Transition to Advanced Encryption Standard (AES), October 2023

CISA logo  FPIC Logo

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Partnership for Interoperable Communication (FPIC have just published a new Whitepaper “Transition to Advanced Encryption Standard (AES)”

The Full Whitepaper can be downloaded using the links below:

Transition to Advanced Encryption Standard (AES), October 2023

Or

https://www.cisa.gov/sites/default/files/2023-10/23_0918_fpic_AES-Transition-WhitePaper_Final_508C_23_1023.pdf

Some excerpts from the whitepaper are below:

Background
“Most federal agencies have implemented, and are actively using AES for all LMR transactions, but budgetary constraints for many non-federal departments and agencies have continually inhibited the timely and necessary transition to AES. This is one of many factors affecting state, local, tribal, and territorial (SLTT) agencies prolonging the continued generation, distribution, and management of DES encryption, despite the inherent vulnerabilities and known inability to adequately protect both wired and wireless voice and data transmissions.”

Currently, to maintain encrypted interoperability during multijurisdictional
incidents, federal agencies using AES encryption, and SLTT agencies using
DES encryption must alter their communications protocols to use DES
encryption or issue cache/donor radios with proper AES encryption to
response partners to achieve secure interoperable communications. This
consumes critical time, effort, and resources, diverting responders from
their primary mission of life-safety and security, and introduces increased
vulnerabilities of the compromised DES algorithm.

The transition to AES encryption is the only solution that would provide a
lowest common denominator of available interoperable encryption for
LMR voice and data communications for all public safety entities at all
levels of government.