08-10-2011, 18:03
|
#1
|
|
Quiet Professional
Join Date: Feb 2007
Location: Occupied America....
Posts: 4,740
|
P25 Radio security and jamming
Admittedly this is not Type-1 encryption and most public safety organizations do little in the way of encryption but may do some things for “security” reasons. DES and AES are not Type-1 so there should not be any expectations of similar performance for the algorithm. For some reason they insist on using the term encryption...
Interesting article and discussion. The Project 25 “standard” is anything but “standard” as each manufacturer has their own spin on exactly how the TIA 102 standard is applied.
Quote:
AUGUST 10, 2011, 12:15 PM ET
Security Flaws in Feds’ Radios Make for Easy Eavesdropping
By Jennifer Valentino-DeVries
The portable radios used by many federal law enforcement agents have major security flaws that allowed researchers to intercept hundreds of hours of sensitive traffic sent without encryption over the past two years, according to a new study being released today.
|
Article from WSJ
Penn State Mitigation Guide
Penn State White Paper from symposium
__________________
"There are more instances of the abridgment of freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations"
James Madison
Last edited by Ret10Echo; 08-10-2011 at 18:52.
|
|
Ret10Echo is offline
|
|
|
08-10-2011, 18:39
|
#2
|
|
Quiet Professional
Join Date: Oct 2006
Location: MD
Posts: 448
|
it helps the big three sell radios to non-RF guys.
All of these years that p25 came out and it still has not work right..
AL
__________________
RF is the Black Magic of today
|
|
albeham is offline
|
|
|
08-12-2011, 12:25
|
#3
|
|
Quiet Professional
Join Date: Jan 2009
Location: Atlantic Ocean
Posts: 137
|
P25
One of the difficulties in promulgating ANY sort of standard in the technology world is that the time delay inherent in both developing and gaining acceptance of the standard means that there will ALWAYS be something better on the market when it is actually deployed - and P25 is no exception.
What manufacturers REALLY want is for the standard to be exclusively THEIRS, in order to maximize their market share - for example, the "SecureNet" encryption modes developed and owned by Motorola (and only grudgingly released to other manufacturers under heavy pressure from Government users, who did not want "sole-source" procurement).
When it became obvious in the late 1980s that a form of digital modulation was the way of the future, P25 was developed under the aegis of APCO with the explicit goal of creating an open standard, implementable by all, and with cross-brand compatibility a requirement. They almost succeeded, but the IMBE Codec is indeed proprietary - fortunately NOT held by a radio manufacturer.
What the manufacturers do now, of course, is to extend the capabilities of their equipment into corners and spaces in the standard, to re-create proprietary features and functions for individual brands - and confusing the daylights of the non-technical buyers and users of these systems.
The papers presented have a lot of good information - though unfortunately the WSJ article is extremely misleading, probably due to the author not having the faintest <technical> idea what the papers were talking about...  I did get the idea that some of the [hidden] motivation for some parts of the paper were to try and "sell" some sort of spread-spectrum "solution" in lieu of P25.
They also seem to be completely unaware of the reasons for some of the vulnerabilites they catalog - for example, how radios function in a mixture of clear and encrypted traffic - are actually dictated by provisions of DoD and Federal Security regulations. I note that they also seem to be unaware that Motorola (for sure, maybe others) does now offer LCW encryption on it's trunked P25 systems.
But the thrust of their argument is certainly factual - limited or improper training and supervision of the users can nullify even the best encryption system - and no amount of hardware fixes will cure it. Those papers should be required reading for ALL public-safety and DoD encryption users.
Hartley
|
|
Hartley is offline
|
|
|
09-07-2011, 05:47
|
#4
|
|
Quiet Professional
Join Date: Oct 2006
Location: MD
Posts: 448
|
I like you two guys...just as professional radio ops..nothing more.
Maybe we should start our own company....?
P25 is nice but the operators , fire,police, etc and not skilled Radio operators.
Not trained in the use of the systems as to the level as the other tools of their trade(s).
So what to do? Like the big three..just throw money at it...a lot of money..
or do we take the users out of line to train them on the finer points and solutions to what will happen while in the field?
maybe re-define what communications is really needed on the job. does everyone need to carry a radio? What type of information is needed to be passed to higher? etc. 
Like what one THP officer told me..thank god for cell phones....
AL 
__________________
RF is the Black Magic of today
|
|
albeham is offline
|
|
|
11-16-2011, 12:07
|
#5
|
|
Guerrilla
Join Date: Jan 2004
Location: Nevada
Posts: 213
|
My fire dept. up in AK stayed out of the ALMR system. p25 system, statewide coverage...
Cost of deployment was crazy compared to what was already on the rigs, cost of upkeep (You want on the ALMR system, you have to pay into the statewide repeater upkeep fund and so on)was crazy...
There were enough repeater channels and simplex channels to easily support multiple fire-ground operations simultaneously. Why buy in when what you have works?
Not everyone needed to talk, but having more handhelds on a scene was beneficial simply because if you ended up being in a situation for a "mayday" call, having the means to call for help on the radio was a huge thing for resolving your situation and saving your life.
Primary training for the equipment consisted of what channels you had, how to change the channels, and that unless you had a safety issue that everyone needed to know or were a crew boss/officer, don't talk on the radio.
For us, it meant that we also had to talk to dispatch more if we needed any LEO's on-scene... but we'd be talking to dispatch anyway with updates as to what was going on, any additional assets required, etc.
Worked well for us. I can understand wanting to use a trunked system in a thick-RF environment, but there's inherent issues with the systems and firefighting situations specifically because trunked systems are repeater-only, vs being able to go simplex and have a dedicated frequency/channel for a specific scene.
More than anything, training the end users is paramount. trunked systems require a significantly higher amount of training.
The TAPS radio system was even worse than any trunked system I have seen. 15 interconnected repeaters with alternating channels for the entire length of the trans-alaska pipeline. You needed a map to know what repeaters covered your area (although you could just TX to see what you could hit where you were) phone-link procedures, simplex channels.... 3 hours sitting through powerpoint just to be allowed to use the radio, with the end result of the training best equated to "more confused now than without the class".
|
|
TF Kilo is offline
|
|
|
11-16-2011, 12:48
|
#6
|
|
Area Commander
Join Date: Nov 2005
Posts: 1,403
|
Edited to add: Sorry for swerving outta my lane, lack of SA, didn't notice I was in 18E.
There are two issues here. I've read on scanner furums that you can record encrypted P25 trunked transmissions and then run them through a public domain program and hear the transmission in the clear. It's not real-time, but if you're organized--almost. This is due to inherent weaknesses in the underlying algorithms. The U Penn paper alludes to this and it's my guess that the keys and encryption seeds discovered by this software could easily allow the other 'spoofs' that are mentioned, e.g. inserting bogus users into the conversation, denial of service attacks, etc. I can come up with all sorts of "etc" mischievious ideas.
The issue the WSJ is discussing is failure to properly configure the radios to enable encryption. I've witnessed this myself, where the 'base' station is encrypted (I hear nothing while using a P25 trunked scanner) while one or more 'remote' units are sending in the clear. This is just careless/stupid, as it's a one-time setup issue. I can't believe for what these agancies are paying that the initial setup per agency specifications isn't included as part of the purchasing process.
I hate encryption anyway--spoils the fun. It's pretty amazing who gets allocated encrypted systems anyway. I can see fed agencies and local tac teams but public health? Yes, I can make up an argument for why they would have it but I think my need to know trumps their paranoia. Check your local area freqs on RadioReference.com, it's pretty interesting.
__________________
mugwump
“Klaatu barada nikto”
|
|
mugwump is offline
|
|
|
11-16-2011, 15:09
|
#7
|
|
Area Commander
Join Date: Jan 2011
Location: Western WI
Posts: 6,964
|
Quote:
Originally Posted by mugwump
I can't believe for what these agancies are paying that the initial setup per agency specifications isn't included as part of the purchasing process.
|
Especially in many smaller levels of guv (county, local) you might be surprised (or not) as to how close to the vest they have to play their budget on many things. They are then often the classic victim of the system vendor's 'gotcha' - "training? Oh, that's extra - but we'd be happy to give you a quote on that."
Quote:
Originally Posted by mugwump
I hate encryption anyway--spoils the fun.
|
Maybe for the scanner crowd...
|
|
Badger52 is offline
|
|
|
11-16-2011, 18:12
|
#8
|
|
Quiet Professional
Join Date: Feb 2007
Location: Occupied America....
Posts: 4,740
|
Ohhh...the many, many problems with P25... Great idea, poor (nay...LOUSY) implementation. Interpretation by vendors and system configurations create interoperabilty nightmares. I spent some time explaining to a non-techie that just because it says P25 on the label does not mean it will operate with other devices sporting the P25 label. TIA-102 suite continues to march...vendors continue to apply as many "features" as possible to render devices incompatible (despite advertising). Something about company's whose names begin with "M"...dunno
To answer the question concerning "trunked" systems. A digital trunked network can still possess "talkaround" or peer-to-peer communications if configured to operate in such a manner. Of course that bumps up the spectrum support requirements...but there are always trade-offs. Purposeful application of interoperability channels or talk groups helps.
Operation and Maintenance costs (O&M)...yup, as soon as it is built it begins to break down. Nature of the beast. For organizations such as public safety that do not generate revenue for O&M, it quickly becomes problematic. Vendors will carry parts for your 15 year old system...but that's "Extra".
Encryption...difference between encryption in the public safety space and in military terms. Simple encryption is readily available, but managing that across a trunked system and when other users will be around becomes problematic. Key management is not easy when there are so many devices out there and the culture is one of open communcations.
Enough for now....
__________________
"There are more instances of the abridgment of freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations"
James Madison
|
|
Ret10Echo is offline
|
|
|
11-17-2011, 20:37
|
#9
|
|
Quiet Professional
Join Date: Oct 2006
Location: MD
Posts: 448
|
The myths of P25..Google it...and learn....
More and more agencies are going to others systems that are analog.
Once again they, the vendors are trying to have this fix all in a radio. Its Bullshit.
Give me a simplex channel any day, ,WITH TRAINED DISCIPLINED RADIO OPERATORS..and I'll give you the best commos in the world...But that is what they don't want...shit the military has been doing this for year...and then there are the hams....oh you did not just say that!!! Yep..sure did.
One last smart ass question..why do you need encryption on a P25 system, what in the hell are you being so secret about? Let me get my tin hat....
__________________
RF is the Black Magic of today
|
|
albeham is offline
|
|
|
11-17-2011, 21:56
|
#10
|
|
Quiet Professional
Join Date: Jul 2007
Location: Nashville
Posts: 974
|
Re: Prick 25.
Quote:
Originally Posted by Ret10Echo
Admittedly this is not Type-1 encryption and most public safety organizations do little in the way of encryption but may do some things for “security” reasons. DES and AES are not Type-1 so there should not be any expectations of similar performance for the algorithm. For some reason they insist on using the term encryption...
Interesting article and discussion. The Project 25 “standard” is anything but “standard” as each manufacturer has their own spin on exactly how the TIA 102 standard is applied.
Article from WSJ
Penn State Mitigation Guide
Penn State White Paper from symposium |
"Hippie" Harve Saal had his teams carry more secure radios then we did. They were all INDIG and sounded like the bad guys anyway. They used a lot of batteries.
|
|
alright4u is offline
|
|
|
11-18-2011, 10:46
|
#11
|
|
Quiet Professional
Join Date: Feb 2007
Location: Occupied America....
Posts: 4,740
|
Quote:
Originally Posted by albeham
More and more agencies are going to others systems that are analog.
|
Shhhh..... Did somebody say "TETRA"??
Quote:
Originally Posted by albeham
One last smart ass question..why do you need encryption on a P25 system, what in the hell are you being so secret about? Let me get my tin hat....
|
NCIC look-ups...other PII...Officer locations...etc. Not "classified"...just secure (to a certain extent).
You're not a closet DF'er are ya??? Squiggly squelch breaks aren't as cool as hearing wassup' 
__________________
"There are more instances of the abridgment of freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations"
James Madison
|
|
Ret10Echo is offline
|
|
|
11-20-2011, 18:06
|
#12
|
|
Quiet Professional
Join Date: Oct 2006
Location: MD
Posts: 448
|
NCIC look-ups...other PII...Officer locations...etc. Not "classified"...just secure (to a certain extent).
Yes..You are right..forgot my days back on the highway patrol...
You're not a closet DF'er are ya??? Squiggly squelch breaks aren't as cool as hearing wassup' [/QUOTE]
No not closed.. I DF anything!!!!
__________________
RF is the Black Magic of today
|
|
albeham is offline
|
|
|
11-20-2011, 20:06
|
#13
|
|
Quiet Professional
Join Date: Feb 2007
Location: Occupied America....
Posts: 4,740
|
Speaking of which...this just popped up over at the AP.
More Police departments look to tune public out
The article points to how technology makes it very simple for anyone to monitor traffic that does not have some form of encryption on it.
Argument for: Bad guys hear us, and there is some info others shouldn't hear (back to our PII)
Argument against: We pay salaries and have a right to know what they are doing
__________________
"There are more instances of the abridgment of freedom of the people by gradual and silent encroachments of those in power than by violent and sudden usurpations"
James Madison
|
|
Ret10Echo is offline
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 22:48.
|
|
|
Linear Mode
