unmute encrypted audio
Moderator: Queue Moderator
- 
				saberthree
- New User
- Posts: 19
- Joined: Tue Oct 23, 2012 5:27 pm
unmute encrypted audio
Hey guys, I wanted to ask how I can unmute encrypted P25 traffic from my radio. Now before I continue, I am in no way trying to decrypt encrypted traffic whatsoever! I would just like to hear the sound of the traffic, not decrypt, listen in and go to jail. In my county, we only have one agency that encrypts their traffic ( I hope it stays that way!!!) I didnt know they started to encrypt until I finally ordered  CPS through /\/\  to start programming more frequencies through my PC instead of  FPP...which is a nice feature when your on the move constantly but programming is so much more easier when you have a full size keyboard and a mouse!!!!! anyway, when I programmed the radio for all the frequencies in my county. I noticed that on dispatch of this specific city, I would see the RF signal meter pop up but no audio, so I pressed the monitor button and then the encrypted audio popped up and encryption icon popped up. In a way, I liked hearing the traffic but the only way I can listen is if I pay attention to the RF meter and press the monitor button. 
I have looked around the other posts here and other sites, and from what I understand, if I set the squelch to digital CSQ, any digital audio should unmute, including encrypted traffic. I have already tried this on my radio, but still no luck on the radio unmuting to encrypted traffic. The only time I hear the dispatch is if a unit accidentally forget to turn on the encryption...this probably happens maybe twice a day. I'm thinking that I don't hear unmuted encrypted traffic, is that I am probably too far away...since I am listening from another city after all, in the same token, I've heard audio surprisingly good from other cities further away but then there's a possibility that they have a tower set up on top of the mountain.
The radio in question that I am using is a XTS 4000 UHF, with CPS R20
anyway, I would appreciate any advice or suggestions at this point.
			
			
									
									
						I have looked around the other posts here and other sites, and from what I understand, if I set the squelch to digital CSQ, any digital audio should unmute, including encrypted traffic. I have already tried this on my radio, but still no luck on the radio unmuting to encrypted traffic. The only time I hear the dispatch is if a unit accidentally forget to turn on the encryption...this probably happens maybe twice a day. I'm thinking that I don't hear unmuted encrypted traffic, is that I am probably too far away...since I am listening from another city after all, in the same token, I've heard audio surprisingly good from other cities further away but then there's a possibility that they have a tower set up on top of the mountain.
The radio in question that I am using is a XTS 4000 UHF, with CPS R20
anyway, I would appreciate any advice or suggestions at this point.
- 
				Bigfella237
- Posts: 152
- Joined: Wed May 02, 2012 11:30 am
Re: unmute encrypted audio
I can't really see any practical reason why you'd want to hear the R2D2 noises, there maybe some novelty value but I assure you that won't last long!
Anyhow, you will need to find out which ALGID & KID is being used and then keyload a key (any key) to the radio using those same details. If the radio receives a transmission and finds a matching KID, it will try to decrypt it using that key and you will hear the incorrectly decrypted voice, for what you want that's about as close as you'll get.
Andrew
			
			
									
									
						Anyhow, you will need to find out which ALGID & KID is being used and then keyload a key (any key) to the radio using those same details. If the radio receives a transmission and finds a matching KID, it will try to decrypt it using that key and you will hear the incorrectly decrypted voice, for what you want that's about as close as you'll get.
Andrew
Re: unmute encrypted audio
I'd think he is using it to do something like see if his repeater is being used to pass encrypted traffic without knowing it....
I believe if you program a radio that has a removable UCM (I don't think you can remove the UCM in the 4K, and certainly not in the APX?) module to be secure without that UCM installed you will always hear the R2D2 noises regardless of having a matching KID.
Alex
			
			
									
									I believe if you program a radio that has a removable UCM (I don't think you can remove the UCM in the 4K, and certainly not in the APX?) module to be secure without that UCM installed you will always hear the R2D2 noises regardless of having a matching KID.
Alex
The Radio Information Board: http://www.radioinfoboard.com
Your source for information on: Harris/Ma-Comm/EFJ/RELM/Kenwood/ICOM/Thales, equipment.
						Your source for information on: Harris/Ma-Comm/EFJ/RELM/Kenwood/ICOM/Thales, equipment.
- 
				saberthree
- New User
- Posts: 19
- Joined: Tue Oct 23, 2012 5:27 pm
Re: unmute encrypted audio
@ bigfella237 I don't think you need to keyload with ALGID & KID. From what I understand if you set to digital CSQ, it's supposed to unsquelch upon detecton of a P25/CAI data stream. I think what is happening is, when I used to live and work on the shooting range, I was closer to the site in question not to mention open land and clear LOS, but this was before I was able to purchase CPS to do the fun programming. I grown tired of living on a gun range (hearing gunshots all the freakin time, I thought being former recon would make it easier, but it just makes it worse) so I ended up moving off the range and relocated in town, which is about 15 miles further from the site, and a lot more obstructions from the site. So I am probably just too far to hear any digital traffic.
			
			
									
									
						- 
				saberthree
- New User
- Posts: 19
- Joined: Tue Oct 23, 2012 5:27 pm
Re: unmute encrypted audio
@ Alex, we have a repeater with PL and NAC codes, I don't think it's possible for encrypted traffic to pass through our repeater unless we set the repeater for CSQ to make it transparent. But I could be wrong though, I don't have too much experience to back that up, its just something that I have read in the forums about trying to use a non encrypted repeater. Unfortunately, not a lot of people are into ham radios where I am at, and even if they are, they are certainly the ones that use the HAM radios. I rarely encounter anyone using public safety radios, let alone P25. I've only talked to only one guy on the P25 repeater here. I'm just happy that we have a P25 repeater for ham use to begin with! 
I am not sure if I can remove the UCM from the radio, I think it might be integrated onto the board, but at that point I rather just say screw it and just enjoy the dang radio haha.
On occasion, I will hear some newbies try to use encryption on the ham simplex frequencies though. I think we all know thats a big no go. But I'm not their daddy, so its whatever to me. I personally would like to see encryption being authorized by FCC to use on ham bands but restrictions only on simplex frequencies, and maybe post on FCC ULS licensing site the encryption keys so FCC and SIGINT don't wig out. I don't really want to get into a heated debate about the ethics behind encryption on ham bands, just expressing my opinion. I think all of us at one point, when we get our expensive public safety radios with UCMs want to play with it with our buddies and play spy games. I can't afford to purchase a frequency from the FCC! I love this hobby, more then I love going to the range.
			
			
									
									
						I am not sure if I can remove the UCM from the radio, I think it might be integrated onto the board, but at that point I rather just say screw it and just enjoy the dang radio haha.
On occasion, I will hear some newbies try to use encryption on the ham simplex frequencies though. I think we all know thats a big no go. But I'm not their daddy, so its whatever to me. I personally would like to see encryption being authorized by FCC to use on ham bands but restrictions only on simplex frequencies, and maybe post on FCC ULS licensing site the encryption keys so FCC and SIGINT don't wig out. I don't really want to get into a heated debate about the ethics behind encryption on ham bands, just expressing my opinion. I think all of us at one point, when we get our expensive public safety radios with UCMs want to play with it with our buddies and play spy games. I can't afford to purchase a frequency from the FCC! I love this hobby, more then I love going to the range.
- 
				Bigfella237
- Posts: 152
- Joined: Wed May 02, 2012 11:30 am
Re: unmute encrypted audio
It has nothing to do with squelch, that's all done on a lower layer to the encryption/vocoding. Even if you use the 'catch-all' NAC, allowing you to receive all P25 transmissions, you still won't hear encrypted traffic.
All P25 data contains an ALGID & KID (among other things), if the vocoder data is not encrypted before sending, an ALGID of 0x80 is set.
If the receiving radio sees an ALGID of 0x80 it knows the transmission is in the clear and sends the voice data directly to the vocoder, which decodes it into voice and sends it to the speaker.
If a transmission is received with (let's say) an ALGID of 0x81, then the receiving radio knows it has been encrypted using DES-OFB, so it then looks for the Key ID (KID) embedded within the data to see if it has a matching KID loaded, if so it sends the voice data to the UCM for decryption and once decrypted to the vocoder and so on to the speaker.
If it doesn't find a matching KID then it knows it cannot decrypt the transmission so it doesn't bother sending the data to the vocoder at all (there's no point since it would come out sounding like digital gibberish), hence what we call "muting" although there was never actually any sound to mute.
All that aside, the very first thing you need to do is prove that you can actually receive the signal in the first place, if you can't then everything else is moot.
Andrew
			
			
									
									
						All P25 data contains an ALGID & KID (among other things), if the vocoder data is not encrypted before sending, an ALGID of 0x80 is set.
If the receiving radio sees an ALGID of 0x80 it knows the transmission is in the clear and sends the voice data directly to the vocoder, which decodes it into voice and sends it to the speaker.
If a transmission is received with (let's say) an ALGID of 0x81, then the receiving radio knows it has been encrypted using DES-OFB, so it then looks for the Key ID (KID) embedded within the data to see if it has a matching KID loaded, if so it sends the voice data to the UCM for decryption and once decrypted to the vocoder and so on to the speaker.
If it doesn't find a matching KID then it knows it cannot decrypt the transmission so it doesn't bother sending the data to the vocoder at all (there's no point since it would come out sounding like digital gibberish), hence what we call "muting" although there was never actually any sound to mute.
All that aside, the very first thing you need to do is prove that you can actually receive the signal in the first place, if you can't then everything else is moot.
Andrew
- 
				Bigfella237
- Posts: 152
- Joined: Wed May 02, 2012 11:30 am
Re: unmute encrypted audio
That would make sense Alex, but just thinking out aloud here...alex wrote: ~ I believe if you program a radio that has a removable UCM (I don't think you can remove the UCM in the 4K, and certainly not in the APX?) module to be secure without that UCM installed you will always hear the R2D2 noises regardless of having a matching KID.
Alex
How do you load a key into a radio without a UCM (I'm talking hardware encryption here, not software ADP)? Or more to the point, how can you program a KID into a key slot without a keyloader?
I believe what you suggest can be done, but you would need to install a UCM, load the key, assign it to a key slot and then remove the UCM again?
Andrew
- 
				saberthree
- New User
- Posts: 19
- Joined: Tue Oct 23, 2012 5:27 pm
Re: unmute encrypted audio
@ Andrew I was hoping there would be a way around it without having to aquire a KVL to do that. Eventually I do want to purchase a KVL but if I get a KVL may as well go all out and the the 4K plus.Bi
But lets say I did get a KVL eventually and what to do what you just described. I would still need to collect a transmission and check the header to find the KID and ALGID. Can you describe a general way this is done? Im assuming a PC based scanner that can log data. What software would I use to catch P25 traffic and analyze the format to extract that specific data? I have been seaching around on how to do that but with no luck.
			
			
									
									
						But lets say I did get a KVL eventually and what to do what you just described. I would still need to collect a transmission and check the header to find the KID and ALGID. Can you describe a general way this is done? Im assuming a PC based scanner that can log data. What software would I use to catch P25 traffic and analyze the format to extract that specific data? I have been seaching around on how to do that but with no luck.
Re: unmute encrypted audio
I think this whole thread may very well be an XY Problem:
http://www.perlmonks.org/?node=XY+Problem
I really don't understand how listening to the random garbles of a vocoder being fed invalid data is going to help you. I think you have some other problem you are trying to solve ("X"), and you think that listening to the encrypted audio without a key ("Y") is somehow going to solve that problem, so you are asking about how to listen to encrypted audio without a key. I suspect that, even if you are given a way to listen to encrypted audio without the correct key, you will find that does not solve your real problem, and then you will be back with another round of questions, more than likely about another "Y" rather than about "X".
I would suggest you take a few minutes to try to identify the real problem you are trying to solve, and then tell us about that problem.
			
			
									
									http://www.perlmonks.org/?node=XY+Problem
I really don't understand how listening to the random garbles of a vocoder being fed invalid data is going to help you. I think you have some other problem you are trying to solve ("X"), and you think that listening to the encrypted audio without a key ("Y") is somehow going to solve that problem, so you are asking about how to listen to encrypted audio without a key. I suspect that, even if you are given a way to listen to encrypted audio without the correct key, you will find that does not solve your real problem, and then you will be back with another round of questions, more than likely about another "Y" rather than about "X".
I would suggest you take a few minutes to try to identify the real problem you are trying to solve, and then tell us about that problem.
This is my opinion, not Aeroflex's.
I WILL NOT give you proprietary information. I make too much money to jeopardize my job.
I AM NOT the Service department: You want official info, manuals, service info, parts, calibration, etc., contact Aeroflex directly, please.
						I WILL NOT give you proprietary information. I make too much money to jeopardize my job.
I AM NOT the Service department: You want official info, manuals, service info, parts, calibration, etc., contact Aeroflex directly, please.
- 
				resqguy911
- Posts: 613
- Joined: Sat Jun 26, 2004 3:35 pm
Re: unmute encrypted audio
You don't need to do all that. Just go to radio wide and tick the box "secure hardware equipped" and it will allow you to modify those settings without a UCM in place. You will however receive an ERR 09/10 on POST though.Bigfella237 wrote:That would make sense Alex, but just thinking out aloud here...alex wrote: ~ I believe if you program a radio that has a removable UCM (I don't think you can remove the UCM in the 4K, and certainly not in the APX?) module to be secure without that UCM installed you will always hear the R2D2 noises regardless of having a matching KID.
Alex
How do you load a key into a radio without a UCM (I'm talking hardware encryption here, not software ADP)? Or more to the point, how can you program a KID into a key slot without a keyloader?
I believe what you suggest can be done, but you would need to install a UCM, load the key, assign it to a key slot and then remove the UCM again?
Andrew
"TDMA = digital and same great taste, half the bits"
						- 
				Bigfella237
- Posts: 152
- Joined: Wed May 02, 2012 11:30 am
Re: unmute encrypted audio
So you're saying that a radio without a UCM will unmute encrypted audio on any (and every) KID regardless of whether it finds a match in the key list?resqguy911 wrote:You don't need to do all that. Just go to radio wide and tick the box "secure hardware equipped" and it will allow you to modify those settings without a UCM in place. You will however receive an ERR 09/10 on POST though.
I've never actually tried using encryption without a UCM.
There are a couple of different software packages around that will do this, the least labour intensive would be DSDplus, this software is already compiled for Windows (unlike other versions of DSD or OP25) and takes the discriminator audio (usually) from a scanner or SDR.saberthree wrote: ~ What software would I use to catch P25 traffic and analyze the format to extract that specific data? I have been seaching around on how to do that but with no luck.
Andrew
EDIT (adding URLs):
See here for DSDPlus: http://www.rtl-sdr.com/improved-digital ... oding-dsd/
Or download directly from here: https://mega.co.nz/#!dxBEES5T!URN1d1aqb ... oP_42vUHaE
Re: unmute encrypted audio
I have the exact opposite problem.
I have an Astro Spectra Plus, as well as a Regular Astro Spectra for a base. The local agency uses 2 different keys, and when they use the key that I don't have; I hear the Gerbils. What I'm wanting to do is mute the undecipherable noise, but be able to unmute the noise that I can decrypt. Under the CPS field - that I'm accustomed to seeing "Proper Code Detect" - it is grayed out. Thus, I have to be annoyed with "The Gerbils".
FYI; this is a VHF conventional only P-25 Astro voice system using DES-OFB. No trunking.
Does anyone know of a way that I can set the codeplug to ONLY unmute under the proper code?
Thanks!
			
			
									
									
						I have an Astro Spectra Plus, as well as a Regular Astro Spectra for a base. The local agency uses 2 different keys, and when they use the key that I don't have; I hear the Gerbils. What I'm wanting to do is mute the undecipherable noise, but be able to unmute the noise that I can decrypt. Under the CPS field - that I'm accustomed to seeing "Proper Code Detect" - it is grayed out. Thus, I have to be annoyed with "The Gerbils".
FYI; this is a VHF conventional only P-25 Astro voice system using DES-OFB. No trunking.
Does anyone know of a way that I can set the codeplug to ONLY unmute under the proper code?
Thanks!
- 
				Bigfella237
- Posts: 152
- Joined: Wed May 02, 2012 11:30 am
Re: unmute encrypted audio
Once again, your best tool here is information. You first need to know what KID(s) is/are being used over the air and compare that to the key list in the radio.
I'm guessing you have a key loaded with a matching ALGID and KID but non-matching key data?
Proper Code Detect only applies to "Non-ASTRO" SecureNet.
Andrew
			
			
									
									
						I'm guessing you have a key loaded with a matching ALGID and KID but non-matching key data?
Proper Code Detect only applies to "Non-ASTRO" SecureNet.
Andrew
Re: unmute encrypted audio
I was thinking along those lines. I went ahead and deleted the no longer valid keys. I guess I'll try reassigning the slots that they were in so there won't be any confusion and try it from there. Good point. Thanks!
			
			
									
									
						Re: unmute encrypted audio
If you slave on of the switches for PL defeat or what ever the wording is so that the channel using no PL on the RX. This would be for a mixed mode channel as you would expect.
On the XTS3000 I used the C position to be PL defeat and when I moved the switch to C the display shows a speaker icon.
Hope this helps and I'm not repeating what someone else said already.
			
			
									
									
						On the XTS3000 I used the C position to be PL defeat and when I moved the switch to C the display shows a speaker icon.
Hope this helps and I'm not repeating what someone else said already.
 
				


