Motorola Encryption Topics
From The RadioReference Wiki
Secure radios and infrastructure are nothing new for Motorola. Beginning in the era of the Expo and MX300, Motorola’s digital encryption gained a majority share of the market for those customers with the money to invest in the subscriber equipment and infrastructure required to support digital encryption. Over 10 years ago, I wrote a fairly simple article that provided a method to explain what I knew about Motorola encryption products. It has some errors, but I think it was fairly well received and is still available:
At the time, this was a pretty good description of Motorola two-way encryption products and protocols but technology has changed significantly since I wrote the original article. Most of the basics still apply, but it’s seriously lacking in that it doesn’t even touch on Astro products. Realizing the need to update the information in the original document, I have written this one. This document replaces the original in its entirety.
One aspect of encryption that wasn’t touched on in the original article is the role of the National Institute of Stanards and Technology (NIST) (http://www.nist.gov). NIST certifies all public use encryption products using government standards known as "FIPS", or Federal Information Processing Standards. The five FIPS that are most pertinent to this document are:
- FIPS 46-2 http://www.itl.nist.gov/fipspubs/fip46-2.htm
- FIPS 81 http://www.itl.nist.gov/fipspubs/fip81.htm
- FIPS 140-1 http://www.itl.nist.gov/fipspubs/fip140-1.htm
- FIPS 140-2 http://csrc.nist.gov/cryptval/140-2.htm
- FIPS 197 http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
There are many other documents that provide good information on the NIST website but are beyond the scope of this document (and probably some that I’ve missed). I encourage you to visit their website to review some of the history behind the products that are discussed in this article.
Although there are still some non-digital encryption devices still in use, including simple speech inversion products, the majority of devices currently in use are of the digital variety. Motorola voice privacy is referred to simply as "SECURENET", which is a trademarked term that Motorola uses to identify their digital encryption products.There are five different basic encryption protocols, two of which have distinct variations, for a total of eight unique (and non-compatible) encryption protocols. They are (in no particular order): DVP, DVP-XL, DES, DES-XL, DES-OFB, DVI-XL, ADP and AES-256. Each of the eight protocols use a field inserted "key", which is what makes the communications secure. It’s a simple concept – without the proper encryption key loaded into your radio to decrypt the inbound audio, you will not be able to hear intelligible radio traffic. Starting with plain analog FM wideband voice – NOT Astro VSELP or IMBE digital voice – the DVP and DES algorithms convert the analog carrier (i.e. voice) to digital using a technique known as CVSD (Continuously Variable Slope Delta) modulation with a sample rate of 12kbps. (Don’t ask – beyond the scope of this document) This digital bit stream is then sent to the cryptographic module for encryption and finally to the PA circuitry for transmission. This end-to-end process from analog voice to digitization to transmission and back is now known as "12kbps Analog Securenet" and sounds like white noise (open squelch) with a faint beep at the end of the transmission (i.e. SSSSSHHHHHHHHHHHHHH…beep) Keep in mind that all radios must use the exact same type of encryption to intercommunicate in the secure mode (DVP-DVP, DES-XL-DES-XL, etc.), with one notable exception: DES-XL radios are capable of software configuration to disable their “-XL�? features, enabling them to communicate with non-XL DES equipped radios.
The Original, DVP
DVP was a term that Motorola used for their initial entry into the digital voice encryption product market and is a proprietary protocol that utilizes the CVSD modulation scheme previously discussed. Depending on who you ask and which book your read, the acronym DVP can have two different breakdowns: Digital Voice Privacy or Digital Voice Protection (both refer to the same thing – first generation Securenet products). DVP uses a self-synchronizing encryption technique known as cipher feedback (CFB). The basic DVP algorithm is capable of 2.36 x 1021 different "keys" based on a key length of 32 bits. There are many different patents discussing voice privacy techniques, but I think this one from 1972 best describes DVP (even though DVP is not used to describe it):
Another document that does specifically discuss DVP can be accessed at:
The first-generation DVP protocol and associated infrastructure equipment is no longer supported by Motorola.