Algorithm
Key Length
Total Number of different keys
Years required to test all keys
ADP, 40 bit, 1.09 E+12, 34,865 or 3.48 E+4 Years
DVP, 96 bit, 7.92 E+28, 2.51 E+21 Years
DES, 128 bit, 3.40 E+38, 1.07 E+31 Years
AES, 256 bit, 1.15 E+77, 3.67 E+69 Years
Encryption
DES
Introduced in 1983 – Type III encryption algorithm 128 bit key
Currently, the most widely used encryption algorithm in the market
Analog capable only
Utilized a self-synchronizing which did have an adverse impact on the performance of the radio
DES-XL
Introduced in 1987 – Type III encryption algorithm
128 bit key
Analog and Digital capable
Introduced a external synchronizing scheme which alleviated performance lost by DES algorithm
DES-OFB
Introduced in 1997 – Type III encryption algorithm
128 bit key
Digital capable only
Used fundamentals of DES-XL and advanced the scheme
APCO adopted this algorithm as its standard for Project 25 in 1996
AES
Introduced in 2002 – Type III encryption algorithm
256 bits
Digital capable only
Built off of DES-OFB platform, but added features, notable number of bits
Adopted by APCO as a P25 standard in 2002
OTAR
Introduced in 1990
Provides the capability to re-key the algorithms within radio via an over-the-air network
Currently requires the use of a data system (RNC – data controller) to send requests over conventional channels
OTAR for Project 25 was introduced in 1999
ADP (Advanced Digital Privacy)
Software based encryption introduced in late 2003
Motorola proprietary implementation of RC4 algorithm
Not a FIPS certified solution
40 bits
Software based only on XTS 2500
Software or UCM based on XTS 5000/ASTRO Spectra Plus/XTL 5000
Software based can be key loaded through CPS
Hardware based needs to be key loaded by KVL 3000 Plus
Type 1
Classified encryption
Introduced in 1991 and re-introduced in 2003
Motorola ENCRYPTION standards
Moderator: Queue Moderator
-
radioinstl
- Posts: 354
- Joined: Tue Feb 11, 2003 1:07 pm
- What radios do you own?: Liberty MBITR APX7000 75000
The DES info is wrong, it's only 56-bit, not 128, and was introduced in 1977, not 1983. It was reaffirmed in 1983.
This site below explains the DES algorithm in great detail, including the key length, and CFB/OFB variations.
http://www.tropsoft.com/strongenc/des.htm
And the 'official' FIPS paper on DES:
http://www.itl.nist.gov/fipspubs/fip46-2.htm
Also, the number of available keys for DVP is actually 2.36 E+21 (true 64-bit)...it's DVP-XL which has 7.9 E+28 available keys.
Todd
This site below explains the DES algorithm in great detail, including the key length, and CFB/OFB variations.
http://www.tropsoft.com/strongenc/des.htm
And the 'official' FIPS paper on DES:
http://www.itl.nist.gov/fipspubs/fip46-2.htm
Also, the number of available keys for DVP is actually 2.36 E+21 (true 64-bit)...it's DVP-XL which has 7.9 E+28 available keys.
Todd
No trees were harmed in the posting of this message...however an extraordinarily large number of electrons were horribly inconvenienced.
Welcome to the /\/\achine.
Welcome to the /\/\achine.
-
radioinstl
- Posts: 354
- Joined: Tue Feb 11, 2003 1:07 pm
- What radios do you own?: Liberty MBITR APX7000 75000
Just for reference, what is your 'timeline' for cracking the various algorithms based on? IE: 1 million keys per second? More? Less?
Todd
Todd
No trees were harmed in the posting of this message...however an extraordinarily large number of electrons were horribly inconvenienced.
Welcome to the /\/\achine.
Welcome to the /\/\achine.
-
radioinstl
- Posts: 354
- Joined: Tue Feb 11, 2003 1:07 pm
- What radios do you own?: Liberty MBITR APX7000 75000
Key crack timeline.
Hello.
The key gets cracked in MUCH less time, a few minutes to 2 hours maximum for the Russian code breaking boxes.
DES was the standard for direcTV, it got raped to the point that a new system was put in its place.
That has also been cracked.
The point being, the key NEEDS to be changed.
This is kind of like back-ups for the computer, it gets done when something goes wrong, after the fact.
The key gets cracked in MUCH less time, a few minutes to 2 hours maximum for the Russian code breaking boxes.
DES was the standard for direcTV, it got raped to the point that a new system was put in its place.
That has also been cracked.
The point being, the key NEEDS to be changed.
This is kind of like back-ups for the computer, it gets done when something goes wrong, after the fact.
Hello!
DirecTV DES encryption was not 'cracked.' What was cracked was part of their conditional access system, which includes DES encryption of some mpeg packets, most of them are actually in the clear! These content keys are changed lots, and sent ahead of time. The encryption used in DirecTV is still DES.
In a conditional access system like this, keys or information needed to detemine the keys are passed to the client enveloped inside of some public/private arrangement. Also, its authorization list. Application responsible for tuning video on the settop gets keys from hardware secure element (in directv's case, smartcard.) If client not authorized for tuned program then no/incorrect decryption keys are released by the hardware secure element.
Looks like the first message is a training slide! Maybe from installer training?
Laws of physics and mathematics do not change... if you try to guess the key in a brute force effort, then you can assume you need to guess every key in the universe, and this will take a lot of time no matter how much power you have. Anything on the air can be recorded and will be decrypted if someone tries and persists, but it could be a long time from now before he gets lucky.
The only way to decrypt fast is to use the NSA's backdoor! Change the keys every shift if you are paranoid.
DirecTV DES encryption was not 'cracked.' What was cracked was part of their conditional access system, which includes DES encryption of some mpeg packets, most of them are actually in the clear! These content keys are changed lots, and sent ahead of time. The encryption used in DirecTV is still DES.
In a conditional access system like this, keys or information needed to detemine the keys are passed to the client enveloped inside of some public/private arrangement. Also, its authorization list. Application responsible for tuning video on the settop gets keys from hardware secure element (in directv's case, smartcard.) If client not authorized for tuned program then no/incorrect decryption keys are released by the hardware secure element.
Looks like the first message is a training slide! Maybe from installer training?
Laws of physics and mathematics do not change... if you try to guess the key in a brute force effort, then you can assume you need to guess every key in the universe, and this will take a lot of time no matter how much power you have. Anything on the air can be recorded and will be decrypted if someone tries and persists, but it could be a long time from now before he gets lucky.
The only way to decrypt fast is to use the NSA's backdoor! Change the keys every shift if you are paranoid.
-
jnglmassiv
- Batboard $upporter
- Posts: 512
- Joined: Sun Feb 24, 2002 4:00 pm
