Understanding Encryption

Amongst land-mobile radios, there are several standards of encryption available. But the first thing that we need to understand is the regulatory environment concerning encryption capabilities for two-way radios. 

Although encryption is not allowed on FCC Part 97 frequencies which governs Amateur radio, there are still means available to legally acquire encryption. FCC Part 90 covers the commercial spectrum for radio communications, wherein it is possible to apply for a license which grants your users the ability to use encryption. This is typically reserved for businesses, educational institutions, and places of worship, where eligibility requirements state that the applicant must be engaged in the operation of a commercial activity.

Mojave Repeater offers licensing services for itinerant (mobile) or fixed sites, which streamlines the process and guarantees a greater chance of success at being approved. We work closely with frequency coordinators to ensure that your communications needs are met.

Once you have applied and been approved for your license, you are free to start using the encryption capability in your radios. Let's take a look at the different modes or methods of encryption available in most commercial radios. 

Voice Inversion / Scrambler

The scrambler function is commonly found in analog two-way voice radios. This scrambler uses a method of voice inversion, altering the audio frequencies of your voice to make the signal unintelligible to anyone not using the same unscrambling method. Although this may guarantee a small degree of privacy, this method is not considered encryption. This is because the inversion method follows a specific pattern - inverting the sound of your audio around an inversion or pivot frequency. Any keen observer with a Software Defined Radio can record and unscramble this audio without the need to know an encryption key. This method is not secure and there are no effective encryption methods for analog radios.

ARC4

In order to properly encrypt your communications, you must use a digital mode such as P25 or DMR. The most common mode of free encryption built-in to most digital two-way radios is ARC4. It is also known as "Basic Encryption" on many radios. Most common key lengths for this encryption method in digital radios is 40-bits, which happens to be an incredibly weak key. This method can protect against listening by anyone who does not have your key, however, this illusion of privacy will not last long because ARC4 is now considered cryptographically broken and insecure for modern use. Bottom line: ARC4 is obsolete. It should never be used for secure communications. It’s a historic cipher — not a secure one.

DES

Data Encryption Standard or DES is the next best method of encryption. It is sometimes available as a free feature in digital radios and is most commonly used today for interoperability with older systems as it is a legacy method of encryption. It is somewhat stronger than ARC4 due to its 56-bit key length, but this mode is also considered obsolete and insecure with many exploits available to break this standard of encryption.

AES

Advanced Encryption Standard (AES) is the gold standard for modern encryption and still in use today in many commercial, public safety, government, and military systems. AES is usually available in either 128-bit or 256-bit with 64-bit keys. AES-256 is the most secure method of encryption for digital two-way radios and would take trillions of years to decrypt without quantum computing. AES is almost always available as an optional upgrade to your radio for an additional cost, but it is well worth the price, given that it is the only truly secure encryption standard available today for digital radios.

Many users fall victim to the mindset that as long as their transmissions are brief, they can use a less secure method of encryption to mitigate any risk. After all, how could somebody decrypt your transmissions so quickly? But this couldn't be further from the truth. If an ardent observer can record your transmissions with a Software Defined Radio - no matter how short - they can take as much of their own time as they please to decrypt your transmissions, capture your key, and use that later to instantaneously decrypt all of your radio traffic. In the realm of corporate espionage, executive protection, or other high-risk professions, this could spell disaster - so you should always be aware of your risk profile and take active steps to mitigate it whenever possible.