• Effective immediately we will be deleting, without notice, any negative threads or posts that deal with the use of encryption and streaming of scanner audio.

    We've noticed a huge increase in rants and negative posts that revolve around agencies going to encryption due to the broadcasting of scanner audio on the internet. It's now worn out and continues to be the same recycled rants. These rants hijack the threads and derail the conversation. They no longer have a place anywhere on this forum other than in the designated threads in the Rants forum in the Tavern.

    If you violate these guidelines your post will be deleted without notice and an infraction will be issued. We are not against discussion of this issue. You just need to do it in the right place. For example:
    https://forums.radioreference.com/rants/224104-official-thread-live-audio-feeds-scanners-wait-encryption.html

Last of the scanners: Are police security measures and new technologies killing an American obsession?

Hans13

Member
Joined
Dec 30, 2014
Messages
904
See: "Known Attacks"
Advanced Encryption Standard - Wikipedia

The point is that it is always the sucker's bet to say never when it comes to cryptography. The more "unbreakable" the code, the more it attracts attempts. Will it be cracked before something better comes along? I have no idea.

However, most compromises of encrypted radio traffic will come through some form of access to the keys. That route is likely to always be the weakness. Humans can be the weakest link. Now, a hardened, completely automated AI system creating and deploying keys would be, in my estimation, the most secure way to do it.
 

slicerwizard

Member
Joined
Sep 19, 2002
Messages
5,398
Location
Toronto, Ontario
A Tempest attack against poorly designed and shielded hardware. So not an AES crack at all.


"At present, there is no known practical attack that would allow someone without knowledge of the key to read data encrypted by AES when correctly implemented."

Um, thanks for backing me up?


The point is that it is always the sucker's bet to say never when it comes to cryptography. The more "unbreakable" the code, the more it attracts attempts. Will it be cracked before something better comes along? I have no idea.
Brilliant minds have been trying for what, two decades now to crack AES? To date, no proposed attacks against properly fully implemented AES.


However, most compromises of encrypted radio traffic will come through some form of access to the keys. That route is likely to always be the weakness. Humans can be the weakest link. Now, a hardened, completely automated AI system creating and deploying keys would be, in my estimation, the most secure way to do it.
And then humans can clone keys from a keyed device to another. Not exactly secure and still not cracking AES.
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
You missed the whole point. I wasn't trying to dispute that it hadn't been cracked. :rolleyes:

Perhaps you are too ready to jump and not read for content...
 

kayn1n32008

Member
Joined
Sep 20, 2008
Messages
5,561
Location
In the 'patch
However, most compromises of encrypted radio traffic will come through some form of access to the keys.
Very true.

That route is likely to always be the weakness. Humans can be the weakest link.
Agreed

Now, a hardened, completely automated AI system creating and deploying keys would be, in my estimation, the most secure way to do it.
It’s called OTAR.

When a radio is programmed, it is also touched with a KVL for an initial key. Once loaded, you rekey the radio using OTAR, new, current use keys are loaded into the radio from a KMF.

Unless the radio is zeroized, either by the other radio operator, by tampering with the encryption hardware or by removing its power source(assuming infinite key retention is not allowed) you never need to touch the radio again with a keyfill device, even to rekey the radio for new encryption keys. Other than the initial encryption key, there is no other hardware way to obtain the key.


Sent from my iPhone using Tapatalk
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
It’s called OTAR.

When a radio is programmed, it is also touched with a KVL for an initial key. Once loaded, you rekey the radio using OTAR, new, current use keys are loaded into the radio from a KMF.

Unless the radio is zeroized, either by the other radio operator, by tampering with the encryption hardware or by removing its power source(assuming infinite key retention is not allowed) you never need to touch the radio again with a keyfill device, even to rekey the radio for new encryption keys. Other than the initial encryption key, there is no other hardware way to obtain the key.
That's some cool tech and good to know. Thanks. :)

ETA: I knew they could program Over The Air but what about new key regeneration? Is it automated or does some human know the new key? What I was suggesting was completely removing the human from the key loop. Nobody but the computer and radios know the key.
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
You didn't state a point. Not going to bother to guess what it is.
I literally stated my point...

(Emphasis added)

The point is that it is always the sucker's bet to say never when it comes to cryptography. The more "unbreakable" the code, the more it attracts attempts. Will it be cracked before something better comes along? I have no idea.
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
I would suggest you read up about AES, and read and understand both the process for selection of the AES cipher, and the testing it has been subjected too.


Sent from my iPhone using Tapatalk
The point of that post was that he said I did not state my point. :rolleyes:
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
Now. again, for the point. Apparently, one side says it will never be cracked. The other says that odds are that it will eventually be cracked; when notwithstanding. Which side is correct... you have to be the judge for yourself.

So, there are two thoughts... It wil never ever ever never be cracked or, given enough time and technological advance, it can be. Hmm. :unsure:
 

kayn1n32008

Member
Joined
Sep 20, 2008
Messages
5,561
Location
In the 'patch
The point of that post was that he said I did not state my point. :rolleyes:
That was address to your point. To bet that AES will be cracked is a fools bet.

AES will likely be defeated because of its method of implementation, or the human factor. It won’t be defeated by brute force.

The way manufacturers have implemented AES256 in 2way radio(HARDWARE not software) does not lend itself to easy defeat. The KV’s are not able to be read out of the UCM/MACE/encryption module one loaded, and are designed to zeroized when tampered with.

AES 128, 192 and 256 has been under intense scrutiny by the cryptographic community for almost 20 years and has not been successfully defeated yet.

People need to stop letting the scanner whackers believe that it is even remotely possible to defeat properly deployed AES256 used in modern public safety radio systems.


Sent from my iPhone using Tapatalk
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
That was address to your point. To bet that AES will be cracked is a fools bet.

AES will likely be defeated because of its method of implementation, or the human factor. It won’t be defeated by brute force.
Okay. That is your opinion on the matter. Thanks.

The way manufacturers have implemented AES256 in 2way radio(HARDWARE not software) does not lend itself to easy defeat. The KV’s are not able to be read out of the UCM/MACE/encryption module one loaded, and are designed to zeroized when tampered with.

AES 128, 192 and 256 has been under intense scrutiny by the cryptographic community for almost 20 years and has not been successfully defeated yet.
Okay. Not probable is not the same as not possible. Simple logic dictates that given enough time and technological advancement, any system can theoretically be cracked.

Please read my post #222 because y'all either don't understand what I wrote, are willfully ignorant, or just have a different opinion and won't rest until you believe you've one someone over. I don't suffer from the weakness of needing to change someone's point of view.

People need to stop letting the scanner whackers believe that it is even remotely possible to defeat properly deployed AES256 used in modern public safety radio systems.
I cannot defy logic just because one group doesn't want to encourage another. Not my circus, not my monkeys. :cool:
 

Hans13

Member
Joined
Dec 30, 2014
Messages
904
The article in this post is not defeating the algorithm, they are exploiting a severe weakness in the way it is implemented with in the device itself. The device itself is giving away the key.
The point is that it is always the sucker's bet to say never when it comes to cryptography. The more "unbreakable" the code, the more it attracts attempts. Will it be cracked before something better comes along? I have no idea.

However, most compromises of encrypted radio traffic will come through some form of access to the keys. That route is likely to always be the weakness. Humans can be the weakest link. Now, a hardened, completely automated AI system creating and deploying keys would be, in my estimation, the most secure way to do it.
I seriously don't know how to better highlight content, literally or otherwise, than I have. We have differing opinions and that's okay. I won't beat a dead horse; even an illogical one.

ETA: I'll throw this one in just in case you might have missed it. (Hint: I never claimed the algorithm had been defeated.)

You missed the whole point. I wasn't trying to dispute that it hadn't been cracked. :rolleyes:

Perhaps you are too ready to jump and not read for content...
 
Last edited:

Hans13

Member
Joined
Dec 30, 2014
Messages
904
Again, my point of view is that there is no "perfect" system given enough time and technological advancement it is more likely than not to be defeated.. Others may disagree.

I say that simple logic is on my side. Others may disagree.

Are we done pummeling Mr. Ed now?
 

MTS2000des

Member
Joined
Jul 12, 2008
Messages
2,845
Location
Cobb County, GA Stadium Crime Zone
at the end of the day, attempting to defeat encryption violates Federal law and just about every state law. All this mantra aside, with the transition to LTE/5G, LMR itself will be declining in use, especially in large cities. Encryption is "built in" and the nature of the network really make third party interception both improbable and nearly impossible, without the use of sophisticated equipment and expertise. The writing is on the wall. But this doesn't mean scanning is dead. Plenty of good stuff to listen to: aircraft comms, railroads, commercial stuff, amateur radio, GMRS, etc.
 

allend

Member
Premium Subscriber
Joined
Feb 1, 2012
Messages
1,228
Location
Long Beach, CA
at the end of the day, attempting to defeat encryption violates Federal law and just about every state law. All this mantra aside, with the transition to LTE/5G, LMR itself will be declining in use, especially in large cities. Encryption is "built in" and the nature of the network really make third party interception both improbable and nearly impossible, without the use of sophisticated equipment and expertise. The writing is on the wall. But this doesn't mean scanning is dead. Plenty of good stuff to listen to: aircraft comms, railroads, commercial stuff, amateur radio, GMRS, etc.
Yes, you are correct and the world and technology changed so fast and the effects of the changes is not setting too well on our stomachs with our hobby. But change is tough, but its nothing we can control on a large scale. LTE and 5G will change the way the world communicates and it already has. O well. Could you imagine if all aircraft went LTE and 5G too. It does not seem impossible at this point.
 
Top