Really interesting article. One particular statement caught my eye "many P25 systems … are "rekeyed" at frequent intervals, in the apparent (and basically erroneous) belief that changing encryption keys regularly improves security". My belief was that rekeying was useful in order to limit the "blast radius" if a key was compromised and thus improves security. I'd be interested in finding out why that isn't the case, is it because, as in the article, it introduces more problems that it solves or is there another reason?
Cellphones and other out of band communications make police encryption a joke anyway. Anything really sensitive or controversial will be communicated via phone to avoid being recorded anyway.<p>The real reason for police agencies wanting encrypted voice traffic is to be less transparent, especially from the press. Modern government wants information to be dribbled out from the PR office.
Previous thread at <a href="http://news.ycombinator.com/item?id=2874301" rel="nofollow">http://news.ycombinator.com/item?id=2874301</a> although not a lot of comments.
A big lesson from this post (at least for me) is how much user interface affects security. He references an older paper "Why Johnny Can't Encrypt" (<a href="http://www.gaudior.net/alma/johnny.pdf" rel="nofollow">http://www.gaudior.net/alma/johnny.pdf</a>) where the negative impacts of the user interface in PGP 5.0 are analyzed. This is an old lesson which was not taken into account for the secured P25 handsets.<p>A similar analysis of the certs/SSL protection in browsers would be very interesting too.