Know RAS key for a protected MotoTRBO system - Can I now listen with an SDR?

Status
Not open for further replies.
SpectralContent

SpectralContent

Member
Feed Provider
Joined
Jul 29, 2015
Messages
115
Location
Baltimore, MD
I have access to the RAS key for a particular DMR Cap+ system that I would like to monitor using an SDR software. I am currently familiar with DSD+ and SDRTrunk programs. Is there any way to input the RAS key to be able to effectively decode and listen to this system in any of these two programs? Is there another SDR program that allows for the option to put in a RAS key if it is known? I'm sure this is a very rare instance, but wanted to see if it was possible!
 
GTR8000

GTR8000

NY/NJ Database Guy
Database Admin
Joined
Oct 4, 2007
Messages
15,483
Location
BEE00
RAS only impedes scanning with a MOTOTRBO radio, not scanners or software. If the system uses encryption, that's a different story (and no, there is nowhere in the software to enter a BP/EP key even if you had it)
 
SpectralContent

SpectralContent

Member
Feed Provider
Joined
Jul 29, 2015
Messages
115
Location
Baltimore, MD
Thanks. Yea it's encryption, not RAS only. I never really thought until now how RAS doesn't imped anything outside of mototrbo radios. I have all the keys for encryption. Sounds like I'll have to program up a trbo radio for any hopes of listening.
 
U

Ubbe

Member
Joined
Sep 8, 2006
Messages
9,033
Location
Stockholm, Sweden
RAS jumbles up the checksums for the audio frames and not having the correct RAS key will have the decoder think that the signal has too many errors to be able to be decoded. To be able to listen without a RAS key you have to ignore the checksum and then also the forward error correction will not work that will then increase the error rate. So you will need a higher signal strength for that system compared to one where the checksums are intact.

If you try and listen with a Whistler scanner you will have to set the flag for that conventional channel to handle RAS, but Whistler didn't included that for trunked system or in the firmware for TRX-E. They closed development before that could be fixed. If you try and listen with a real DMR radio to a RAS coded signal without the correct RAS key or a non MotoTrbo radio it won't give any sound at all as it thinks the signal are too bad as the checksums doesn't match in the data frames.

/Ubbe
 
RRR

RRR

OFFLINE
Premium Subscriber
Joined
Dec 6, 2005
Messages
1,970
Location
USA
Ubbe said:
. If you try and listen with a real DMR radio to a RAS coded signal without the correct RAS key or a non MotoTrbo radio it won't give any sound at all as it thinks the signal are too bad as the checksums doesn't match in the data frames.
/Ubbe
Click to expand...

The XPR 5XXX Kenwood Series radios with DMR at current FW don't seem to have an issue monitoring RAS enabled Mototrbo systems.

"RAS" proper is a Motorola encoding, it is not DMR standard.

If another manufacturer decides to add an equivalent of RAS to their firmware, that's up to them.
 
N

noamlivne

Member
Joined
Sep 7, 2012
Messages
179
SpectralContent said:
I have access to the RAS key for a particular DMR Cap+ system that I would like to monitor using an SDR software. I am currently familiar with DSD+ and SDRTrunk programs. Is there any way to input the RAS key to be able to effectively decode and listen to this system in any of these two programs? Is there another SDR program that allows for the option to put in a RAS key if it is known? I'm sure this is a very rare instance, but wanted to see if it was possible!
Click to expand...
Hi,
Check out the videos of this guy, for example,
He offers his software for A LOT of $$$$. I certainly would not even think of buying it.
I have no experience or affiliation to it, but understand that it can work.

Probably it only gives you the audio and not the Talkgroups and Channels and User IDs.

Maybe in the far future someone will have the know-how and prepare a free for all program that offers this special feature (especially if you know already the key).
 
N

natedawg1604

Member
Premium Subscriber
Joined
Jun 29, 2013
Messages
2,726
Location
Colorado
Homeboys-Scanna said:
But will those Kenwoods trunktrack Capacity Plus?
Click to expand...
NO, from my understanding no Kenwood radio is capable of monitoring ANY type of trunked system without the system key, basically the software won't let you program anything trunking related unless you're a system user.
 
S

slicerwizard

Member
Joined
Sep 19, 2002
Messages
7,643
Location
Toronto, Ontario
noamlivne said:
Hi,
Check out the videos of this guy, for example,
He offers his software for A LOT of $$$$. I certainly would not even think of buying it.
I have no experience or affiliation to it, but understand that it can work.

Probably it only gives you the audio and not the Talkgroups and Channels and User IDs.

Maybe in the far future someone will have the know-how and prepare a free for all program that offers this special feature (especially if you know already the key).
Click to expand...
BP doesn't touch link control data, so why wouldn't that software show group and user IDs?

Basic Privacy is extremely weak ghetto encryption and has nothing to do with RAS, so what's your point?
 
N

noamlivne

Member
Joined
Sep 7, 2012
Messages
179
slicerwizard said:
BP doesn't touch link control data, so why wouldn't that software show group and user IDs?

Basic Privacy is extremely weak ghetto encryption and has nothing to do with RAS, so what's your point?
Click to expand...
I am no expert so I have no knowledge about what goes on behind the scenes.

But we are receiving a new system here that Dsdplus and SDRTrunk do not show Talk Groups, Channels, UIDs, nothing, and no audio. It also does not show that there is an encryption. Nothing is shown. But it is known that this system is very active.
Sometimes the word RAS appears in Dsdplus with this system.

In addition, some people sent that guy that owns the above mentioned software raw data of this "cloaked" network, and he delivered to them a few seconds of clear audio as a proof that his program works. He returned that file with the words "Hytera 10ch BP decrypted".
So I thought it is a system protected with RAS (and encrypted with BP). The RAS part being something similar to this "Hytera “Over-the-Air” Encryption":

Regarding showing the TG, channels and UIDs by this software, I simply did not see them shown in the videos he posted. I only hear the audio.

Anyway, perhaps I am mixing up the terms. Sorry about that.
Thank you very much for the explanation.
 
Last edited:
A

AM909

Radio/computer geek
Premium Subscriber
Joined
Dec 10, 2015
Messages
1,105
Location
SoCal
noamlivne said:
... ...
Click to expand...
Not sure how it relates, but wading through the BS, there is this bit, specifically about Hytera's OTA encryption:
... only rarely is the actual signaling used to set up the call protected. Hytera’s over-the-air encryption solution is designed to prevent this vulnerability. Over-the-air encryption encrypts the signaling on the air interface meaning all of the information is encrypted from call setup through to reception at the transmitter. ...
Click to expand...
 
GTR8000

GTR8000

NY/NJ Database Guy
Database Admin
Joined
Oct 4, 2007
Messages
15,483
Location
BEE00
Link Layer Encryption. All signaling is secure from start to finish, not just the voice traffic. If the system is the type that uses a dedicated control channel, that is encrypted as well, meaning that you can't even observe the activity on the system. Oh and it's coming to P25 soon, by the way...already being worked into the TIA-102 standards.
 
Forts

Forts

Mentor
Database Admin
Joined
Dec 19, 2002
Messages
6,708
Location
Ontario, Canada
GTR8000 said:
Link Layer Encryption. All signaling is secure from start to finish, not just the voice traffic. If the system is the type that uses a dedicated control channel, that is encrypted as well, meaning that you can't even observe the activity on the system. Oh and it's coming to P25 soon, by the way...already being worked into the TIA-102 standards.
Click to expand...
+1 for this. There is a Hytera system near me that is fully 'cloaked' if you will. As mentioned they have to ability to fully obfuscate all over the air activity.
 
Status
Not open for further replies.

Similar threads

dmg1969
A few questions about starting into SDR
Replies
10
Views
978
32dave
32dave
RaleighGuy
DSDPlus Help Monitoring CAP+ With Single SDR and DSD+
Replies
16
Views
768
RaleighGuy
RaleighGuy
F
DSDPlus How can I prevent ... this? Frequency correction + a bonus question
Replies
3
Views
282
dave3825
dave3825
D
How to identify system type used on a known frequency (Not in Database)
Replies
10
Views
633
jhsands
J
I
Little assistance with multiple radio networks on one system
Replies
5
Views
518
AttentiveBadger
A
Top