Encrypted Digital Radios for the Cops

Discussion in 'NZ Computing' started by Lawrence D'Oliveiro, May 21, 2009.

  1. NZ police are finally going to get a radio system that prevents people from
    eavesdropping on their communications.

    I wonder what happens the first time a crim steals one of these? Will they
    able to remotely revoke the key for that radio to stop it being part of the
    network?

    Also I wonder how vulnerable they will be to traffic analysis. Often you can
    deduce something is up simply from the increased amount of chatter on a
    channel, particularly if it's concentrated in your neighbourhood.
     
    Lawrence D'Oliveiro, May 21, 2009
    #1
    1. Advertising

  2. Lawrence D'Oliveiro

    Guest

    On May 21, 12:36 pm, Lawrence D'Oliveiro <l...@geek-
    central.gen.new_zealand> wrote:
    > NZ police are finally going to get a radio system that prevents people from
    > eavesdropping on their communications.


    About time too


    >
    > I wonder what happens the first time a crim steals one of these? Will they
    > able to remotely revoke the key for that radio to stop it being part of the
    > network?


    They would be able to in any decent system. And be able to locate the
    radio remotely too.

    >
    > Also I wonder how vulnerable they will be to traffic analysis. Often you can
    > deduce something is up simply from the increased amount of chatter on a
    > channel, particularly if it's concentrated in your neighbourhood.


    I don't see an easy way to get around the traffic analysis. But it's
    more difficult for the crims than just turning on a scanner.
     
    , May 21, 2009
    #2
    1. Advertising

  3. Lawrence D'Oliveiro

    JohnO Guest

    On May 21, 1:15 pm, vitw <> wrote:
    > On Wed, 20 May 2009 17:55:00 -0700, ted.8367 wrote:
    > > I don't see an easy way to get around the traffic analysis.  But it's
    > > more difficult for the crims than just turning on a scanner.

    >
    > This will just create another 'arms race', akin to CSS, DRM and the
    > various 'copy protection' schemes. Nothing has stood the test of time.


    Except there's no army of encryption hackers amongst the criminal and
    gang fraternity as there is amongst the world's computer users.

    >
    > However, these radios might well reduce the number of crims who are able
    > to eavesdrop - for a time.


    So far nobody has managed to crack the encryption used in digital tv
    such as SkyDigital in NZ.

    >
    > Encrypted radios will always have a vulnerability - the fact that the
    > ciphertext has to be rendered into cleartext somewhere along the way.
    > It's the same vulnerability that has allowed all the various DRM schemes
    > to get cracked.
    >
    > If they're using public key crypto, there has to be some 'out of band'
    > means of distributing the public keys - typically, flashing them into the
    > devices when the car is being maintained. You just need one dirty officer
    > or contractor in the service chain and the whole thing breaks.
    >
    > Top level crime mobs - eg South American coke gangs - would very readily
    > invest money into cracking these devices. For them it's sound business
    > sense.


    Well, the Medellin Cartel was cracked because they were careless with
    their cellular phones. I think you credit them with too much smarts.

    >
    > For a talented but miscreant computer science student, it can be very
    > tempting if a gangster knocks on your door with one of these radios under
    > his arm and says "here's $2000 now just for talking to me, I'll pay you
    > another $30000 if you can crack this radio and come up with a system
    > using off-the-shelf components which can listen in on police."
    >
    > Once the crypto is cracked, the software will leak further afield.

    ..
     
    JohnO, May 21, 2009
    #3
  4. Lawrence D'Oliveiro

    victor Guest

    vitw wrote:
    > On Wed, 20 May 2009 17:55:00 -0700, ted.8367 wrote:
    >
    >> I don't see an easy way to get around the traffic analysis. But it's
    >> more difficult for the crims than just turning on a scanner.

    >
    > This will just create another 'arms race', akin to CSS, DRM and the
    > various 'copy protection' schemes. Nothing has stood the test of time.
    >
    > However, these radios might well reduce the number of crims who are able
    > to eavesdrop - for a time.
    >
    > Encrypted radios will always have a vulnerability - the fact that the
    > ciphertext has to be rendered into cleartext somewhere along the way.
    > It's the same vulnerability that has allowed all the various DRM schemes
    > to get cracked.
    >
    > If they're using public key crypto, there has to be some 'out of band'
    > means of distributing the public keys - typically, flashing them into the
    > devices when the car is being maintained. You just need one dirty officer
    > or contractor in the service chain and the whole thing breaks.
    >
    > Top level crime mobs - eg South American coke gangs - would very readily
    > invest money into cracking these devices. For them it's sound business
    > sense.
    >
    > For a talented but miscreant computer science student, it can be very
    > tempting if a gangster knocks on your door with one of these radios under
    > his arm and says "here's $2000 now just for talking to me, I'll pay you
    > another $30000 if you can crack this radio and come up with a system
    > using off-the-shelf components which can listen in on police."
    >
    > Once the crypto is cracked, the software will leak further afield.
    >


    One flaw in your reasoning that it is akin to the CSS vulnerability is
    that pressed optical disks have a single fixed key.
    P25 radios have over the air re-keying for their AES encryption, its not
    flashed when the car is maintained, you are definitely pulling that out
    of your arse.
    Check out the spec at Tait's site and the govt briefing docs that Google
    found www.e.govt.nz/standards/e-gif/apcop25/apcop25-briefing.doc
     
    victor, May 21, 2009
    #4
  5. In message <4a14b944$>, vitw wrote:

    > On Wed, 20 May 2009 17:55:00 -0700, ted.8367 wrote:
    >
    >> I don't see an easy way to get around the traffic analysis. But it's
    >> more difficult for the crims than just turning on a scanner.

    >
    > This will just create another 'arms race', akin to CSS, DRM and the
    > various 'copy protection' schemes. Nothing has stood the test of time.


    SSH/SSL has stood up pretty well. As has RSA (since 1976), triple-DES (slow
    as it is) ...

    Your confusion between copy-protection/DRM and securing communication
    channels shows a lack of understanding of two very different situations.

    > If they're using public key crypto, there has to be some 'out of band'
    > means of distributing the public keys - typically, flashing them into the
    > devices when the car is being maintained. You just need one dirty officer
    > or contractor in the service chain and the whole thing breaks.


    Think of all the public keys currently being distributed all over the
    Internet without issues of this sort--like the hundred or so CA certs built
    into the Web browser that you use, for example. Subverting those could be
    worth a lot of money in online fraud. Yet in over a decade or more of using
    SSL, it just hasn't happened. Why not?
     
    Lawrence D'Oliveiro, May 21, 2009
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Q2xhaXI=?=

    Bluetooth Radios

    =?Utf-8?B?Q2xhaXI=?=, Nov 26, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    568
    Lanwench [MVP - Exchange]
    Nov 26, 2005
  2. tgilb
    Replies:
    3
    Views:
    462
    tgilb
    Aug 11, 2004
  3. DVD Verdict
    Replies:
    0
    Views:
    687
    DVD Verdict
    Apr 15, 2004
  4. Roger N. Clark (change username to rnclark)

    OT: use of FR radios in Europe?

    Roger N. Clark (change username to rnclark), Jun 15, 2006, in forum: Digital Photography
    Replies:
    2
    Views:
    355
    Roger N. Clark (change username to rnclark)
    Jun 15, 2006
  5. Giuen
    Replies:
    0
    Views:
    1,465
    Giuen
    Sep 12, 2008
Loading...

Share This Page