Encryption Key

RaleighGuy

RaleighGuy

Member
Premium Subscriber
Joined
Jul 15, 2014
Messages
15,970
Location
Raleigh, NC
BKF said:
I tried searching for an answer to this but couldn't find one. If i have a P25 capable scanner and i can get my hands on the proper encryption key can that be programmed into the scanner so that i can hear encrypted traffic?
Click to expand...

Upgrade to a Unication G4/G5 and you can enter the key, but not on any scanner currently being sold.
 
G

GlobalNorth

Active Member
Premium Subscriber
Joined
May 2, 2020
Messages
2,400
Location
Fort Misery
1. Scanners do not come with the necessary encryption electronics board/circuitry module required to decrypt anything encrypted. Modes such as DMR, P25II, FSK, etc. are NOT encryption.

2. Keys are varying length and contain randomized characters. There are nearly an infinite number of keys for one encryption method and keys can change from annually to several times daily.

3. Unless you are a highly placed member of the NSA / Central Security Service, GCHQ, MSS, Special Communications Service or a similar government service; it is very unlikely you will find the 'backdoor' to the processor chips which would allow decrypted access to the device or the computing power required to do a 'brute force' attack on consumer grade encryption. Trying to crack EAMs? FSK traffic from an E-4B Nightwatch, or secure State Department satellite traffic? You should have a Ph.D. in abstract mathematics and an exceptional understanding of it at the highest levels of academia.
 
kayn1n32008

kayn1n32008

ØÆSØ Say it, say 'ENCRYPTION'
Joined
Sep 20, 2008
Messages
7,177
Location
Sector 001
GlobalNorth said:
1. Scanners do not come with the necessary encryption electronics board/circuitry module required to decrypt anything encrypted. Modes such as DMR, P25II, FSK, etc. are NOT encryption.
Click to expand...
They do, however have the processors needed to decrypt an encrypted transmission. It can, and has been implemented in software. There is a thread on RR somewhere about. A aftermarket firmware that will allow encryption keys to be loaded. One of the things that favored AES was the efficiency of implementation, to be able to both encrypt and decrypt data, along with how quickly it can do it.
GlobalNorth said:
2. Keys are varying length and contain randomized characters. There are nearly an infinite number of keys for one encryption method and keys can change from annually to several times daily.
Click to expand...
No, there isn't an infinite number of keys. There is a very defined limit, that is easily calculated, and is a function of the key type(ASCII/Base16/Based ect) and the number of bits the key length is

In theory, the bigger the key length, the harder it is to brute force, which is why other attack vectors are developed to speed up the ability to defeat the cipher. These are done by not only people trying to access the encrypted data(adversaries, both state and commercial interests) but also by cryptographic researchers looking for vulnerabilities, to test the cipher to ensure it is secure.
GlobalNorth said:
3. Unless you are a highly placed member of the NSA / Central Security Service, GCHQ, MSS, Special Communications Service or a similar government service; it is very unlikely you will find the 'backdoor' to the processor chips which would allow decrypted access to the device or the computing power required to do a 'brute force' attack on consumer grade encryption. Trying to crack EAMs? FSK traffic from an E-4B Nightwatch, or secure State Department satellite traffic? You should have a Ph.D. in abstract mathematics and an exceptional understanding of it at the highest levels of academia.
Click to expand...
While AES256 is currently, AFIAK, secure, it's greatest weakness is how it is deployed. You don't always need to defeat the cipher, to access the data that is encrypted.

Ultimately, it's a game of cat and mouse between those that design, build amd deploy the ciphers, and those that are trying to defeat those ciphers.

Cipher security is all dependant on the algorithm, key size AND how the cipher is being integrated into both software amd hardware and how the designers prevent both the keys and the contents from being read in clear text.

DES with a 56 bit? Yea, modern computers can brute force it easily, same with ARC4 and a 40 bit key. AES with a 256 bit key? Not YET defeated. BUT as quantum computing gets more powerful, the day will come when AES can be brute forced with ease. By then, there will be post quantum encryption algorithms that will have long replaced it. There are even post quantum ciphers being designed and valuated right now.
 
marcotor

marcotor

I ♥ÆS Ø
Feed Provider
Joined
Nov 4, 2004
Messages
1,234
Location
Sunny SoCal
GlobalNorth said:
1. Scanners do not come with the necessary encryption electronics board/circuitry module required to decrypt anything encrypted. Modes such as DMR, P25II, FSK, etc. are NOT encryption.
Click to expand...
I guess the HP436 and 536 I have running with the CFT firmware that decrypts AES and DES flawlessly with the proper key is all my imagination because the "necessary encryption electronics module" is not in it?

No, it does not pick keys out of the air, but the OP didn't indicate anywhere in the post they were searching for a magic pill. Works just as well as a G series pager.

OP: The x27/CFT project will do exactly what you need if you own a Uniden scanner, and you can choose and pay for only those features you need.

CFT Firmware for Uniden
 
RFI-EMI-GUY

RFI-EMI-GUY

Member
Joined
Dec 22, 2013
Messages
7,630
marcotor said:
I guess the HP436 and 536 I have running with the CFT firmware that decrypts AES and DES flawlessly with the proper key is all my imagination because the "necessary encryption electronics module" is not in it?

No, it does not pick keys out of the air, but the OP didn't indicate anywhere in the post they were searching for a magic pill. Works just as well as a G series pager.

OP: The x27/CFT project will do exactly what you need if you own a Uniden scanner, and you can choose and pay for only those features you need.

CFT Firmware for Uniden
Click to expand...
For a device to have FIPS certification it must be tamperproof, thus the "module" which has physical security hardware to prevent one from probing it and extracting the key. If an agency wishes to write down the key variable onto a notepad and hand it to someone to enter into a modified scanner, they are opening up a can of worms as far as the overall security of the network. With OTAR and even with KVL's, once entered, the key variable cannot be read out/ There are even provisions to create a randomized key variable without a human typing one in. So the concept of a software device to allow one to manually enter the key variable, while possible, is not a recommended practice. I don't know how Unication accomplishes this with their third party software, but hope it has been scrutinized for leaks.
 
ladn

ladn

Explorer of the Frequency Spectrum
Premium Subscriber
Joined
Oct 25, 2008
Messages
1,554
Location
Southern California and sometimes Owens Valley
ofd8001 said:
However my experience is it will be exceptionally difficult to obtain a key. I'm sure more than one radio tech has said "My toothbrush, maybe. My wife, possibly. My encryption key, NEVER".
Click to expand...
Makes me wonder how many techs actually have physical or "need to know" access to keys. With keys generated by NSA-affiliated systems and securely transmitted to subscribers' (server) key vaults and then OTAR into subscriber radios, it would seem there isn't much need for a tech to have physical access to a key.
 
B

BKF

Member
Premium Subscriber
Joined
Feb 21, 2025
Messages
8
Location
Lebanon, VA, United States
marcotor said:
I guess the HP436 and 536 I have running with the CFT firmware that decrypts AES and DES flawlessly with the proper key is all my imagination because the "necessary encryption electronics module" is not in it?

No, it does not pick keys out of the air, but the OP didn't indicate anywhere in the post they were searching for a magic pill. Works just as well as a G series pager.

OP: The x27/CFT project will do exactly what you need if you own a Uniden scanner, and you can choose and pay for only those features you need.

CFT Firmware for Uniden
Click to expand...
Thanks for the reply! and no i'm not looking to pull a encryption key out of thin air. just wondering if someone gave me the the key could i somehow use it? and yes i understand its illegal. Friends in high places lol
 
KevinC

KevinC

Encryption
Super Moderator
Joined
Jan 7, 2001
Messages
13,131
Location
I'm everywhere Focker!
BKF said:
Thanks for the reply! and no i'm not looking to pull a encryption key out of thin air. just wondering if someone gave me the the key could i somehow use it? and yes i understand its illegal. Friends in high places lol
Click to expand...
I apologize for saying nope. I'm an idiot as I actually have the CFT FW and it works well.
 
RFI-EMI-GUY

RFI-EMI-GUY

Member
Joined
Dec 22, 2013
Messages
7,630
ladn said:
Makes me wonder how many techs actually have physical or "need to know" access to keys. With keys generated by NSA-affiliated systems and securely transmitted to subscribers' (server) key vaults and then OTAR into subscriber radios, it would seem there isn't much need for a tech to have physical access to a key.
Click to expand...
I did an audit (Radio System replacement study) of a federal facility and had to go through hoops to document (no pictures) the KMF rack and chassis configuration in a vault at HQ. The vault had lots of other stuff, lots of paper! that had to be put away and/or covered up just for me to enter with a notepad and pencil. You can be sure nobody there was handing out the key variables if they could even observe them at all. If you need them for whatever reason it was OTAR only and only for radios in the inventory. This was a serious place with machine guns in the racks behind the metal detectors at the entrance.
 
P

Pape

Member
Premium Subscriber
Joined
Feb 20, 2011
Messages
285
Location
Quebec
RFI-EMI-GUY said:
I did an audit (Radio System replacement study) of a federal facility and had to go through hoops to document (no pictures) the KMF rack and chassis configuration in a vault at HQ. The vault had lots of other stuff, lots of paper! that had to be put away and/or covered up just for me to enter with a notepad and pencil. You can be sure nobody there was handing out the key variables if they could even observe them at all. If you need them for whatever reason it was OTAR only and only for radios in the inventory. This was a serious place with machine guns in the racks behind the metal detectors at the entrance.
Click to expand...
For contrast, over here public safety radio are handle by generic commercial entity and the tech do have the key.
 
RFI-EMI-GUY

RFI-EMI-GUY

Member
Joined
Dec 22, 2013
Messages
7,630
Pape said:
For contrast, over here public safety radio are handle by generic commercial entity and the tech do have the key.
Click to expand...
Potentially a problem as in similar cases the key was distributed to tow truck companies, private security, and biker gangs.
 
ogppc

ogppc

Member
Premium Subscriber
Joined
Sep 5, 2021
Messages
39
Location
Merced County CA (West)
RFI-EMI-GUY said:
For a device to have FIPS certification it must be tamperproof, thus the "module" which has physical security hardware to prevent one from probing it and extracting the key. If an agency wishes to write down the key variable onto a notepad and hand it to someone to enter into a modified scanner, they are opening up a can of worms as far as the overall security of the network. With OTAR and even with KVL's, once entered, the key variable cannot be read out/ There are even provisions to create a randomized key variable without a human typing one in. So the concept of a software device to allow one to manually enter the key variable, while possible, is not a recommended practice. I don't know how Unication accomplishes this with their third party software, but hope it has been scrutinized for leaks.
Click to expand...
FIPS certification is also able to be achieved in software. When I was implementing a MDC system for my city a specific software VPN was requested by DOJ to be used for CLETS and NCIC certification. The VPN portion was FIPS certified and accepted by both CA State and Federal DOJ.
 
kayn1n32008

kayn1n32008

ØÆSØ Say it, say 'ENCRYPTION'
Joined
Sep 20, 2008
Messages
7,177
Location
Sector 001
ladn said:
Makes me wonder how many techs actually have physical or "need to know" access to keys... it would seem there isn't much need for a tech to have physical access to a key.
Click to expand...
A tech programming a radio, doesn't need physical access to keys at all. They can be loaded into a KVL, then loaded into the radio with out the tech ever seeing the key.
 
P

Pape

Member
Premium Subscriber
Joined
Feb 20, 2011
Messages
285
Location
Quebec
kayn1n32008 said:
A tech programming a radio, doesn't need physical access to keys at all. They can be loaded into a KVL, then loaded into the radio with out the tech ever seeing the key.
Click to expand...
not familiar with KVL, is this:
  1. Encrypted key for transport ? if so how is the encryption layer removed to get ingested in the radio for usage ?
  2. Or maybe radio system work on asymmetric (public / private key) key making the radio toward base station only readable by the base and base toward radio readable by all radio ?
  3. or a derivate of the Diffie-Hellman key exchange protocol instruction to actually get the derivate key over the air ?
 
You must log in or register to reply here.

Similar threads

radioboy75
Encryption
Replies
2
Views
631
radioboy75
radioboy75
N0OVC
Baofeng DM32 DM-32 256 bit Encryption Channel Setting.
Replies
19
Views
2K
kenbdavis
K
R
AES256 encryption and The Wassenaar Arrangement
Replies
5
Views
534
mmckenna
mmckenna
R
Chinese backdoor
Replies
14
Views
2K
doriboni
D
N6KAW
Bearcat 210XL programming oddity
Replies
13
Views
735
dmfalk
D
Top