P25 radios vulnerable to eavesdropping, can be jammed by child's toy

Weaknesses in the emerging interoperability standards for radios used by law enforcement agencies make the supposedly secure systems vulnerable to eavesdropping and jamming, researchers from the University of Pennsylvania reported.

The researchers, who presented their findings at this week’s Usenix Security Symposium in San Francisco, were able to build an effective low-powered jamming device from an inexpensive children’s texting toy and intercepted sensitive traffic that was supposed to have been encrypted.

They spent two years examining the Project 25 land mobile radio standards in a study partially funded by the National Science Foundation.


Related coverage:

Radio interoperability effort is old enough to drink

Why the march to interoperable radios is so slow


“We found that a significant fraction of the ‘encrypted’ P25 tactical radio traffic sent by federal law enforcement surveillance operatives is actually sent in the clear, in spite of their users’ belief that they are encrypted, and often reveals such sensitive data as the names of informants in criminal investigations,” they wrote.

The weaknesses stem from inadequacies in the standards and in their implementation.

Project 25 is a 22-year-old effort to develop standards that would let police, firefighters, and other first responders communicate across departmental and jurisdictional lines using equipment from various manufacturers. The standards include security features such as optional encryption for voice and data. The Association of Public Safety Communications Officials is leading the project, and the Telecommunications Industry Association is publishing the standards.

To date, only a couple of interface standards have been completed and fully implemented. The remaining seven interfaces are in various states of document completion, and the lack of interoperability testing makes it difficult to evaluate products.

But P25 trunked radio systems that comply with the partial suite of standards have been sold for more than a decade, and the promise of interoperability has led to widespread adoption, particularly by the federal government for surveillance and other confidential operations, the researchers said.

The university team described the existing standards as a “highly ad hoc, constrained architecture that, we note, departs in significant ways from conservative security design, does not provide clean separation of layers, and lacks a clearly stated set of requirements against which it can be tested.”

Although this does not necessarily result in vulnerabilities, when coupled with vendor implementations and complex, nonstandard user interfaces, it is difficult to analyze and ensure the security of the overall system.

The researchers found a number of protocol, implementation and user interface weaknesses that routinely leak information to a passive eavesdropper.

Although encryption is relatively straightforward in digital radio — and P25 supports Data Encryption Standard, Advanced Encryption Standard and National Security Agency-approved Type 1 encryption — it is an optional feature, and users often mistakenly broadcast sensitive information in the clear.

The researchers built a system to intercept P25 traffic with $1,000 worth of equipment and analyzed clear-text transmissions. During March, April and May, they intercepted an average of 23 minutes of sensitive information every day. The information was made available because of individual user errors, group user errors and some users' lack of proper encryption keys.

Even when encryption is used, much of the metadata that identifies the systems, talk groups, user IDs for senders and receivers, and message types are sent in the clear and available to a passive eavesdropper, the researchers found.

And users could also be tricked into not using encryption by an attacker who selectively jams encrypted traffic, the researchers said, adding that jamming was surprisingly easy to do on P25 systems. “We implemented a complete receiver and exciter for an effective P25 jammer by installing custom firmware in a $15 toy ‘instant messenger’ device marketed to preteen children.”

The jamming system required little power because it was necessary only to block a small critical section of each data frame being transmitted in order to block reception of the entire frame. Therefore, jamming a digital transmission required significantly less power than jamming the analog systems that P25 radios are intended to replace.

The jammer was built using the Texas Instruments CC1110 chip, which is used in the Girl Tech IM-Me, a toy for preteen text messaging that retails for about $30. The researchers were able to make two jammers from each toy for a net cost of about $15 each.

“A standard off-the-shelf external RF amplifier would be all that is necessary to extend this experimental apparatus to real-world, long-range use,” they wrote. “We expect that an attacker would face few technical difficulties scaling a jammer within the signal range of a typical metropolitan area.”

A number of vendors manufacture P25 radios. The University of Pennsylvania research was conducted on Motorola XTS 5000 handheld radios. A company spokesman said they have not had time to examine the report and had no comment on the findings.

Reader Comments

Tue, Oct 16, 2012

As for encrypting, it's a bad idea because of the decrease in range and penetration, plus the increased error rate in low signal areas. It's impossible to have total on-hip coverage in 100% of the target coverage area. Moreover, don't say anything via ANY electronic means that can't otherwise be said in public in the first place. That's what cell phones, not to mention old-fashioned face-to-face, is for.

Tue, Oct 16, 2012

It must be something in the water? I never met a gov official who wasn't a over paid underachiever. You can put a million dollar radio in the hands of one, and what do you have?

Mon, Aug 22, 2011

For most public safety applications, P25 encryption is a BAD idea- it kills range and building-penetration capabilities, and complicates interoperability with neighboring agencies for mutual aid. The sole exception would probably be tactical and surveilence operations- everything else, who CARES if the public is listening in? Most sensitive data is sent over digital terminals to the car radios anyway.

Thu, Aug 18, 2011 MG

This report is, in short, horse****. You can jam anything with enough power (i.e. the RF amp they had to use). If you use spread-spectrum to avoid it, municipalities need to buy the spectrum - which costs a fortune, if it's even available at all. And it ain't P-25's fault if operators are to damn stupid/cheap to implement encryption which IS available both on the SU side and network side. This reeks of politics, not science.

Mon, Aug 15, 2011

Lack of mandatory encryption is a defect in the standard. Lack of intelligent error detection that will automatically determine that current signal is corrupted and notify support staff and persons trying to comm to change frequency is unfortunate. A best case standard would allow for optional auto detect and correct sw to begin exchanging known text packets to analyze the error pattern and attempt corrective actions e.g. If front of packet is being dropped or scrambled, have sender pad front and receiver drop front of packet for x number of packets or until some inactivity period in traffic between the transmissions had elapsed

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above