ad: elecraft

NYPD Radio Encryption

Discussion in 'General Announcements' started by KA2EEV, Jul 30, 2023.

ad: L-HROutlet
ad: l-rl
ad: Left-2
ad: L-MFJ
ad: abrind-2
ad: l-BCInc
ad: Left-3
  1. N3EG

    N3EG Ham Member QRZ Page

    Everybody's doing it. It's old news. Now, because it's the NYPD, it makes headlines. Yawn...
     
    KU7PDX, PAULRON and K3XR like this.
  2. KA2EEV

    KA2EEV Ham Member QRZ Page

    Yes, it's old news persay, but still might be intriguing to see if a new type encryption will be used.
     
  3. N3RYB

    N3RYB Premium Subscriber QRZ Page

    Is the MDT encrypted? :)
     
  4. W9YW

    W9YW Moderator Emeritus QRZ Page

    I wonder if it plays out like this:

    Someone records a reasonable segment of encrypted conversation. The audio will use digital encryption, and ultimately, with enough computing power, you can break any encryption. So:

    Using lots of cloud computing, they figure out the encryption keys and any hashes.

    With the keys, seeds a Raspberry Pi and dedicates it to realtime decryption. Sells the keys on the black market, just like ghost guns, or maybe tweets the keys and algorithm to the world.

    Imagine re-flashing 2400+ radios with new keys, all at once. In actuality, some will be re-flashed while others wait, creating radios that don't work with other radios, which brings us back to the clustertruck that happened in NYC during the 9/11 era. Unless a radio can be remote-flashed, in a few months the encryption will be useless, no matter what they use. The reason is that a handheld radio hasn't sufficient power to decrypt really complex algorithms.

    This doesn't end well, methinks.

    73 Tom W9YW, who understands hacker mentalities
     
  5. N7WR

    N7WR Premium Subscriber QRZ Page

    Yes. And FWIW another large agency in this state for reasons too complicated to state, but due in part to its own stupidity, runs their data via the Verizon cell system
     
    N3RYB likes this.
  6. WW5F

    WW5F Ham Member QRZ Page

    @W9YW - When I was deployed, it was a real task to rekey all base Land Mobile Radios (LMRs) every week. My four radio troops would have to touch each radio and hump to do it. One base agency at a time. Some base agencies would have to go 2 or 3 hours before all their radios were rekeyed. OPSEC.

    Not a problem today. Just do the math on how long a computer would take to find the key and rekey at intervals a little less than that.

    https://www.motorolasolutions.com/e...cations/over-air-rekeying.html#tabproductinfo

    https://www.motorolasolutions.com/e...s/portable-radios/srx2200.html#tabproductinfo

    The XTS 5000 was about $5K each. I wonder how much those SRX2200's are.

    @N7WR - As it is with everything, it's a matter of throwing money at it. The most important always gets the money first.

    (And there are already comm systems today that use a different key for every *single* transmission.)

    On the other hand, what you say ( @W9YW) stands when some computer hacker figures out a bug in the firmware. That's already happening today with EUFIs.

    Ya, it's not going to end well. Today, everywhere I look, things are crumbling.
     
    W9YW likes this.
  7. KT4PH

    KT4PH Premium Subscriber QRZ Page

    We run our MDTs over both Verizon and AT&T but we use a VPN to connect each one, that's how we get the encryption.

    73
     
    N3RYB and N7WR like this.
  8. KA2EEV

    KA2EEV Ham Member QRZ Page

     
  9. KA2EEV

    KA2EEV Ham Member QRZ Page

    A complicated scenario that's bound to fart and backfire with glitches...Me thinks you're right.
     
  10. N3RYB

    N3RYB Premium Subscriber QRZ Page

    Before or after the heat death of the universe? You might be able to decrypt it, but it's not useful if you cannot decrypt it in REAL TIME if you have nefarious means. Unless of course, you have the correct keying material. Mitnick style social engineering tactics would work better than brute force cryptanalysis.

    I'm sure NYC is using P25 radios just like everyone else. They get to go along for the ride like everyone else. For better or worse.
     
    K1IO likes this.
  11. N2ARO

    N2ARO Ham Member QRZ Page

    I think politicians should be required to use unencrypted two way radios for all of their communications. I'd love to listen in on their daily chat.:rolleyes:
     
  12. K1IO

    K1IO Ham Member QRZ Page

    Echoing what N3RYB said, are you guys familiar with modern encryption? P25 can use AES with a 256-bit key. AES is not known to have any back doors. A weakness could be in the key generator -- if that is not truly random, then it is not as strong as it could be. (One required by a federal standard had a known back door.) But realistically, there is probably no real-time crack, even with NSA capabilities. Any weakness is likely to be elsewhere in the system -- social or at a spot where it's decrypted.
     
  13. K6LPM

    K6LPM Ham Member QRZ Page

    Me thinkth that this type of digital encryption has already proven itself as being robust and secure enough to not be easily defeated. Many municipalities across the nation have already been deploying it for long enough that it would likely have been defeated already. If it has been defeated than the folks who have hacked it are unusually very silent. There is nowhere on any forum that actively discuss work arounds, hacks or pull together their resources trying to open source a compromise of some type. Compromise would be about the only way you might see such a defeat. But that would be with some industrial espionage having to occur. But let's just say for giggles and grins that hypothetically the encryption algorithm was indeed stolen and it was released to the underground and eventually was distributed. The manufactures and vendors that have sold these encryption systems would immediately seek swift and fast legal injunction against the mainstream scanner and radio manufacturers that currently are licensed to use their codecs for their open digital trunking protocols and other various manufacturer digital systems that modern scanner radios can openly decode. Not to mention that they would go after the gray market and aftermarket decrypting hardware and software sellers. It is already a censured topic on the enthusiast type forums such as Radio Reference website, where they had to bow down to industry pressure from radio system vendors under threats of intellectual property violation and disseminating copywritten and patent materials.
    The encryption of these systems is very robust, similarly to the widespread satellite TV piracy in which the defeating of pay television encryption was a huge widespread and hugely profitable underground industry. It was not thru actual reverse engineering but was all due to industrial sabotage and the willful dissemination of the encryption by a major satellite television provider to disrupt the value of the company they had targeted for a hostile takeover and merger. When they instituted a whole new digital encryption scheme and employed a wide mandatory card swap/set top box for their entire legitimate subscriber customers, that effectively ended the piracy and test card industries. The AES encryption has not been compromised since. Despite big money rewards and bounties to break the code it has not been done on the Nagra3 encryption scheme yet. With only exception being the duplication of legit subscriptions and internet key sharing of the often randomly scrolled keys. But that has even been counter measured.
    As for Phase two P25 digital encryption schemes? There has been a recent report from some White Hat security firm that has found a backdoor built into the hardware of every radio produced by one of the biggest government radio contractors. The exploit is reported to not be very complex or is too exotic. They have not released the particulars until the manufacturer has had sufficient chance to review the claims and consider a viable update.
    Digital encryption will continue to grow more robust. Especially within the arena of crypto currency and Blockchain technologies..... It is just too bulletproof and difficult to even hack your way into an effective monitoring station as more systems go fully private thru digital encryption schemes being utilized with digital voice protocols.
     
    N3RYB likes this.
  14. KT1F

    KT1F Ham Member QRZ Page

    I don't know what these radios use but there is no reason for the algorithms to be a secret.

    It seems to be common misunderstanding but any encryption worth anything at all is not "scramble the data in some secret way".

    Encryption uses keys. That's what you need to keep secret, not the algorithms.
     
    N3RYB likes this.
  15. SM0AOM

    SM0AOM Ham Member QRZ Page

    Having dealt quite a lot in recent years with OPSEC and COMSEC matters in connection with systems verification, my views are these;

    Seriously meant encryption never relies on network-provided cryptos.

    Next level is equipment-provided integrated cryptos which sometimes can be trusted, as long as the key distribution procedures are not compromised.
    But as equipment may contain "back-doors" really serious matters are never transmitted through such channels anyway.

    The highest level is when end-to-end encryption is used with proprietary crypto devices that you have physical control of.

    Most digital trunked systems such as TETRA are considered as "open" and no classified information is supposed to be sent through them, if not end-to-end encryption is used. This is due to that decrypted traffic sometimes can be routed through switches or IT systems of which the users do not have physical control of.

    To what extent this is enforced is however a quite open question. Attempting to makeing a close to real-time brute-force decryption effort even if the algorithm should be known would be a major undertaking as long as the key generation and distribution system has not been compromised.

    If current message keys goes AWOL, no crypto system can be relied on, and serious users are aware of this.

    73/Karl-Arne
     
    N3RYB likes this.

Share This Page

ad: elecraft