FCC Scanner License for Digital Encryption

[Token]

Not up to the FCC, plus if it's encrypted, it's protected under the ECPA.

Encrypted traffic is only protected if you are not an “intended recipient”. If such license made you an intended recipient then there would be no violation, and I believe that is kind of what the OP was getting to. The license is to authorize your reception. Not that I think it ever could or would happen

To the OP: This is a very slippery slope and I for one hope we never see anything like what you propose. You want to have to retain a license to listen? Once one service / agency / technique is “licensed” for monitoring how long will it be until a license (and fees and limitations) is required for all listening?

Right now, in the US, we have fairly liberal listening / monitoring regulation. Only a very few specific types of transmissions are forbidden to listen to (such as cell phones and auxiliary broadcast links). Want to listen to military? No problem. Police, fire, federal agencies? Again, no problem. As long as it is not encrypted you can listen to these types of transmissions. What you do with that information (us for personal gain or to further a crime), where you do it (in a car in some localities), or who you share it with may be regulated, but basic listening is no problem, requires no license, and should stay that way.

Personally I have no problem with breaking encryption being an illegal activity. But I also think that public service transmissions should not be encrypted unless they contain specific PII. While it is a small agency my local PD does not even have a secure channel, just basic analogue FM. When they want to send / receive PII (for example SSN’s or minor individual personal information) they generally go to the cell phone, that is, after all, one of the reasons they have exemption from no cell phones while mobile regulations. Anything that can show up in a public police log should be OK to send over the air in the clear.

T!

 

[KD4UXQ]

Not up to the FCC, plus if it's encrypted, it's protected under the ECPA. If an agency wants you to be able to listen to their encrypted comms, they'll give you a radio. That way they revoke it from the system or change encryption keys if it gets lost or stolen.

I really enjoyed all the answers to this rather weird question and they have their merits, but yours nails it!

Personally I think agencies should consider transparency with the public for dispatch channels, and only consider encryption on Tactical channels where appropriate. In other words, don't make Encryption a habit, but use it as needed. Likewise, would we really want the military to communicate everything in the clear? Law enforcement sometimes really needs the ability to secure communications. And also for OPSEC I can see Fire and EMS needing to use those encrypted channels at times as their activity may disclose Law enforcement activities. They can of course do anything they wish.

 

[rittmanfireman]

Re Keying

There is a reason for encryption. The reason is the agency that is using it does not want you to hear what they are saying. Even if the FCC gave you license to listen to encrypted communications, what makes you think the agency using the encrypted comms would just hand you the encryption key. And some agencies change their key every week, day month or whatever.

If the agency thinks you have a ligament reason for listening they will accommodate you. For example some media organizations buy or borrow the equipment and the radio techs program the encryption code, although this is rare. No extra license needed, just an agreement with you and the agency.

Ok I have a question. With agencies Re Keying radios so often OTA (Over the Air). wouldn't there be a way to decode that very message? And is that not already an issue in military comms where when an OTA rekey is done and one or more radios were not on or in the area and did not get re keyed. That to avoid them not getting left out all units go to un encrypted? And with most P25 systems that run both that, even if a user in the group keys un encrypted all units set to encrypt still hear the traffic as they would any other way leaving it up to the direct user of the radio to ensure use of encryption.

 

[kayn1n32008]

Wirelessly posted (Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.1047 Mobile Safari/534.11+)

Any system admin that is using OTAR is going to use a KVL on a new radio, BEFORE it is first used on the system. That way when the radio is re-keyed over the air it and the OTAR key is secure.

 

[rittmanfireman]

Wirelessly posted (Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.1047 Mobile Safari/534.11+)

Any system admin that is using OTAR is going to use a KVL on a new radio, BEFORE it is first used on the system. That way when the radio is re-keyed over the air it and the OTAR key is secure.

So the only way to Understand the information for an OTAR would be to have the information from the KVL. In other words even if you intercepted the OTAR you would have no way of decoding it.

 

[kayn1n32008]

Wirelessly posted (Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.1047 Mobile Safari/534.11+)

Wirelessly posted (Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.1047 Mobile Safari/534.11+)

Any system admin that is using OTAR is going to use a KVL on a new radio, BEFORE it is first used on the system. That way when the radio is re-keyed over the air it and the OTAR key is secure.

So the only way to Understand the information for an OTAR would be to have the information from the KVL. In other words even if you intercepted the OTAR you would have no way of decoding it.

Sort of. In Order to use OTAR your radio must have a pre-existing encryption key, before the radio can be OTAR, to have a key in a radio (DES/AES) you need to touch it with a KVL. The key to all this is the 'R' in OTAR... Rekey, as in replacing existing keys with new keys.

 

[WB4CS]

I know this is an old thread that has been brought back to life, but I have to say something.

Even if it were possible to manufacture a scanner that could decrypt radio transmissions (which would be a VERY expensive scanner) would that not defeat the whole purpose of encryption?

All across the U.S. there are countless agencies that are upgrading to new radio systems that include encryption, and a good portion of the money to purchase these systems come from our tax dollars. These systems are not cheap. If the idea behind encryption is to block people from listening in, and then we create a scanner that can decrypt the system, it would mean that encryption is useless and a complete waste of money. Our (tax) money.

Like it or not, encryption is here and it's probably here to stay. Welcome to the 21st Century of digital technology. Sadly this means the scanning hobby is taking a hit, but we cannot expect government and public safety agencies to stop using technology just because a small handful of people want to continue a hobby.

I do agree that since our tax dollars pay for these radio systems and the salary of the people that use them, we should be able to know what's going on and how these systems are being used. We should be able to hear calls go out over our local PD. However, there's a lot of sensitive data that goes over the air that needs to be protected. That information should be encrypted.

So what can we do, other than complain about it online and dream up ideas that will never come to fruition? Contact your local public service agencies and let them know you want to keep listening. Inform them of the value of having informed citizens that know what is going on in their community. If they listen and decide to keep certain traffic in the clear, good for you. If they ignore you and go encrypted, get over it, move on, and find something else to do with your time.

 

[DisasterGuy]

I know this is an old thread that has been brought back to life, but I have to say something.

Even if it were possible to manufacture a scanner that could decrypt radio transmissions (which would be a VERY expensive scanner) would that not defeat the whole purpose of encryption?

All across the U.S. there are countless agencies that are upgrading to new radio systems that include encryption, and a good portion of the money to purchase these systems come from our tax dollars. These systems are not cheap. If the idea behind encryption is to block people from listening in, and then we create a scanner that can decrypt the system, it would mean that encryption is useless and a complete waste of money. Our (tax) money.

In a word, no. There is a difference between receiving and decoding encrypted transmissions and "breaking" the encryption. While you will not see it happen, there is no reason in the world that any receiver manufacturer could not build DES or AES encryption into a receiver. The fact is that you would still need the 64-bit (DES) or 256-bit (AES) encryption key from the system administrator. There really isn't a demand for this though because, as mentioned previously in this thread, when I need to provide a receiver for someone to monitor an encrypted talkgroup I simply provide them with a low tier mobile or portable subscriber radio and then disable transmit on those talkgroups. This is a VERY common practice.