dPMR encryption?

What is the chance that a software can decode a dPMR encrypted signal? I guess there are 10 million keys?

How is this key programmed in the radio? I was thinking of buying a few of these. I just got ripped off on eBay on two DTR's and would like a radio with privacy capability.

On DM-UVF10 from TYT , there are 12 Keys possibilities of 4 hexa digit

0000 to FFFF

There isn't any software out there yet AFAIK that decodes dPMR.

The chances of any software being released to decode any form of digital encrypted comms I'd say is near zero.

decryption software

OK guys this is what I've been ranting about for so long......#1 Why has there never been any widely available software on the net "Out in the wild" so to speak to decrypt things like Motorolas Basic privacy or Motorola ADP? These are both doable things on the home computer. #2 If the law prohibits this software then why can it be downloaded from let's say a wikileaks type of site outside of the USA? #3 If all else fails other than a few edited white papers there must be someone out there willing to simply write a book on how it's done. Maybe I'm a nut but this seems doable in this day and age. The Electronic Frontier Foundation did it with DES a much more robust algorithm than used in most commercial radios. The commercial radios use proprietary algorithms which are far weaker than DES or AES. Is the scanner hobby afraid of potentially further restrictions on our toys? Your thoughts?

It has been done, but I don't think they will share too many details outside of a synopsis of what they did. Security Researchers Crack APCO P25 Encryption - Slashdot

balibago said:

OK guys this is what I've been ranting about for so long......#1 Why has there never been any widely available software on the net "Out in the wild" so to speak to decrypt things like Motorolas Basic privacy or Motorola ADP? These are both doable things on the home computer.

Click to expand...

You do realize that a 40 bit key has over a trillion combinations, right? Home computer, ok sure... but it's not an overnight operation. Now we aren't talking years or lifetimes here, but it's not a 10 minute operation. Plus... let's say someone has developed software to do this. Why in the world would you release it? If I'm a system operator running ADP the first thing I'm going to do is upgrade to DES/AES. So releasing the software to the wild would completely shoot yourself in the foot.

#2 If the law prohibits this software then why can it be downloaded from let's say a wikileaks type of site outside of the USA?

Click to expand...

Yes it's illegal. In most countries likely, but certainly here in North America.

#3 If all else fails other than a few edited white papers there must be someone out there willing to simply write a book on how it's done. Maybe I'm a nut but this seems doable in this day and age. The Electronic Frontier Foundation did it with DES a much more robust algorithm than used in most commercial radios. The commercial radios use proprietary algorithms which are far weaker than DES or AES. Is the scanner hobby afraid of potentially further restrictions on our toys? Your thoughts?

Click to expand...

Again...and this is just my opinion... for someone that knows how to do this, why should he do it all on his time only to give it away to people that won't bother to research it themselves? I understand that this is well above most of us, but nothing is stopping you from getting a group of people together with different strengths to start tackling the project yourself. And you mention yourself... proprietary algorithms. Which are likely subject to copyright, meaning it can't be added to a scanner with out licensing. And is it worth Uniden or Whistlers time/money to do this? No... Plus... what's the point of encryption if you let the scanner people use it?

The bottom line is nothing will be widely available to break encryption, and scanners will NEVER have the technology built in to defeat encryption. Is it doom and gloom for the future of the scanning hobby? Not completely, but the landscape is certainly changing and it's not looking good for the hobbyist.

ADP and other proprietary stuff

The main reason for my hope that a turnkey software solution for ADP and the like has been DSD. I mean isn't provoice and Mototrbo both proprietary. I'm sure they would love to shut down DSD. Even RadioReference they'd shut down if they could.

balibago said:

...I mean isn't provoice and Mototrbo both proprietary...

Click to expand...

Provoice is proprietary Harris technology, as is Ageis digital voice,

MotoTRBO(DMR is published ETSI standard.) has aspects of it that are proprietary. Namely enhanced privacy, IPSC, Connect Plus trunking, Capacity Plus, and Linked Capacity Plus are all proprietary features to MotoTRBO.

MotoTRBO equipment is compatible with other Tier 2 conventional repeaters, and subscriber equipment.

MotoTRBO is not Tier 3 compliant though.

balibago said:

I'm sure they would love to shut down DSD. Even RadioReference they'd shut down if they could.

Click to expand...

Kinda hard to 'shut down DSD' and even harder to shut down RR, though I'm sure it's day are numbered, simply due to the increasing spread of encryption...

Alive

This section of the website is absolutely the most intriguing! I remember when ST.Martin Parish went Pro Voice in the late 1990s. They are now 99 percent in the clear p25 now but until 2006 or so you couldn't hear em. You would hear back in the 1990s "No way you can decode digital", This DSD is not for everyone in fact I bet only 1in5 people will go through all the trouble with all the software downloads discriminator tap etc. Their is no 1-800 number to call either. It's not for the "casual eavesdropper" but it is there for everyone and I love that.

poltergeisty said:

What is the chance that a software can decode a dPMR encrypted signal? I guess there are 10 million keys?

How is this key programmed in the radio? I was thinking of buying a few of these. I just got ripped off on eBay on two DTR's and would like a radio with privacy capability.

Click to expand...

I would be willing to bet a Motorola DTR can be as secure as 40 bit encryption, but you will have to buy the keyboard programmer and enable private call channels.

you can make private one to one channel set ups that require an 11 digit ID for the two radios. Example:
Private radio 1: 12345678901
Private radio 2: 10987654321
program contacts in to the radio,
Ex- Radio 1, go to contacts, select radio 2, then PTT

I use the Nextel DirecTalk cause they are cheaper and I enabled 10 digit private calling which provides enhanced security.

To decode a private call transmission you would need some equipment, such as a good near field receiver, a frequency generator and a VSELP capable radio.

ADP is 40 bit and im not sure if its like the old DVP which was 40 but only used 32 bits yielding about 4.2B keys.

For secure communications we are on Harris OpenSky, but still use some M/A Com radios running conventional DES encrypted AEGIS digital voice.

Also have some Transcrypt gear, but they are not as secure as DES.

grosminet said:

On DM-UVF10 from TYT , there are 12 Keys possibilities of 4 hexa digit

0000 to FFFF

Click to expand...

I don't understand. 12 key possibilities? Hex is 0-9, A-F and that would be a lot more than 12 possibilities, wouldn't it?

I'm really not interested in DTR as I think that would cost me an arm and a leg for encryption. Just dPMR.

Ray_Air said:

I would be willing to bet a Motorola DTR can be as secure as 40 bit encryption, but you will have to buy the keyboard programmer and enable private call channels.

you can make private one to one channel set ups that require an 11 digit ID for the two radios. Example:
Private radio 1: 12345678901
Private radio 2: 10987654321
program contacts in to the radio,
Ex- Radio 1, go to contacts, select radio 2, then PTT

I use the Nextel DirecTalk cause they are cheaper and I enabled 10 digit private calling which provides enhanced security.

To decode a private call transmission you would need some equipment, such as a good near field receiver, a frequency generator and a VSELP capable radio.

ADP is 40 bit and im not sure if its like the old DVP which was 40 but only used 32 bits yielding about 4.2B keys.

For secure communications we are on Harris OpenSky, but still use some M/A Com radios running conventional DES encrypted AEGIS digital voice.

Also have some Transcrypt gear, but they are not as secure as DES.

Click to expand...

Okay, stupid question: Do I need a cell phone contract for Nextel Direct talk? What about Stingray? Can't they monitor Direct Talk? http://www.tuicool.com/articles/NzEzi2

Ray_Air said:

To decode a private call transmission you would need some equipment, such as a good near field receiver, a frequency generator and a VSELP capable radio.

Click to expand...

You can monitor VSELP with a SDR. Watch the Watchers With This DIY Police Radio Scanner

Nextel is now Sprint. But that won't work in the sticks.

I just downloaded the programing software for a dPMR radio and it uses a 10 digit number 32 in length for encryption. I did get my DTR 650's from eBay after opening a case. Those go about 2,100'.

I'm not sure what type of encryption the dPMR radios use. I guess NXDN uses 15 bit, but I don't think these are the same.

poltergeisty said:

Okay, stupid question: Do I need a cell phone contract for Nextel Direct talk? What about Stingray? Can't they monitor Direct Talk? Meet the machines that steal your phone

Click to expand...

No you do not need a contract. I bought up i355, i560, and i570 Nextel's on eBay. You just need a SIM card and get yourself some new batteries and a nice charger.

Power the phone up. In the menu go to DirecTalk. You have 10 channels and 15 privacy codes per channel. The privacy codes are not like CTCSS. However, their is a receive all setting on DirecTalk per channel, again however, I have never heard anyone else using them. Virtually no one owns a Nextel anymore.

If you want more security, edit the phones 10 digit number and you can use that 10 digit number as a private call on DirecTalk.

If you need help setting yours up let me know. I played with these over the summer with my kids on vacations.

Nextel DT is direct radio to radio, no towers involved and the technology is the same as the Motorola DTR but MUCH cheaper to buy. DTR and DT are not compatible though.

Even if someone had a program to decode VSELP they would still need to capture your FH signal first. They hop about 11 times a second. A near field surveillance receiver could capture the signal, then I guess it could be fed to a computer for decoding. It's not AES or even DES, but it offers very good privacy.

poltergeisty said:

I don't understand. 12 key possibilities? Hex is 0-9, A-F and that would be a lot more than 12 possibilities, wouldn't it?

I'm really not interested in DTR as I think that would cost me an arm and a leg for encryption. Just dPMR.

Click to expand...

More like 65,536 codes.

Good enough to keep casual listeners away.

They may also have the "enhanced encryption" which would be the 40 bit.
I know those Connect radios can do it if you select it.

poltergeisty said:

You can monitor VSELP with a SDR. Watch the Watchers With This DIY Police Radio Scanner

Nextel is now Sprint. But that won't work in the sticks.

Click to expand...

Now if they could just decode OpenSky.

Ray_Air said:

No you do not need a contract. I bought up i355, i560, and i570 Nextel's on eBay. You just need a SIM card and get yourself some new batteries and a nice charger.

Click to expand...

That's interesting. How much wattage do the phones put out?

Edit- Just seen on eBay they are advertised as 1 mile range. Do you get that?

Just saw a SHTF forum and there was a thread about these radios along with some YouTube videos. I guess the phones will put out 700 mW. I like how they have built in GPS. I see a seller selling the i355 for 29.95. Not bad considering a DTR costs at least $175-$195. There's even an external antenna connection and I saw a 3 watt amp on Amazon for these. Of course that would violate FCC rules for 1 watt or less in the 900 MHz band.

When you go to Direct Talk mode will it retain that mode when the phone is power cycled?

Ray_Air said:

More like 65,536 codes.

Good enough to keep casual listeners away.

They may also have the "enhanced encryption" which would be the 40 bit.
I know those Connect radios can do it if you select it.

Click to expand...

The programming software I have for a dPMR radio has an input key using numbers 0-9 for a total of 32 digits. Using the formula for combinations, C(n,r) = n! / ( r! (n - r)! ) it looks like there are 64,512,240 possible keys. Not too shabby.