Police Encrypt Radios To Tune Out Public

Hugh Pickens writes writes "Police departments around the country are moving to shield their radio communications from the public as cheap, user-friendly technology has made it easy for anyone to use handheld devices to keep tabs on officers responding to crimes and although law enforcement officials say they want to keep criminals from using officers' internal chatter to evade them, journalists and neighborhood watchdogs say open communications ensures that the public receives information as quickly as possible that can be vital to their safety. 'Whereas listeners used to be tied to stationary scanners, new technology has allowed people — and especially criminals — to listen to police communications on a smartphone from anywhere,' says DC Police Chief Cathy Lanier who says that a group of burglars who police believe were following radio communications on their smartphones pulled off more than a dozen crimes before ultimately being arrested. But encryption also makes it harder for neighboring jurisdictions to communicate in times of emergency. 'The 9/11 commission concluded America's number one vulnerability during the attacks was the lack of interoperability communications,' writes Vernon Herron, 'I spoke to several first responders who were concerned that their efforts to respond and assist at the Pentagon after the attacks were hampered by the lack of interoperability with neighboring jurisdictions.'"

Re:something to think about..

[Mister+Transistor]

The American equivalent to Tetra, APCO Project-25, has been hacked, but to what effectiveness? By "hacked" you mean they have figured out the protocol stack and the encryption algorithm, and they have even brute-force figured out a few weaker 40-bit keys, but each key is a unique case. The stiffer DES 56-bit key takes a significantly greater amount of horsepower to crack with a GPU array, think many weeks instead of a few days. However, for government stuff they use AES-256, which can take many years to brute-force a key, or longer. Each time the key changes or a different agency's system is "hacked" you have to figure out the new key of the day/week/month, and if it takes you 2 months to brute-force a DES key and they change them monthly, well, you're fucked.

That is the essence of a truly secure encryption system, BTW. All it needs to be is secure *enough* to last until the information is no longer useful or the key changes.