[Ares-races] ARL & COMSEC

Jerry Reimer [email protected]
Fri, 20 Sep 2002 05:10:05 -0500 

I have followed the ARL thread that Ken KL7JCQ started, and so far, no 
one has addressed his security question.

As we know, amateur radio operators are specifically prohibited from 
using codes to obscure our transmissions, even when we are providing 
communications for public safety agencies.   Unless or until Part 97 is 
changed, we have to live with this.  That does not mean there is nothing 
we can do to enhance the security of the messages we send on behalf of 
public safety organizations.

OPSEC is a military term for operational security, and encompasses both 
communications and physical security.  In a military sense, the security 
of our messages only has to be good enough until the first enemy 
contact.  Once you are engaged, your need for securing your planning and 
positioning messages from the opposing force greatly decreases.  The 
OPFOR knows about your ambush or attack.  In a law enforcement setting, 
keeping details about a pending raid is only needed until the raid 
actually begins.  Once the door is breached, and the house filled with  
officers, the need for confidentiality is over.

We should consider how long the message content needs to be secured in 
order to apply the available security techniques when amateur radio is 
providing service during public safety activities.

Although the ARL "codes" may not be commonly used, nor 100 percent 
effective, they are in the public domain, but not too public, as Ken and 
others have pointed out.  If thoughtfully employed, they clearly provide 
some element of COMSEC, and have the potential to deny, even briefly, 
the message content to unintended recipients.  That delay may be adequate.

Amateurs also have access to a tremendous range of frequencies, some of 
which are not well known to the public.  The most obvious is 220 MHz, 
but also includes 1.2, 2.4 and 10 GHz.  Granted, these frequencies are 
not in wide amateur use, but being rarely used is part of what enhances 
their value in maintaining security.

Similarly, using less common modes, such as packet and AMTOR, provides 
an element of security.  The security is primarily because these are 
modes not commonly used, other than packet for DX Cluster and APRS.  
They do not provide long term nor absolute security, but perhaps just 
enough to meet the need.  There are also even more obscure modes, such 
as Throb or WSJT, that could be used. Using common 1200 baud packet on 
non-traditional frequencies will add to security.  If you try to send 
operationally sensitive messages on 145.01 or 07, or 144.39 MHz, you can 
be assured that someone will be copying it.  Move it off to an uncommon, 
unpublished, frequency and security increases.  Using the very common 
PSK-31, a wonderful low signal-to-noise ratio mode, on frequencies other 
than 14.070 MHz provides some security.  The primary requirement for 
monitoring any signal is you first have to find it.

Jerry Reimer, KK5CA
District Emergency Coordinator
Harris County, TX