Tytera MD-380 Enhanced Privacy Recordings

[RayAir]

There has been some discussion about the privacy features on the Tytera MD-380 in other threads, but I didn't want to include this in the digital voice for amateur radio thread since voice privacy isn't allowed on amateur radio.

The MD-380 offers 2 types of voice privacy:

16 bit Basic Privacy:
4 digit hexadecimal key (65,536 keys)

128 bit Enhanced Privacy:
32 digit hexadecimal key

Here are two voice samples of the Enhanced Privacy:

1- 128 bit EP as heard by another DMR radio with no enc key set:
Zippyshare.com - MD 380 128 Bit Enhanced Privacy.wma

2- 128 bit EP recorded in the raw:
Zippyshare.com - DSDPlus-Raw-Input_MD-380EP.wav

If anyone wants to look at the raw and see if they can tell how the EP works, I'd appreciate it. I'm just wondering if it is encryption or some other type of manipulation.

 

[RayAir]

http://www.w2sjw.com/sounds/DMR_128_Enc.mp3

Link to enc audio sample instead of using Zippyshare.

 

[johnls7424]

Ray...

I haven't found this in the firmware, but the encryption only applies in digital format correct? When operating in simplex on analog frequencies there is no scrambler correct?

Also the 128 bit enhanced encryption is done through firmware updates

 

[Voyager]

Correct. It has encryption on digital only.

 

[RayAir]

I've been seeing some DMR radios begin to offer analog scrambling in the CPS.

I think it gives you a range of 2600Hz-4100Hz to pick an inversion frequency. That's about the maximum range of usable inversion frequencies without using DSP.

Inversion is good to casually protect against co-channel users or novice scanner listeners.

It can be defeated in real time by anyone who tries and has a fair amount of radio knowledge.

New MotoTRBO radios offer inversion scrambling for analog channels.

 

[johnls7424]

I've been seeing some DMR radios begin to offer analog scrambling in the CPS.

I think it gives you a range of 2600Hz-4100Hz to pick an inversion frequency. That's about the maximum range of usable inversion frequencies without using DSP.

Inversion is good to casually protect against co-channel users or novice scanner listeners.

It can be defeated in real time by anyone who tries and has a fair amount of radio knowledge.

New MotoTRBO radios offer inversion scrambling for analog channels.

Oh okay!! Thanks!! Your right though inversion scrambling is good for the novice scanner mainly. Most encryption where it counts goes more with digital technology

 

[Voyager]

Keep in mind that inversion is not encryption of any form, and there are many radios (even a couple scanners) that support it.

 

[johnls7424]

Keep in mind that inversion is not encryption of any form, and there are many radios (even a couple scanners) that support it.

This is true

 

[sycho]

I'm studying MD380 basic privacy, just to know how it works and check if its possible to interoperate with Motorola with a 255 to 16bit key relationship.

Both Motorola and TYT supposedly use a simple XOR and 16bit LFSR. I'm trying to reverse the MD380 LFSR, nothing at the moment, but the 0xFFFF key results in a 111111... keystream, so all voice frames are bit inverted. Other keys generate scrambled bitstreams due to the LFSR action. I cant find any reference to Motorola BP LFSR anywhere (patents, etc), could be the same or not.

 

[sycho]

Forgot to say that LFSR is initialized for every frame, so all voice frames are xor'ed with the same keystream.

 

[johnls7424]

I have never tested both basic and enhanced privacy. Basic privacy is similar to 40
Bit encryption like Motorolas. The enhanced is 128 bit keys and similar to DES encryption for its key length and size. However as for compatibility user RAY AIR on here should be able to shed some light on that. The encrypted algorithm sound is not the same on enhanced as opposed to Motorolas enhanced. Similar yes but not exact so I really don't know.

 

[sycho]

TYT basic privacy is not like Moto EP. Moto EP is 40bit RC4 with IV. TYT enhaced is meant to be AES-128, standard or not.

TYT BP does not use IV, and 0xFFFF key just inverts voice frame bits. It looks like Moto BP, which is, based on the little information published, a 8bit key and 16bit LFSR.
If LFSR feedback in Moto and TYT is the same, the 8bit Moto key could be translated into a 16bit key for TYT.

I'm just studying the TYT BP frames with modified dsd 1.7 code to fiable dumping to disk. Stucked in LFSR calculation, tried berlekamp massey algorithm with no success.
I can hear myself with 0xFFFF key. My intention is not to crack on-air keys, but to know how the TYT BP works and try to interoperate with Moto BP if possible (i'm in process of buying a DP3600).

 

[RayAir]

The basic Privacy in the Tytera MD 380 and CS700 radios are compatable with each other.
As for being compatable with MotoTRBO BP, I highly doubt it.

I plan on setting up BP in one of my TRBO radios and trying to read some AMBE data to see how a key can be determined.

Tytera added an interesting feature, 128 bit Enhanced Privacy. It does not use an IV and no crypto parameters seem to be sent in the signal. I'm guessing this Privacy isn't as robust as it sounds.
I've yet to run some tests on this too. Been bogged down with work and another side project.

Some Basic tests I did so far:

Attempt to monitor 380 and CS700 Basic Privacy with DSD or another radio with no key.
Results: No voice heard.

Attempt to monitor MD380 EP with DSD:
Results: Garbled voice, no privacy bits or IV detected

Attempt to monitor 380 EP with another 380 with Enc key 1 digit off
Results: could not decode
Note: Some MD380 EP keys do not scramble the voice completely. I forgot the key I tried, but although distorted I could make out intelligible voice on DSD.

Attempt to monitor MotoTRBO 40 bit EP with DSD
Results: Enc voice, Privacy bit indicator and MI displayed. MI showed as a 32 bit value.

I have a long way to go in my tests, but hope to have more results in a month.

 

[johnls7424]

The basic Privacy in the Tytera MD 380 and CS700 radios are compatable with each other.
As for being compatable with MotoTRBO BP, I highly doubt it.

I plan on setting up BP in one of my TRBO radios and trying to read some AMBE data to see how a key can be determined.

Tytera added an interesting feature, 128 bit Enhanced Privacy. It does not use an IV and no crypto parameters seem to be sent in the signal. I'm guessing this Privacy isn't as robust as it sounds.
I've yet to run some tests on this too. Been bogged down with work and another side project.

Some Basic tests I did so far:

Attempt to monitor 380 and CS700 Basic Privacy with DSD or another radio with no key.
Results: No voice heard.

Attempt to monitor MD380 EP with DSD:
Results: Garbled voice, no privacy bits or IV detected

Attempt to monitor 380 EP with another 380 with Enc key 1 digit off
Results: could not decode
Note: Some MD380 EP keys do not scramble the voice completely. I forgot the key I tried, but although distorted I could make out intelligible voice on DSD.

Attempt to monitor MotoTRBO 40 bit EP with DSD
Results: Enc voice, Privacy bit indicator and MI displayed. MI showed as a 32 bit value.

I have a long way to go in my tests, but hope to have more results in a month.

Thanks Ray!

 

[RayAir]

Here are some screenshots of MotoTRBO voice privacy for reference:
1st- DMR, no enc
2nd- MotoTRBO Basic Privacy (key:1)
3rd- MotoTRBO Enhanced Privacy (key: A356BB8D09)


TYT MD-380 EP and CS700 BP give no indications of being enc by DSD+

 

[sycho]

Hello Ray, thanks for your answer.

It seems that MD380 doesn't set the specific bits in LC headers for encryption indication. So DSD will never detect BP or EP encryption (even if it used PI header).

PI header is not strictly necesary for AES128 or whatever encryption with IV, as IV is sent in voice frames less important bits. MotoTRBO uses PI header to indicate Key ID and Algorithm type, but MD380 needs you to set encryption on/off, encryption type and key to be used per channel, so it doesn't need this information to be transmitted.

What i can guarantee is that MD380 BP and EP works trough a MotoTRBO repeater set for clear comms, and that EP lowers voice quality a bit (IV?). Maybe it's just because TYT doesn't set encryption to 'on' in LC header? I'm not sure about the repeater implications.

I'm stucked in my investigations, i need LFSR or whatever system is used to generate the keystream from the key in MotoTRBO and TYT BP, i'm unable to determine it myself from the recordings.

 

[RayAir]

Hello Ray, thanks for your answer.

It seems that MD380 doesn't set the specific bits in LC headers for encryption indication. So DSD will never detect BP or EP encryption (even if it used PI header).

PI header is not strictly necesary for AES128 or whatever encryption with IV, as IV is sent in voice frames less important bits. MotoTRBO uses PI header to indicate Key ID and Algorithm type, but MD380 needs you to set encryption on/off, encryption type and key to be used per channel, so it doesn't need this information to be transmitted.

What i can guarantee is that MD380 BP and EP works trough a MotoTRBO repeater set for clear comms, and that EP lowers voice quality a bit (IV?). Maybe it's just because TYT doesn't set encryption to 'on' in LC header? I'm not sure about the repeater implications.

I'm stucked in my investigations, i need LFSR or whatever system is used to generate the keystream from the key in MotoTRBO and TYT BP, i'm unable to determine it myself from the recordings.

I tried to pass CS 700 Basic Privacy through a repeater and it didn't work.
I also tested CS700 BP against another 700 with no key or a different key and no voice was heard, except occasionally a verify brief initial garble and then the radio would not unmute.

Same thing with DSD, no sound heard for 700 BP.

I never tried to pass 380 EP through a repeater.

I'll try it on a friends repeater next time I'm out his way.

 

[sycho]

I tried to pass CS 700 Basic Privacy through a repeater and it didn't work.
I also tested CS700 BP against another 700 with no key or a different key and no voice was heard, except occasionally a verify brief initial garble and then the radio would not unmute.

Same thing with DSD, no sound heard for 700 BP.

I never tried to pass 380 EP through a repeater.

I'll try it on a friends repeater next time I'm out his way.

The behaviour when you listen a MD380 with BP on another radio without BP or DSD+ depends on the used key (try 0xFFFF and you will see) because it depends on the (garbage) bitstream delivered to the vocoder. This happens because MD380 does not indicates that is using encryption, so voice can't be muted at the receiver. Didn't test with EP.

Through repeater, both BP and EP works, i think is a Motorola repeater, but not 100% sure right now.

 

[SCPD]

Is it possible to set a button to enable encryption in digital format when pressed then pressing button turning it off and going back to normal analog comms like motorola p25 capable equipment?

 

[johnls7424]

Is it possible to set a button to enable encryption in digital format when pressed then pressing button turning it off and going back to normal analog comms like motorola p25 capable equipment?

Not to my knowledge you cannot. I mean it's a chinese design. They can though through firmware updates make that possible