Encryption

Encryption Overview

Encryption is a critical component of 700/800MHz public safety radio systems, ensuring the confidentiality, integrity, and security of sensitive communications.

The Integrated Public Safety Commission (IPSC) does not require or enforce encryption. Rather, agencies must make their own determination of if/when encryption should be used to protect the confidentiality and/or integrity of information being transmitted over the SAFE-T radio system.

However, IPSC is responsible for ensuring interoperable communications throughout the State of Indiana and beyond, therefore we have created this website and corresponding materials as resources to agencies interested in potentially using encryption, so that they can balance the need for security with usability and interoperability.

Encryption Best Practices

By following the best practices below, public safety agencies can enhance their encryption strategies, maintain regulatory compliance, and effectively protect their communications during critical incidents. Balancing security measures with operational needs is key to ensuring the continued success of these vital systems:

1. Understand Regulatory Requirements and Best Practices
2. Choose the Right Encryption Algorithm
   • Note: Advanced Encryption Standard (AES) is the recommended standard on the SAFE-T system
3. Prioritize Encryption Key Management
4. Physically Secure Radio and Encryption Key Equipment
5. Maintain Interoperability
6. Educate and Train Personnel
7. Balance Security and Usability
8. Implement End-to-End Encryption
9. Monitor and Audit Encryption Usage
10. Plan for Encryption Key Recovery

Additional details around these encryption best practices can be found in the following IPSC whitepaper: Best Practices for Encryption in 700/800 MHz Public Safety Radio Systems

IPSC Encryption Resources:

IPSC has created a series of resources related to encryption on the statewide SAFE-T system, including:

1. Best Practices for Encryption in 700/800 MHz Public Safety Radio Systems
2. IPSC Encryption Programming Guidelines
3. IPSC Encryption Policy

Additional Encryption Resources:

Regulations:

• Code of Federal Regulations Title 47, Chapter I, Subchapter D, Part 90, Subpart R, 90.553 - Encryption
• Federal Communications Commission (FCC) - 16.111

Best Practices/Other Resources:

• Cybersecurity and Infrastructure Services Agency (CISA) and SAFECOM - Encryption Resources Website
• CISA/FPIC/P25 Project - The Who, What, When, Where, How, and Why of Encryption in P25 Land Mobile Radio Systems
• SAFECOM/FPIC/NCSWIC - Operational Best Practices for Encryption Key Management
• SAFECOM/FPIC/NCSWIC - Encryption Key Management Fact Sheet
• SAFECOM/FPIC/NCSWIC – Best Practices for Encryption in P25 Public Safety Land Mobile Radio Systems - Developing Methods to Improve Encrypted Interoperability in Public Safety (Fact Sheet)

Questions Regarding Encryption?

If you have any questions regarding encryption, please contact the IPSC Connection Center (ICC) at icc@ipsc.in.gov or 317-234-1540.