• If posting about a radio issue: Include the HOST, DSP and UCM/secure firmware versions, flashcode and CPS version you're using along with the operating system info. This is critical information.

MOTOTRBO getting AES128 in 2013!

Status
S

syntrx

Not Registered
http://www.eb-solutions.org.uk/stor...es-digital-first-with-new-sellafield-contract

Or at least this nuke plant in England is getting it on their system. With a mere 30 portables, this is a tiny system, which kind of explains why they didn't go P25 or TETRA.

RC4 is good enough to keep the scanner retards out, but AES128 is going to be a whole lot better.

"Pennine Telecom has won a new contract to supply a pioneering digital encrypted trunked radio solution at Sellafield in Cumbria.
The order is the first in the UK for a Motorola Mototrbo Trunked Linked Capacity Plus system using the latest generation of Mototrbo portable two-way radios. It will also see the first deployment of a Motorola digital encrypted trunk system on a civil nuclear site."

[...]

"The deal will also see Sellafield benefiting from increased 128 AES encryption set to be introduced by Motorola in 2013."
 

Alpha

T¹ ÆS Ø - Moderator, CS Forums $upporter
Staff member
CS Forums $upporter
Joined
Feb 12, 2012
Messages
2,755
Interesting they decided to go with AES-128 instead of AES-256.

Gotta keep the good ol' NSA in the loop! :cool:

Seriously, though they probably did this as to not compete with the high-tier P25 line, which of course supports AES-256.
 
Last edited:

Forts

Prolific Contributor
CS Forums $upporter
Joined
Aug 6, 2012
Messages
880
Are they worried that the current Enhanced Privacy is that insecure?
 

Magnus

Prolific Contributor
CS Forums $upporter
Joined
Dec 12, 2011
Messages
1,240
Enhanced Privacy is a implementation of RC4 just like ADP is, my guess is that there are agencies such as this that don't trust RC4. I wouldn't trust it at a nuclear plant as the algo has been proven to be vulnerable in several implementations (WEP being one).
 

Forts

Prolific Contributor
CS Forums $upporter
Joined
Aug 6, 2012
Messages
880
Yeah I suppose. If you have the resources to try and take on a power plant chances are you might have the connections to hack into stuff like that. Makes me wonder why they even bothered with the Basic Privacy option... Just go with Enhanced and AES.
 

Bigfella237

Ø Tactical OTAR Slayer
Joined
May 16, 2012
Messages
474
Would it be safe to assume this will require a KVL4000 to keyload?

AFAIK AES-128 keys can't be generated with a 3k+?
 

Magnus

Prolific Contributor
CS Forums $upporter
Joined
Dec 12, 2011
Messages
1,240
I'm betting the key will be input into CPS or a software keyloader application.
 

Notarola

Prolific Contributor
CS Forums $upporter
Joined
Feb 4, 2012
Messages
2,329
In reality I see no reason that any encryption module cannot be addressed by software. Using a keyloader seems like a added expense in the name of key security.
 
OP
S

syntrx

Not Registered
Bigfella237 said:
Would it be safe to assume this will require a KVL4000 to keyload?

It's safer to bet keys will be software only, and not fillable using a hardware KVL. And that there will no be FIPS140 evaluation etc either.

Motorola doesn't pretend RC4-40 is secure, it's there just to keep the more determined scanner heads out.

If you want real security go P25, just ask MattSR what he found on my APX7000 ;)
 
Last edited:

Forts

Prolific Contributor
CS Forums $upporter
Joined
Aug 6, 2012
Messages
880
Seems sort of funny that if security is such a concern, why not just use P25? Sure, it'll be more expensive but you wouldn't think a nuke plant would skimp out on it's comms budget. I wonder if any of the 'previous' generation XPR's (6500's etc) will be compatible with the AES-128 upgrade, or just the new 7550's. Likely just the new ones, I'll assume.
 
OP
S

syntrx

Not Registered
Seems sort of funny that if security is such a concern, why not just use P25? Sure, it'll be more expensive but you wouldn't think a nuke plant would skimp out on it's comms budget. I wonder if any of the 'previous' generation XPR's (6500's etc) will be compatible with the AES-128 upgrade, or just the new 7550's. Likely just the new ones, I'll assume.

If I had to speculate I'd pick two reasons:

1. Type approval -- P25 is rarely, if at all used in the UK. Going through the process of getting all the system RF components type approved could be prohibitively expensive.

2. Cost -- The UK government is on the bones of its ass, and it's spending taxpayer's money. TRBO offers a level of capability only available in P25 for 8x-10x the money, especially for such a small deployment. The value proposition isn't there.
 

Bigfella237

Ø Tactical OTAR Slayer
Joined
May 16, 2012
Messages
474
Not that I don't trust you bezpol, but how about some context rather than just expecting everyone to blindly click an unknown URL??
 

MattSR

Prolific Contributor
CS Forums $upporter
Joined
Apr 9, 2012
Messages
934
Any updates on this one ? Ive been a good boy :)

Hey mate, sorry for the delay in responding - unfortunately I can't really give any more info as what I've seen is unconfirmed - it could be a red herring...

Plus it could be a neat addition to a paper some day also ;)

Cheers,
Matt
 

Notarola

Prolific Contributor
CS Forums $upporter
Joined
Feb 4, 2012
Messages
2,329
As far as my current research into this issue is concerned there is nothing to prevent AES or any other format from being added to the TRBO signal. All that would be required is either a firmware upgrade to support the algorithm (software based would be nice) or a hardware module to be manufactured for the radio line (keyloaders etc would be needed) . I have not seen any major changes to the firmware that would indicate something like this being added to the line yet.
 
Status