Digital mobile radio

Digital mobile radio (DMR) is a digital radio standard for voice and data transmission in non-public radio networks. It was created by the European Telecommunications Standards Institute (ETSI),[1] and is designed to be low-cost and easy to use. DMR, along with P25 phase II and NXDN are the main competitor technologies in achieving 6.25 kHz equivalent bandwidth using the proprietary AMBE+2 vocoder. DMR and P25 II both use two-slot TDMA in a 12.5 kHz channel, while NXDN uses discrete 6.25 kHz channels using frequency division and TETRA uses a four-slot TDMA in a 25 kHz channel.

DMR was designed with three tiers. DMR tiers I (Unlicensed) and II (Conventional Licensed) were first published in 2005, and DMR III (Trunked version)[2] was published in 2012, with manufacturers producing products within a few years of each publication.

The primary goal of the standard is to specify a digital system with low complexity, low cost and interoperability across brands, so radio communications purchasers are not locked into a proprietary solution.

Specifications

[edit]

The DMR interface is defined by the following ETSI standards:

  • TS 102 361-1: Air interface protocol
  • TS 102 361-2: Voice and General services and facilities
  • TS 102 361-3: Data protocol
  • TS 102 361-4: Trunking protocol

The DMR standard operates within the existing 12.5 kHz channel spacing used in land mobile frequency bands globally, but achieves two voice channels through two-slot TDMA technology built around a 30 ms structure. The modulation is 4-state FSK, which creates four possible symbols over the air at a rate of 4,800 symbols/s, corresponding to 9,600 bit/s. After overhead, forward error correction, and splitting into two channels, there is 2,450 bit/s left for a single voice channel using DMR, compared to 4,400 bit/s using P25 and 64,000 bit/s with traditional telephone circuits.

The standards are still (as of late 2015) under development with revisions being made regularly as more systems are deployed and improvements are discovered.[3] It is very likely that further refinements will be made to the standard, which will necessitate firmware upgrades to terminals and infrastructure in the future to take advantage of these new improvements, with potential incompatibility issues arising if this is not done.

DMR covers the RF range 30 MHz to 1 GHz.

There are DMR implementations, (as of early 2016), that operate as low as 66 MHz (within the European Union, in 'Lo-Band VHF' 66–88 MHz.) [citation needed]

DMR Tiers

[edit]

DMR Tier I

[edit]

DMR Tier I products are for licence-free use in the European PMR446 band. Tier I products are specified for non-infrastructure use only (meaning without the use of repeaters). This part of the standard provides for consumer applications and low-power commercial applications, using a maximum of 0.5 watts RF power.[4]

Note that a licence free allocation is not present at this frequency outside of Europe, which means that PMR446 radios including DMR Tier I radios can only be used legally in other countries once an appropriate radio licence is obtained by the operator.

Some DMR radios sold by Chinese manufacturers (most notably Baofeng) have been mis-labelled as DMR Tier I. A DMR Tier I radio would only use the PMR446 licence–free frequencies, and would have a maximum transmitted power of 0.5 watts as required by law for all PMR446 radios.[5]

Although the DMR standard allows Tier I DMR radios to use continuous transmission mode, all known Tier I radios currently use TDMA, the same as Tier II. This is probably due to the 40% battery savings that come with transmitting only half the time instead of continuously.[6]

DMR Tier II

[edit]

DMR Tier II covers licensed conventional radio systems, mobiles and hand portables operating in PMR frequency bands from 66–960 MHz. The ETSI DMR Tier II standard is targeted at those users who need spectral efficiency, advanced voice features and integrated IP data services in licensed bands for high-power communications. A number of manufacturers have DMR Tier II compliant products on the market. ETSI DMR specifies two slot TDMA in 12.5 kHz channels for Tier II and III.[7]

DMR Tier III

[edit]
A portable radio compatible with the DMR Tier III digital radio standard.

DMR Tier III covers trunking operation in frequency bands 66–960 MHz. Tier III supports voice and short messaging handling similar to TETRA with built-in 128 character status messaging and short messaging with up to 288 bits of data in a variety of formats. It also supports packet data service in a variety of formats, including support for IPv4 and IPv6. Tier III compliant products were launched in 2012. In April 2013, Hytera participated in the completion of the DMR Tier III interoperability (IOP) test.[8]

DMR Association

[edit]

In 2005, a memorandum of understanding (MOU) was formed with potential DMR suppliers including Tait Communications, Fylde Micro, Selex, Motorola, Hytera, Sanchar Communication, Vertex Standard, Kenwood and Icom to establish common standards and interoperability. While the DMR standard does not specify the vocoder, MOU members agreed to use the half rate DVSI Advanced Multi-Band Excitation (AMBE) vocoder to ensure interoperability. In 2009, the MOU members set up the DMR Association to work on interoperability between vendors' equipment and to provide information about the DMR standard.[9] Formal interoperability testing has been taking place since 2010. Results are published on the DMR Association web site. There are approximately 40 members of the DMR Association.

The standard allows DMR manufacturers to implement additional features on top of the standards which has led to practical non-interoperability issues between brands, in contravention to the DMR MOU.

Amateur radio use

[edit]

DMR is used on the amateur radio VHF and UHF bands, started by DMR-MARC around 2010.[citation needed] The FCC officially approved the use of DMR by amateurs in the USA in 2014. In amateur spaces, Coordinated DMR Identification Numbers are assigned and managed by RadioID Inc. Their coordinated database can be uploaded to DMR radios in order to display the name, call sign, and location of other operators.[10] Internet-linked systems such as DV Scotland Phoenix Network, BrandMeister network, TGIF, FreeDMR and several others (including several previously closed clusters which now connect to larger networks to facilitate wide-area accessibility), allow users to communicate with other users around the world via connected repeaters, or DMR "hotspots" often based on the Raspberry Pi single-board computer. There are currently more than 5,500 repeaters and 16,000 "hotspots" linked to the BrandMeister system worldwide.[11] The low-cost and increasing availability of internet-linked systems has led to a rise in DMR use on the amateur radio bands.[12] Some Raspberry Pi-based DMR hotspots, often those running the Pi-Star software, allow users to connect to multiple internet-linked DMR networks at the same time.[13] DMR hotspots are often based on the open source Multimode Digital Voice Modem, or MMDVM, hardware with firmware developed by Jonathan Naylor.[14][15]

Encryption

[edit]

Encryption was not defined in the initial releases of the DMR standard, so each DMR radio manufacturer added its own encryption protocol. These early encryption protocols are therefore incompatible with each other. For example, Hytera's Basic Encrypt encryption is completely incompatible with Motorola's Basic Encrypt encryption or Tytera's Basic Encrypt encryption.

The DMRA now manages an interoperable voice and data encryption scheme for DMR. 40 Bit ARC4, 64 bit DES, 128 and 256 bit AES options are defined. These encryption schemes are interoperable between manufacturers and support voice call late entry, multiple keys, and with no discernible degradation of voice quality.[16]

Some DMR encryption algorithms have been released, such as the PC4 released in 2015 with source code available.[17] It's a block cipher specifically designed for DMR radio communication systems. It uses 253 rounds and the key size can vary from 8 bits to 2112 bits. The block size is 49 bits, the exact size of an AMBE+ DMR voice frame.

A firmware that implements PC4 encryption is available for the Tytera MD-380 and MD-390 radios.[18]

Although most DMR encryption protocols are proprietary and not public, there is some information that can be used to define the different encryption modes that exist: AMBE frames are encrypted with a key after digitizing the analog signal. And at the reception the AMBE frames are decrypted with the same key and only then that the digital-analog conversation is made.

In Motorola Basic mode there are actually 255 fixed keys. This is a 1-character key. For example, the No. 1 key in Motorola's Basic Encryption is: 1F001F001F0000 This means that each 49-bit AMBE frame is encrypted by XOR with the key 1F001F001F0000.[19]

The Basic mode from other manufacturers offers 10, 32 or 64 character keys to produce a 882-bit fixed string of random characters that will be XOR with AMBE frames. But instead of encrypting each AMBE frame with a fixed key, an entire superframe is encrypted with this fixed string. A superframe contains 18 AMBE frames, i.e. 882 bits, and it is these 882 bits that will be encrypted with this 882-bit fixed string.

PC4 encryption mode encrypts an entire 49-bit frame in ECB mode. A single bit that differs makes the entire encrypted block completely different.

For the Enhanced (ARC4) or Advanced (AES) mode, a complete superframe is also encrypted, but a 32-bit IV (initialization vector) is added. Thus, each superframe will be encrypted differently. And there are 2^32 (2 power 32) possible vectors of initialization. Thanks to the initialization vector, the encryption is no longer fixed for the same key, but changes with each superframe.

In the DMR standard there was no place to store this IV, so the IV (with the addition of an error-correcting code, for a total of 72 bits) is inserted into each 49-bit AMBE frame due to 4 bits per frame (the low-order bits). These 4 bits are therefore lost and it degrades the voice quality, which is not the case with fixed ciphers in Basic mode. 18 AMBE frames of 49 bits with 4 bits in each gives 72 bits (18*4).

Weaknesses in ARC4 DMRA

[edit]

Motorola has created its standard so that the 40-bit ARC4 (Alleged RC4) can withstand casual attackers. It is supposed to offer 40-bit security, where an attacker must test the 2 to the power of 40 possible keys to find the right one.

RC4 encryption is a stream cipher that must use an IV (Initialization_vector) each time it performs encryption. The size of this IV should be large enough so that there is no repetition of this IV during the entire use of the same key.

RC4 weak IV encryption have already been compromised in the WEP Wi-Fi encryption system because the IV size was too short (24 bits).

Motorola has opted to use a slightly longer IV size (32-bit) but not that much longer than the WEP's 24-bit IV. Motorola calls this IV the MI (Message Indicator).

Motorola's official explanation for this short IV, is that the DMR standard was not originally intended for encryption and that they had to use bits from voice frames to put the IV into it. To avoid degrading the voice too much, only 32 bits can be inserted.

According to the author of the DSD-FME software, a DMR specialist, this claim is false because there is the possibility of creating custom DMR frames. Such a frame could therefore have contained a large IV (128 bits for example).[20]

Some users discovered that Anytone radios (such as the Anytone 878) using ARC4, had the IV constant (0x12345678) at the beginning of each transmission.[21] This flaw was fixed in AnyTone D878UVII firmware update V3.03 (2023-12-18).: 5. Modify the firmware to make the AES encryption have a variable Vector(IV) instead of fixed "12345678".

The Motorola ARC4 DMRA should by design provide at least 4 billion different IVs, so there should be 4 billion superframes with a different IV (2^32-bits possible IVs).

But one user discovered that Motorola uses a non-primitive LFSR for the ARC4 to generate the IVs. The generator used x^32 + x^4 + x^2 + 1 is non-primitive and generates short cycles. Instead of 4 billion different IVs, there are only 294903 different IVs. So instead of a 32-bit IV, you get an 18-bit IV, which is much shorter than the 24-bit WEP Wi-Fi IV.[22]

It doesn't seem conceivable that it was a mistake on Motorola's part to have used a non-primitive IV in its standard, so the mistake seems to be intentional. It may be a backdoor.

If such a backdoor has been introduced in the ARC4 DMRA standard, one can wonder about the security of the AES256 DMRA standard, although no backdoor has been made public at the moment.

According to cryptologist Eric Filiol, it is likely that all exported products with a key length of more than 56 bits have a backdoor, as this is a legal requirement due to the Wassenaar Arrangement.[23][24]

See also

[edit]

References

[edit]
  1. ^ ETSI. "DMR Standard Overview" (PDF). ETSI. Archived from the original (PDF) on 2018-11-10. Retrieved 22 March 2012.
  2. ^ "Benefits and features of DMR White Paper" (PDF). DMR Association. p. 15. Retrieved 5 April 2024.
  3. ^ DMR association press release Oct 27 2015 stating revision to standard Archived 2015-11-08 at the Wayback Machine
  4. ^ "DMR Association | Infrastructure and Mobile Terminals". Archived from the original on 2015-02-04. Retrieved 2015-01-12.
  5. ^ "A guide to the new PMR446 license-free radio frequencies following ECC Decision (15)05" (PDF). Kenwood. Retrieved 7 February 2018.
  6. ^ "Two-way radios and battery life". Hytera UK. Retrieved 19 October 2020.
  7. ^ "ETSI TS 102 361-1, DMR Air Interface PRotocol" (PDF).
  8. ^ "DMR Association announces completion of three interoperability testing sessions" (PDF). www.dmrassociation.org. April 3, 2013.
  9. ^ "DMR Association".
  10. ^ "RadioID - Home". www.radioid.net. Retrieved 2021-02-25.
  11. ^ "Dashboard | BrandMeister". brandmeister.network. Retrieved 2023-01-27.
  12. ^ "About Us". BridgeCom Systems, Inc. Retrieved 2021-02-25.
  13. ^ "Hotspots". DMR For Dummies. Retrieved 14 June 2022.
  14. ^ Naylor, Jonathan. "g4klx (Jonathan Naylor)". GitHub. Retrieved 14 June 2022.
  15. ^ "MMDVM - Multi Mode Digital Voice Modem - VK3FS". VK3FS. Retrieved 14 June 2022.
  16. ^ Bohn, Tom (March 30, 2023). "DMR Association DMR Feature Evolution" (PDF). DMR_Association_DMR_Feature_Evolution. Archived from the original (PDF) on Aug 5, 2024. Retrieved Aug 5, 2024.
  17. ^ "PC4 encryption cipher source code". Pastebin.com.
  18. ^ "Voice Crypt Firmware". Archive.org. 2018.
  19. ^ "Motorola Basic Encryption's analysis". Github. 2021.
  20. ^ "Create IVs without using voice frames". Radioreference.com. 2023.
  21. ^ "Constant IV with the Anytone 878 in RC4 and AES". Radioreference.com. 2017.
  22. ^ "Non-primitive LFSR in ARC4 DMRA". Radioreference.com. 2023.
  23. ^ "Interview with cryptologist Eric Filiol". theregister.com. 2017.
  24. ^ "Backdoors analysis" (PDF). blackhat.com. 2017.
[edit]