Batboard

You might read the article you link:

"...shows that finding the AES key is four times easier than previously believed."
"Even at one-fourth of the anticipated effort, breaking the AES key would still be a monumental, if not insurmountable, job. The researchers calculate that it would require a trillion machines that each could test a billion keys per second, running for more more than two billion years, to recover a 128-bit AES key. Current large-scale corporate computers could test at most 10 million keys per second."

Moreover, most P25 users using AES use a 256 bit key. That's not just twice as hard as a 128 bit key, that's 2^128 times harder (3.4*10^38).

EDIT: Sorry, I thought you were being sarcastic (as in "Windows 7 server is the most secure Windows yet. Yep, pretty secure").

I've seen others on this board who didn't understand security and encryption (I loved the guy who told me I didn't know anything about the encryption the FBI uses - after all, I only provided the test solution for their AES radios!), and I misread your statement.

In the P25 context, at least for most users, the cryptography doesn't realistically need to be particularly strong.

P25 is used mostly for tactical communications. The information conveyed in tactical communications is highly perishable; its value to an adversary diminishes in a very short period of time.

No cipher is or should be considered to be unbreakable. The message needs only remain secure long enough for the information to no longer be of use to the adversary, or for the adversary to decide that the effort in breaking the message cannot be justified given the nature information this effort would be expected to reveal.

mr.syntrx wrote:In the P25 context, at least for most users, the cryptography doesn't realistically need to be particularly strong.

P25 is used mostly for tactical communications. The information conveyed in tactical communications is highly perishable; its value to an adversary diminishes in a very short period of time.

No cipher is or should be considered to be unbreakable. The message needs only remain secure long enough for the information to no longer be of use to the adversary, or for the adversary to decide that the effort in breaking the message cannot be justified given the nature information this effort would be expected to reveal.

THANK YOU!

I can't believe this story has gone as far as it has! We all know that the "super duper secret stuff" isn't transmitted on P25 and certainly doesn't use DES or AES. None of the so called news outlets or retweeters have pointed out that most of the people using P25 for communications couldn't even qualify for the most basic clearance, therefore couldn't really breach national security...