Jump to content
  • 0

Baofeng DM32 encryption

VETCOMMS

Asked by VETCOMMS,

 Share

Question

VETCOMMS Community Regular

VETCOMMS

Posted
Posted

I saw a video made by some jeep guy that's on here 😬 about this DMR/analog radio and the dirty encryption word was mentioned.   I'm not a GI Joe type but it got me to thinking,  how would someone generate an AES256 key & then load it into a radio/ this radio?  I understand this is for business/LMR use so my question is more for learning purposes. 

How does it all work?

13 answers to this question

Recommended Posts

  • 1
WSBB368 Contributor

WSBB368

Posted
Posted
4 hours ago, VETCOMMS said:

I saw a video made by some jeep guy that's on here 😬 about this DMR/analog radio and the dirty encryption word was mentioned.   I'm not a GI Joe type but it got me to thinking,  how would someone generate an AES256 key & then load it into a radio/ this radio?  I understand this is for business/LMR use so my question is more for learning purposes. 

How does it all work?

You can go online and just have a random 256 key generated for you. Be aware the DM32 encryption does not work with other brand HT "Motorola/Anytone" for some reason I have tested only other Baofengs that support encryption. 

  • 0
UncleYoda Proficient

UncleYoda

Posted
Posted

The post I saw on the forum today mentioned using Rattlegram to send over the air.  But the encryption method was done on some type of computer/phone.  Rattlegram just sends the audio to the radio in a modem like sound format.  Most non-open encryption, including the one mentioned is prohibited for our use.

  • 0
Lscott Grand Master

Lscott

Posted
Posted

There are a few encryption options recognized by various manufactures. The typical digital encryption requires a radio with a native digital voice mode, usually DMR, NXDN and P25.

One already mentioned was AES256. Some include it for free, Anytone does this, while others  charge a lot of money to install it on the radio as an option. Then you may need a special bit of software, and or hardware, to function as a key loader. 

Another one is the 40 bit RC4, or ARC4. It's a much weaker algorithm, but good enough to keep the scanner guys away for a while. It's also included for free on some radios. Others it a fairly cheap option to add. The keys are typically loaded through the radio's programming software so no additional software or hardware key loaders are usually required.

You're more likely to find more radios that have have RC4, or an option to install it, than some of the others out there. This is a point to consider if inter-operation between various manufactures is a requirement.

Note that encryption is a No-No on Ham and GMRS in general. However a few people have radios programmed with licensed LMR frequencies where it's legal to use on those. 

  • 0
WRYZ926 Grand Master

WRYZ926

Posted
Posted

From what I was told, even the US military went away from using a hardware key loader for at least the SINCGARS radios.

Encryption might be fun to test but remember that the FCC states that encryption is not allowed on amateur radio bands or on GMRS channels. 

I find no use for AES256 after having to deal with it all of the time while in the Army.

  • 0
WRYZ926 Grand Master

WRYZ926

Posted
Posted
12 minutes ago, Lscott said:

Some people just like their privacy, that's why they want it. 

And I fully understand that. But there are better ways to go about that without having to worry about federal regulations. And digital signals along with secure encryption causes noise/interference for those using analog on the same channel/frequency.

  • 0
Lscott Grand Master

Lscott

Posted
Posted
1 minute ago, WRYZ926 said:

And I fully understand that. But there are better ways to go about that without having to worry about federal regulations.

True. But if you have young kids involved trying to remember complex instructions, codes phases etc. then encryption is just the simple set and forget solution.

3 minutes ago, WRYZ926 said:

And digital signals along with secure encryption causes noise/interference for those using analog on the same channel/frequency.

Yeah, digital signals are not that present to hear mostly.  However low baud rate audio frequency shift radio teletype can have a bit of a "musical" rhythm to it.  

  • 0
WRYZ926 Grand Master

WRYZ926

Posted
Posted
1 hour ago, Lscott said:

Yeah, digital signals are not that present to hear mostly.  However low baud rate audio frequency shift radio teletype can have a bit of a "musical" rhythm to it.  

I know when repeaters can have issues when setup for both analog and DMR if not done correctly. Whoever setup our 70cm repeaters for both analog and DMR didn't get things right and we had nothing but issues with the entire setup.

  • 0
Lscott Grand Master

Lscott

Posted
Posted
2 hours ago, WRYZ926 said:

I know when repeaters can have issues when setup for both analog and DMR if not done correctly. Whoever setup our 70cm repeaters for both analog and DMR didn't get things right and we had nothing but issues with the entire setup.

Then add in network linking things get more involved.

My pet peeve with DMR repeaters are the frequency of changing of supported talk groups and networks. Some are rather extensive systems. See attached file for an example. I've spent hours reworking some of my DMR radio codes plugs due to changes. Then a few weeks, or months later, it's all changed around again. Further trying to find the current configuration may not be easy. Some repeater owners/operators just changes things and don't document it. Some I've just given up on, too many changes.

While I like DMR the frequency of changes, and no coherent place to look for them, takes the shine off the mode. In fact it could turn people off to using it altogether.

N8NOE.pdf

  • 0
VETCOMMS Community Regular

VETCOMMS

Posted
  • Author
Posted

Thanks for the help guys.  What I don't understand is what WSBB said in regards to encryption working on the DM32 HT but not with other brands.  I thought if an HT has AES256 encryption capabilities then the radios should communicate, regardless of brand, as long as the encryption key is identical.  Help me understand that if you could, please (might take a few tries with me)?  Also, I see videos of a guy in a face covering showing how to type in random characters in the programming software for a TYT ht to encrypt that radio.

What I get confused about is that I see anyone can google AES256 key generator but once that spits out a key does one just copy and paste that random set of characters into the encryption field on the radio programming software for all the radios?  And then where I get confused is sometimes I read that you need a key loader to do this, making me think it's not a simple copy and paste operation?  Just trying to understand encryption better.

  • 0
WRUE951 Mentor

WRUE951

Posted
Posted
23 hours ago, Lscott said:

Some people just like their privacy, that's why they want it. 

you never know.. it's good to have a couple radios around set up for encryption.  The Baofeng approach is nice because most people will not shell out hundreds of dollars to have the option.  Each person in our camping group has this radio ordered up.  I ordered mine from Radioditty and have gotten two shipping delay notices.. Couple of friends ordered direct from Baofeng and they also recieved delay notices..    A lot of folks must be ordering this radio. 

  • 0
tweiss3 Mentor

tweiss3

Posted
Posted

Ok, so not all encryption is compatible between manufacturers. I'll give a common example.

Both Kenwood and Motorola had DMR radios, but their "basic" privacy is not compatible between the two. Motorola's is a 16bit XOR, Kenwood's is a bit different, thus incompatible. The "basic" privacy is typically a non-standardized encryption that is for basic privacy at little/no cost. Now, you can use Enhanced Privacy/Enhanced Encryption in Moto/Kenwood DMR, because they use a standard, ARC4/RC4 40bit encryption. Same goes for other standard methods of encryption such as DES (64bit) and AES256 (256bit) which is compatible between manufacturers, as secure interoperability is required. These methods of encryption can be used with NXDN and P25, based on options available (both cost and free) for each radio.

Loading encryption, when meeting opsec/FIPS requirements, creates the key, which is stored in either a hardware or software vault, and then loaded into the radio via manufacturer specific software, or with a hardware device called a keyloader. The keys can be transferred between secure devices (keyloaders/vaults) but after creating and storing them, you can never view what the key is again, so store it properly. 

In the case of many of these Chinese radios, security and standards are typically not followed. You basically copy the key into the software, apply it to the digital channel desired and that's it. Keep in mind, since they don't follow the standards, the encryption may not be compatible with others. The AES could be AES128, or just a completely made up 256 encryption method applied to DMR different than the standard, thus not compatible with other radios using industry standards.

 

@WRYZ926SINCGARS uses frequency hopping for security, which not only doesn't show up on a scanner/close call, it's impossible to follow without the starting frequency and hop-set, which is why it's just as secure as AES, if not more. 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and Guidelines.

  I accept