Wow, It's amazing they couldn't fix this over the last decade. Even a simple obfuscation, anything is better than raw data that is so easily viewable and worse verifiable. I would assume there is plenty of people with experience encrypting and decrypting radio / satellite signals for the military in the US. Maybe the problem lies in it not being a software problem, but rather some horrid design that relegates it to hardware.
Either way now that this is public knowledge it needs to be fixed appropriately.
The content is encrypted with one-time pads that are constantly refreshed, which is entirely undecipherable through cryptanalysis. Encrypting the radio signal itself would require a much more extensive infrastructure than binders and radio receivers: specialized hardware that might be compromised or flawed, or simply break down, rendering you unable to listen to the channel over which your critical orders might come; harder to audit as well with more moving parts and components that aren't easily inspected or tested.
This seems like a case of a very simple and robust system being more than sufficient for the task, and anything more complex is a waste of time and money.
To be fair, ten years ago in Afghanistan I observed a lot of difficulty with encrypted radios on the US side too. The SATCOM radios on our very expensive aircraft seemed to work only a bit more than half the time. Actual military radios are cumbersome and limited, and the keys change constantly, and the keys are a pain to load. Civilian cellphones and cheap walkie-talkies were used for a lot of communications that probably should have been encrypted.
Encryption was mentioned as a possible fix, which made me go WTF.
Am I misunderstanding this, or do these devices not do even the most rudimentary false-input rejection? EMI is one thing, but it sounds more like their radio is accepting random noise as valid commands.
Agreed. I just got into the hobby, and the whole not allowing encryption or obfuscation is such a silly rule. It really limits what we can do.
And your point about unused spectrum is spot on. Outsides of a couple repeaters on VHF and UHF, there is near zero radio transmissions in those bands 24/7.
Who cares? Really, what is the big deal? Nobody is saying that it will always be encrypted. Other radio operators gain the ability to learn about encryption! And we expand the hobby, which as a new member is dying. The radio waves are dead. Why?
Encryption would fix it if the device was misinterpreting ambient EM as commands. If the device is this poorly designed I'd suggest that a lawsuit could be filed.
It wouldn't fix any of the other many possible failure modes, the sum total of which strikes me as much more likely to be the issue. Electronics can get weird.
Really sucks but at the same time radios are only public because of how they work by design. I am surprised that encryption wasn't the default on sensitive channels like this (and ATC, which I enjoy listening to)
> Some are saying this is impossible, that near real time decryption of 256-bit encryption is not possible.
This is very possible -- provided the other side has the keys to decrypt.
Note that "decrypt" is different from "crack". All these radios would "decrypt" in real time (because the receiving radio has the decryption keys). Cracking (as in decrypting, when you do not yet have the key) should be impossible.
But perhaps there is some flaw in the implementation that allows for "decrypting" without needing the keys. Most encrypted systems fall not because the algorithm (the 256-bit part you talk about) itself is weak, but because some other aspect of the overall implementation has a flaw that allows one to obtain the "secrets" without attacking the encryption.
And... Keep in mind that this report, assuming it is credible, could be as simple as: "The other side has captured one of the radios and is using it to listen in on the comms".
There is probably an opsec violation on the part of their target or something wrong with the radio. Che Guevara was using an “unbreakable” one time pad but the US was able to break it because he reused it more than once, so they tracked him down and killed him. The U.S. navy also found it was a problem when they had both a local teletype network with unencrypted messages and a radio teletype with encrypted messages in a ship when electrical signals leaked between the networks.
If you work as a software dev you would be aware that people are able to screw things up in the most incredible ways.
> Considering how much progress that has been made in encrypting internet traffic radio seems painfully slow in evolving to be more secure.
An important reason that I see is because (at least in Germany, I guess worldwide) ham radio operators are not allowed to encrypt their traffic. Commercial companies are a lot more conservative concerning encryption than "hacker people".
It appears to be a huge problem... perhaps messages sent over the air for such an important system should be crypto-signed?
It reminds me of when the Army's drone was diverted and captured because someone spoofed GPS... It probably isn't possible to capture a drone in the same way anymore because I'm sure that they fixed this flaw.
It's like the HTTP vs HTTPS problem ... but anyone can MITM attack because the signal is wireless (and not encrypted and/or signed).
There must be some amateur radio people out there able to receive these signals, no? With the protocol stacks mentioned in the other comments, I wonder if they're able to extract the encrypted data. Which leads me to think there have got to be people/governments trying to figure those out.
> I'm really surprised that more modern cryptography isn't expected from these radios
Military radios absolutely do have modern cryptography. That is half the reason why the NSA exists.
If you think you know better most likely you are wrong, or you are seeing some system which is held back so they can maintain compatibility with coalition forces.
You don’t need revocation certificates to zero out the key material of a radio. In fact it wouldn’t work reliably because it assumes all network participants are within radio range and listening when you want to zero your keys. Much more easy and reliable is to delete the key material localy on the radio. This zeroing can be also performed by a remote signal.
Wow, are we sure this article wasn't written in 1980? The idea that encrypted radio is a national security threat makes zero sense in the age of VPNs and Tor. If someone wants to get a secret message overseas an encrypted HAM transmission is probably the single hardest way to do that short of trying to train a carrier pigeon with a portrait of Vladimir Putin.
Either way now that this is public knowledge it needs to be fixed appropriately.
reply