Adding low-cost ADP encryption could be a pricy decision
By Scott Tschetter
A movement is afoot to add a proprietary encryption protocol called advanced digital privacy, or ADP, to Project 25 systems across the country. However, in so doing, users are at risk of losing federal grant funds.
It is easy to understand the appeal of adopting ADP. Most public-safety radio system administrators do not like the idea of their P25 radio systems being monitored by anyone with a $125 scanner (or worse, streamed live across the Internet). The P25 standards include 256-bit AES and DES encryption options, but these protocols can be expensive. In response, 40-bit ADP was introduced.
As far as security goes, ADP offers very little protection. With a laptop and a hacker program downloaded from the Internet, a 40-bit key can be broken in just a few hours. In contrast, the 256-bit encryption, as included in the P25 standard, would take more than a trillion years to hack — not even feasible. But ADP can be deployed at very little cost, which cash-strapped agencies might find attractive.
But while the up-front cost of ADP is basically nothing, it actually could end up being quite expensive. Here’s why:
The Department of Homeland Security, via its SAFECOM program, has included six federal grant requirements for 2012:
- Include P25 standards in a statement of requirements
- Select P25-eligible equipment
- Obtain documented evidence of P25 compliance
- Ensure compliance with the P25/AES encryption standard
- Ensure additional features purchased are P25-compliant
- Written justification required for non-P25 purchases
The adoption of ADP encryption clearly violates the fourth requirement and violates the spirit of the fifth requirement, as no P25 radio with ADP enabled can pass the P25 Compliance Assessment Program. What happens two years from now when DHS audits a 2012 grant awardee? If DHS determines that the agency violated these requirements (or worse, misled grant reviewers), the agency could be required to return funds and also could risk its eligibility for future funding.
Awareness of this issue was one reason why lawmakers in Ohio recently adopted new language that stipulates any state or federal funds spent on the statewide Multiagency Radio Communications System (MARCS) “may not limit interoperability in mission-critical communications.” Further the MARCS steering committee must “certify that the P25 system complies with P25 standards.”
One such advocate of this new requirement is Bob Glaser, a trustee of Beavercreek Township, Ohio. Glaser’s testimony on this issue before the state’s Senate finance committee last week played a key part in convincing lawmakers that these controls were necessary to ensure P25 interoperability, and also to avoid the risk of forfeiting grant funding.
But the original problem remains: Public safety wants secure (and private) communications. So what is a P25 system owner to do? Multiple manufacturers now are offering “single-key DES” as an alternative. In considering this option, it should be noted first that DES is a P25-recognized encryption standard. Though single-key DES provides radios with just one encryption key — it does so in a vendor-neutral, P25-compliant fashion and is still orders of magnitude stronger than ADP. And for now, this new feature is being offered for free. Sometimes you can have your cake and eat it too!
What should an agency do if it already has deployed ADP encryption? First, create non-ADP, P25 talkgroups for interoperability. Second, create a migration plan to single-key DES for talkgroups that need privacy, but not necessarily full-blown encryption. For tactical or other talkgroups that truly need encryption, investigate the cost of adopting multi-key DES or AES — it may be less than you think if it is only used for the small number of users that require this level of security.
Scott Tschetter is vice president of Eastern Communications, a land-mobile-radio dealer in Long Island City, N.Y., and is a member of Urgent Communications’ editorial advisory council.