Digital mobile radio

Last updated

Digital mobile radio (DMR) is a digital radio standard for voice and data transmission in non-public radio networks. It was created by the European Telecommunications Standards Institute (ETSI), [1] and is designed to be low-cost and easy to use. DMR, along with P25 phase II and NXDN are the main competitor technologies in achieving 6.25 kHz equivalent bandwidth using the proprietary AMBE+2 vocoder. DMR and P25 II both use two-slot TDMA in a 12.5 kHz channel, while NXDN uses discrete 6.25 kHz channels using frequency division and TETRA uses a four-slot TDMA in a 25 kHz channel.

Contents

DMR was designed with three tiers. DMR tiers I (Unlicensed) and II (Conventional Licensed) were first published in 2005, and DMR III (Trunked version) [2] was published in 2012, with manufacturers producing products within a few years of each publication.

The primary goal of the standard is to specify a digital system with low complexity, low cost and interoperability across brands, so radio communications purchasers are not locked into a proprietary solution.

Specifications

The DMR interface is defined by the following ETSI standards:

The DMR standard operates within the existing 12.5 kHz channel spacing used in land mobile frequency bands globally, but achieves two voice channels through two-slot TDMA technology built around a 30 ms structure. The modulation is 4-state FSK, which creates four possible symbols over the air at a rate of 4,800 symbols/s, corresponding to 9,600 bit/s. After overhead, forward error correction, and splitting into two channels, there is 2,450 bit/s left for a single voice channel using DMR, compared to 4,400 bit/s using P25 and 64,000 bit/s with traditional telephone circuits.

The standards are still (as of late 2015) under development with revisions being made regularly as more systems are deployed and improvements are discovered. [3] It is very likely that further refinements will be made to the standard, which will necessitate firmware upgrades to terminals and infrastructure in the future to take advantage of these new improvements, with potential incompatibility issues arising if this is not done.

DMR covers the RF range 30 MHz to 1 GHz.

There are DMR implementations, (as of early 2016), that operate as low as 66 MHz (within the European Union, in 'Lo-Band VHF' 66–88 MHz.) [ citation needed ]

DMR Tiers

DMR Tier I

DMR Tier I products are for licence-free use in the European PMR446 band. Tier I products are specified for non-infrastructure use only (meaning without the use of repeaters). This part of the standard provides for consumer applications and low-power commercial applications, using a maximum of 0.5 watts RF power. [4]

Note that a licence free allocation is not present at this frequency outside of Europe, which means that PMR446 radios including DMR Tier I radios can only be used legally in other countries once an appropriate radio licence is obtained by the operator.

Some DMR radios sold by Chinese manufacturers (most notably Baofeng) have been mis-labelled as DMR Tier I. A DMR Tier I radio would only use the PMR446 licencefree frequencies, and would have a maximum transmitted power of 0.5 watts as required by law for all PMR446 radios. [5]

Although the DMR standard allows Tier I DMR radios to use continuous transmission mode, all known Tier I radios currently use TDMA, the same as Tier II. This is probably due to the 40% battery savings that come with transmitting only half the time instead of continuously. [6]

DMR Tier II

DMR Tier II covers licensed conventional radio systems, mobiles and hand portables operating in PMR frequency bands from 66–960 MHz. The ETSI DMR Tier II standard is targeted at those users who need spectral efficiency, advanced voice features and integrated IP data services in licensed bands for high-power communications. A number of manufacturers have DMR Tier II compliant products on the market. ETSI DMR specifies two slot TDMA in 12.5 kHz channels for Tier II and III. [7]

DMR Tier III

A portable radio compatible with the DMR Tier III digital radio standard. DMR Tier 3 portable radio.jpg
A portable radio compatible with the DMR Tier III digital radio standard.

DMR Tier III covers trunking operation in frequency bands 66–960 MHz. Tier III supports voice and short messaging handling similar to TETRA with built-in 128 character status messaging and short messaging with up to 288 bits of data in a variety of formats. It also supports packet data service in a variety of formats, including support for IPv4 and IPv6. Tier III compliant products were launched in 2012. In April 2013, Hytera participated in the completion of the DMR Tier III interoperability (IOP) test. [8]

DMR Association

In 2005, a memorandum of understanding (MOU) was formed with potential DMR suppliers including Tait Communications, Fylde Micro, Selex, Motorola, Hytera, Sanchar Communication, Vertex Standard, Kenwood and Icom to establish common standards and interoperability. While the DMR standard does not specify the vocoder, MOU members agreed to use the half rate DVSI Advanced Multi-Band Excitation (AMBE) vocoder to ensure interoperability. In 2009, the MOU members set up the DMR Association to work on interoperability between vendors' equipment and to provide information about the DMR standard. [9] Formal interoperability testing has been taking place since 2010. Results are published on the DMR Association web site. There are approximately 40 members of the DMR Association.

The standard allows DMR manufacturers to implement additional features on top of the standards which has led to practical non-interoperability issues between brands, in contravention to the DMR MOU.

Amateur radio use

DMR is used on the amateur radio VHF and UHF bands, started by DMR-MARC around 2010.[ citation needed ] The FCC officially approved the use of DMR by amateurs in 2014. In amateur spaces, Coordinated DMR Identification Numbers are assigned and managed by RadioID Inc. Their coordinated database can be uploaded to DMR radios in order to display the name, call sign, and location of other operators. [10] Internet-linked systems such as DV Scotland Phoenix Network, BrandMeister network, TGIF, FreeDMR and several others (including several previously closed clusters which now connect to larger networks to facilitate wide-area accessibility), allow users to communicate with other users around the world via connected repeaters, or DMR "hotspots" often based on the Raspberry Pi single-board computer. There are currently more than 5,500 repeaters and 16,000 "hotspots" linked to the BrandMeister system worldwide. [11] The low-cost and increasing availability of internet-linked systems has led to a rise in DMR use on the amateur radio bands. [12] Some Raspberry Pi-based DMR hotspots, often those running the Pi-Star software, allow users to connect to multiple internet-linked DMR networks at the same time. [13] DMR hotspots are often based on the open source Multimode Digital Voice Modem, or MMDVM, hardware with firmware developed by Jonathan Naylor. [14] [15]

Encryption

Encryption was not defined in the initial releases of the DMR standard, so each DMR radio manufacturer added its own encryption protocol. These early encryption protocols are therefore incompatible with each other. For example, Hytera's Basic Encrypt encryption is completely incompatible with Motorola's Basic Encrypt encryption or Tytera's Basic Encrypt encryption.

The DMRA now manages an interoperable voice and data encryption scheme for DMR. 40 Bit ARC4, 64 bit DES, 128 and 256 bit AES options are defined. These encryption schemes are interoperable between manufacturers and support voice call late entry, multiple keys, and with no discernible degradation of voice quality. [16]

Some DMR encryption algorithms have been released, such as the PC4 released in 2015 with source code available. [17] It's a block cipher specifically designed for DMR radio communication systems. It uses 253 rounds and the key size can vary from 8 bits to 2112 bits. The block size is 49 bits, the exact size of an AMBE+ DMR voice frame.

A firmware that implements PC4 encryption is available for the Tytera MD-380 and MD-390 radios. [18]

Although most DMR encryption protocols are proprietary and not public, there is some information that can be used to define the different encryption modes that exist: AMBE frames are encrypted with a key after digitizing the analog signal. And at the reception the AMBE frames are decrypted with the same key and only then that the digital-analog conversation is made.

In Motorola Basic mode there are actually 255 fixed keys. This is a 1-character key. For example, the No. 1 key in Motorola's Basic Encryption is: 1F001F001F0000 This means that each 49-bit AMBE frame is encrypted by XOR with the key 1F001F001F0000. [19]

The Basic mode from other manufacturers offers 10, 32 or 64 character keys to produce a 882-bit fixed string of random characters that will be XOR with AMBE frames. But instead of encrypting each AMBE frame with a fixed key, an entire superframe is encrypted with this fixed string. A superframe contains 18 AMBE frames, i.e. 882 bits, and it is these 882 bits that will be encrypted with this 882-bit fixed string.

PC4 encryption mode encrypts an entire 49-bit frame in ECB mode. A single bit that differs makes the entire encrypted block completely different.

For the Enhanced (ARC4) or Advanced (AES) mode, a complete superframe is also encrypted, but a 32-bit IV (initialization vector) is added. Thus, each superframe will be encrypted differently. And there are 2^32 (2 power 32) possible vectors of initialization. Thanks to the initialization vector, the encryption is no longer fixed for the same key, but changes with each superframe.

In the DMR standard there was no place to store this IV, so the IV (with the addition of an error-correcting code, for a total of 72 bits) is inserted into each 49-bit AMBE frame due to 4 bits per frame (the low-order bits). These 4 bits are therefore lost and it degrades the voice quality, which is not the case with fixed ciphers in Basic mode. 18 AMBE frames of 49 bits with 4 bits in each gives 72 bits (18*4).

Weaknesses in ARC4 DMRA

Motorola has created its standard so that the 40-bit ARC4 (Alleged RC4) can withstand casual attackers. It is supposed to offer 40-bit security, where an attacker must test the 2 to the power of 40 possible keys to find the right one.

RC4 encryption is a stream cipher that must use an IV (Initialization_vector) each time it performs encryption. The size of this IV should be large enough so that there is no repetition of this IV during the entire use of the same key.

RC4 weak IV encryption have already been compromised in the WEP Wi-Fi encryption system because the IV size was too short (24 bits).

Motorola has opted to use a slightly longer IV size (32-bit) but not that much longer than the WEP's 24-bit IV. Motorola calls this IV the MI (Message Indicator).

Motorola's official explanation for this short IV, is that the DMR standard was not originally intended for encryption and that they had to use bits from voice frames to put the IV into it. To avoid degrading the voice too much, only 32 bits can be inserted.

According to the author of the DSD-FME software, a DMR specialist, this claim is false because there is the possibility of creating custom DMR frames. Such a frame could therefore have contained a large IV (128 bits for example). [20]

Some users discovered that Anytone radios (such as the Anytone 878) using ARC4, had the IV constant (0x12345678) at the beginning of each transmission. [21] This flaw was fixed in AnyTone D878UVII firmware update V3.03 (2023-12-18).: 5. Modify the firmware to make the AES encryption have a variable Vector(IV) instead of fixed "12345678".

The Motorola ARC4 DMRA should by design provide at least 4 billion different IVs, so there should be 4 billion superframes with a different IV (2^32-bits possible IVs).

But one user discovered that Motorola uses a non-primitive LFSR for the ARC4 to generate the IVs. The generator used x^32 + x^4 + x^2 + 1 is non-primitive and generates short cycles. Instead of 4 billion different IVs, there are only 294903 different IVs. So instead of a 32-bit IV, you get an 18-bit IV, which is much shorter than the 24-bit WEP Wi-Fi IV. [22]

It doesn't seem conceivable that it was a mistake on Motorola's part to have used a non-primitive IV in its standard, so the mistake seems to be intentional. It may be a backdoor.

If such a backdoor has been introduced in the ARC4 DMRA standard, one can wonder about the security of the AES256 DMRA standard, although no backdoor has been made public at the moment.

According to cryptologist Eric Filiol, it is likely that all exported products with a key length of more than 56 bits have a backdoor, as this is a legal requirement due to the Wassenaar Arrangement. [23] [24]

See also

Related Research Articles

<span class="mw-page-title-main">Digital enhanced cordless telecommunications</span> ITU Standard for cordless telephone systems

Digital Enhanced Cordless Telecommunications (DECT) is a cordless telephony standard maintained by ETSI. It originated in Europe, where it is the common standard, replacing earlier standards, such as CT1 and CT2. Since the DECT-2020 standard onwards, it also includes IoT communication.

<span class="mw-page-title-main">GSM</span> Cellular telephone network standard

The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. GSM is also a trade mark owned by the GSM Association. GSM may also refer to the Full Rate voice codec.

In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between segments of the encrypted message. For block ciphers, the use of an IV is described by the modes of operation.

Terrestrial Trunked Radio, a European standard for a trunked radio system, is a professional mobile radio and two-way transceiver specification. TETRA was specifically designed for use by government agencies, emergency services, for public safety networks, rail transport staff for train radios, transport services and the military. TETRA is the European version of trunked radio, similar to Project 25.

<span class="mw-page-title-main">PMR446</span> Licence-free radio in UK and Europe

PMR446 is a licence-exempt service in the UHF radio frequency band and is available for business and personal use in most countries throughout the European Union.

<span class="mw-page-title-main">Project 25</span> Set of Telecommunications Standards

Project 25 is a suite of standards for interoperable digital two-way radio products. P25 was developed by public safety professionals in North America and has gained acceptance for public safety, security, public service, and commercial applications worldwide. P25 radios are a direct replacement for analog UHF radios, adding the ability to transfer data as well as voice for more natural implementations of encryption and text messaging. P25 radios are commonly implemented by dispatch organizations, such as police, fire, ambulance and emergency rescue service, using vehicle-mounted radios combined with repeaters and handheld walkie-talkie use.

The Secure Communications Interoperability Protocol (SCIP) is a US standard for secure voice and data communication, for circuit-switched one-to-one connections, not packet-switched networks. SCIP derived from the US Government Future Narrowband Digital Terminal (FNBDT) project. SCIP supports a number of different modes, including national and multinational modes which employ different cryptography. Many nations and industries develop SCIP devices to support the multinational and national modes of SCIP.

In cryptography, ciphertext stealing (CTS) is a general method of using a block cipher mode of operation that allows for processing of messages that are not evenly divisible into blocks without resulting in any expansion of the ciphertext, at the cost of slightly increased complexity.

<span class="mw-page-title-main">Secure voice</span> Encrypted voice communication

Secure voice is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.

Disk encryption is a special case of data at rest protection when the storage medium is a sector-addressable device. This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion of different software packages and hardware devices devoted to this problem, see disk encryption software and disk encryption hardware.

MPT 1327 is an industry standard for trunked radio communications networks.

Multi-Band Excitation (MBE) is a series of proprietary speech coding standards developed by Digital Voice Systems, Inc. (DVSI).

This is a technical feature comparison of different disk encryption software.

ASTRO 25 is a generation of ASTRO digital two-way radio communications by Motorola Solutions. Motorola first introduced digital two-way radio in the U.S. in 1991 under the name ASTRO Digital Solutions.

Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.

FASCINATOR is a series of Type 1 encryption modules designed in the late-1980s to be installed in Motorola SECURENET-capable voice radios. These radios were originally built to accept a DES-based encryption module that was not approved by NSA for classified communications. The FASCINATOR modules replaced the DES units and can be used for classified conversations at all levels when used with appropriately classified keys. FASCINATOR operates at 12 kbit/s for encryption and decryption. It is not compatible with DES-based voice systems.

<span class="mw-page-title-main">NXDN</span> Radio standard

NXDN stands for Next Generation Digital Narrowband, and is an open standard for public land mobile radio systems; that is, systems of two-way radios (transceivers) for bidirectional person-to-person voice communication. It was developed jointly by Icom Incorporated and Kenwood Corporation as an advanced digital system using FSK modulation that supports encrypted transmission and data as well as voice transmission. Like other land mobile systems, NXDN systems use the VHF and UHF frequency bands. It is also used as a niche mode in amateur radio.

<span class="mw-page-title-main">Digital private mobile radio</span> Type of digital radio service

dPMR or digital private mobile radio, is a common air interface for digital mobile communications. dPMR is an open, non-proprietary standard that was developed by the European Telecommunications Standards Institute (ETSI) and published under the reference ETSI TS 102 658.

<span class="mw-page-title-main">M17 (amateur radio)</span> Open source amateur radio mode

M17 is a digital radio modulation mode developed by Wojciech Kaczmarski et al. M17 is primarily designed for voice communications on the VHF amateur radio bands, and above. The project received a grant from the Amateur Radio Digital Communications in 2021 and 2022. The protocol has been integrated into several hardware and software projects. In 2021, Kaczmarski received the ARRL Technical Innovation Award for developing an open-source digital radio communication protocol, leading to further advancements in amateur radio.

References

  1. ETSI. "DMR Standard Overview" (PDF). ETSI. Archived from the original (PDF) on 2018-11-10. Retrieved 22 March 2012.
  2. "Benefits and features of DMR White Paper" (PDF). DMR Association. p. 15. Retrieved 5 April 2024.
  3. DMR association press release Oct 27 2015 stating revision to standard Archived 2015-11-08 at the Wayback Machine
  4. "DMR Association | Infrastructure and Mobile Terminals". Archived from the original on 2015-02-04. Retrieved 2015-01-12.
  5. "A guide to the new PMR446 license-free radio frequencies following ECC Decision (15)05" (PDF). Kenwood. Retrieved 7 February 2018.
  6. "Two-way radios and battery life". Hytera UK. Retrieved 19 October 2020.
  7. "ETSI TS 102 361-1, DMR Air Interface PRotocol" (PDF).
  8. "DMR Association announces completion of three interoperability testing sessions" (PDF). www.dmrassociation.org. April 3, 2013.
  9. "DMR Association".
  10. "RadioID - Home". www.radioid.net. Retrieved 2021-02-25.
  11. "Dashboard | BrandMeister". brandmeister.network. Retrieved 2023-01-27.
  12. "About Us". BridgeCom Systems, Inc. Retrieved 2021-02-25.
  13. "Hotspots". DMR For Dummies. Retrieved 14 June 2022.
  14. Naylor, Jonathan. "g4klx (Jonathan Naylor)". GitHub. Retrieved 14 June 2022.
  15. "MMDVM - Multi Mode Digital Voice Modem - VK3FS". VK3FS. Retrieved 14 June 2022.
  16. Bohn, Tom (March 30, 2023). "DMR Association DMR Feature Evolution" (PDF). DMR_Association_DMR_Feature_Evolution. Archived from the original (PDF) on Aug 5, 2024. Retrieved Aug 5, 2024.
  17. "PC4 encryption cipher source code". Pastebin.com.
  18. "Voice Crypt Firmware". Archive.org. 2018.
  19. "Motorola Basic Encryption's analysis". Github. 2021.
  20. "Create IVs without using voice frames". Radioreference.com. 2023.
  21. "Constant IV with the Anytone 878 in RC4 and AES". Radioreference.com. 2017.
  22. "Non-primitive LFSR in ARC4 DMRA". Radioreference.com. 2023.
  23. "Interview with cryptologist Eric Filiol". theregister.com. 2017.
  24. "Backdoors analysis" (PDF). blackhat.com. 2017.