Encryption is NOT for Everyone

This is the place to discuss Riverside County scanning related topics. Whether it be something about a particular agency, radios, antennas, or other general scanner related questions, you can talk about it here.
N6AJB
Posts: 41
Joined: Thu Dec 17, 2009 8:43 am

Re: Encryption is NOT for Everyone

Post by N6AJB »

Another way to tackle this solution is to encrypt partially. That is, keep all your talkgroups clear 98% of the time, and encrypt during a highly sensitive operation.

That's sort of what Pasadena is doing now. It's a good idea, however there is still the problem of how to decide if something is "highly sensitive" or not on the fly. This gives rise to human errors in the scheme of things in that some dispatchers may be broadcasting clear when they should be secure and some broadcasting secure when they should be clear. I also don't know of any systems that allow the console to select whether or not the subscriber is secure or clear outbound from the received audio loop, that is usually determined on a per-subscriber basis when the data enters the system to begin with. The deciphering is always done on a keyloaded console or on each individual subscriber with the proper keyload. Personally, I'm a bigger fan of a 100% clear audio feed of secure air that is delayed.

Giving subscribers the ability to enable or disable encryption within a particular channel or talkgroup is usually a bad idea. They will often "forget" what mode they are in or accidentally hit the secure / clear switch and think they are clear when they are encrypted and think they are encrypted when they are really clear. The best solution is to have dedicated channels or talkgroups that are either always encrypted or always clear so the users know "when you're on this channel, you're secure" or "when you're on this channel, you're int he clear".
And by the way, law enforcement encrypts more content than fire
And that makes perfect sense too, since fire departments aren't usually up against an intelligent force exploiting technology to counter their efforts. If the fire were able to listen in to their efforts and adjust itself accordingly I am certain that fire would encrypt as well. :P
cvrules90
Posts: 1393
Joined: Tue Feb 22, 2011 8:08 am

Re: Encryption is NOT for Everyone

Post by cvrules90 »

What's really interesting to boot is that some big cities like New York, Boston, Chicago, and even the closest LA don't use encryption. You'd think that NYPD?FD would encrypt their comms following the 9/111 attacks or go on a massive interconnected trunked radio system but no. LAPD has a UHF P-25 radio system as we all know which is BARELY crypto. Las Vegas Metro Police went to OpenSky and dumped it so they're back on their clear VHF radio system.
N6AJB
Posts: 41
Joined: Thu Dec 17, 2009 8:43 am

Re: Encryption is NOT for Everyone

Post by N6AJB »

That's because the BIGGER the agency, the HARDER it is to manage encryption. Adding encryption to a fleet of 35 radios is FAR cheaper and FAR easier to manage than a fleet of 3,500. This is why we see smaller agencies typically switching FIRST. Key management for a fleet the size of LA's or NY's would require a full time staff of several people just to keep on top of things. It is also easier to add encryption to a entirely new system (like PSEC) where all the radios can be dealt with BEFORE they are deployed. Adding encryption slowly to LAPD's system would be an absolute nightmare, as some of the "upgraded" radios would get broken or fall out of service before the new features could be rolled out...it would be a constant "catching up" game. Also, try to imagine a re-key on a fleet the size of LAPD's, even WITH OTAR.
Jlanfn
Posts: 39
Joined: Thu Mar 04, 2010 9:36 pm

Re: Encryption is NOT for Everyone

Post by Jlanfn »

zz0468 wrote:It's not going to change any minds as to whether or not to encrypt.
Definitely agree there. Also, it seems that usually by the time people find out a channel or system will be encrypted, the decision to encrypt was made months or years in the past. We know the decision to encrypt often comes from within the agency, but it would be interesting to know exactly who within the agency is tasked with making the recommendation or decision. How critical is the part the vendor's representative plays in persuading an agency to encrypt? It seems that often times, as in the case of Beaumont PD, the agency will hire a technical consultant to make recommendations about system design prior to vendor selection, and the consultant will almost always recommend full encryption.
N6AJB wrote:The article continues on to argue against encryption from the standpoint of interoperability. This makes no sense to me from an operational standpoint.
I think you make some good points, but I'm going to push back a little on your interoperability statement. These are my personal inexperienced views. If I have misunderstood something, please correct me.
N6AJB wrote:There are dedicated clear channels set aside specifically for interoperability on all the public safety bands and most governing agencies that oversee these channels (Cal-EMA) here in Ca., and Federal agencies have policies in place that ban or discourage encryption on the interoperability channels.
True, and I sincerely wish agencies would use these channels. For the most part, at least in this area, they seem disinclined to do so. The only usage I have ever noted in this area is interagency surveillance operations and supplemental single-agency usage.
N6AJB wrote:Interoperability on PRIMARY channels does not happen on a day to day basis anyway, largely due to the fact that different agencies use different frequency bands, different emission types and in many cases different proprietary systems.
That may be true in Riverside County, but many other areas including San Bernardino County are increasingly moving to shared trunked systems. In these cases, practically the only technical barrier to talking on another agency's primary channel is having it programmed into your radio with the ability to transmit. I have heard this work fairly well between San Bernardino County Sheriff and Redlands Police, for example. In a recent incident, a sheriff deputy was at the city boundary and noticed a house on fire within the city. He responded to the location, switched over to the city's primary channel, and provided mutual aid as the first emergency personnel on scene.

Now, there are definitely some drawbacks to this type of interoperability, and I don't think it's an appropriate solution for every interoperability need. We can all debate the viability/desirability of it without coming any nearer to agreement, and each agency will make its own decisions about interoperability. But it definitely provides some pretty big benefits to operational efficiency that should not be overlooked. There are many incidents from my monitoring experience where LE agencies had absolutely horrible interoperability because the messages had to pass through multiple dispatchers.

The very purpose of encryption is to keep everyone out except a specific group of known subscriber units. When an individual agency handles its own encryption, the method that is easier to manage, they rarely consider other agencies, being focused on their own needs/wants. If they do wish to provide access to other agencies, they face the significant complication of having to handle encryption key management for an outside agency's radios. This increases vulnerability of the key because it is given to an agency outside the managing agency's control. And what if the agency inadvertently excludes a particular allied agency from their approved group of subscriber units they would otherwise have wished to include? All of these have the effect of restricting primary channel interoperability. Of course, if an agency doesn't care about having it, all this is moot.

I know law enforcement agencies usually don't care about interoperability nearly as much as fire agencies, but I think all law enforcement agencies should have these three kinds of interoperability solutions: (1) pools of shared channels dedicated exclusively to interoperability, (2) access to allied agency primary dispatch channels, and (3) a shared interoperability channel for emergency broadcasts with subscriber units dedicated to exclusive 24/7 monitoring.
N6AJB
Posts: 41
Joined: Thu Dec 17, 2009 8:43 am

Re: Encryption is NOT for Everyone

Post by N6AJB »

Thanks Jlanfan for your response. I do however think the "interoperability" case still doesn't hold as much merit practically (although admittedly encryption DOES add another "layer" to the issue). In the example given (San Bernardino County) both Redlands PD and San Bernardino Sheriff's Dept. are on the SAME system (Redlands pays SBCO a monthly fee pre radio to use the system), so even if Redlands and SBCO were encrypted, they would STILL have the interoperability being part of the SAME system all managed from the SAME radio shop. In this example, the interop was not a result of "being in the clear" but rather due to the fact both agencies were on the same system. (If Redlands were still on VHF this wouldn't have happened.)

Orange County radios (most LE) have each others encrypted primary dispatch channels in each other's radios. Many OC agencies can come up on each other's primary channels and interoperate WHILE ENCRYPTED or shift off to a common encrypted interop talkgroup. Again, this is not a function of being secure or clear, but it is a function of being on the same system. There are also secure and clear "interop" talkgroups on the OC system, and ICIS and strictly clear ones for San Diego RCS and SBCO's 800 system all the agencies that subscribe to these systems can interoperate with each other on because they are on the SAME system, whether that system is secured or clear.

Some L.A. County cities (like Pasadena and Santa Monica) run encryption but have UHF "access" channels monitored 24/7 by the respective cities dispatch centers knowing that LAPD and LASD aren't going to become ICIS cities, yet allowing those agencies and Santa Monica and Pasadena direct comms with LAPD and LASO units. This way they have complete interop and still run their own exclusive primaries. Here in Riverside County, RSD monitors 800 Mhz "ICALL", VHF "CLEMARS" and UHF "CLEMARS" for situations as described (an outside agency needing communication with the local agency's dispatcher.) The push with PSEC has been to set up a system similar to Orange County's (with encrypted interop channels all agencies on the system will have) however the political and economic climates now are vastly different than when the OC system was rolled out, so it remains to be seen if something similar will take place in Riverside County.

There is also the consideration that many agencies don't want outside agencies coming up on their air due to the ways that dispatchers manage callsigns in CAD, etc. even when it's technically feasible. Heck, there are even some cities that don't want their own police and fire departments coming up on each other's air for that very reason. That is the reason that the interoperability channels exist.

All that being said, if another agency REALLY saw the need to come up on someone's primary, per FCC rules, they need written permission first, so in the process they would also be provided that agency's codeplug and the encryption key as part of the radio load in getting authorization. Just think of the encryption key as another component of the codeplug besides the talkgroup hex ID and system ID or frequency and PL.
zz0468
Posts: 236
Joined: Wed Jun 18, 2008 8:35 pm

Re: Encryption is NOT for Everyone

Post by zz0468 »

Jlanfn wrote:...How critical is the part the vendor's representative plays in persuading an agency to encrypt? It seems that often times, as in the case of Beaumont PD, the agency will hire a technical consultant to make recommendations about system design prior to vendor selection, and the consultant will almost always recommend full encryption.
The vendors role is generally making a product available, and then throwing every resource available at it to get it sold. Vendors in the public safety communications field have a pretty close relationship with customers, and the sales force is well known. There is plenty of opportunity for discussions to take place about what's available. Public safety agencies also talk among themselves, so there can be a sense of "they're going encrypted, we should too". Consultants will usually sniff the air, see which way the wind is blowing, and write a report along the lines of what they think the client wants to hear. The purpose of a consultant is to take the blame when the project fails, which happens often enough.

All that said, law enforcement is perceiving a threat to officer and public safety caused by organized street gangs, drug cartels, and potential terrorists, and encryption is just one of the tools they see being effective to fight those threats. Vendors are providing encryption because their customers have been asking for it.
N6AJB wrote:All that being said, if another agency REALLY saw the need to come up on someone's primary, per FCC rules, they need written permission first...
In the case of county or regional trunked systems, the individual agencies are operating under the FCC authorization of the system operator, not necessarily individual licenses issued to each city. In that case, FCC approval is not necessary for different agencies on the same system to allow access to their talk groups. It becomes an internal matter for the agencies involved, and the system operator.

In conventional systems, a letter of authorization is taken to the frequency coordinator, and then submitted to the FCC for a license. If you dig into FCC records, you'll frequently see an agency's primary frequencies also licensed to adjacent agencies who don't regularly use those frequencies.
N6AJB wrote:...so in the process they would also be provided that agency's codeplug and the encryption key as part of the radio load in getting authorization. Just think of the encryption key as another component of the codeplug besides the talkgroup hex ID and system ID or frequency and PL.
The encryption key is loaded separate from the codeplug, using different hardware tools than what is needed for radio programming. Encryption keyloading was designed with the end user in mind, and it's not unusual for a radio shop to not have access to encrypted talk groups, keyloaders, and encryption keys, which can change frequently. The encryption key cannot be discovered by reading the codeplug, nor can it be transferred from one radio to another by radio service software. The radio MUST be touched by the keyloader.
cvrules90
Posts: 1393
Joined: Tue Feb 22, 2011 8:08 am

Re: Encryption is NOT for Everyone

Post by cvrules90 »

N6AJB wrote:That's because the BIGGER the agency, the HARDER it is to manage encryption. Adding encryption to a fleet of 35 radios is FAR cheaper and FAR easier to manage than a fleet of 3,500. This is why we see smaller agencies typically switching FIRST. Key management for a fleet the size of LA's or NY's would require a full time staff of several people just to keep on top of things. It is also easier to add encryption to a entirely new system (like PSEC) where all the radios can be dealt with BEFORE they are deployed. Adding encryption slowly to LAPD's system would be an absolute nightmare, as some of the "upgraded" radios would get broken or fall out of service before the new features could be rolled out...it would be a constant "catching up" game. Also, try to imagine a re-key on a fleet the size of LAPD's, even WITH OTAR.
But those are large, high-crime cities where you'd think they would making trunking and encryption a must. But as a twist, states like Michigan, Florida, and New York require permits to install scanners in cars-most likely because most agencies there are in the clear and they want to makae sure that only liscensed people will listen in their car and not some scumbag off the street whose noble intention is to evade the law.
N6AJB
Posts: 41
Joined: Thu Dec 17, 2009 8:43 am

Re: Encryption is NOT for Everyone

Post by N6AJB »

But those are large, high-crime cities where you'd think they would making trunking and encryption a must. But as a twist, states like Michigan, Florida, and New York require permits to install scanners in cars-most likely because most agencies there are in the clear and they want to makae sure that only liscensed people will listen in their car and not some scumbag off the street whose noble intention is to evade the law.[/quote]

That seems like good, conventional logic, however just because a region is "big and high crime" and doesn't have encryption yet that does not negate the need for smaller agencies to also have access to encryption. As perviously mentioned, it is far easier for the smaller agencies to implement it logistically which I think in part accounts for the fact many of the larger agencies don't. Who would have though the tiny little camping trailer community of 7 Oaks would need....ENCRYPTION! But after Dorner the need is VERY much so demonstrated. I think when LA RICS is rolled out, there is probably a good chance it will be encrypted. Adding encryption to large existing system is a logistical nightmare, adding it to a whole new system is much simpler.

Encryption is a protective measure, like bullet proof vests. There hasn't been as many Beaumont PD officers shot as LAPD officers, but does that mean that Beaumont doesn't need vests? Officers in Beaumont could probably benefit from encryption as much as officers in L.A., the difference is that is is far easier to supply Beaumont PD with encryption than it would be LAPD (at this point.)

As far as the scanner licensing thing goes, it is illegal to use a scanner in the commission of a crime pretty much everywhere anyway and the law is not going to keep lawbreakers from breaking the law, nor will the "scanner licensing" laws. Encryption, making it nearly impossible for them to do that HAS made it extremely difficult for criminals to use scanners to their advantage, probably more so than any law. The scanner licensing thing is sort of silly when you try to think about enforcement of it as well. With today's technology mobile scanner licensing is just a moot point. Why bother licensing a mobile scanner, just listen to the live stream on your smartphone, or have your friends at home listen to the scanner or feed and call you on your cellphone when the cops are coming, or just have your look outs use a handheld scanner, I am sure it's not illegal to have a scanner while on foot in those states.


zz0468: You are correct in how shared licensing on trunked systems works. For agencies with individual licenses, that agency can just add the requesting agency's number of mobile units to it's mobile fleet on their existing license. The allied agency does not need their own license unless they install a fixed transmitter or control point on your frequencies. The point you made with hardware crypto requiring a KVL is of course right on target. The point I was making is that in many trunked systems, the system administrator for the particular system typically loads the allied agencies' radios (who are requesting access to the system) with his or her system, and often times a hardware system key is required. I am simply saying, if an allied agency wants your trunked system in their radios, you usually want to load it for them anyway, so just load your crypto keys at that point since you already have to touch their radios anyway and "wala" the "interop with an encrypted system" snafu is resolved. :)
Jlanfn
Posts: 39
Joined: Thu Mar 04, 2010 9:36 pm

Re: Encryption is NOT for Everyone

Post by Jlanfn »

zz0468 wrote:All that said, law enforcement is perceiving a threat to officer and public safety caused by organized street gangs, drug cartels, and potential terrorists, and encryption is just one of the tools they see being effective to fight those threats.
I think you raise an important point that the decision to encrypt is based on the perceptions of the agency's decision-making entities. I just spent a few weeks on vacation in Colorado. On their statewide P25 trunked system only a few law enforcement talkgroups were encrypted in the area in which I was staying. None of them were dispatch or interoperability channels. Maybe they just don't feel as threatened there as agencies around here do. Admittedly, they do have much less crime there.

There's also the example of the new EBRCS system in Alameda and Contra Costa counties. They actually have a written policy that primary dispatch channels shall not be encrypted. And although agencies are free to encrypt everything else, most of them have decided to encrypt only one or two of their tac channels. They must not feel overwhelmingly threatened either.

The other important point is the example set by other public safety agencies. I get the impression that in the Southern California public-safety community, Orange County is generally highly regarded for the radio system they have implemented. Agencies that want similar success want to do the same things that Orange County did, including full law enforcement encryption.

But for me it boils down to this: I would like to think that agencies go through a careful, rational, fact-based thought process when deciding what will be encrypted, considering all the benefits and consequences. If an agency did this and still decided to encrypt everything, though it harms the hobby, I wouldn't have a problem with it. However, my impression is that there isn't a great deal of critical thinking that goes into these decisions to encrypt. Relying primarily upon perceptions of the threats or simply copying the actions of others are certainly not objective thought processes.

Perhaps the article at the beginning of this thread, instead of saying that encryption is not for everyone, should rather have encouraged agencies not to just jump into full encryption but to carefully consider all the issues involved. Within that argument it could have explained some of the drawbacks or challenges of encryption.
cvrules90
Posts: 1393
Joined: Tue Feb 22, 2011 8:08 am

Re: Encryption is NOT for Everyone

Post by cvrules90 »

We could talk an entire century about this.

Remember that in Southern Cali, crime is a big problem. We had the 1992 riots in LA, and many other crimes in many regions of cities. People in Southern Cali don't have quite the respect for police (NWA anybody?) and will do whatever it takes just to evade them. As a result, agencies whether they are big city, suburban, or rural, are looking at encryption options.
Post Reply