Jump to content

Project 25: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
rm deletion of "pink". It's a quote from the article. Undid revision 445578190 by 67.141.21.9 (talk)
BigglesPiP (talk | contribs)
Jamming vulnerability: Replacing awful reference which totally fails to cite the statement.
Line 88: Line 88:
One design choice was to use lower levels of error correction for portions of the encoded voice data that is deemed less critical for intelligibility. As a result bit errors may be expected in typical transmissions, and while harmless for voice communication, the presence of such errors force the use of [[stream cipher]]s, which can tolerate bit errors, and prevents the use of a standard technique, [[message authentication code]]s (MACs), to protect message integrity from [[stream cipher attack]]s. The varying levels of error correction are implemented by breaking P25 message frames into subframes. This allows an attacker to jam entire messages by transmitting only during certain short subframes that are critical to reception of the entire frame. As a result an attacker can effectively jam Project 25 signals with average power levels much lower that the power levels used for communication. Such attacks can be targeted at encrypted transmissions only, forcing users to transmit in the clear.
One design choice was to use lower levels of error correction for portions of the encoded voice data that is deemed less critical for intelligibility. As a result bit errors may be expected in typical transmissions, and while harmless for voice communication, the presence of such errors force the use of [[stream cipher]]s, which can tolerate bit errors, and prevents the use of a standard technique, [[message authentication code]]s (MACs), to protect message integrity from [[stream cipher attack]]s. The varying levels of error correction are implemented by breaking P25 message frames into subframes. This allows an attacker to jam entire messages by transmitting only during certain short subframes that are critical to reception of the entire frame. As a result an attacker can effectively jam Project 25 signals with average power levels much lower that the power levels used for communication. Such attacks can be targeted at encrypted transmissions only, forcing users to transmit in the clear.


Because Project 25 radios are designed to work in existing two-way radio frequency channels, they cannot use [[spread spectrum]] modulation, which is inherently jam-resistant. An optimal spread spectrum system can require a effective jammer to use 1000 times as much power (30 db more) as the individual communicators. According to the report, a P25 jammer could effectively operate at 1/25th the power (14 db less) than the communicating radios. The authors developed a proof-of-concept jammer using a Texas Instruments CC1110 single chip radio, found in an inexpensive toy.<ref>http://uk.girltech.com/electronics-imMe.aspx Matel Girl-Tech IM-Me(tm)]</ref>
Because Project 25 radios are designed to work in existing two-way radio frequency channels, they cannot use [[spread spectrum]] modulation, which is inherently jam-resistant. An optimal spread spectrum system can require a effective jammer to use 1000 times as much power (30 db more) as the individual communicators. According to the report, a P25 jammer could effectively operate at 1/25th the power (14 db less) than the communicating radios. The authors developed a proof-of-concept jammer using a Texas Instruments CC1110 single chip radio, found in an inexpensive toy.<ref>andy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Matt Blaze, ''University of Pennsylvania'', 2011, Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System, [http://www.crypto.com/papers/p25sec.pdf]</ref>


===Traffic Analysis and active tracking===
===Traffic Analysis and active tracking===

Revision as of 18:41, 19 August 2011

Project 25 (P25) or APCO-25 refer to a suite of standards for digital radio communications for use by federal, state/province and local public safety agencies in North America to enable them to communicate with other agencies and mutual aid response teams in emergencies. In this regard, P25 fills the same role as the European TETRA protocol, although not interoperable with it.

Suite of Standards Overview

History

Public safety radios have been upgraded from analog to digital since the 1990s because of the limitations of analog transmission, and also because of the technological advances and expanded capabilities of digital radio.

Varying user protocols and different public safety radio spectrum, made it difficult for Public Safety to achieve interoperability and widespread acceptance among the public safety agencies. However, the lessons learned during the disasters that the United States faced in the past decade, have forced agencies to assess their requirements during a disaster when the basic infrastructure is in a state of failure. To meet the growing demands of public safety digital radio communications, the FCC at the directive of the US Congress initiated an inquiry in 1988, to receive recommendations from users and manufacturers to improve the communication systems in existence.[1] Based on the recommendations, in October of 1989 APCO Project 25 came into existence in a coalition with APCO (Association of Public-Safety Communications Officials-International), National Association of State Telecommunications Directors (NASTD)[2], National Telecommunications and Information Administration (NTIA), the National Communications System (NCS), National Security Agency (NSA) and the US Department of Defense (DoD), to find solutions that best serve the needs of public safety management.[1][3] In addition, a steering committee consisting of representatives from the above mentioned agencies along with FPIC (Department of Homeland Security Federal Partnership for Interoperable Communications), Coast Guard and the Department of Commerce's National Institute of Standards and Technology (NIST), Office of Law Enforcement Standards was established to decide the priorities and scope of technical development of P25.[3]

Introduction

Interoperable emergency communication is integral to initial response, public health, safety of communities, national security and economic stability. Of all the problems experienced during disaster events, one of the most serious problems is communication due to lack of appropriate and efficient means to collect, process and transmit important and timely information. In some cases, radio communication systems are incompatible and inoperable not just within a jurisdiction but within departments or agencies within the same community. [4] Non-operability occurs due to use of outdated equipment, limited availability of radio frequencies, isolated or independent planning, lack of coordination and cooperation between agencies, community priorities competing for resources, funding and ownership and control of communications systems. [www.ncjrs.gov/pdffiles1/nij/204348.pdf]. Recognizing and understanding this need, Project 25 (P25) was initiated collaboratively by public safety agencies and manufacturers to address the issue with emergency communication systems. P25 is collaborative project to ensure that two-way radios are interoperable. The goal of P25 is to enable public safety responders to communicate with each other and, thus, achieve enhanced coordination, timely response, and efficient and effective use of communications equipment.[5] P25 was established to address the need for common digital public safety radio communications standards for First Responders and Homeland Security/Emergency Response professionals. TIA TR-8 facilitates such work through its role as an ANSI-accredited Standards Development Organization (SDO).

Project 25 (P25) is a set of standards produced through the joint efforts of the Association of Public Safety Communications Officials International (APCO), the National Association of State Telecommunications Directors (NASTD), selected Federal Agencies and the National Communications System (NCS), and standardized under the Telecommunications Industry Association (TIA)... The P25 suite of standards involves digital Land Mobile Radio (LMR) services for local, state/provincial and national (federal) public safety organizations and agencies...

P25 is applicable to LMR equipment authorized or licensed, in the U.S., under the National Telecommunications and Information Administration (NTIA) or Federal Communications Commission (FCC) rules and regulations.

Although developed primarily for North American public safety services, P25 technology and products are not limited to public safety alone and have also been selected and deployed in other private system application, worldwide.[6]

P25 equipment has also been selected for a railroad system, including rolling stock, personnel, and transportation vehicles.[citation needed]

P25-compliant systems are being increasingly adopted and deployed. Radios can communicate in analog mode with legacy radios, and in either digital or analog mode with other P25 radios. Additionally, the deployment of P25-compliant systems will allow for a high degree of equipment interoperability and compatibility.

P25 standards use the Improved Multiband Excitation (IMBE) vocoders which were designed by DVSI to encode/decode the analog audio signals.

P25 may be used in "talk around" mode without any intervening equipment between two radios, in conventional mode where two radios communicate through a repeater or base station without trunking or in a trunked mode where traffic is automatically assigned to one or more voice channels by a Repeater or Base Station.

The protocol supports the use of DES encryption (56 bit), 2-key Triple-DES encryption, 3-key Triple-DES encryption, AES encryption at up to 256 bits keylength, RC4 (40 bits, sold by Motorola as Advanced Digital Privacy), or no encryption.

The protocol also supports the ACCORDION 1.3, BATON, FIREFLY, MAYFLY and SAVILLE Type 1 ciphers.

P25 Open Interfaces

P25's Suite of Standards specify eight open interfaces between the various components of a land mobile radio system. These interfaces are:

  • Common Air Interface (CAI) - standard specifies the type and content of signals transmitted by compliant radios. One radio using CAI should be able to communicate with any other CAI radio, regardless of manufacturer
  • Subscriber Data Peripheral Interface - standard specifies the port through which mobiles and portables can connect to laptops or data networks
  • Fixed Station Interface - standard specifies a set of mandatory messages supporting digital voice, data, encryption and telephone interconnect necessary for communication between a Fixed Station and P25 RF Subsystem
  • Console Subsystem Interface - standard specifies the basic messaging to interface a console subsystem to a P25 RF Subsystem
  • Network Management Interface - standard specifies a single network management scheme which will allow all network elements of the RF subsystem to be managed
  • Data Network Interface - standard specifies the RF Subsystem's connections to computers, data networks, or external data sources
  • Telephone Interconnect Interface - standard specifies the interface to Public Switched Telephone Network (PSTN) supporting both analog and ISDN telephone interfaces.
  • Inter RF Subsystem Interface (ISSI) - standard specifies the interface between RF subsystems which will allow them to be connected into wide area networks

P25 Phases

A hand-held Project 25 radio used in US systems.

P25-compliant technology is being deployed in several phases:

  • Phase 1

Phase 1 radio systems operate in 12.5 kHz analog, digital or mixed mode. Phase 1 radios use Continuous 4 level FM (C4FM) modulation for digital transmissions at 4800 baud and 2 bits per symbol, yielding 9600 bits per second total channel throughput. Receivers designed for the C4FM standard can also demodulate the "Compatible quadrature phase shift keying" (CQPSK) standard, as the parameters of the CQPSK signal were chosen to yield the same signal deviation at symbol time as C4FM while using only 6.25 kHz of bandwidth.

Vendors are currently shipping Phase 1 P25-compliant systems. These systems involve standardized service and facility specifications, ensuring that any manufacturers' compliant subscriber radio has access to the services described in such specifications. Abilities include backward compatibility and interoperability with other systems, across system boundaries, and regardless of system infrastructure. In addition, the P25 suite of standards provides an open interface to the radio frequency (RF) subsystem to facilitate interlinking of different vendors' systems.

  • Phase 2

To improve spectrum utilization, Phase 2 is currently under development with concurrent work being done on 2-slot TDMA and FDMA (CQPSK) modulation schemes. Phase II will likely use the AMBE+2 vocoder to reduce the needed bitrate so that one channel will only require 4800 bits per second.

Significant attention is also paid to interoperability with legacy equipment, interfacing between repeaters and other subsystems, roaming capacity and spectral efficiency/channel reuse. In addition, Phase 2 work involves console interfacing between repeaters and other subsystems, and man-machine interfaces for console operators that would facilitate centralized training, equipment transitions and personnel movement.

Conventional Project 25 Implementation

P25 systems do not support CTCSS tone or DCS codes for access control. Instead they use what is called a Network Access Code, or NAC. This is a 12 bit code that prefixes every packet of data sent (including voice packets).

The NAC is a feature similar to CTCSS or DCS for analog radios. That is, radios can be programmed to only pass audio when receiving the correct NAC. NAC's are programmed as a 3 digit hexadecimal code that is transmitted along with the digital signal being transmitted.

Since the NAC is 3 digit hexadecimal number (12 bits), there are 4096 possible NAC's for programming, far more than all analog methods combined.

Three of the possible NAC's have special functions:

  • 0x293 ($293) - the default NAC
  • 0xf7e ($F7E) - a receiver set for this NAC will pass audio on any decoded signal received
  • 0xf7f ($F7F) - a repeater receiver set for this NAC will allow all incoming decoded signals and the repeater transmitter will retransmit the received NAC.

Adoption

Adoption of these standards has been slowed by budget problems in the US; however, funding for communications upgrades from the Department of Homeland Security usually requires migrating to APCO-25. It is also being used in other countries world wide including Australia, India, Singapore and Russia.[7] As of mid-2004 there were 660 networks with P25 deployed in 54 countries.[7] At the same time in 2005 the European Terrestrial Trunked Radio (TETRA) was deployed in 60 countries however and it is the preferred choice in Europe, China and other countries.[7] This is largely based on the fact that TETRA systems are many times cheaper than P25 systems ($900 vs $6000 for a radio).[7] This leads to the situation that almost all P25 networks are based in Northern America where it has the advantage that a P25 system has the same coverage and frequency bandwidth as the earlier analogue systems that were in use so that channels can be easily upgraded one by one.[7] Both P25 and TETRA can offer varying degrees of functionality, depending on available radio spectrum, terrain and project budget.

While interoperability is a major goal of P25, many P25 features present interoperability challenges. In theory, all P25 compliant equipment is interoperable. In practice, interoperable communications isn't achievable without effective governance, standardized operating procedures, effective training and exercises, and inter-jurisdictional coordination. The difficulties inherent in developing P25 networks using features such as digital voice, encryption, or trunking sometimes result in feature-backlash and organizational retreat to minimal "feature-free" P25 implementations which fulfill the letter of any APCO-25 migration requirement without realizing the benefits thereof. Additionally, while not a technical issue per se, frictions often result from the unwieldy bureaucratic inter-agency processes that tend to develop to coordinate interoperability decisions.

Security flaws

In 2011, the Wall Street Journal published an article describing research into security flaws of the system, including a user interface that makes it difficult for users to recognize when transcievers are operating in secure mode. [8] According to the article, "(R)esearchers from the University of Pennsylvania overheard conversations that included descriptions of undercover agents and confidential informants, plans for forthcoming arrests and information on the technology used in surveillance operations." The researchers found that the messages sent over the radios are sent in segments, and blocking just a portion of these segments can result in the entire message being jammed. "Their research also shows that the radios can be effectively jammed (single radio, short range) using a highly modified pink electronic child’s toy and that the standard used by the radios 'provides a convenient means for an attacker' to continuously track the location of a radio’s user. With other systems, jammers have to expend a lot of power to block communications, but the P25 radios allow jamming at relatively low power, enabling the researchers to prevent reception using a $30 toy pager designed for pre-teens."

The report was presented at the 20th Usenix Security Symposium in San Francisco in August 2011.[9] The report noted a number of security flaws in the Project 25 system, some specific to the way it has been implemented and some inherent in the security design.

Encryption lapses

The report did not find any breaks in the P25 encryption, however they observed large amounts of sensitive traffic being sent in the clear due to implementations problems. They found switch markings for secure and clear modes difficult to distinguish (∅ vs. o). This is exacerbated by the fact that P25 radios when set to secure mode continue to operate without issuing a warning if another party switches to clear mode. In addition, the report authors said many P25 systems change keys too often, increasing the risk that an individual radio on a net may not be properly keyed, forcing all users on the net to transmit in the clear to maintain communications with that radio.

Jamming vulnerability

One design choice was to use lower levels of error correction for portions of the encoded voice data that is deemed less critical for intelligibility. As a result bit errors may be expected in typical transmissions, and while harmless for voice communication, the presence of such errors force the use of stream ciphers, which can tolerate bit errors, and prevents the use of a standard technique, message authentication codes (MACs), to protect message integrity from stream cipher attacks. The varying levels of error correction are implemented by breaking P25 message frames into subframes. This allows an attacker to jam entire messages by transmitting only during certain short subframes that are critical to reception of the entire frame. As a result an attacker can effectively jam Project 25 signals with average power levels much lower that the power levels used for communication. Such attacks can be targeted at encrypted transmissions only, forcing users to transmit in the clear.

Because Project 25 radios are designed to work in existing two-way radio frequency channels, they cannot use spread spectrum modulation, which is inherently jam-resistant. An optimal spread spectrum system can require a effective jammer to use 1000 times as much power (30 db more) as the individual communicators. According to the report, a P25 jammer could effectively operate at 1/25th the power (14 db less) than the communicating radios. The authors developed a proof-of-concept jammer using a Texas Instruments CC1110 single chip radio, found in an inexpensive toy.[10]

Traffic Analysis and active tracking

Certain meta data fields in the Project 25 protocol are not encrypted, allowing an attacker to perform traffic analysis to identify users. Because Project 25 radios respond to bad data packets addressed to them with a retransmission request, an attacker can deliberately send bad packets forcing a specific radio to transmit even if the user is attempting to maintain radio silence. Such tracking by authorized users is considered a feature of P25, referred to as "presence."[11]

The reports authors concluded by saying "It is reasonable to wonder why this protocol, which was developed over many years and is used for sensitive and critical applications, is so difficult to use and so vulnerable to attack." The authors separately issued a set of recommendations for P25 users to mitigate some of the problems found.[12] These include disabling the secure/clear switch, using Network Access Codes to segregate clear and encrypted traffic and extending key life.

See also

  • APCO-16, another standard that was not as widely accepted, dealing with trunking formats
  • Digital Radio Mobile functions similar as TETRA
  • NXDN, a two-way digital radio standard with similar characteristics

Notes

  1. ^ a b [1][dead link]
  2. ^ [[2]]
  3. ^ a b [3][dead link]
  4. ^ "SOR.book" (PDF). Retrieved 2010-09-26.
  5. ^ http://www.motorola.com/staticfiles/Business/Solutions/Business%20Solutions/Mission%20Critical%20Communications/ASTRO%2025%20Trunked%20Solutions/_Document/Project%2025%20Whitepaper.pdf?localeId=33
  6. ^ Daniels Electronics LTD., P25 Radio Systems Training Guide
  7. ^ a b c d e Is this finally P25's year?, Interview with Don Pfohl of Project 25 and Bill Belt of Telecommunications Industry Association's wireless division, 1. May 2005
  8. ^ Valentino-DeVries. "Security Flaws in Feds' Radios Make for Easy Eavesdropping". Wall Street Journal. Retrieved 2011-08-10. {{cite web}}: Unknown parameter |Date= ignored (|date= suggested) (help); Unknown parameter |First= ignored (|first= suggested) (help)
  9. ^ "Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio system," S. Clark, T. Goodspeed, P. Metzger, Z. Wasserman, K. Xu, M. Blaze, Proceedings of the 20th Usenix Security Symposium, 2011
  10. ^ andy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Matt Blaze, University of Pennsylvania, 2011, Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System, [4]
  11. ^ http://www.nationalinterop.com/solutions_p25.html
  12. ^ P25 security mitigation guide, M. Blaze, et al.