OP25 Add RC4 (ADP) decryption

chrismol1

chrismol1

P25 TruCking!
Joined
Mar 15, 2008
Messages
1,329
Its not a big secret. ADP in P25 implementation was cracked around a decade ago, maybe more, (RC4 in windows PC I believe was done another decade before that) by security researchers on a decent computer (back then) in what was it? A day or two+? with brute force after using the silence in the beginning and end of transmissions mixed with some software ingenuity. The trick is you have know what you're doing, know how the code is implemented and know how to use software to crack the remaining parts....
 
Last edited:
boatbod

boatbod

Member
Joined
Mar 3, 2007
Messages
3,452
Location
Talbot Co, MD
Plutonium94 said:
Hi everyone! I've just read this thread. I'm very proud of all the work you've done in these monts, it's amazing! On the other hand, I don't know if it's a good idea to say this, but I want you to know that it's VERY POSSIBLE to crack ADP. I'm not going to give any information about this but you just have to do some research and that's all!
Click to expand...
Yes, this is true, but are you suggesting that known-key decryption should not be added simply because one of the algs is weak?
I'm quite sure that anyone who wants to spend time cracking encryption is going to do so anyway, and most likely has far better places to discuss it than here on RR where such topics are frowned upon.
 
wgbecks

wgbecks

Active Member
Joined
Jan 17, 2005
Messages
1,061
Location
NE Wisconsin
Reconrider said:
Wait, OP25 does DMR decoding?(not enc just voice)
Does it do dmr trunking including con+?
Click to expand...

The following appears in the README-dmr in boatbod op25. I been using it for a few years now to monitor a couple of local systems.

DMR Support
-----------
This is experimental, use at your own risk and sanity!

Protocols currently supported:
- Tier II DMR
- TRBO Connect Plus

Protocols not yet supported:
- Simplex DMR
- TRBO Capacity Plus
- Tier III Trunked DMR
 
O

ollopa

Newbie
Premium Subscriber
Joined
Nov 11, 2017
Messages
2
I have a question about P25 traffic for those with more experience. It happens to be ADP so who knows, maybe it's an ADP thing?
The standard documented transmission sequence is HDR, [LDU1, LDU2]...,TDU. I've captured several transmissions that are missing the HDR and first LDU1. They seem to begin on LDU2 which doesn't match the P25 specs. I thought this might make sense since this is ADP traffic and without a header there is no MI, so perhaps the MI from LDU2 is being used to decrypt the first set of IMBE frames. Is this even possible, though? The documentation for OFB says that the MI from the HDR is used for the first superframe and the MI from the first superframe is used for the second superframe. Perhaps ADP is mystical and behaves differently -- does anyone know if it uses the MI from LDU2 to decrypt that same LDU2 in addition the the next LDU1?

I ran the same capture file through DSD+, op25, and sdrtrunk and they all show the same sequence of data units so I don't think there is a decoding error.
 
lwvmobile

lwvmobile

DSD-FME
Joined
Apr 26, 2020
Messages
1,315
Location
Lafayette County, FL
ollopa said:
I've captured several transmissions that are missing the HDR and first LDU1.
Click to expand...
This happens often when tuning in late. SDR hardware + software are not nearly as fast as a real radio, so its not uncommon to tune late and miss the headers. Also, depending on software, when it lands on the frequency, it may need a very small/minute time frame to get good demodulation. That's why ongoing late entry and link control occur in every superframe. If you miss the beginning of the transmission, you aren't locked out.

ollopa said:
does anyone know if it uses the MI from LDU2 to decrypt that same LDU2 in addition the the next LDU1?
Click to expand...
No, it does not apply to the current LDU2, that value is for the next superframe on P1, starting with the following LDU1 and LDU2.
 
O

ollopa

Newbie
Premium Subscriber
Joined
Nov 11, 2017
Messages
2
lwvmobile said:
This happens often when tuning in late. SDR hardware + software are not nearly as fast as a real radio, so its not uncommon to tune late and miss the headers. Also, depending on software, when it lands on the frequency, it may need a very small/minute time frame to get good demodulation. That's why ongoing late entry and link control occur in every superframe. If you miss the beginning of the transmission, you aren't locked out.


No, it does not apply to the current LDU2, that value is for the next superframe on P1, starting with the following LDU1 and LDU2.
Click to expand...

I'm not sure sure about the tuning in late part -- It's not a trunked system and I'm not changing frequency. I have around 30 minutes of capture with HDSR+rsp1a tuned to the same frequency and these transmissions are several seconds apart so I don't think it's part with TDU in-between so I don't think it's part of the same stream.

Is there anything I can do to improve the reception / ensure that I get the first parts?
 
boatbod

boatbod

Member
Joined
Mar 3, 2007
Messages
3,452
Location
Talbot Co, MD
ollopa said:
I'm not sure sure about the tuning in late part -- It's not a trunked system and I'm not changing frequency. I have around 30 minutes of capture with HDSR+rsp1a tuned to the same frequency and these transmissions are several seconds apart so I don't think it's part with TDU in-between so I don't think it's part of the same stream.

Is there anything I can do to improve the reception / ensure that I get the first parts?
Click to expand...
If it's P25 Conventional there really is no reason the HDU should be missing.
When you say you have captures, do you means you have op25 raw symbol captures or just stderr.2 logs? If you have the symbol captures that would be most useful for attempting to reproduce the problem and debugging it further. If you wouldn't mind, please PM me and we'll figure out how the transfer a copy of the capture, log and configuration.
 
H

hrh17

Member
Joined
Mar 4, 2015
Messages
147
Location
.
Are you able to post up a raw recording of this system either from dsdplus as a wav file or binary from op25?
 
C

cabbar

Member
Joined
Dec 17, 2006
Messages
6
chrismol1 said:
Its not a big secret. ADP in P25 implementation was cracked around a decade ago, maybe more, (RC4 in windows PC I believe was done another decade before that) by security researchers on a decent computer (back then) in what was it? A day or two+? with brute force after using the silence in the beginning and end of transmissions mixed with some software ingenuity. The trick is you have know what you're doing, know how the code is implemented and know how to use software to crack the remaining parts....
Click to expand...
I have some questions regarding to this topic. Could you please send me a PM.
 
M

mathv

Member
Joined
Mar 28, 2016
Messages
5
Reviving this topic to add some important notes on ADP crypto, note that the key space is 40 bits, even tho you can read some places that it can be cracked super fast, that is if a "success" condition can be met. IE: You try to brute force a zip archive that was crypted with RC4 (similar to ADP). In audio frames, you CANT know if you succeeded because it only output audio data (garbage). Unless you wanna hear said garbage audio over 1099511627776 times (this is key space size for 40 bits), that wont work for you.

Unless of course i'm all mistaken and there is a know 'success' condition on audio frame that i dont know about, but hey, thats just me :)
 
blantonl

blantonl

Founder and CEO
Staff member
Super Moderator
Joined
Dec 9, 2000
Messages
11,384
Location
San Antonio, Whitefish, New Orleans
There is a success condition on an audio frame. P25 has silence frames before and after transmissions. And dsd-fme will decode and report a P25 silence frame. dsd-fme can also decode ADP if you know the key. So.... 🤷🏻‍♂️
 
You must log in or register to reply here.

Similar threads

APXandRailroadRadios
  • Locked
Motorola APX 7000 TDMA
Replies
12
Views
1K
wa8pyr
wa8pyr
N9JIG
Scanner Tales: Screw-ups that prove I am actually human
Replies
9
Views
2K
ratboy
ratboy
K
I revived my corrupted Astro Saber without a Smart RIB! How to read/write S-records and do other things without a Smart RIB.
Replies
12
Views
3K
knockoffham
K
N9JIG
Scanner Tales: Why am I doing this?
2
Replies
21
Views
3K
Melvin22
Melvin22
P
Scanner Software For A Blind Enthusiast
Replies
5
Views
943
buddrousa
buddrousa
Top