Legally Breaking Encryption

[KC9NCF]

The above refers to LEGALLY using and listening to encryption. Now, I am going to point out that FCC rules simply state that a person may NOT use a scanner to receive an encrypted signal. It says "scanner". I posted this in another thread and I'll post it in this original thread. I am asking that it stay on topic and that there not be any trolling.

tonsoffun shut down the latest encryption thread because it was going south in a hurry and he was right to do it.

Here's what you need to know:

1. Don't use a scanner

2. Get licensed for a service that is allowed to experiment with or use encryption. Public safety is not the only service that is allowed to use encryption and experiment with it and I highly advise that no one go playing on public safety freqs...again look into the other radio services you can get licensed for where it is allowed.

3. Once you have your license for the proper service, go buy a Motorola radio or other comparable radio from a well known manufacturer. When you buy the radio, it will automatically come with programming software for your specific service and if not, it shouldn't cost all that much.

4. Go buy an OpenSky, DES, or other encryption package of your choice since you are now legal to possess and use it.

5. Use your commercial radio for which you are licensed to program in the RX only freq's you wish to listen to. Be sure to first program your copmmercial rig with the licensed TX freqs and add your other desired freqs after the fact.

This is a solution for people who have money to blow and still be able to be secure in their daily lives. Who's gonna know what you're listening to in spite of regulations unless YOU brag about it? So, don't ruin this loophole for all of us by bragging about what you're doing.

6. once you have the appropriate encryption package in your licensed service, you can now use it to scan for the encryption key you desire. It goes to "technical incidence" while you were experimenting and the fact that most radios are able to be programmed beyond their intended service as part of it's most normal functioning aspects.

Tell nobody what you are doing unless you have a good attorney on hand who will be willing to fight for your ability to do all of this since you are not truly breaking any laws because you are NOT using a "scanner". The communications act defines a "scanner" quite well and commercial rigs are not in the current definition of what a scanner is. Have fun everyone!

[gewecke]

I wonder why no one has voiced this suggestion before now.
I've already done this,and you're right.
N9ZAS

[N_Jay]

1) Are you sure the law says "scanner"?

2) I think encryption is legal on all of Part 90

3) Programming software is by brand and model, not by "service".

4) You would have to but the encryption module or software for the unit you own and the algorithm you want to play with.

4a) Opensky is a protocol not an encryption.

5) The programming stuff you reference is meaningless.

5b) I don't get this, if you want to encrypt a channel you are licensed for in Part 90, there is no law against it.
You seem to be drifting back and forth between "using" encryption and "breaking" encryption.

6) So you think that by owning a system with legal encryption somehow makes it more legal to receive someone else encrypted traffic??
AND you seem to think that accidentally finding the right key is somewhat trivial?

[petrol88]

Nonsense, but I'll respond anyway (sometimes cannot help it).

"Scan for the key?"

DES uses a 56-bit key. Assuming you could check 10 keys per second (remember you have to listen a bit to see if the key is working) it would take on average 114,246,565 years to find the key.

Call me when you've got that key scanned...

[TBennettcc]

What kind of money are you talking about?

$1,000? $10,000? $100,000? $1,000,000?

Whatever it is, I know I don't have that kind of money (and probably never will...)

[N_Jay]

Quote:

Originally Posted by TBennettcc

What kind of money are you talking about?

$1,000? $10,000? $100,000? $1,000,000?

Whatever it is, I know I don't have that kind of money (and probably never will...)

Two radios with encryption and a keyloader can probably be had for 5 to 10 K.

It is NOT the cost (nor the legality) that keeps these systems secure (No matter what some people here seem to think!)

[gewecke]

Quote:

Originally Posted by N_Jay

Two radios with encryption and a keyloader can probably be had for 5 to 10 K.

It is NOT the cost (nor the legality) that keeps these systems secure (No matter what some people here seem to think!)

Try 1 keyloader and 1 astro/des for $1800?
If I'm lucky a 2nd radio will still be avail. for another 1k.

N9ZAS

[N_Jay]

Quote:

Originally Posted by gewecke

Try 1 keyloader and 1 astro/des for $1800?
If I'm lucky a 2nd radio will still be avail. for another 1k.

N9ZAS

POINT MADE!!!

The cost of the equipment has NOTHING to do with keeping an encrypted system secure.

[radioman2001]

DES was broken in as little as 40 hours, in 1991 with computers of that era, that's why AES was created, because DES was broken so easily. The method that was used is known as a hard break, entering every valid key. Now I suspect that there are a numerous key sequences that can't be used because of recurring 0's and 1's, so there are a lot less possible combinations than is mathematically equated. That's why key loaders give an error when you put 0's or 1' in sequence.

[mancow]

Nothing in existence "scans" for keys so it's all moot anyway.

[trace1]

Quote:

Originally Posted by KC9NCF

The above refers to LEGALLY using and listening to encryption.

If you really want to listen in, "legally", to encrypted radio traffic you could just simply get a job with that agency that you desire so much to hear what is going on with and "they" just may even "give" you a radio, or radios, where you don't even have to spend your hard earned money buying all those expensive toys...

Quote:

Originally Posted by KC9NCF

THE AB0VE REFER STO ELGLALY USING ADN LISTENING TO ENCRYPTION!!!!!!!!!!!!!!111~~~~~~~ LOLOLOLOOLOL~~~ now, i am gioing to po1nt Out that fcc RoiXoRz simply state that a dO)d m4y not use a scannar to recivee an encrypted siGnal it ssys 'sccannEr/ I POSETD THIS IIN AN0THETT HREAD ADN ILL POST IT IN THISO RIG1NAL THr3AD, OLOLOLOLOOOLLO u ajm askingthat it stay ont opic and that teHRee no tbe ant trol7iing!!!!!!!!!!!1

I will ahck tonsoffun shu tedown The latest endcryptoin ttjread becuz 1t was goi|\| gsouTh in a hrury 4nd he waz right to do it//

here'z what u need to know:

1 I WN J00 CAUSE YOU R L4ME don"t us ea scannar

2 get liceNseD for a sercice that si al70wdd t0 exp3riemjnt with ro use e|\|crytpion OLOLOLOLOOLOLOL public S4fety is not the only servi3 that is al7owedto use emncryptuon and exparIment with it a|\|d i highly 4dvise that no one go plAyim gon public safety gfreqs!!!!!!!!!!!!!!!!!!!!!!~ lolololol ,, LOLOLO~ agaim loOk into tHe otherr radio services u can get licens3d for whare t Si allowed,

3~~ once uo ahvE yuor license for tEh p0rep rsarvice, gob uy a motorola rad1o Or otehr comparab7e radiO from a well Known manufactureerf DON TRIPEM E OF!!!!!!!!!!!!!!!!!!1~~~~~~~ wehn u buy teh rasdio, it will 4utomatically Come ith pr0grAm/\/\ing WaRreZ fR youre spec1fic serv1ce and if |\|ot, i tshouldn"t cot all that ,uch!!!!!!!!111~~~~

4!!!!!!!!!!!!!!!!!1~ GO BUY 4N OPENSKY, EDS, OR ORTEHR ENCRYPITONN PXA0RAGE O FUR CH0IDCe SINCE U AR NOW LERGAL TO POSSESSA ND USE 1T//

5~~~~~ olol use youre comarcial radio f0r wh1ch u qre liceNsed ot poRgram iN t3h rX0r only freq's u wish to l1sten to!!!!!!!!!!!!111~~~~~~~ lolololl be sure to firs tprogram your Copm/\/\ercial rig w1th th3 licensed tX0r freqs an dadd ur otehr desired freqs 4fter tehfact!!!!!!!!!!!!!!!!!!!!!!!~~~ ythis 1s as olution for dewdz who ave monEy to bbl;owa nd still be able to be secired in teHir daiyl lives!!!!!111~~ OLOLOOLO!!!!!!!!!!!!!!!!!~~~ whos gionna knoww hat UR lIstening t oin spite of reguulations un7esz you brag abou it??????????? SO, DON"T RRU1N TJIS LOOPOHLE FOR ALL OF uS BY BRAGGInG BAOUT WHAT UR DOING!!!!!!!!!1 ^

6^^^^ o|\|ce u ahVe the apPropriat e3ncRyoptuon p4X0rage in your7ciens3e service, you can now use 1tr to scan fro tHe encryption k3y you desirE!!!!!!!!!!!!!!!!!!!!!!!!!!1~~~~ It goes to "ytechnical incudence \/\/hlie u ware experimenting an dthe fact thast most Radoiz t ablew to be programmed beyOnd th3ir intended service as psart of itsd mm0sdt normal fUncti0ning aspects!!!!!!!!!!!!!!!!!!!!!!!!!!~~~~~

tel7 |\|opbody what you 4r dOing nuless you ahv a gOod attroney on 4hnd who w1ll bE wilLnig to fight f0r youre aibilty To do all of th1s Sicne ypour not truly br3akijg amy la\\\\////\\\\////s becuz y0u r not using 4 scaNner thre communcatinoz act def1nes a 'scannsar" qquite w3ll and commercial rigs are n0t 1n the curr3nt definitiion of what 4 scannar iz!!!!!!1 ahVe fun evaryone!!!!!!!!!!!!!!!!!!!!11~~~~~~ .

Yeah, I got too much time on my hands...

[petrol88]

Quote:

Originally Posted by radioman2001

DES was broken in as little as 40 hours, in 1991 with computers of that era, that's why AES was created, because DES was broken so easily. The method that was used is known as a hard break, entering every valid key. Now I suspect that there are a numerous key sequences that can't be used because of recurring 0's and 1's, so there are a lot less possible combinations than is mathematically equated. That's why key loaders give an error when you put 0's or 1' in sequence.

But, the result of that encryption was cleartext, which could be discerned by a computer. To determine whether DES encrypted audio is "clearaudio" you have to actually listen to a decoded sample. Or, a PC could check for clearaudio, but then you are going to take longer than .1 seconds per sample (which, in reality, you couldn't even do by ear). I'll stick by my 100 million years+ guestimation.

[N_Jay]

Quote:

Originally Posted by radioman2001

DES was broken in as little as 40 hours, in 1991 with computers of that era, that's why AES was created, because DES was broken so easily. The method that was used is known as a hard break, entering every valid key. Now I suspect that there are a numerous key sequences that can't be used because of recurring 0's and 1's, so there are a lot less possible combinations than is mathematically equated. That's why key loaders give an error when you put 0's or 1' in sequence.

DES had an inherent weakness that was exploited.

That is why they went to 3DES

Moserware: A Stick Figure Guide to the Advanced Encryption Standard (AES)

[milf]

Here we go again. One, it is illegal to monitor an encrypted/scrambled conversation using any means unless you are privvy to that conversations unless such conversation is illegal to begin with. Using your own encryption on your own system is fine and dandy and isnt breaking anyone elses encryption. To break anything higher than DES original on an analog system will not be so simple that you can just grab a couple of say... XTS3000's with the full ASTRO and DES III, or AES options enabled. ProVoice is not encrytion, it is an Digital Format proprietary to Harris??? Formerly M/A-Com for the EDACS system... These ideas of breaking into or hacking, or cracking, or jacking someone's encryption on a secure modern radio system are just pipe dreams. It is not happening. If you want to spend from 5 to 25 thousand dollars on your own radio gear to play with as a hobby, feel free. But don't think you will "hack/crack/jack/break/pop" anyone elses security.

[DonS]

Are encrypted communications considered "readily accessible to the general public"? If not, see 18 USC 2511 (1)(a).

And, if they are to be considered "readily accessible to the general public", then it would be OK (read: perfectly legal) for me to sit outside your house and decrypt your wireless network communications?

[KC9NCF]

Quote:

Originally Posted by milf

Here we go again. One, it is illegal to monitor an encrypted/scrambled conversation using any means unless you are privvy to that conversations unless such conversation is illegal to begin with. Using your own encryption on your own system is fine and dandy and isnt breaking anyone elses encryption. To break anything higher than DES original on an analog system will not be so simple that you can just grab a couple of say... XTS3000's with the full ASTRO and DES III, or AES options enabled. ProVoice is not encrytion, it is an Digital Format proprietary to Harris??? Formerly M/A-Com for the EDACS system... These ideas of breaking into or hacking, or cracking, or jacking someone's encryption on a secure modern radio system are just pipe dreams. It is not happening. If you want to spend from 5 to 25 thousand dollars on your own radio gear to play with as a hobby, feel free. But don't think you will "hack/crack/jack/break/pop" anyone elses security.

You're wrong in so many ways. These protocols and the encryption is available to those who wish to use it on the right radio service..part 90 or where-ever else it's allowed. A computer to do the hard work is all that's needed. N-Jay actually made my point as to specific model, etc. Because it's been done in the past it can be done again because any and every protocol and encryption has inherent weaknesses.

Computers are wonderful things. The legality only applies to specific scenarios and not to everything. Specific to this is the using of what is described in the law as what we know today as a scanner. You who are naysayers need to let any experts here speak because this is just something I saw as being possible, but maybe they won't speak for any number of reasons.

I'm just saying there is a legal loophole and technological weaknesses. Why not use them if you can get around it so long as you are 100 percent legal to do it? The whole point is to find that permissible way to do such things.

[N_Jay]

Quote:

Originally Posted by KC9NCF

You're wrong in so many ways. These protocols and the encryption is available to those who wish to use it on the right radio service..part 90 or where-ever else it's allowed. A computer to do the hard work is all that's needed. N-Jay actually made my point as to specific model, etc. Because it's been done in the past it can be done again because any and every protocol and encryption has inherent weaknesses.

Computers are wonderful things. The legality only applies to specific scenarios and not to everything. Specific to this is the using of what is described in the law as what we know today as a scanner. You who are naysayers need to let any experts here speak because this is just something I saw as being possible, but maybe they won't speak for any number of reasons.

I'm just saying there is a legal loophole and technological weaknesses. Why not use them if you can get around it so long as you are 100 percent legal to do it? The whole point is to find that permissible way to do such things.

I find it so funny that most of your original premise is structured around misunderstandings and false conclusions, and yet you have the arrogance to assume it is the "naysayers" and not you who are wrong.

Maybe a few of us "naysayers" are a whole lot closer to those mysterious "experts" you claim won't speak, than you are.

[KC9NCF]

Hey NJ, why is it you have to insult everyone? Most of your posts are pure venom and you have lost any credibility you ever had in my eyes a long time ago. You are making false conclusions yourself without opening your mind to what it is exactly I'm talking about. Why don't you review my post and actually see where it is I'm going? There is a post in another section about Radio Know It All's, I think you are one of them because you just can't discuss anything without an arrogance of your own.

This post is going south now when I clearly indicated that I was looking for an intelligent and open minded discussion to begin with. I'm done.

[KC9NCF]

Quote:

Originally Posted by trace1

If you really want to listen in, "legally", to encrypted radio traffic you could just simply get a job with that agency that you desire so much to hear what is going on with and "they" just may even "give" you a radio, or radios, where you don't even have to spend your hard earned money buying all those expensive toys...



Yeah, I got too much time on my hands...

Because not everyone desires to work in those professions. Because anyone who does end up in those professions are all close relatives or business partners or the family of business partners of politicians. Those professions are dying anyway because of those practices, but let's keep this radio related shall we? Now I'm truly done.

[DonS]

Quote:

Originally Posted by KC9NCF

Hey NJ, why is it you have to insult everyone? Most of your posts are pure venom and you have lost any credibility you ever had in my eyes a long time ago. You are making false conclusions yourself without opening your mind to what it is exactly I'm talking about. Why don't you review my post and actually see where it is I'm going? There is a post in another section about Radio Know It All's, I think you are one of them because you just can't discuss anything without an arrogance of your own.

This post is going south now when I clearly indicated that I was looking for an intelligent and open minded discussion to begin with. I'm done.

18 USC 2511. If you're not a party to the communications and it's not "readily accessible to the general public", you may not intercept the communications.

The fact that you can decrypt it without [otherwise] violating the law is irrelevant. That is, even if I could somehow afford 100 supercomputers and could decrypt 128-bit encryption in a week, it's not legal for me to intercept/decrypt encrypted communications.

I doubt one would have much success convincing a judge that "encrypted" communications, decrypted by somehow acquiring hardware, software, and key data that the average citizen cannot merely pick up at RadioShack, is "readily accessible to the general public".

The legality of intercepting and decrypting encrypted over-the-air communications, especially with regard to 18 USC 2511, has been decided several times in Federal court. The "decryptor" predictably loses.