How to Secure Your Voice Communications
by Jim Gilley
Wireless communications provide us convenience, but also provide criminals access to our secrets.
We acknowledge that anyone can easily monitor our wireless communications, but we may not fully appreciate our vulnerability to eavesdropping. What would happen if an eavesdropper discovered our secrets? How can we prevent this from happening?
Our Need for Communications Security
Communications security, also called COMSEC, is protection against unauthorized persons accessing information present in our communications. Three conditions establish our need for communications security:
- Our communications contain secret information.
- Eavesdroppers desire to intercept and exploit our secrets.
- We will suffer harm if eavesdroppers compromise our secrets.
Secret information can cause harm if it falls into the wrong hands. Can the information we communicate via wireless endanger lives and property? Sometimes it can. Consider the example of combat troops receiving tactical information via wireless. Their safety and success depends on that information remaining secret. But eavesdroppers can profit from information far less conspicuous than military secrets. Criminals commit fraud and theft using seemingly innocent information, such as a persons name and date of birth. As a result, we should assume that most communications contain information eavesdroppers find valuable.
In addition to its value, we must also consider the lifespan of secret information: how long it remains valuable. Some secrets remain valuable for a long time, making them more challenging to protect, whereas other secrets lose their value rapidly. Returning to the military example, tactical information is extremely valuable prior to and during a battle, but becomes nearly useless once the battle is finished.
The value and lifespan of secret information would not matter if there were no eavesdroppers. Unfortunately, eavesdroppers intercept our wireless communications and use our secrets for their own nefarious purposes. Even worse, we have no way of knowing if an eavesdropper has intercepted our communications because eavesdropping is anonymous, in addition to being easy and inexpensive. Until we can magically rid the planet of eavesdroppers, we should assume that they will intercept all our wireless communications, and we must protect our secrets accordingly.
We must protect our secrets because we know that eavesdroppers are listening, but what level of protection do we need? To answer that question, we must understand who the eavesdroppers are, what they are capable of, and why they are motivated. Knowledge of an eavesdroppers capabilities and motivation helps us determine how well we need to protect our secrets. A terrorist is more of a threat than a petty thief is. A well-funded drug cartel can afford more sophisticated monitoring equipment than a hobbyist can. Furthermore, technology improves the eavesdroppers ability to intercept our communications faster than it improves our ability to protect our communications. We must stay current with technology if we want to keep our secrets safe.
If our communications contain secrets, an eavesdropper might intercept these and use them to harm us. We must consider the consequences by asking ourselves:
- How likely is it that an eavesdropper will intercept our secrets?
- What is the impact should this occur?
Security professionals refer to the combination of likelihood and impact as risk. To determine risk, we estimate the potential damage caused by a compromise of our secrets, then we combine this with our estimate of the probability that damage will occur. By understanding the risk associated with our wireless communications, we can determine our need for communications security. Risk determines our need for communications security. If information intercepted by eavesdroppers cannot harm us, we do not require communications security. A terrorist probably cannot cause death and destruction based solely upon information gathered from the routine communications of a dogcatcher. On the other hand, if we communicate extremely sensitive information, operate under a very high threat level, and face dire consequences if an eavesdropper compromises our secrets, then we need the very best communications security. For example, tactical military communications require the highest level of communications security.
Most real-world situations we confront probably lie somewhere between these two extremes. As we choose a communications security solution, we should consider our unique risk environment.
Communications Security Equipment
Now that we appreciate our need for communications security, we are ready to learn about communications security equipment. Communications security equipment obscures the information present in wireless communications, thereby thwarting eavesdroppers.
Ideally, communications security equipment transforms speech so that the result reveals no clues about the original speech, thus effectively obscuring any information an eavesdropper might intercept. An authorized receiver must reverse this transformation in order to recover the original speech. In order to prevent eavesdroppers from recovering the speech, a secret key selects one specific transformation from many possible transformations. The equipment must provide enough keys (and transformations) so that an eavesdropper cannot discover the correct key simply by trying every possible key. All authorized users must share the key prior to communicating, and they must keep it secret.
All communications security equipment, be it analog or digital, operates in the manner just described. However, analog communications security equipment differs from digital communications security equipment in several important ways, as we shall soon discover.
Analog Scrambling
ANALOG SCRAMBLER
With analog communications security, often called scrambling, a scrambler manipulates the analog properties of speech, rendering the result unintelligible to eavesdroppers. Analog scrambling may alter speech in the time domain, frequency domain or both, and these alterations may be constant or may change rapidly. But because speech contains so much redundancy, we can understand even heavily distorted speech, making secure analog scrambling very difficult. Scrambled speech still sounds like speech, even though we cannot understand what is being said.
Analog scramblers use, with varying degrees of success, many different techniques to achieve security. However, the scrambled signal retains many clues about the original speech, and eavesdroppers are increasingly able to defeat analog scrambling by using these clues. Nonetheless, analog scrambling can provide an acceptable level of security under certain circumstances, such as when secrets lose their value very rapidly.
Digital Encryption
DIGITAL ENCRYPTION MODULE
With digital communications security, often called encryption, an encryptor converts analog speech into digital information called plaintext, then encrypts the plaintext using a cipher, and produces a digital output called ciphertext. Encrypted speech sounds like noise, and breaking it requires the ability to break the underlying cipher, an impossible feat if the cipher is well designed. Since eavesdroppers learn nothing about the original speech by listening to the ciphertext, digital encryption provides more security than analog scrambling.
Digital encryption is available for both analog and digital radios. Many people mistakenly assume that all digital radios are inherently secure, but this is not so. Today, eavesdroppers can purchase digital scanners, allowing them to monitor digital radio communications. Only when a digital radio uses encryption is it secure.
Questions We Should Ask
From the wide range of communications security equipment available, we must select the equipment that best meets our specific needs. Each environment has its own unique set of circumstances that determine the communications security we require. How do we know if a particular solution meets our needs? The questions that follow will help us make the right choice.
Although communications security is our ultimate goal, cost usually becomes the predominant factor. How much will communications security cost? This depends on our approach. If money is no object, we might completely replace our existing analog radio system with an encrypted digital radio system. If funds are more limited, we might upgrade our analog system by adding digital encryption. If money is very tight, we might upgrade only a small portion of our system, or we might use analog scrambling, which is less expensive than digital encryption.
Regardless of cost, the equipment we select must work with our existing radio system. Does the equipment work with the specific makes and models of radios and infrastructure we have? Does the equipment work with all the various signaling (CTCSS, DTMF, MDC, etc.) we use in our system? Is the equipment compatible with our trunking, voting and simulcast systems? Can the vendor demonstrate their equipment working properly in our system before we make a decision to purchase?
Communications security equipment must not only work well in our system, it also must be transparent to our end users, or it will fail to achieve our objective. If the equipment is difficult or annoying to use, people will simply avoid using it. How much inconvenience and frustration does the equipment cause? How much training do users need and what procedures must they follow?
Sometimes solving one problem creates another problem. For instance, if communications security equipment adversely affects the performance of our radio system, we may unintentionally endanger those we aim to protect. Does the equipment degrade audio quality or radio range? How does the equipment affect battery life of portable radios? Does the equipment cause difficulty and confusion during an emergency?
All communications security equipment requires management and maintenance if it is to remain secure. If we deploy a system, but leave the secret key the same forever, we have achieved no real security. If equipment is difficult to manage and maintain, security will lapse. How hard is it to change keys? How much additional equipment must we purchase to manage keys? Do we have to protect the equipment against theft and tampering? Which personnel does the equipment require us to trust implicitly? How much damage can a rogue within our organization cause?
We want communications security equipment that offers good value. How well does the equipment meet our real needs? Who will provide (and pay for) assistance and support when things stop working, and for how long? Will the equipment provide adequate security for a long time, or will advances in technology render it obsolete and ineffective? Does the vendor have a favorable reputation with their existing customers? Will the vendor exist five years from now?
Summary
We cannot achieve perfect communications security, since all systems can be attacked in one way or another. Instead of seeking perfection, we must concentrate on our primary objective: keeping our secrets out of the hands of eavesdroppers so that they cannot use these secrets to harm us. We use communications security equipment to minimize the probability and impact of an eavesdropper successfully exploiting our secrets. Most importantly, we choose equipment based on our specific needs.
Whether a system provides communications security or physical security, security can never be any stronger than the strength of the weakest link. Securing a bank vault with a shoestring is as foolish as padlocking a wet paper bag. Evildoers will always target the soft underbelly of our system. Criminals can steal secure radios far more easily than they can cryptanaiyze ciphertext. Our enemys ability to bribe or blackmail our staff into compromising security may be greater than our ability to educate and motivate our staff to behave in a way that preserves security.
By understanding the value of our secrets, the capabilities and motivations of eavesdroppers, and the consequences of a compromise, we can determine the level of communications security we require to remain safe. By knowing the right questions to ask, we can select the best equipment for our specific requirements. By focusing on our real objective, we can protect ourselves from harm and prevent mistakes that lead to disaster.
|