ENCRYPTION: A few general questions please

[rpaula24]

Is it true that encryption is no longer as cost prohibitive as it used to be for a newly installed public safety radio systems?? I have read some postings on this site indicating that AES can be purchased for as little as $25.00 per radio ??? Wasn't it several hundred dollars per radio not so long ago??? I see in CT that both Stamford and Bridgeport have both gone fully encrypted, so does it seem typical that most, if not all new public radio systems are implementing full time encryption???

APCO Phase Two: Is it correct that it cannot be monitored whatsoever??
When is it estimated to be phased in??? Will all of it be encrypted too??

Thanks Much and Happy New Year with clear voice for now!! LOL

 

[XTS3000]

Software ADP can be added to a motorola radio for around $25 when you order the radio new. AES256 is hardware encryption and for board and software options and it's around $500-800 new when the radio is purchased. Then you need a $2000-4000 keyloader to load the encryption keys.

The software ADP is VERY weak encryption by todays standards. So weak it can be decrypted within a few seconds by the proper people with very expensive equipment. AES256 is another story completely. Let's just say as long as no one has access to your keyloader, then NOBODY will be able to listen period, end of story.

APCO Phase 2 will still be monitorable with the proper radio. No scanners yet, but the Motorola APX will be able to listen as long as the system is not using encryption (Duh) or using Radio Authentication.

 

[rpaula24]

Reply

xts3000,

Thank you for your informative reply....so then, ADP encrytion is cheap but weak, and just to clarify,
AES256 encryption boards and options would cost $500-800 for each individual radio???


Bottom Line--quality public safety encryption does not come cheap!!!

 

[XTS3000]

xts3000,

Thank you for your informative reply....so then, ADP encrytion is cheap but weak, and just to clarify,
AES256 encryption boards and options would cost $500-800 for each individual radio???


Bottom Line--quality public safety encryption does not come cheap!!!

Yep, $500-800 per radio. For that type of encryption, the price seems fair.

ADP is very weak encryption (40 bit), but will prevent 99.9% of scanner/ham listeners from intercepting voice.

ADP can be software (no hardware board) or hardware (hardware board required). If you have software ADP and I have hardware ADP, as long as our keys match, we can talk to each other.

 

[KD0TAZ]

Is there a "minimal cost" upgrade path from Phase 1 to Phase 2? For example, Kansas is migrating a lot of agencies to Project 25 (even my little town went digital back in August, which is what forced me to buy a new scanner) using the statewide system. They are currently non-encrypted.. Would this be a 'cheap' upgrade to Phase 2 in the coming years once the Phase 1 infrastructure is in place? Or would it be something more involved that they are unlikely to adopt without an act of congress to help with the expense? I'm just curious how long it might be before I'm locked out again..

 

[N4DES]

ADP is very weak encryption (40 bit), but will prevent 99.9% of scanner/ham listeners from intercepting voice.

ADP can be software (no hardware board) or hardware (hardware board required). If you have software ADP and I have hardware ADP, as long as our keys match, we can talk to each other.

Yep, it may only be 40 bit, but it does the job for $10 per radio when initially ordered.

 

[Comint]

Is there a "minimal cost" upgrade path from Phase 1 to Phase 2? For example, Kansas is migrating a lot of agencies to Project 25 (even my little town went digital back in August, which is what forced me to buy a new scanner) using the statewide system. They are currently non-encrypted.. Would this be a 'cheap' upgrade to Phase 2 in the coming years once the Phase 1 infrastructure is in place? Or would it be something more involved that they are unlikely to adopt without an act of congress to help with the expense? I'm just curious how long it might be before I'm locked out again..

Short answer NO.
Phase I is FDMA (Frequency Domain Multiple Access), Phase II is allegedly TDMA (Time Domain Multiple Access) so for all intentional purposes, totally new equipment.

--
Comint

 

[all4gaines]

Does anyone know if the BCD396XT scanner is able to pick up radio transmission for the Florida Highway Patrol?

 

[shadcall]

all4gaines

It is impossible to monitor the FHP with any scanner. See the sticky in the FL forum for all the details.

Shadcall
Pro 106 Pro 163 Pro 164 Pro 62 Pro 2027
DX-390

 

[Ensnared]

Question about encryption with Motorola P25: a) is there reduced battery life and/or charge with hand held transmitters using full time encryption; b) what are the disadvantages of a LE agency using encryption? In other words, why wouldn't a LE agency use this full time? I know many of them are, but many are not. I realize this is a general question, but I would like to know.

 

[OpSec]

Question about encryption with Motorola P25: a) is there reduced battery life and/or charge with hand held transmitters using full time encryption; b) what are the disadvantages of a LE agency using encryption? In other words, why wouldn't a LE agency use this full time? I know many of them are, but many are not. I realize this is a general question, but I would like to know.

One word: money.

It costs money to equip a fleet of radios when new, even more money if they are retrofitted and then the headaches of key management, rekeying etc.

For a lot of places, it just isn't worth it.

 

[70cutlass442]

This may be a very elementary question, but could someone please explain to me how many phases there are and what the requirements are for each one?

 

[WV8VFD]

This may be a very elementary question, but could someone please explain to me how many phases there are and what the requirements are for each one?

Google is your friend,

Project 25 - Wikipedia, the free encyclopedia

 

[Ensnared]

A more specific question regarding P25 encryption: Reportedly, the new radios, that are being phased into the Waco, Texas TxWarn fleet, have an encryption switch on the top of the hand held. So, I assumed the encryption was optional with certain radios since they already have the switch on top. In Motorola P25 systems, do radios already equipped with an encryption switch cost the agency regarding activation?

 

[kv5e]

Encryption

A more specific question regarding P25 encryption: Reportedly, the new radios, that are being phased into the Waco, Texas TxWarn fleet, have an encryption switch on the top of the hand held. So, I assumed the encryption was optional with certain radios since they already have the switch on top. In Motorola P25 systems, do radios already equipped with an encryption switch cost the agency regarding activation?

That switch is maked Ø O and it will switch between coded and clear if the radio is flashed with an encryption algorithm and the radio is properly keyed with the appropriate encryption key.

The options for the encryption types and options have incremental costs and are negotiated as part of the fleet purchase.

They can also be upgraded in the future if desired. Money More!

Craig

 

[902]

A more specific question regarding P25 encryption: Reportedly, the new radios, that are being phased into the Waco, Texas TxWarn fleet, have an encryption switch on the top of the hand held. So, I assumed the encryption was optional with certain radios since they already have the switch on top. In Motorola P25 systems, do radios already equipped with an encryption switch cost the agency regarding activation?

The switch comes with every radio of that particular model. A knowledgeable person could program that to be a scan switch, change banks of channels, etc. It doesn't have to be for encryption. It could just be to turn the backlighting on or off. You can't get those models without the physical switch being there.

With the proper hardware or firmware (an added board and/or firmware flash is required), the radio can do several types of encryption. For a Motorola radio it's usually ADP, legacy DVP/DES-XL, DES-OFB, P25 DES-XL, or AES. There are other formats that are not offered to public safety agencies.

ADP is a loss leader that is offered to marry you to proprietary encryption. If used, no other manufacturer's equipment is compatible, so the backdoor premise is you'll come back to buy more as your fleet expands. Enabling XL in P25 DES-OFB will also exclude other manufacturer's radios from being completely compatible. Turning it off will allow other manufacturers' radios with the same key variable to communicate just fine.

 

[Ensnared]

Thanks. I think I have a better understanding of encryption.

 

[kv5e]

Thanks 902, for more granularity in the answer.

I think it's likely that they are ordering Cosmo series XTS5000 or APX dual band handhelds and they will all have UCM installed so it's just a matter of what type algorithm they want to manage.

The Astro CPS and Astro 25 CPS allow for great flexibility in programming the switch/display interfaces on these radios and as 902 said, it does not have to be necessarily encryption for the top rotary concentric switch, although most will leave it in default for coded/clear.

AES-GCM is a nacent algorithm starting to appear now as another option. It provides signed authenication as well as "covering" for the data stream.

as I said before.....MONEY MORE!

Craig

 

[nd5y]

When you hear several people talking on encrypted radios and one of them is always in the clear, the clear user either has encryption turned off or his key isn't the same as the others, right?
So how are they able to communitate at all? If the one guy has encryption turned off how is he able to hear the other ecrypted users? How can he hear them if he his key is expired or doesn't match the rest?

 

[WV8VFD]

If the key doesnt match exactly the one with no or the wrong key wont hear them. His radio wont un mute, and the RX LED will flash in a different pattern. Usually what is going on when they are holding a conversation is the one in clear doesnt have his crypto turned on, Depending on the programming, you can have the crypto turned off, and still RX crypto (as long as you have the right key) and then when you TX, the people running crypto will hear you in the clear.