The frequency shifting of the stereo signal must be doing exactly that, shifting everything down and not filtering
RDS at 57k she says? Stereo signal (or better, the L-R information) is at 38k (double band suppressed carrier, so the carrier would be at 38k). So 57 - 38 = 19k!
decoded from intermodulation distortion in the radio's Line Out audio
I wonder if this is a fairly common side channel attack? The most common in the domain of digital crypto is time (e.g. all password inputs must take equal time to check vs a given password, otherwise you leak info about the password) but distortion seems an obvious attack vector against analog crypto. Though I don't know if it's merely obvious in hindsight, as are most things.
No, she used the distortion to decode the specific subcarrier that holds the RDS information. This had nothing to do with the decryption, as the data decoded at this step would include regular RDS/RDBS data along with the _encrypted_ TMS data.
The decryption is performed in a second step. The reason she had to do it this way is because most radios do not provide a convenient way to get at the subcarrier data.
I believe the parent comment is referring specifically to the part about sniffing one stream of information using only the observed it has on another stream (as opposed to the part where the radio is connected to a sound card and digitized).
