• A reminder that starting March 08th (Sunday), we are going to require 2 Factor Authentication for all users.
    Please make sure your email is up to date, otherwise you won't be able to log in.

Encryption in the USA

I don't know about P25, but the ICE MotoTrbo system used to do over the air reprogramming. Mostly when new channels were added to sites from what I could tell. I tried a couple of times to download that data via DSDPlus, but was never able to.
 
Years ago someone logged the DMR OTA reprogramming for Fisher Wireless out in CA. I was able to figure out the format and posted about it on Radio Reference. A short time later DSDPlus FL added the decoding of DMR OTA reprograming. As I remember it, the operator would set aside a frequency at a site to transmit it for a set period of time. The information was versioned so radios could check if they had the latest information.

I noticed after BPD switched over to P25 encrypted, brief data transmissions occurred to what looked like mobile/portable RIDs. There were ACK RX OK responses with the Motorola MFID (90) followed by a brief data packet with the same MFID (90) and a SAP of 32 (Registration and Authorization). These were followed by another ACK RX OK response with the Standard MFID (00) and a longer data packet with the same MFID (00) and SAP of 1 (Encrypted User Data). So it appears Boston PD is using some form of Registration/Authorization.
 
That makes sense. I'd imagine Boston is probably using AES-256. An agency of their size (~2000 officers with 1+ portables, others with portable access, and God knows how many mobile radios) they would have to engage in the Over-the-air-Rekeying (OTAR). It would be near impossible to interface with every single radio however often they wish to change their encryption key as recommended, or when they changed it in the first place.
 
ecps92 said:
Only Trunked systems use Affiliation (similar to your Cellphone - registering with the network)
P25 Conventional has no control channels for registration
Click to expand...
So it turns out Boston (possibly the first in the area, but dont quote me) is using CAI Data Registration, which is similar to a trunked talkgroup. Radio turns on and lands on P25 Conventional channel and sends a reg packet which is acknowledged by the server running data services. When the radio logs out it sends a logout packet. All of this is based on the radio being in range of the system, the system hearing the radio and the radio hearing the system. All this data can be correlated to see what subscribers are on and off and what channel they are on.
 
Matt0691 said:
That makes sense. I'd imagine Boston is probably using AES-256. An agency of their size (~2000 officers with 1+ portables, others with portable access, and God knows how many mobile radios) they would have to engage in the Over-the-air-Rekeying (OTAR). It would be near impossible to interface with every single radio however often they wish to change their encryption key as recommended, or when they changed it in the first place.
Click to expand...
Yes AES, industry standard now, no one should be using ADP or DES. And of course OTAR/OTAP.
 
I think the answer is no, but would that have anything to do with potentially patching to the still building Boston P25 trunk? I know that they were at one time patching a couple of district channels to the trunk to test the trunk, but don't know if P25 would require something different for patching.

nikronzo said:
So it turns out Boston (possibly the first in the area, but dont quote me) is using CAI Data Registration, which is similar to a trunked talkgroup. Radio turns on and lands on P25 Conventional channel and sends a reg packet which is acknowledged by the server running data services. When the radio logs out it sends a logout packet. All of this is based on the radio being in range of the system, the system hearing the radio and the radio hearing the system. All this data can be correlated to see what subscribers are on and off and what channel they are on.
Click to expand...
 
nikronzo said:
Yes AES, industry standard now, no one should be using ADP or DES. And of course OTAR/OTAP.
Click to expand...


Let's be real. The level of security something as simple as ADP gives is welllll beyond what is needed for the type of radio trafiic that is actually encrypted.

There is a large agency that still does some surveillance in the clear. That alone tells you that how much of a "hazard" scanner listeners are and how necessary every day encryption is. The ones pushing for higher level encryption are the ones who are going to make more money off it.
 
I agree that scanner listeners are by and large not a hazard.

However...

I worked for a department for close to 34 years, as many are aware. Some co-workers that I was and am very close to and highly fond of have been in surveillance situations on radio systems "in the clear" because they simply had no other options. Some of the things I heard via various methods of reception, professional or hobby level, definitely put me in fear for their safety. Their communications, in my opinion, SHOULD have been encrypted, and should be today. In many cases then, and now, there are no means to accomplish that. There are surely other methods today that don't even involve radios. Unfortunately, some operations are driven to those platforms because the proper infrastructure is not provided to those that need it for any number of reasons.
 
The Feds use AES-256 and that is what they recommend for the others. The large agencies that work with them and want Federal money listen.
 
nikronzo said:
So it turns out Boston (possibly the first in the area, but dont quote me) is using CAI Data Registration, which is similar to a trunked talkgroup. Radio turns on and lands on P25 Conventional channel and sends a reg packet which is acknowledged by the server running data services. When the radio logs out it sends a logout packet. All of this is based on the radio being in range of the system, the system hearing the radio and the radio hearing the system. All this data can be correlated to see what subscribers are on and off and what channel they are on.
Click to expand...
That explains all the quick burst transmissions that I've observed on the channels.
 
Scott, I don't disagree that surveillance ops and the like should be encrypted. I'm sure you're well aware of who I'm talking about, and I'd love to make another point but that would be getting too close to the line.

That being said, John, you're telling me that the Feds use new encryption keys or share theirs with locals for an Op?
 
jbella said:
Scott, I don't disagree that surveillance ops and the like should be encrypted. I'm sure you're well aware of who I'm talking about, and I'd love to make another point but that would be getting too close to the line.

That being said, John, you're telling me that the Feds use new encryption keys or share theirs with locals for an Op?
Click to expand...
I'm not saying they share thier keys I'm saying they suggest that folks use AES encription for more security and larger departments who often work with them on task forces and day to day operations are more likely to take thier suggestions then smaller departments that often do what cost less.
 
AJ1L said:
That explains all the quick burst transmissions that I've observed on the channels.
Click to expand...
Interesting. I see something similar on the MV P25 conventional frequencies. 155.4375 and 156.2175 both display this. Don't want to detract from this thread. I'll have to have a closer look at that.
 
So ressurecting one thing in this thread. I took a few minutes from my lunch break tonight to look at the different state highway patrols. (Known as State Police, Highway Patrol, Department of Safety, you get the idea). To see how many of those have gone encrypted. Now I am listing these based on primary channels only. What you can or can't hear
If a state patrol has two dispatches, one in the clear, one encrypted, I haven't listed that. These are 100% unmonitorable

Alaska
Delaware
Florida
Georgia (Not monitorable. Except for Atlanta troop area)
Michigan - District 2 (Detroit)
Montana - District 4, 7
North Dakota
Pennsylvania
Virginia

So that is 7 out of 50, plus the Michigan and Montana selected troops.
 
In Texas it depends on which radio system the DPS is using. Their VHF system isn't encrypted, but very often they use the county sheriff's system for most traffic. If the county system is encrypted chances are that the DPS traffic is encrypted.

In Travis County (Austin) the APD are encrypted, but the county sheriff is clear. DPS is clear as well.
 
W1KNE said:
So ressurecting one thing in this thread. I took a few minutes from my lunch break tonight to look at the different state highway patrols. (Known as State Police, Highway Patrol, Department of Safety, you get the idea). To see how many of those have gone encrypted. Now I am listing these based on primary channels only. What you can or can't hear
If a state patrol has two dispatches, one in the clear, one encrypted, I haven't listed that. These are 100% unmonitorable

Alaska
Delaware
Florida
Georgia (Not monitorable. Except for Atlanta troop area)
Michigan - District 2 (Detroit)
Montana - District 4, 7
North Dakota
Pennsylvania
Virginia

So that is 7 out of 50, plus the Michigan and Montana selected troops.
Click to expand...
It appears that New Jersey SP can be added to this list soon, if I can read between the dreck of this RR thread properly: https://forums.radioreference.com/threads/njsp-patrol-encryption.492899/
 
So for 2025, we had six agencies in New England move to full encryption.
Cranston, RI; Winstead, CT; Westfield, MA; Boston, MA; East Providence, RI; Salem, MA.

I know of one agency going encrypted in Rhode Island in 2026.

Also, all but 5 or so boroughs in New York City are now encrypted.
 
You must log in or register to reply here.
Back
Top