a focus on “efficiency” rather than “security”.

As far as I’m aware it was the first academic paper to show how such a channel existed along with a practical exploitation (although it’s covered by the old EmSec rule of “clock the inputs and clock the outputs”).

kingsnake January 5, 2012 6:26 AM

I wish there was a way to attach pictures to posts, because I still have a photo floating around my computer of a package our company received about seven years ago where the entire package was covered with stamps. Everywhere but the shipping label. I wonder what they were signalling?

ITI January 5, 2012 6:32 AM

I’ve a variation about Secured USB Key.
Inserted (easily) in the right postion equals “datas available”. But inserted (forced hardely) in the other position assure that datas are unavailable, definitively. :o)

Phil 8 Lee January 5, 2012 7:51 AM

@AC2: Ben Affleck gave an envelope to his future memory-wiped self with an extra stamp on it that, when magnified, helped him solve the mystery in the sci-fi flop Paycheck. There may be other examples, but regrettably, I remember this one.

I’ve heard the “upside down” stamp is a sign of distress too. Guess that kind of makes sense especially if it is an upside-down flag stamp.

Before email a pen-pal and I used to write puzzles in letters to each other, constructing the text in odd ways (as opposed to left > right > top> bottom.) Obviously not cryptography, it was plain English in unusual patterns.

We’d often put the “key” in the square inch of space under the stamp on the envelope to unlock the pattern. I don’t know what you call it when you re-orient the letters all over the page but don’t replace any characters.

After email this sort of stopped, although my much more artistic friend came up with some interesting ASCII images, I went the ee cummings route for future silly correspondence .

puppy dog January 5, 2012 2:19 PM

in the old days marking a stamp placement meant one thing, like the upside down stamp.
But jail inmates used to hide things under the stamp like LSD.
People forget that when you open a standard envelope you tear across the top. The wax seal and the glue edge part can also hold a message and most people just throw it out. When we the last time you look inside the envelope?
So many old school tricks that they used and still use.
Let’s get techo, the glue can be a message, the paper or postcard.
Or a QR code on the front and just an address on the back.
Just the fact you got an envelope without a letter is a message. Or a postcard with a “I love you” in blue, black, or red ink. All could mean something else, but the color gives it away.

Baz January 5, 2012 2:42 PM

@Clive – very interesting, and yes the channel is very similar. Though to some extent XEP0301 is a defense against keybug attacks – the keyboard delay is disconnected from the packet delay, so if the XMPP stream is encrypted there’s no info leaked to a third party? The ‘evil keyboard’ could delay and speed things up enough to change the packet sizes and transmit info that way, but at 1 bit/s you’d struggle even to send out a password.

Jon January 6, 2012 1:15 AM

I once, during a time of financial distress, sent out the monthly batch of bills with American flag stamps – All deliberately applied upside down.

As far as I could tell, nobody noticed.


Clive Robinson January 6, 2012 8:46 AM

@ Baz,

“Though to some extent XEP0301 is a defense against keybug attacks – the keyboard delay is disconnected from the packet delay”

I’d need to look XEP0301 up and have a carefull think about it, but my experiance with other systems in the past has indicated that all to often either the protocool or the implementation has deficiences which can be exploited in some way, and even if I don’t spot it somebody else will… As there are “to many designs and to few eyes to watch over them”.

Not sure what your actual attack vector is but with regards,

but at 1 bit/s you’d struggle even to send out a password

There are a couple of ways you could look at such a low bandwidth,

1, Only 2mins to send the average AES key…
2, You halve the keyspace you need to search every second…

Oh one other thing to think about the “jitter bug” / “keybug” assumes a passive adversary and a “broadcast” model for the covert channel. That is it’s a Shannon Channel “source”, thus it’s in theory detectable by another observer hence the “clock the output” mitigation. But also think about the “reverse” direction, that is the adversary is not passive but “active” and that although still a “source” the system is now “susceptible” in some way. As is seen with various “cache attacks” the system “tests secure” on emissions and appears to remain “secure” in use. However it is only when an adversary injects in a signal of some form in some way that a covert channel opens, and thus the “clock the inputs” mitigation.

But… you need to “decouple” the channels in some way so not only do you have to “clock the inputs and clock the outputs” you need to ensure that the clocking cannot be exploited in some way. In many systems this is done by using a single master clock within the device but use the rising edge to clock say the input whilst the falling edge is used to clock the output. Another method is to use a variable delay window, where the delay is selected using a cryptographicaly secure RNG. If done correctly this second method alows a high “valid in channel bandwidth” whilst holding the potential covert channel down to just a bit or two per second (or longer if you alow data bursts).

However you try you cannot prevent data being leaked (ie the fact you communicate is effectivly one bit of data). The best you can do is “hold the bandwidth down” in various ways.

For instance one covert channel is the “error correction” mechanism, in most comms systems the design is for high reliability and soft fail, if it’s not possible for an attacker to have a covert channel within or to do with sending data, they can still have a low bandwidth attack vector by injecting faults into the data etc so tthe system goes into an error correction mode. To deal with this covert channel you need to design the system such that it “fails hard and long”. That is when an error occurs abort the entire communications then do nothing for a long but random period before recommencing communications from the begining of the message.

Another covert channel is the delay between messages, the military solved this when trying to solve “traffic analysis” issues, by the simple process of having point to point channel encryption and send “null data” between messages. To an observer the comms channel is always in full use. Whilst a simple solution for point to point comms or “circuit switched” networks, it is problematical for “packet switched” networks…

RobertT January 9, 2012 12:31 AM

@Clive R
“clock the Inputs, clock the outputs”
Sounds like an easy rule to follow, BUT in modern comms systems the input sample clock is recovered from the input data. so channel sampling errors can be created by forcing errors in the clock recovery process. If this is an RF link then the clock can be effectively controlled by rf injection of a suitable signal, similar to jamming, but with much less power. The covert data is embedded in the forward error correction scheme (FEC) and the carrier bit loading. This is especially applicable to variable bit loaded QAM on OFDM.

PM me for exact details.

Yves January 12, 2012 7:51 AM

I have been told by an old man, in France, that putting the “Marriane” stamp upside down was used by royalists to send through a political message: we will make the Republic fall (symbolized by Marianne) and bring back the King. Not sure it’s true, but maybe more realistic.

Sir January 23, 2013 3:45 PM

I’ve been doing some reaserch on stamps and their power. I found this, has something to do with sovereignty, or something
I also watch the movie j Edgar hoover with Leo Dicarprio as j Edgar. In one scene when the lenburg baby got kidnapped the kidnapper left a
ransome note with signature, a red dot with three
holes, and just listen to what Leo says about the ransome note, he says sign signature, trying to figure out what he meant. And in the scene when they put him on the box of cereal, his right hand man is eating out of as j Edgar start to read a letter from a female, if you look close the letter has 4 postage stamps on it, what is the significance of placinging a postage stamp on
any document that is not mail matter. I know this has something to do with the langauge of stamps and the UPU and all countries/nations are not
legal/lawful with out some type of correspondence
system which is the postal system. I remember in like the 5th grade (1987) in writing class we had to write a pen pal in another country, if I remember correctly we wrote the pen pal letter as
an open letter, and placed a stamp on the letter in the right hand corner, not on an envelope.
We didn’t use envelopes instead we folded it some how can’t remember. I recall the teacher saying something about postal power and she made us sign the stamp with are name. I also herd the phrase as I was growing up that a stamp
is the most powerful tool at hand.

Mark Rejhon September 28, 2015 1:31 AM

This is a follow up to mention that XEP-0301 is now approved as a Draft standard, and the official web address is actually:

Also, there is a way to record keypress dekays and encode it as wait-intervals, so that XEP-0301 is able to replay keypresses at their original intervals, independently of packet intervals. This was done to preserve maximum emotion in typing (deafies can tell calm typing apart from emphatic typinng, etc)

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.