Safe and sound: a safety-critical approach to security
Proceedings of the 2001 workshop on New security paradigms
A software-defined radio receiver for APCO project 25 signals
Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Mobile location tracking in metro areas: malnets and others
Proceedings of the 17th ACM conference on Computer and communications security
SP'11 Proceedings of the 19th international conference on Security Protocols
SP'11 Proceedings of the 19th international conference on Security Protocols
Neighborhood watch: security and privacy analysis of automatic meter reading systems
Proceedings of the 2012 ACM conference on Computer and communications security
The usability of truecrypt, or how i learned to stop whining and fix an interface
Proceedings of the third ACM conference on Data and application security and privacy
Confused Johnny: when automatic encryption leads to confusion and mistakes
Proceedings of the Ninth Symposium on Usable Privacy and Security
An empirical study of cryptographic misuse in android applications
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
APCO Project 25 ("P25") is a suite of wireless communications protocols used in the US and elsewhere for public safety two-way (voice) radio systems. The protocols include security options in which voice and data traffic can be cryptographically protected from eavesdropping. This paper analyzes the security of P25 systems against both passive and active adversaries. We found a number of protocol, implementation, and user interface weaknesses that routinely leak information to a passive eavesdropper or that permit highly efficient and difficult to detect active attacks. We introduce new selective subframe jamming attacks against P25, in which an active attacker with very modest resources can prevent specific kinds of traffic (such as encrypted messages) from being received, while emitting only a small fraction of the aggregate power of the legitimate transmitter. We also found that even the passive attacks represent a serious practical threat. In a study we conducted over a two year period in several US metropolitan areas, we found that a significant fraction of the "encrypted" P25 tactical radio traffic sent by federal law enforcement surveillance operatives is actually sent in the clear, in spite of their users' belief that they are encrypted, and often reveals such sensitive data as the names of informants in criminal investigations.