Encryption

[b7spectra]

Let me preface this thread with the following:

YES, I know that breaking encryption is against FCC rules.
YES, I know the federal government most likely can do this.
NO, I don't need to be lectured by our self appointed Police.

With that said, here is my question about encryption:

We all know that many places are going, not only P25 digital, but encrypted as well. What is to stop someone from coming up with a program that can either decode it or be able to come up with the encryption code keys? Look what we can do with Trunker/Win96! We can actually strip out the system ID, unit numbers, all the frequencies that are used as well as other goodies. I know the systems administrators have their keyloaders to install the code into the radio, so why can't it be "decoded"? With the speed of quad core processors, it shouldn't take that long for a program to decode it. You know the federal government most likely has a program that can do it (do you really think they are going to let you carry on your conversation in private?), so, besides being illegal, why can't we?

Again, please before you flame, read my opening comments, as I'm just curious about this (my county uses P25 TRS, but not encryption, so I'm not as concerned at this time about it).

 

[coldbricks]

Granted I am not an engineer and don't work on this stuff, but I am very experienced as a hobbyist and from what I understand cracking the encryption is like trying to break into peoples passworded accounts. it's possible, but the possibilities are virtually endless. In other words, encryptions are VERY hard to break and require a very sophisticated type of technology to 'crack'. Not sure if that will come around!

 

[poltergeisty]

Google DES and distributed computing....

 

[n5usr]

If you have the keys (similar to knowing the protocol used in P25 to grab those IDs and unit numbers) then yeah, it doesn't take much of a processor at all to decode. Thus why a handheld radio is able to do it.

But if you don't have the keys, then you have basically two ways to attempt decoding. The first is to find a flaw in the encryption algorithm which lets you shortcut the whole thing - either by being able to "fake" keys that will still work or by being able to figure out a key very quickly with minimal sampling. This is the sort of thing that happened to WEP on wireless access points.

Otherwise, if no flaw is found, about the only option left is to "brute force" it. Simply iterate through every possible key until you find one that works. But depending on the encryption method used, that could take anywhere from hours to years. Most likely by the time you come across the key you need you won't care anymore what the message has in it. Whether the key is of further use depends on the protocol - and I expect any radio encryption protocol worth the money is going to shuffle keys periodically if not on every transmission.

 

[rescue161]

I asked the board to do this very thing on MY encrypted transmission a couple of years ago. I gave them the recorded message, the algo and the key and it still has NOT been cracked.

http://www.radioreference.com/forums/showthread.php?t=63775&highlight=encryption

It's still going strong, so whoever wants to put their Quad Core to the test, go for it. That's why I did the contest, so people would have to fear breaking the law. I gave permission for everyone to crack my transmission.

If you want digital, I can do that as well. Just let me know and I'll put something together.

 

[N_Jay]

Let me preface this thread with the following:

YES, I know that breaking encryption is against FCC rules.
YES, I know the federal government most likely can do this.
NO, I don't need to be lectured by our self appointed Police.

With that said, here is my question about encryption:

We all know that many places are going, not only P25 digital, but encrypted as well. What is to stop someone from coming up with a program that can either decode it or be able to come up with the encryption code keys? Look what we can do with Trunker/Win96! We can actually strip out the system ID, unit numbers, all the frequencies that are used as well as other goodies. I know the systems administrators have their keyloaders to install the code into the radio, so why can't it be "decoded"? With the speed of quad core processors, it shouldn't take that long for a program to decode it. You know the federal government most likely has a program that can do it (do you really think they are going to let you carry on your conversation in private?), so, besides being illegal, why can't we?

Again, please before you flame, read my opening comments, as I'm just curious about this (my county uses P25 TRS, but not encryption, so I'm not as concerned at this time about it).

It is very simple.

Too many keys, and too hard to tell when you have the right one.

Yes, it can be done, if you know the key type and key length.

Then you can start at 000...000 and work your way up to 999...999.

The ugly (or beautiful) truth is that the "government" does not have much better (and in many cases they have worse) computing power than the rest of us.
That is why they do their best to limit the sophistication of encryption technologies exported.

You have made the same logic error most people make when they start discussing decoding encryption.
You have confused simply "decoding" a data format (what Trunker/Win96 does) and "decrypting" an encrypted data stream.

The first is like opening an unlocked door with a latch you have never seen before.
The second is like picking a lock with an unknown number of tumblers, in a configuration you are unfamiliar with, with your eyes closed, wearing thick mittens, while drunk.

 

[jhooten]

If it was so easy to do, it would have been done by now.

Organized crime/Drug cartels have more than enough money to pay someone to do just what you suggest. So far they have not had much luck.

 

[smokeyjones666]

I imagine the solution is something along the lines of the brute force attacks you can perform on WPA-PSK and TKIP, where you need to sample enough packets and then run an attack on the data until you can figure out the key.

The sampled data may be meaningless after the time it takes to figure out the key, but if the key doesn't change periodically then you could potentially decrypt all of their communications since you've already done all of the hard work on the old set of data.

Certainly this is all purely hypothetical. If anybody invests the time, money and brains to do this - I hope a smart person wouldn't be dumb enough to brag about it on a public forum (though if someone did, I'm sure we'd most likely think they were full of it.)

Of course, we need to consider the possibility that the keys are constantly changing (in the manner of WPA+RADIUS), then all that can be done is to brute force the key to the old set of data. By the time the key is figured out, the key has most likely changed and any new data can't be decrypted anymore without another brute force attack.

 

[eorange]

The ugly (or beautiful) truth is that the "government" does not have much better (and in many cases they have worse) computing power than the rest of us.

You would do well to read the last chapter (entitled "Brain") of the James Bamford book "Body of Secrets", where he describes the sheer computing power and capacity of the NSA. There simply isn't any other nation or organization that has as much computing power as the NSA to support one of their prime missions, which is, and always has been, codebreaking.

 

[N_Jay]

You would do well to read the last chapter (entitled "Brain") of the James Bamford book "Body of Secrets", where he describes the sheer computing power and capacity of the NSA. There simply isn't any other nation or organization that has as much computing power as the NSA to support one of their prime missions, which is, and always has been, codebreaking.

Sure they have a lot, and they do a lot, so just how much is available to any specific task?

Remember Cray? Where are they today?

It is not "orders of magnitude" like it once was.

Consumer/Business computing is driving the power curve.

 

[RayAir]

Possible key codes for:

56-bit DES encryption:72057594037928000

Newer encryption uses 128-bit, 192-bit or 256-bit. For every 1-bit increase the possible key variables double. So if you took 56-bit DES with approximately 72 quadrillion possible encryption keys and made it 57-bit encryption then the amount of possible keys would be 144 quadrillion.


Even the high end analog scrambling stuff is virtually impossible to decode by anyone less than a financed professional. You can forget decoding digital encryption.

 

[W6KRU]

Sure they have a lot, and they do a lot, so just how much is available to any specific task?

Remember Cray? Where are they today?

It is not "orders of magnitude" like it once was.

Consumer/Business computing is driving the power curve.

Supercomputers are alive and well. Here is a link to the latest and greatest. Can you say 122400 processor cores?

http://en.wikipedia.org/wiki/IBM_Roadrunner

 

[scansomd]

Given enough (1) time and (2) money - ANY - code can be broken. CRYPTO Algorithms are designed and tested against my previous sentence - how long would it take and for how much money.

Having said that, the hobbyist will never have the ability to crack/break encryption created circa 1970 and later. Anyone who tells you otherwise does not understand the complexity of the task. There is much, much (MUCH!) more involved than having a fast computer and a competent computer programmer.

Let me preface this thread with the following:

YES, I know that breaking encryption is against FCC rules.
YES, I know the federal government most likely can do this.
NO, I don't need to be lectured by our self appointed Police.

With that said, here is my question about encryption:

We all know that many places are going, not only P25 digital, but encrypted as well. What is to stop someone from coming up with a program that can either decode it or be able to come up with the encryption code keys? Look what we can do with Trunker/Win96! We can actually strip out the system ID, unit numbers, all the frequencies that are used as well as other goodies. I know the systems administrators have their keyloaders to install the code into the radio, so why can't it be "decoded"? With the speed of quad core processors, it shouldn't take that long for a program to decode it. You know the federal government most likely has a program that can do it (do you really think they are going to let you carry on your conversation in private?), so, besides being illegal, why can't we?

Again, please before you flame, read my opening comments, as I'm just curious about this (my county uses P25 TRS, but not encryption, so I'm not as concerned at this time about it).

 

[AZScanner]

If it was so easy to do, it would have been done by now.

Organized crime/Drug cartels have more than enough money to pay someone to do just what you suggest. So far they have not had much luck.

They have no need for this. They simply pay crooked cops within the department who tip them off. Why sit around listening to radios all day when for far less money and trouble, you can hire your very own personal incident alerting service? They throw the crooked cops a bone here and there, allow a small amount of their product to be seized now and then along with a faithful mule to take the fall for it and everyone wins.

Encryption serves one purpose - it prevents nosey scanner listeners and petty crooks from listening in. That's it. And I personally see nothing wrong with attempting to break it in the privacy of your own home if you have the means & free time. You just can't share it with anyone. I think that's fair. If I were able to crack it and could, I damn sure wouldn't advertise that crap to anyone. I'd just quietly sit back and listen in on the "secure" communications.

-AZ

 

[davidbond21]

AZScanner has got it exactly right.

Drug cartels have more money than they know what to do with, and they get much more value for their dollar financing crooked cops or others in well placed positions. All the encryption(much less any secure technology) in the world won't prevent humans from being fallible.

As far as the NSA is concerned, the more computing power and analyst time they dedicate to codebreaking, the less time(processor and human) they have to monitor our internet and phone activity.

 

[ABBAFATHER]

What about Baton, Firefly & Saville encryption algorithms?

 

[N_Jay]

What about Baton, Firefly & Saville encryption algorithms?

What about it?

Do you think Type one is significantly different?

 

[digitransfer]

The technology is there. I`m sure people are aready doing it. they arent going to open their mouth and let the cat out of the bag. I know atleast i wouldnt.

 

[N_Jay]

The technology is there. I`m sure people are aready doing it. they arent going to open their mouth and let the cat out of the bag. I know atleast i wouldnt.

What technology is there?

 

[W6KRU]

What technology is there?

I think we are talking about Crays again.