Legally Breaking Encryption

[specop]

I hear ya Dave. Even if you stumbled across it some how on you comm gear you would be obligated to turn it off correct? My point with the first question was that to even look at the encrypted signat would require more than a scanner with a discriminateor tap, a laptop, and a $200. dollar software package.

 

[N_Jay]

I hear ya Dave. Even if you stumbled across it some how on you comm gear you would be obligated to turn it off correct? My point with the first question was that to even look at the encrypted signat would require more than a scanner with a discriminateor tap, a laptop, and a $200. dollar software package.

Nope, that is about all that is needed.

 

[specop]

N Jay, are you saying with this set up you could view the signal and do some interpretation your self, or the program does some of the interpretation?

 

[N_Jay]

You can fairly easily (depending on the modulation) recover the signal,
You can fairly easily recover the encrypted data stream,
You can fairly easily frame the encrypted data,
You can make educated guesses as to the specific algorithm,
You can spend the rest of a few life spans trying to find the key.

 

[TetraGuy]

Good network security / encryption does not rely on large keys and heavy algorithms, it relies on good security practices - how often are the keys refreshed, how often are keys updated, how large is the key table, are the key provisioning tools securely stored, are the key tables securely stored, who has access to key material. These are all human practices/processes, when encryption is hacked it's usually because a human was careless or fell foul of social engineering.

 

[gmclam]

My point with the first question was that to even look at the encrypted signat would require more than a scanner with a discriminateor tap, a laptop, and a $200. dollar software package.

Your summary is actually correct with one exception. Acquiring the encrypted data packets is no biggie, but don't expect there to be some "off the shelf software package". LOL. If you're not a programmer and/or hacker forget it.

And while it would take a typical PC "a long time" to process all the possible key combinations, who says you should be doing this with a single PC? Anyone ever hear of distributed processing?

 

[N_Jay]

Good network security / encryption does not rely on large keys and heavy algorithms, it relies on good security practices - how often are the keys refreshed, how often are keys updated, how large is the key table, are the key provisioning tools securely stored, are the key tables securely stored, who has access to key material. These are all human practices/processes, when encryption is hacked it's usually because a human was careless or fell foul of social engineering.

All well and good, but radio system are open networks by definition, so the KEY and the ALGORITHMS are almost as important as "good security practices"

 

[N_Jay]

Your summary is actually correct with one exception. Acquiring the encrypted data packets is no biggie, but don't expect there to be some "off the shelf software package". LOL. If you're not a programmer and/or hacker forget it.

I would bet in most systems a good data analysis package will frame it up for you.

And while it would take a typical PC "a long time" to process all the possible key combinations, who says you should be doing this with a single PC? Anyone ever hear of distributed processing?

Yep, the size of the key-space takes that into account.

You had better start early and live long.

 

[AZScanner]

I'm amazed that this conversation is still continuing. Then again, maybe it's not so surprising.

The relevant content of the thread can be summed up in one sentence - there is no legal way for a private citizen to decrypt scrambled communications that are not directed to them. The technological discussion is interesting but irrelevant. It is a federal crime to make the attempt at all.

Nonsense.

Anyone with enough money can buy a motorola P25 radio, programming software and a keyloader, tune a scanner to the output frequency of the radio, key up a few times with a "testing 1-2-3", record all the raw data to disk and have great fun trying to break their own encryption. You can do that all day every day and (as long as you have a license to transmit on the frequency you used) it's perfectly 100% legal. You could even publish a nice web page all about how you did it and you could even sell people the program you wrote to do it. 100% legal.

What your buyers choose to do with it however, may or may NOT be legal. But that's on them, not you, so long as you make it very clear that this is for decrypting your OWN transmissions only.

-AZ

 

[rvictor]

Technical difficulties aside, what about breaking an unfriendly nations encyption, is that legal?

No exception in the law for that.

Is there a mandate that says NSA can, but Billy Bob cant?

Yes. 18 U.S.C. sec. 2511(2)(e) & (f).

Dick

 

[rvictor]

Can you look at a binary file and tell if it is ASCII text, an EXE, WAV or ???

ASCII text generally has the 8th bit off whereas properly encrypted data should be random and therefore have about 50% of the bytes with the 8th bit on and 50% with that bit off. This is one way that one could identify ASCII text in binary data.

Don't know about EXEs or WAVs.

Dick

 

[DaveNF2G]

I was addressing the topic from the point of view presented in the original posting and the title of the thread. Your points are equally valid from the other perspective.

 

[KC9NCF]

You can fairly easily (depending on the modulation) recover the signal,
You can fairly easily recover the encrypted data stream,
You can fairly easily frame the encrypted data,
You can make educated guesses as to the specific algorithm,
You can spend the rest of a few life spans trying to find the key.

Someone mentioned using multiple computers to find the key. educate me, can it be done if one computer started at the bottom, the next computer started at the middle and so on?

When was encryption born? How was it used? Who were the first professionals to write it? What developments have been seen since it's inception? What different protocols use it or have it as an option? How many different protocols are there? I'm truly only aware of the Moto trunking (I, II, III / Hybrid), EDACS, Pro Voice, Starcom.

 

[colby4601]

Someone mentioned using multiple computers to find the key. educate me, can it be done if one computer started at the bottom, the next computer started at the middle and so on?

When was encryption born? How was it used? Who were the first professionals to write it? What developments have been seen since it's inception? What different protocols use it or have it as an option? How many different protocols are there? I'm truly only aware of the Moto trunking (I, II, III / Hybrid), EDACS, Pro Voice, Starcom .

Yeah, that's not encryption.

 

[KC9NCF]

Yeah, that's not encryption.

Duh! Did you even read the question? It asked what protocols had encryption as an OPTION!

 

[mancow]

Everything has encryption as an option. Simple conventional FM used CVSD prior to P25 CAI.

 

[rvictor]

Someone mentioned using multiple computers to find the key. educate me, can it be done if one computer started at the bottom, the next computer started at the middle and so on?

When was encryption born? How was it used? Who were the first professionals to write it? What developments have been seen since it's inception? What different protocols use it or have it as an option? How many different protocols are there? I'm truly only aware of the Moto trunking (I, II, III / Hybrid), EDACS, Pro Voice, Starcom.

Maybe you should just get a good basic book on encryption and do some reading. Do you really expect someone to explain the entire history, theory, and application of encryption in a forum post? Get real!

Dick

 

[loumaag]

Duh! Did you even read the question? It asked what protocols had encryption as an OPTION!

I thought you left this thread. You stated you were finished with it more than once. Although you started the topic, your OP has been answered and the topic has grown past your original and ill considered (read wrong) assumptions; therefore, unless you can contribute at the level of those who know of what they speak or can ask relevant questions, further comments like the one quoted above will be considered as disruptions and dealt with appropriately.

To all others, there have been some good points made here in relation to encryption, its relationship to the law and its application in both fixed text and audio signals. Let's consider the legality of attempting to monitoring encrypted transmissions (at least in the US) to be settled and stay on the more technical matters at least until this thread dies out.

 

[N_Jay]

Nonsense.

Anyone with enough money can buy a motorola P25 radio, programming software and a keyloader, tune a scanner to the output frequency of the radio, key up a few times with a "testing 1-2-3", record all the raw data to disk and have great fun trying to break their own encryption. You can do that all day every day and (as long as you have a license to transmit on the frequency you used) it's perfectly 100% legal. You could even publish a nice web page all about how you did it and you could even sell people the program you wrote to do it. 100% legal.

What your buyers choose to do with it however, may or may NOT be legal. But that's on them, not you, so long as you make it very clear that this is for decrypting your OWN transmissions only.

-AZ

To what end?

Just tell them your key, and they can buy their own Darn P25 radio.

Of course what is the chance that YOUR key is the same as someone else's key???

 

[N_Jay]

Someone mentioned using multiple computers to find the key. educate me, can it be done if one computer started at the bottom, the next computer started at the middle and so on?

Sure. It cuts the millions of hours in half. (or thirds, etc.)
It is not a meaningful reduction. Just get faster computers (and they still will not be fast enough.

When was encryption born? How was it used? Who were the first professionals to write it? What developments have been seen since it's inception? What different protocols use it or have it as an option? How many different protocols are there?

Time for some self study.

I'm truly only aware of the Moto trunking (I, II, III / Hybrid), EDACS, Pro Voice, Starcom.

None of that is encryption.