Is this Basic, Enhanced or AES Encryption...DMR MOTOTRBO

[RRR]

I know from experience, that if you don't program ENC codes into the (gen 1) Motorola Mototrbo repeater, while on IP site connect, that you can program in all the ENC you want coming out of the mobiles and portables, but unless the Repeater is programmed for it, the ENC won't be passed through the repeater, it will come out as regular DMR.

This -may- have changed with newer Gen repeaters and firmware, within the past few years.

 

[Forts]

I've used BP, Enhanced and AES on Moto repeaters that have their privacy setting set to 'None' with no noticeable issues. The help file says having that setting improperly configured can cause 'audio holes' but I've never noticed any issues.

Phantomcrow... Plug the audio from your scanner into the line in/mic in on your PC and fire up DSD+. You might get lucky and it'll be on the proper input right off the hop and you'll be up and running. Likely will need some tweaking but we can help you out along the way.

 

[RRR]

I am referring to the repeater will be transmitting non-enc. if it hasn't been programmed with the Enc. codes, not what the radios do, it could "pass-through" Enc, but the signal the (Motorola Mototrbo) repeater transmits will be non-Enc., unless the repeater has been programmed for Enc.

 

[slicerwizard]

You're suggesting that a repeater could take encrypted traffic and magically decrypt it? The NSA would like to subscribe to your newsletter...

 

[Ubbe]

I have the jack and I get DSD up and running but its greek from there for me anyway. Havent had time maybe some today to figure it out once again. Very frustrating

DSDplus are automaticly using the correct protocol to decode and you only need to set input and output for the audio. If you click on the windows symbol or push that key on the keyboard you write cmd.exe and hit enter.

Then change to the folder where you have the DSDplus files by typing cd and the search path to the folder: cd c:\MyFolder\dsdplus and hit enter and then start the program by typing dsdplus and hit enter.

You will then see what the dsdplus program answer where it finds the different audio inputs and outputs. If the line in are #2 and loudspeaker are #3 the type dsdplus -i2 -o3 and hit enter.

One of the windows will show the audio signal curve, what the program receives from line in. Try and keep the signal halfway between center and and the top or bottom. For my line in I use the scanner at volume 15 and adjust windows line in level in the mixer or whatever you have to adjust audio levels. The signal should not clip and go flat at the top and bottom, you then have to reduce the scanners volume or change windows sensitivity for the line in/mic in jack.

/Ubbe

 

[kayn1n32008]

I am referring to the repeater will be transmitting non-enc. if it hasn't been programmed with the Enc. codes, not what the radios do, it could "pass-through" Enc, but the signal the (Motorola Mototrbo) repeater transmits will be non-Enc., unless the repeater has been programmed for Enc.

Nope. Not at all. I’m currently using an XPR-8400. There are no encryption keys programmed in it, and it passes encrypted commsin changed

 

[mikewazowski]

I'm curious, why is there a dropdown in the Security section that allows you to set the type of encryption? Did Motorola forget to remove this if programming a repeater or does it restrict the repeater to a certain type of encryption?

 

[kayn1n32008]

I'm curious, why is there a dropdown in the Security section that allows you to set the type of encryption? Did Motorola forget to remove this if programming a repeater or does it restrict the repeater to a certain type of encryption?

Not 100% sure but I think it has to do with EP using a KID to steer the subscriber to the correct TEK and BP not using a KID.

 

[kayn1n32008]

Nope. Not at all. I’m currently using an XPR-8400. There are no encryption keys programmed in it, and it passes encrypted commsin changed

Wow. Talk about not checking before posting.
It should read:

“There are no encryption keys programmed in it, and it passes encrypted comms un changed except for application of forward error correction before transmitting.”

 

[kayn1n32008]

I know from experience, that if you don't program ENC codes into the (gen 1) Motorola Mototrbo repeater, while on IP site connect, that you can program in all the ENC you want coming out of the mobiles and portables, but unless the Repeater is programmed for it, the ENC won't be passed through the repeater, it will come out as regular DMR.

This -may- have changed with newer Gen repeaters and firmware, within the past few years.

This is a photo of my XPR-8400(Gen 1 repeater) configured for IPSC. There is nowhere to load an TEK in the repeater to decrypt incoming communications.

The repeater ONLY apples forward error correction and then re-transmits what it hears/sends it out over IP. There is absolutely no decryption of an encrypted transmission done by the repeater.

 

[slicerwizard]

I'm curious, why is there a dropdown in the Security section that allows you to set the type of encryption? Did Motorola forget to remove this if programming a repeater or does it restrict the repeater to a certain type of encryption?

The DMR standard is sorely lacking when it comes to encryption. As far as I can tell, to this day, the PI Header frame contents aren't even defined in the standard. No provision was made for late entry encryption data, which is why algorithms that require that data (EP, AES) are forced to steal bits from voice frames in order to transmit the next superframe's MI value. That still leaves the key ID which also has to be sent in order for radios to join/decrypt an active EP/AES call. If radios miss the call setup, specifically the PI Header frame, say due to a noise burst, they have no key ID data to facilitate selecting the correct EP/AES key from their key tables and the radios are forced to remain muted.

When the repeater's encryption type is set to EP, the repeater steals more bits in order to continuously send the key ID data, which lets late entering radios acquire all of the information they need to join/decrypt the call in progress.

Meanwhile, P25 sends all of this encryption data (AlgID, KeyID, 64 bit MI) in every LDU2 frame, making late entry a breeze. DMR is saddled with ghetto 32 bit MIs because stealing 144 voice bits (64 MI bits, 8 CRC bits, 72 FEC bits) from every 360 ms superframe is out of the question, so 32 bit MIs it is. No doubt, these DMR limitations and the required hackery / bit stealing exists because Motorola really wanted to cripple DMR, especially in the encryption 'nads. Typical corporate douchebaggery.

 

[RRR]

Who said anything about "De-crypting" traffic?

It will pass Encrypted audio if the repeater is programmed with Encryption (That's why the option is there to input the Enc. information) or it will not pass encrypted audio, if the repeater has -not- been programmed for Encryption.

-Why would a repeater need to be programmed with Encryption, if it will automatically re-transmit whatever Enc. is coming into it?

And as stated before, this could have changed with more recent firmware updates.

 

[Forts]

You can set the repeater encryption type to 'None' and it will still pass encrypted audio. And as already mentioned there is nowhere in a repeater codeplug to enter an encryption key. There never has been. Other manufacturers like Hytera do support this however as you can also use the repeater like a base station.

 

[RRR]

Ok. I concede. I remember 5 or 6 years ago, it was tried right in front of me, and the Enc. from the portables wouldn't pass through the repeater.

Must have been another error

 

[kayn1n32008]

Who said anything about "De-crypting" traffic?

I know from experience, that if you don't program ENC codes into the (gen 1) Motorola Mototrbo repeater, while on IP site connect, that you can program in all the ENC you want coming out of the mobiles and portables, but unless the Repeater is programmed for it, the ENC won't be passed through the repeater, it will come out as regular DMR.

This -may- have changed with newer Gen repeaters and firmware, within the past few years.

You said it. How else can encrypted comms be re-transmitted in the clear?

It will pass Encrypted audio if the repeater is programmed with Encryption (That's why the option is there to input the Enc. information) or it will not pass encrypted audio, if the repeater has -not- been programmed for Encryption.

-Why would a repeater need to be programmed with Encryption, if it will automatically re-transmit whatever Enc. is coming into it?

And as stated before, this could have changed with more recent firmware updates.

The encryption settings have nothing to do with passing, or not passing, of encrypted transmissions.

The encryption setting in the repeater has to do with how the data header is formed to ensure the receiving radios, when using enhanced privacy and AES know the correct TEK to use to decrypt the audio.

Gen 1 repeaters have NEVER needed an encryption key to repeat encrypted comms. There is no place in a Gen. 1 codeplug to input either an EP or AES TEK.

 

[RRR]

Very good. I have learned something, and was informed wrong, and what I was seeing, apparently wasn't what I thought it was.

I do appreciate it!

 

[phantomcrow]

If you're still struggling with DSD+ then switch the audio output of your TRX2 to discriminator output, make a good quality recording of the signal from that, post the file here.

I ran DSD and believe I have the recordings however, not sure where they are stored? I also have the window so I will copy it and save it to a notepad if that also would help? Thanks

 

[Forts]

The recording would be in your DSD+ folder. Should be a wav file.

 

[phantomcrow]

The recording would be in your DSD+ folder. Should be a wav file.

Got it, however there is another encrypted channel that also was recorded in with it. Will that be a problem?

 

[phantomcrow]

The recording would be in your DSD+ folder. Should be a wav file.

Looks like I did something wrong. Its a .wav file but there doesn't seem like its playing?