Results 1 to 18 of 18

Thread: MOTOTRBO getting AES128 in 2013!

  1. #1
    syntrx No Longer Registered

    Default MOTOTRBO getting AES128 in 2013!

    http://www.eb-solutions.org.uk/stori...field-contract

    Or at least this nuke plant in England is getting it on their system. With a mere 30 portables, this is a tiny system, which kind of explains why they didn't go P25 or TETRA.

    RC4 is good enough to keep the scanner retards out, but AES128 is going to be a whole lot better.

    "Pennine Telecom has won a new contract to supply a pioneering digital encrypted trunked radio solution at Sellafield in Cumbria.
    The order is the first in the UK for a Motorola Mototrbo Trunked Linked Capacity Plus system using the latest generation of Mototrbo portable two-way radios. It will also see the first deployment of a Motorola digital encrypted trunk system on a civil nuclear site."

    [...]

    "The deal will also see Sellafield benefiting from increased 128 AES encryption set to be introduced by Motorola in 2013."


  2. #2
    Join Date
    Feb 12, 2012
    Location
    Directly above the center of the earth.
    Posts
    2,678
    Thanks
    798
    Thanked 1,345 Times in 664 Posts
    Country: Christmas Island

    Default

    Interesting they decided to go with AES-128 instead of AES-256.

    Gotta keep the good ol' NSA in the loop!

    Seriously, though they probably did this as to not compete with the high-tier P25 line, which of course supports AES-256.
    Last edited by Alpha; Oct 31, 2012 at 02:37 AM.

  3. #3
    Join Date
    Aug 06, 2012
    Location
    Ontario, Canada
    Posts
    679
    Thanks
    125
    Thanked 203 Times in 104 Posts
    Country: Canada

    Default

    Are they worried that the current Enhanced Privacy is that insecure?

  4. #4
    Join Date
    Dec 12, 2011
    Location
    Avalon
    Posts
    1,207
    Thanks
    291
    Thanked 322 Times in 157 Posts
    Country: United States

    Default

    Enhanced Privacy is a implementation of RC4 just like ADP is, my guess is that there are agencies such as this that don't trust RC4. I wouldn't trust it at a nuclear plant as the algo has been proven to be vulnerable in several implementations (WEP being one).

  5. #5
    Join Date
    Aug 06, 2012
    Location
    Ontario, Canada
    Posts
    679
    Thanks
    125
    Thanked 203 Times in 104 Posts
    Country: Canada

    Default

    Yeah I suppose. If you have the resources to try and take on a power plant chances are you might have the connections to hack into stuff like that. Makes me wonder why they even bothered with the Basic Privacy option... Just go with Enhanced and AES.

  6. #6
    Join Date
    May 16, 2012
    Location
    terra australis incognita
    Posts
    474
    Thanks
    0
    Thanked 5 Times in 4 Posts

    Default

    Would it be safe to assume this will require a KVL4000 to keyload?

    AFAIK AES-128 keys can't be generated with a 3k+?
    Andrew

  7. #7
    Join Date
    Dec 12, 2011
    Location
    Avalon
    Posts
    1,207
    Thanks
    291
    Thanked 322 Times in 157 Posts
    Country: United States

    Default

    I'm betting the key will be input into CPS or a software keyloader application.

  8. #8
    Join Date
    Feb 04, 2012
    Posts
    1,854
    Thanks
    166
    Thanked 644 Times in 290 Posts

    Default

    In reality I see no reason that any encryption module cannot be addressed by software. Using a keyloader seems like a added expense in the name of key security.

  9. #9
    syntrx No Longer Registered

    Default

    Quote Originally Posted by Bigfella237
    Would it be safe to assume this will require a KVL4000 to keyload?
    It's safer to bet keys will be software only, and not fillable using a hardware KVL. And that there will no be FIPS140 evaluation etc either.

    Motorola doesn't pretend RC4-40 is secure, it's there just to keep the more determined scanner heads out.

    If you want real security go P25, just ask MattSR what he found on my APX7000
    Last edited by syntrx; Oct 31, 2012 at 03:37 PM.

  10. #10
    mtp850 No Longer Registered

    Default

    Quote Originally Posted by syntrx View Post
    If you want real security go P25, just ask MattSR what he found on my APX7000
    you cant post that then leave us in the dark

  11. #11
    Join Date
    Dec 12, 2011
    Location
    Avalon
    Posts
    1,207
    Thanks
    291
    Thanked 322 Times in 157 Posts
    Country: United States

    Default

    Quote Originally Posted by syntrx View Post
    If you want real security go P25, just ask MattSR what he found on my APX7000
    Consider it asked, MattSR?

  12. #12
    Join Date
    Aug 06, 2012
    Location
    Ontario, Canada
    Posts
    679
    Thanks
    125
    Thanked 203 Times in 104 Posts
    Country: Canada

    Default

    Seems sort of funny that if security is such a concern, why not just use P25? Sure, it'll be more expensive but you wouldn't think a nuke plant would skimp out on it's comms budget. I wonder if any of the 'previous' generation XPR's (6500's etc) will be compatible with the AES-128 upgrade, or just the new 7550's. Likely just the new ones, I'll assume.

  13. #13
    syntrx No Longer Registered

    Default

    Quote Originally Posted by Forts View Post
    Seems sort of funny that if security is such a concern, why not just use P25? Sure, it'll be more expensive but you wouldn't think a nuke plant would skimp out on it's comms budget. I wonder if any of the 'previous' generation XPR's (6500's etc) will be compatible with the AES-128 upgrade, or just the new 7550's. Likely just the new ones, I'll assume.
    If I had to speculate I'd pick two reasons:

    1. Type approval -- P25 is rarely, if at all used in the UK. Going through the process of getting all the system RF components type approved could be prohibitively expensive.

    2. Cost -- The UK government is on the bones of its ***, and it's spending taxpayer's money. TRBO offers a level of capability only available in P25 for 8x-10x the money, especially for such a small deployment. The value proposition isn't there.

  14. #14
    mtp850 No Longer Registered

    Default

    Quote Originally Posted by Magnus View Post
    Consider it asked, MattSR?
    Any updates on this one ? Ive been a good boy

  15. #15
    Join Date
    Dec 29, 2012
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

  16. #16
    Join Date
    May 16, 2012
    Location
    terra australis incognita
    Posts
    474
    Thanks
    0
    Thanked 5 Times in 4 Posts

    Default

    Not that I don't trust you bezpol, but how about some context rather than just expecting everyone to blindly click an unknown URL??
    Andrew

  17. #17
    Join Date
    Apr 09, 2012
    Location
    Australia
    Posts
    896
    Thanks
    227
    Thanked 602 Times in 226 Posts
    Country: Australia

    Default

    Quote Originally Posted by mtp850 View Post
    Any updates on this one ? Ive been a good boy
    Hey mate, sorry for the delay in responding - unfortunately I can't really give any more info as what I've seen is unconfirmed - it could be a red herring...

    Plus it could be a neat addition to a paper some day also

    Cheers,
    Matt

  18. #18
    Join Date
    Feb 04, 2012
    Posts
    1,854
    Thanks
    166
    Thanked 644 Times in 290 Posts

    Default

    As far as my current research into this issue is concerned there is nothing to prevent AES or any other format from being added to the TRBO signal. All that would be required is either a firmware upgrade to support the algorithm (software based would be nice) or a hardware module to be manufactured for the radio line (keyloaders etc would be needed) . I have not seen any major changes to the firmware that would indicate something like this being added to the line yet.