Encryption

[mmckenna]

More agencies should provide an online delayed feed of their dispatch if they're encrypted to provide transparency.

One of the major drivers behind encryption is to protect personal information that gets shared over the radio. FBI and most states have requirement that were agreed to by the agencies that says they will not share Criminal Justice Information with anyone that does not have a direct need to have it, and hasn't been properly trained on how to handle it. 30 minute delays do not meet the requirements if the agency is not following the FBI/State requirements.

If they are handling CJI via other means (terminal, etc.), then a 30 minute delay is a good solution.

For the purposes of this forum, who cares if any given encryption algorithm can be broken? There will never be a scanner on the market that will decrypt encrypted comms.

And one of the main reasons why encryptions keys should -never- be a "Set it and forget it" thing. Keys should be rolled frequently. Even if someone gets hold of a super fast computer, the key shouldn't be valid long enough to do much damage with it.
Unfortunately many agencies don't understand this.

 

[CanesFan95]

But once a hacker figures out your current key, then they can eavesdrop on what the new key is and get the new key.

 

[CanesFan95]

And if you're trying to guess an encryption key with some hyper-computer, won't you have to stop and listen to a transmission or two for a second to tell if you've found the key? So I don't see how a computer can know how to do that for your automatically, with all the time it takes to try each combination and wait a while and listen.

 

[KevinC]

But once a hacker figures out your current key, then they can eavesdrop on what the new key is and get the new key.

I'm going to bet most, if not all, agencies don't discuss over the radio what their new key variable is going to be...but I could be wrong.

 

[CanesFan95]

Well, isn't there a thing called over-the-air-re-keying (OTAR), where it's automatic? Then the hacker can figure out the key by decoding the data over the air?

 

[KevinC]

Well, isn't there a thing called over-the-air-re-keying (OTAR), where it's automatic? Then the hacker can figure out the key by decoding the data over the air?

They would need your UKEK for OTAR to be of any benefit (among other things). But if they have your UKEK you have a crap load more problems to worry about.

 

[mmckenna]

Well, isn't there a thing called over-the-air-re-keying (OTAR), where it's automatic? Then the hacker can figure out the key by decoding the data over the air?

The key can be sent to specific radios.

The key can also be manually loaded with a key variable loader.

The key's can also be updated via WiFi on some newer radios.

 

[RayAir]

But once a hacker figures out your current key, then they can eavesdrop on what the new key is and get the new key.

If proper protocols and security are in place that ain't ever gonna happen, jack.

 

[chrismol1]

Actually, they never did discover that the code had been broken until after the Allies revealed it several years after the war was over. The fourth rotor was a planned enhancement, not a response to Allied codebreaking efforts.

Decades. My favorite secret of Enigma. Allies hid it allowing multiple countries using to believe it was secure, well into the cold war era

And if you're trying to guess an encryption key with some hyper-computer, won't you have to stop and listen to a transmission or two for a second to tell if you've found the key? So I don't see how a computer can know how to do that for your automatically, with all the time it takes to try each combination and wait a while and listen.

in simple terms, you get the raw data frames of an encrypted transmission, now you have the "code" that creates the locking mechanism. Then you build a lock out of a software program and input the encrypted code that will build the internal locking mechanism. Then you jam your many different keys into it until it eventually unlocks

 

[danesgs]

I was in IT for 30 years doing desktop support for the military. Why the hell would anyone want to try as a hobbyist to crack the code on a radio signal? Just to say they could? The time spent doing hacks is a waste of time IMO. Leave it for the NSA geeks or Langley. They get PAID to do that crap!

 

[slicerwizard]

For the purposes of this forum, who cares if any given encryption algorithm can be broken? There will never be a scanner on the market that will decrypt encrypted comms.

So? Why would we be forced to use a scanner?

And if you're trying to guess an encryption key with some hyper-computer, won't you have to stop and listen to a transmission or two for a second to tell if you've found the key? So I don't see how a computer can know how to do that for your automatically, with all the time it takes to try each combination and wait a while and listen.

Um, your mental model of how this works is way off the rails...

in simple terms, you get the raw data frames of an encrypted transmission, now you have the "code" that creates the locking mechanism. Then you build a lock out of a software program and input the encrypted code that will build the internal locking mechanism. Then you jam your many different keys into it until it eventually unlocks

That's a very vague description that could describe any number of methods.

The simple answer is:

- encryption turns a data stream into random numbers

- decryption with the wrong key turns those random numbers into different random numbers

- decryption with the correct key turns those random numbers back into the original non-random data stream

You know you've found the correct key when you recover non-random data. No human observation required.

 

[K7MFC]

So? Why would we be forced to use a scanner

You wouldn't be, obviously, but the question originally posed in this thread was:

Are agencies with encryption broadcasts still unable to be monitored by any scanner devices?

But, like many of these conversations on RadioReference, we've gone way off the rails with every armchair cryptographer who has a weak grasp on how encryption actually works and is implemented putting in their two cents