• To anyone looking to acquire commercial radio programming software:

    Please do not make requests for copies of radio programming software which is sold (or was sold) by the manufacturer for any monetary value. All requests will be deleted and a forum infraction issued. Making a request such as this is attempting to engage in software piracy and this forum cannot be involved or associated with this activity. The same goes for any private transaction via Private Message. Even if you attempt to engage in this activity in PM's we will still enforce the forum rules. Your PM's are not private and the administration has the right to read them if there's a hint to criminal activity.

    If you are having trouble legally obtaining software please state so. We do not want any hurt feelings when your vague post is mistaken for a free request. It is YOUR responsibility to properly word your request.

    To obtain Motorola software see the Sticky in the Motorola forum.

    The various other vendors often permit their dealers to sell the software online (i.e., Kenwood). Please use Google or some other search engine to find a dealer that sells the software. Typically each series or individual radio requires its own software package. Often the Kenwood software is less than $100 so don't be a cheapskate; just purchase it.

    For M/A Com/Harris/GE, etc: there are two software packages that program all current and past radios. One package is for conventional programming and the other for trunked programming. The trunked package is in upwards of $2,500. The conventional package is more reasonable though is still several hundred dollars. The benefit is you do not need multiple versions for each radio (unlike Motorola).

    This is a large and very visible forum. We cannot jeopardize the ability to provide the RadioReference services by allowing this activity to occur. Please respect this.

Harris and Motorola DES compatability

Status
Not open for further replies.

radioman2001

Member
Joined
Mar 6, 2008
Messages
2,795
Location
New York North Carolina and all points in between
Our agency has APX radios both portable and some mobiles, but we are required to buy lowest bid. Motorola comes with ADP and Harris is offering single key DES. If we order Motorola radios with DES will they talk to Harris in P-25 mode? or any other mode for that matter.

IMO AES is just a money maker for the vendors and mostly has no use other than users who are discussing National Security. National Security users really should be using Type 1 anyway.
 

Mattsenft

Member
Premium Subscriber
Joined
Jan 22, 2006
Messages
151
Location
Harrisburg, PA
You could use either. Harris now offers ARC4 which is compatible with ADP, or you could use DES. The single key DES that Harris offers utilizes RPM to program the key rather than a keyloader.
 

radioman2001

Member
Joined
Mar 6, 2008
Messages
2,795
Location
New York North Carolina and all points in between
From reading other posts here I got the impression that the single key DES offered by Harris was a weaker version (less bits not 56 bit) version, maybe more like DVP or DVI. Is the ARC4 offered by Harris a zero $ option?

I am aware that both ADP and single key DES are loaded by RPM, and there was mention by my agency to go to a KMC. Not thrilled with that.
 

RayAir

Member
Joined
Dec 31, 2005
Messages
1,776
DES-OFB for P25 I believe is a required standard (if enabled) so Harris radios should talk to Moto's in DES-OFB mode provided the Key ID and Key Value are the same.

As far as the cost of AES being purely for extra profit, that is not true. Though it may cost more than ADP(RC4) or DES, that is the price for communications security.

Systems using ADP or DES-OFB cannot be guaranteed as being secure. DES is magnitudes stronger than ADP, but today DES is obsolete.

You need to ask yourself from whom do you want to protect your communications? What is the worst that can happen if your comms become compromised?

If you want protection from scanner listeners, ADP or DES-OFB is adequate.

If you want protection against organized criminal enterprises, state actors, or technically capable adversaries, AES is the only answer.
 

RayAir

Member
Joined
Dec 31, 2005
Messages
1,776
From reading other posts here I got the impression that the single key DES offered by Harris was a weaker version (less bits not 56 bit) version, maybe more like DVP or DVI. Is the ARC4 offered by Harris a zero $ option?

I am aware that both ADP and single key DES are loaded by RPM, and there was mention by my agency to go to a KMC. Not thrilled with that.
Single Key DES is 56 bits and just means the radio can only hold one DES key. In other words, all TGs/Users would use the same key.
 

radioman2001

Member
Joined
Mar 6, 2008
Messages
2,795
Location
New York North Carolina and all points in between
quote" DES-OFB for P25 I believe is a required standard (if enabled) so Harris radios should talk to Moto's in DES-OFB mode provided the Key ID and Key Value are the same.

But is single key DES from Harris really DES-OFB or straight DES and DES/DES-Xl both work in P-25 mode, but are not interchangable. I know I use it everyday, plus Mot does not give away DES-OFB, just ADP. At nearly $1K a radio for AES is a bit much.

qutoe" Single Key DES is 56 bits and just means the radio can only hold one DES key. In other words, all TGs/Users would use the same key.

I understand that I go back to the time where radios could only handle one key, and there was no proper code detect available. PIA

We are not talking National Security here and the chances of actually using the encryption is pretty seldom (selectable on only specific modes). The Officers have enough trouble just knowing what channel to be on for the area the are patrolling considering we have a lot of them. Over 4000 sq miles of territory covers a lot of mutual aid agencies.

I have never heard of anyone actually breaking ADP or DES, and all you have to do is look online and Youtube to see how difficult it is to hard break it. The only time I ever heard of a security breach was when someone in the radio shop loaded up a criminals radio.

I have suggested that a test radio be obtained to test this theory of DES working across platforms.
 

Forts

Mentor
Database Admin
Joined
Dec 19, 2002
Messages
5,584
Location
Ontario, Canada
Harris single key DES is DES-OFB. Completely compatible with Motorola/Tait/Icom etc etc, no difference in key strength. DES-XL was a Moto proprietary version that is only found in their radios and some EFJ gear I believe. Single key DES was Harris' answer to counter ADP at the time, but now their newer radios (XL-200) are ARC4/ADP compatible so you have options.

As mentioned above it's all about the level of security you want to achieve. ADP is 100% effective at blocking scanners and unauthorized radios. With DES or AES you are just adding further levels of complexity to that.
 

GTR8000

Well Known Member
Database Admin
Joined
Oct 4, 2007
Messages
7,549
Location
BEE00
ADP is 100% effective at blocking scanners and unauthorized radios.
Scanners, yes...unauthorized radios, maybe.

There is a longstanding bug in APX CPS where in some instances, the software ADP key is not masked in the codeplug, and is visible in plain text when opening an existing codeplug or reading a radio. It would not take much for someone to exploit that bug, view the key, then have it find its way into unauthorized radios.

For this reason alone, using a keyloader is preferable to using a software key, even for ADP.
 

Forts

Mentor
Database Admin
Joined
Dec 19, 2002
Messages
5,584
Location
Ontario, Canada
Interesting, never heard of that before. It stands to reason that the key would be visible in a saved codeplug but I've never heard of it viewable after reading a radio.
 

GTR8000

Well Known Member
Database Admin
Joined
Oct 4, 2007
Messages
7,549
Location
BEE00
I've found that the behavior is not always consistent. It's always visible in plain text when opening a codeplug (probably by design), but I have also found that after reading a radio it might also be unmasked.

The moral of the story is that software ADP keys are vulnerable to being discovered much more easily than a hardware key loaded with a KVL. Nothing wrong with using 40-bit ADP for basic privacy, but to protect the integrity of the key, you're much better off using hardware vs software.
 

GTR8000

Well Known Member
Database Admin
Joined
Oct 4, 2007
Messages
7,549
Location
BEE00
Just for the sake of providing some basis for what I'm saying, this issue was supposedly addressed a few years ago. As of the latest release, R15.00.01, it still happens from time to time, based on personal experience. YMMV

Radio Release Notes – Subscriber Release 7.12 - May 2012
New Version: Host/DSP – R08.00.00
CPS Version: R08.00.00

Abstract: ADP software encryption key data visible in CPS
System Platforms Affected: Any using ADP
Special Configurations: ADP in use
User Symptom: Under certain unusual conditions, the encryption key data for ADP software encryption was visible in the CPS after reading a codeplug.
Description: This radio firmware issue has been resolved.
 

radioman2001

Member
Joined
Mar 6, 2008
Messages
2,795
Location
New York North Carolina and all points in between
quote" DES-XL was a Moto proprietary version that is only found in their radios and some EFJ gear I believe.

I am aware of the XL variant being M proprietary, that was created to give the data stream a syncronizing burst to cut down the decode time. The Feds complained that point to point actually worked better than the repeater when used without the XL code. It was the way the repeater cleaned up and re-clocked the stream, hence M developed XL, and they are not interchangable even with he same key.

Getting back to vendor games DES-OFB is not a zero dollar item with M radios only ADP is, so the 2 vendors are still playing off one another to get their product picked over the other with different encryption models.

Keyloaded keys is always better security wise compared to the truck size holes in Windows operating system loaded. You would think M would encrypt the whole codeplug as they did even back with the analog Spectra.
Now you have a whole another security issue, as who gets to create, load and secure the keyloader, as I mentioned in my previous post so you now have to guard the keyloader. I like Type I accounting but it would prove to be cumbersome, and I believe the best answer is a KMC.

It's now off to field testing time, and good thing I have a keyloader.
 

DisasterGuy

Member
Joined
Aug 24, 2013
Messages
1,190
Location
Maryland Shore
The real question is if you require interoperability. AES is the defacto standard for P25. Many agencies even use national interoperable keys for this reason.

With Harris there are several ways to load including local keys on a pc using keyloader application, an encrypted thumb drive or using a KVL. Single Key DES and ARC4 as free options are added as UKEK in the programming software. Use of either Single Key DES and ARC4 isn't recommended but is instead them caving to customer demand and specs written around moto targeted procurement.

Sent from my SM-G900V using Tapatalk
 

radioman2001

Member
Joined
Mar 6, 2008
Messages
2,795
Location
New York North Carolina and all points in between
So much for P25 interoperability typical Mot and now Harris B.S., and BTW the AES is WAAAAY overkill for our application and is definitly not worth $1k a radio. I don't see many agencies that will "E" the I-call or Tac channels at a scene, as it kinda defeats the purpose of interoperability. I am waiting on some new Harris units with the single key DES freebee to test with my personal XTL in DES, but that still begs the question of the cost in a Mot radio.

To sum it up basically there is no free lunch when it comes to "E" from either manufacturer and should be disregarded when picking a vendor for your radios. The best practice is to specify a hardware generated encryption scheme in the bid and let the chips fall as they may. Hardware DES may be the choice due to it's lower cost as compared to AES.
 

LMR_Dude

Member
Joined
Mar 26, 2010
Messages
115
Yes, Harris and Moto radios can talk to each other with DES over a P-25 network, I had a auto theft task force doing just that until they were moved up to AES.
 

kb4cvn

Member
Joined
Mar 16, 2004
Messages
874
Location
Nowhere near a paved road, away from the maddening
Privacy vs. Security

ADP, ARC4 and DES loaded into a radio via the Personality File (aka: Codeplug) gives the user(s) a acceptable level privacy from the casual listener.


Whereas a radio keyloaded with a cryptographic codekey which is physically separate from the programming file, is safeguarded, and is used with an encryption algorithm of 192 bits or greater, offers true communications security.


Keep in mind this is subject to change as technology advances...
 
Status
Not open for further replies.
Top