Really interesting article. One particular statement caught my eye "many P25 systems … are "rekeyed" at frequent intervals, in the apparent (and basically erroneous) belief that changing encryption keys regularly improves security". My belief was that rekeying was useful in order to limit the "blast radius" if a key was compromised and thus improves security. I'd be interested in finding out why that isn't the case, is it because, as in the article, it introduces more problems that it solves or is there another reason?
His guide to secure P25 deployment suggests simply rekeying whenever a radio is lost, stolen, or compromised, since in a law enforcement context, key theft is much less likely than in military operations. (Cops don't often get shot down over enemy territory, for example.)
On a related note, I recently found an Air Marshall's radio on the side of the road. This thing had every channel imaginable. I was staggered by the fact that such a device didn't have any sort of login; the physical device was the whole key.
I turned it in, of course. They were really, really grateful.
Cops are human, and thus vulnerable to exploitation. Do you seriously think that some gang leader somewhere doesn't have local police radios given to him by cops on his payroll?
Periodic rekeying is like physical inventory or periodic password changes -- it helps you identify compromised assets.
If the rekeying protocol is performed over the air, how does rekeying help in your corrupt cop/gang leader scenario? Wouldn't the gang leader's radio get the new keys along with all the other radios?
If the rekeying protocol is performed over the air, how does rekeying help in your corrupt cop/gang leader scenario? It doesn't.
Wouldn't the gang leader's radio get the new keys along with all the other radios? Yes.
I can't see how rekeying over the air is in anyway a good idea. It doesn't seem to stop any attacks but leads to failure modes. From my understanding, the new keys are transmitted over the air using existing keys. Thus, if your radio is off when the over the air rekeying happens, you don't get the new keys and thus can't talk to anyone in encrypted mode. This causes the fall back to clear mode and thus sensitive information possibly leaking out.
The article doesn't say that rekeying occurs over the air. It could very well be the case that police departments are rekeying their radios at the end of every shift, when, for all practical purposes, they'd be as safe rekeying once a week.
Yeah, I agree. Being non-encrypted is better because they know it is being broadcast to one and all and therefore will continue to not be broadcasting sensitive information such as the identity of informants and such. With encryption, police will start talking about all sorts of new stuff because they believe it is safe to talk about on the encrypted airwaves. But in reality, although the public will no longer be able to hear what is said, there is absolutely no doubt that the major crime syndicates will have completely open access.
Cellphones and other out of band communications make police encryption a joke anyway. Anything really sensitive or controversial will be communicated via phone to avoid being recorded anyway.
The real reason for police agencies wanting encrypted voice traffic is to be less transparent, especially from the press. Modern government wants information to be dribbled out from the PR office.
If the police can't keep informants protected, nobody will inform on violent criminals. There are obviously plenty of reasons why law enforcement secure comms need to be actually secure, not just "Motorola says it honored the secure comms standard" secure.
The stuff that police organizations want to be obscurantist about are almost invariably not encrypted; dash cam videos, disciplinary reports, things like that. Yes, once upon a time some geeky reporters were able to get interesting stories out of radio scanners. That's because we were living in the dark ages, not because police tactical radio traffic should be open to anyone.
Walk into the city desk of any major newspaper and a police scanner is on in the background. It isn't a "geeky" thing at all.
Informants have nothing to do with secure comms... the examples of reasons why secure comms are needed usually center around surveillance of organized crime for since 2001, the terrorists.
Is there a need for secure transmission of limited types of communication? Sure. But 95% of the radio traffic is not secret at all.
It's not geeky. In some small towns, everyone listens to the scanner. Occasionally someone will lean on the "talk" button and the town will get some gossip broadcast to all the neighbors :)
You guys are missing the modifier "once upon a time". It's true: once upon a time, some (at the then once-upon-a-time time) geeky reporters got some interesting stories out of radio scanners. And now, it's not geeky to own a computer. But once-upon-a-time (as in when some of us, yer elders, were kids), it was only geeky people what had them. Anyway, agreed with tptacek, completely.
Remember CB radios? They were hot in the seventies with consumers -- and many of the bigger units had scanner functions as well. Any decent newspaper has had a scanner running in the newsroom since the 1960's, although the older models required you to set 5-10 frequencies using crystals.
Police radios are mostly used to dispatch and provide baseline information about incidents. There's no chatter about confidential informants, etc. Take 10 minutes, go to any of the scanner webcast sites on the internet and listen to the traffic for a few minutes.
Duff, I don't think police dispatch radio is what the original article was talking about with regard to encryption. It seemed to be about tactical radios used by the FBI, etc.
Partially true, but the police has legitimate reasons to use encrypted communication. They deal with sensitive information that should not be public to everyone.
Not sure if he still does it, but he used to send out GoodFET's free of charge so long as you'd build them. I've used his programmer to program multiple different chips and it is absolutely fantastic.
He still does, according to my experience getting a pair of GoodFET31s some time ago, and according to http://goodfet.sourceforge.net/:
> Hardware and software are available under the BSD license, and free-as-in-beer boards will be given to those who ask politely. Email Travis Goodspeed, travis at radiantmachines.com, to get involved.
The hardware is very simple and cheap, and the software stack and community is great. Travis is definitely a great guy.
A big lesson from this post (at least for me) is how much user interface affects security. He references an older paper "Why Johnny Can't Encrypt" (http://www.gaudior.net/alma/johnny.pdf) where the negative impacts of the user interface in PGP 5.0 are analyzed. This is an old lesson which was not taken into account for the secured P25 handsets.
A similar analysis of the certs/SSL protection in browsers would be very interesting too.
