CAP Talk

Operations => Emergency Services & Operations => Topic started by: Eclipse on June 02, 2020, 02:29:34 pm

Title: Comms encryption, can we stop pretending?
Post by: Eclipse on June 02, 2020, 02:29:34 pm
As I have spent the last few nights listening to the "events" around many of us,
it struck me that CAP needs to get off its high horse about comms and start treating
it like a tool and not a toy / hobby / cash cow / "let's see what works", especially
in regards to encryption.

This has been a problem that predates my 20 years, with comms being one of the last corners of GOB.

None of the major LEAs and related around me use encryption for anything other then
tactical comms during special operations. Digital trunking? Yes (and you can always tell
when they are having the same issues CAP has because the guys go "underwater" and the phasing
starts, etc.), but dispatch and standard street-level comms are all open-channel and in many cases
still analog, and frankly I was a little surprised at this as I hadn't done any scanning
for probably a decade and would have expected major cities to be encrypted, if for no other reason
then not letting the bad guys know where you are.

After pinging a friend who is in the game locally, the answer is the same for LEAs as for CAP -
encryption is a hassle, especially any scheme that rotates or changes keys, and at the end of the
day they need big-button radios that just "work", especially in times of stress or emergency,
and a fuzzy analog signal is better than a clear digital signal that doesn't connect.

Pretty much every mission, SAREx, and large activity that I've been involved in (that has a comm plan)
includes or starts out with "digital" (which x's out the guys who still have compliant analog radios)
and discussions as to whether encryption should be used, and by 0900 everyone is on analog CC1, because
that just "works".

And don't get me started about this nonsense with the Baefongs, which are at a price point
that could potentially put a radio in the hands of just about any member who wanted one.

Should appropriated funds be spent on off-shore radios?  No.

Member funds?  Let them decide.

CAP needs to stop pretending encryption is ever going to be a "thing", delete the TOAs,
and start putting radios in the hands of members based on mission requirements
and not purchase agreements.
Title: Re: Comms encryption, can we stop pretending?
Post by: NovemberWhiskey on June 02, 2020, 11:44:50 pm
I agree with a large amount of what you wrote. As far as I can see, P25 encryption is primarily for agency liaison requirements. Insofar as we may need to participate in missions with agencies that have requirements for encryption, we probably need to train for it; but that should really be a CUL line item only.

However: the issue with Baofeng radios is that they're non-compliant with NTIA requirements; and the NTIA is the agency that provides and regulates CAP's spectrum. This isn't a CAP DOK issue. Nor is it a manufacturing location issue. ICOM, for example, makes excellent NTIA compliant P25 radios in Japan.
Title: Re: Comms encryption, can we stop pretending?
Post by: SarDragon on June 03, 2020, 01:55:53 am
P25 is NOT encryption. It is a digital modulation protocol - audio in -> 1s and 0s out. There's more to the process, but there's your bottom line. It makes encryption easier because it digitizes the audio internally, instead of using an add-on like the older military radios (think KY-28, etc).

Real encryption involves combining the digitized audio with a key (a digital string of up to 2048 bits), and then transmitting the cipher-text. The receiver combines the cipher-text with the same key to retrieve the original data string, which is then converted back into audio.
Title: Re: Comms encryption, can we stop pretending?
Post by: Eclipse on June 03, 2020, 02:11:47 am
Quote from: NovemberWhiskey on June 02, 2020, 11:44:50 pmHowever: the issue with Baofeng radios is that they're non-compliant with NTIA requirements; and the NTIA is the agency that provides and regulates CAP's spectrum. This isn't a CAP DOK issue. Nor is it a manufacturing location issue. ICOM, for example, makes excellent NTIA compliant P25 radios in Japan.

This is the nonsense of which I speak, and I understand it is not a CAP-specific issue at the ground
level, however as I understand it the issue is as much political as it is technical owing to
Baefong's Chinese ownership, which in itself is interesting in that the BatWing is now also owned by the Chinese.

As I understand it, the issue is related to the NTIA not accepting their self-certification (which they
usually do), coupled with some nuances around the ability to field-program the radios from the front panel
(and thus potentially cause interference issues).

One could certainly posit that if CAP / 1AF was "interested" in deploying them organization-wide, those issues could
be addressed.  As it stands, there are more then a few in the field today, with the typical justification
of "in emergencies" or "I only use it to monitor" as is the case for the likely hundreds (or more) of non-compliant
radios in use across the organization.
Title: Re: Comms encryption, can we stop pretending?
Post by: Slim on June 03, 2020, 02:49:28 am
In CAP, the only time I've ever used anything other than analog is at INWG encampment, where we use the same cache of UHF radios that NESA uses.  And NESA uses P25 AES encryption for some reason.  Far as user ease goes, there isn't much different, you still have the PHD button on the side, and you talk into and listen from the front.  The only issues are that sometimes we lose signal inside buildings, resulting in the underwater sound.  Big difference between analog and digital is that you can still get weak but readable signals on analog, but when digital doesn't work, you get Max Headroom.

Only thing I don't like about it is that I can't use my personal UHF equipment there because I don't/can't have the keys.

I have anectodal evidence that they also use encryption on VHF for NBB, but have never been there to know for sure.

I own NTIA compliant, P25 and encryption capable equipment.  I even have a keyloader to load the encryption keys if I had them (I don't).  I also own compliant analog only gear that is still useful.  I'm also recognized as a "Radio geek" around my wing, and people often reach out to me looking for advice on what to buy, where to buy it, and how to get it programmed.  All of which depends on the purpose or intended use.  Looking for something to use for ES, you want more channels and more capabilities, like P25.  Just looking for something to use on occasion at activities, a 16 channel HT-1000 or Visar will suit your needs just fine.  I can also program a great number of Motorola radios, as well as the EFJs that are on their way out, so there's always that offer too.
Title: Re: Comms encryption, can we stop pretending?
Post by: jeders on June 03, 2020, 03:14:49 am
Quote from: Slim on June 03, 2020, 02:49:28 amI have anectodal evidence that they also use encryption on VHF for NBB, but have never been there to know for sure.

Yeah, no; we don't ever use encryption because we have absolutely no use for it. We have tried to use digital instead of analog, but usually fall back to analog within a day or two due to the range/interference issues.
Title: Re: Comms encryption, can we stop pretending?
Post by: NovemberWhiskey on June 03, 2020, 11:57:12 am
Quote from: Eclipse on June 03, 2020, 02:11:47 amThis is the nonsense of which I speak, and I understand it is not a CAP-specific issue at the ground
level, however as I understand it the issue is as much political as it is technical owing to
Baefong's Chinese ownership, which in itself is interesting in that the BatWing is now also owned by the Chinese.

As I understand it, the issue is related to the NTIA not accepting their self-certification (which they
usually do), coupled with some nuances around the ability to field-program the radios from the front panel (and thus potentially cause interference issues).

I don't know where you're getting this information and it would be great if you could share the source.

The Baofeng radios do not have even have advertised specifications for most of the NTIA requirements. Where they do have specifications they are sometimes insufficient. e.g. NTIA requirement (ref. 5.3.5.2 B) (https://www.ntia.doc.gov/legacy/osmhome/redbook/5.pdf) for receiver intermodulation rejection in analog, portable sets is 70dB. The Baofeng UV-5R is specified for 60dB (https://baofengtech.com/usermanual/BaoFeng_UV-5R_Manual.pdf).

Objectively higher-quality radios designed for amateur usage also fail to meet the NTIA requirements and are similarly prohibited, even those from non-Chinese manufacturers that also have radios on the approved lists (e.g. ICOM, Kenwood).

I also believe front-panel programming is a red-herring. The Motorola radios are also available with FPP; and in fact Motorola usually markets this as a "Federal government" option. FPP in a portable set is usually an FCC Part 90 compliance issue, which has nothing to do with NTIA.
Title: Re: Comms encryption, can we stop pretending?
Post by: Spam on June 03, 2020, 01:37:31 pm
Anecdotal ease of use comment:  I know of at least three instances (one personally, when they first came in) of members inadvertently dumping the key or doing something accidentally with the radio which took it offline until DOK personnel could "un brick" the unit.  Arguably thats the result of unnecessary functions adding needless complexity, combined with amateur non-RTO weekend users, combined with marginal training on complex interfaces. Thankfully, all three instances were during exercises and not during actual emergency operations, but all resulted in lost sorties.

Training curve comment:  where key management functions are unlocked for non-admin users (and we have done this) I feel this supports the position that we are flying up our own butts adding needless complexity for marginal high end users, which ends up impairing our actual ability to get the job done by the majority of users. At the very least, the number of crew interfaces (buttons and functions per equipment unit) impose an added training burden and makes for a steeper training curve than are needed.

(Speaking as a cockpit and combat systems designer and human factors engineer, here).

V/r
Spam
Title: Re: Comms encryption, can we stop pretending?
Post by: AirDX on June 03, 2020, 03:16:11 pm
Quote from: Eclipse on June 02, 2020, 02:29:34 pmCAP needs to stop pretending encryption is ever going to be a "thing", delete the TOAs,
and start putting radios in the hands of members based on mission requirements
and not purchase agreements.

The Emperor has no clothes!

98% of what CAP does (probably more) has no need of digital/encryption/spook mode/whatever. Save that gear for the limited missions/personnel that need them, and can be trained to reliably use them. Give the rest of us simple, cheap, reliable equipment that I can handle to a cadet and not worry about her accidentally switching to digital, or getting lost in space among 1000 unnecessary channels, or damaging a $2500 radio. There's a reason my fire/rescue district has resisted the 800 MHz push, and that's our ability to equip everyone with a $500 radio or a $300 pager that will last 10 years vs. a $2500 dollar radio. Our budgets don't support it, and won't support it.   
Title: Re: Comms encryption, can we stop pretending?
Post by: arajca on June 03, 2020, 04:52:08 pm
The jump to P24 and addition of encryption came from external forces. When the change was made (2004ish?), CAP had to decide between using FCC channels and NTIA channels. Both had pros and cons. The biggest con with using FCC was the inability to have a national channel plan. Another con was CAP would need to find the money to purchase radios. Going with NTIA channels, CAP has a national channel plan and, at the time, the AF came up with the money. Of course the AF added somethings they wanted, i.e. P24 and encryption capability. No one at the time had any thoughts that CAP would be using encryption on any kind of regular basis, but we needed the capability per the AF. CAP has resisted jumping to P24 completely to accommodate member owned radios.



 
Title: Re: Comms encryption, can we stop pretending?
Post by: Slim on June 04, 2020, 02:00:23 am
Quote from: jeders on June 03, 2020, 03:14:49 am
Quote from: Slim on June 03, 2020, 02:49:28 amI have anectodal evidence that they also use encryption on VHF for NBB, but have never been there to know for sure.

Yeah, no; we don't ever use encryption because we have absolutely no use for it. We have tried to use digital instead of analog, but usually fall back to analog within a day or two due to the range/interference issues.
As I said, it was ancedotal evidence, in the sense that someone posted a pic on the CAP comm facebook group from NBB last year (?) that showed several racks of EFJ 5100s "All programmed and with keys installed."  That and the fact that every NBB packing list I've seen has said "Leave personal CAP radios at home" lead me to the conclusion that CAP comms at NBB use encryption.  Otherwise, no need to have keys installed or to ban personally owned/compliant equipment.

NESA and encryption is a fact.  I've used their radios, and had their clapped out XTS3000 sitting next to my personal XTS2500, both programmed with the proper frequencies, hearing clear comms from the 3000 and running water from my 2500.  Why they feel the need to use it is beyond me.  Could be as simple as "Because we can..." I dunno.  For the most part, 90% of the time, the person I had to call heard me, and I was able to hear them.

I always view having members bring/use their own comm gear helpful.  With the limited numbers of corporate owned assets available, if I don't need to take a portable that means someone else can.
Title: Re: Comms encryption, can we stop pretending?
Post by: NovemberWhiskey on June 04, 2020, 03:04:36 am
Quote from: arajca on June 03, 2020, 04:52:08 pmNo one at the time had any thoughts that CAP would be using encryption on any kind of regular basis, but we needed the capability per the AF. CAP has resisted jumping to P24 completely to accommodate member owned radios.

There is a large drive towards P25 across public safety land mobile radio. Federal grant funds, for example, are now conditional on the radio equipment being P25 CAP (not us: the Compliance Assessment Program) compliant.

Unfortunately the theoretical interoperability benefits - everyone is using the same trunking technology etc. - are rather meaningless to CAP with its (dwindling) conventional repeater network.
Title: Re: Comms encryption, can we stop pretending?
Post by: SarDragon on June 04, 2020, 03:43:06 am
Quote from: NovemberWhiskey on June 04, 2020, 03:04:36 am
Quote from: arajca on June 03, 2020, 04:52:08 pmNo one at the time had any thoughts that CAP would be using encryption on any kind of regular basis, but we needed the capability per the AF. CAP has resisted jumping to P24 completely to accommodate member owned radios.

There is a large drive towards P25 across public safety land mobile radio. Federal grant funds, for example, are now conditional on the radio equipment being P25 CAP (not us: the Compliance Assessment Program) compliant.

Unfortunately the theoretical interoperability benefits - everyone is using the same trunking technology etc. - are rather meaningless to CAP with its (dwindling) conventional repeater network.

Funny that you should say that. CAWG is actually working on increasing the number of repeaters to provide increased coverage in potential mission areas. At my squadron meeting tonight, I heard discussion of at least three new locations, with evaluation in progress for a couple more.