In a recent research paper [pdf], we analyzed the security features of the APCO Project 25 (P25) digital two-way radio system. P25 radios are widely deployed in the United States and elsewhere by state, local and federal agencies, first responders, and other public safety organizations.

The P25 security features, in which voice traffic can be encrypted with a secret key to frustrate unauthorized eavesdropping, are used to protect sensitive communications in surveillance and other tactical law enforcement, military and national security operations. Because radio signals are inherently easy to detect and intercept, encryption is the primary mechanism used to secure sensitive P25 traffic.

Our analysis found significant -- and exploitable -- security deficiencies in the P25 standard and in the products that implement it. These weaknesses, which apply even when encryption is properly configured, leak data about the identity of transmitting radios, enable active tracking and direction finding of idle (non-transmitting) users, allow highly efficient (low-energy) malicious jamming and denial of service, and permit injection of unauthenticated traffic into secured channels.


Unfortunately, many of these vulnerabilities result from basic design flaws in the P25 protocols and products, and, until the standard is changed and products are upgraded, cannot be effectively defended against by end users or P25 system administrators. While we are unaware of incidents of criminals carrying out the active attacks we discovered, the hardware resources required to conduct them are relatively modest. As technology advances, these attacks will demand increasingly fewer resources and less sophistication to carry out.

However, in addition to active attacks against P25, we also discovered a serious practical problem that can be exploited easily today against fielded P25 systems: a significant fraction of sensitive traffic that users believe is encrypted is actually being sent in the clear. In the metropolitan areas we sampled, we intercepted literally thousands of unintended clear transmissions each day, often revealing highly sensitive tactical, operational, and investigative data.

In every tactical system we monitored, encryption was available and enabled in the radios' configurations (and, indeed, was used correctly for the majority of traffic). Yet among the encrypted traffic were numerous sensitive transmissions sent in the clear, without their users' apparent knowledge. Virtually every agency using P25 security features appears to suffer from frequent unintended clear transmission, including federal law enforcement and security agencies that conduct operations against sophisticated adversaries.