Work is being carried out to encourage state, local, tribal and territorial agencies to optimize their use of federal grants to acquire, implement or expand services and equipment that enable the Advanced Encryption Standard, or AES, as a replacement for the Data Encryption Standard, or DES, according to a white paper issued Friday by the Cybersecurity and Infrastructure Security Agency Federal Partnership for Interoperable Communication.
Due to budgetary constraints and other factors, SLTT agencies have continued to use DES rather than AES to secure land mobile radio communications even though DES is a compromised encryption algorithm, whose use has been discouraged by the National Institute of Standards and Technology since 2005, the FPIC white paper said.
The continued use of DES exposes sensitive information to unnecessary risk and disrupts interoperability with agencies using AES, the paper went on to say, adding: “The transition to AES encryption is the only solution that would provide a lowest common denominator of available interoperable encryption for LMR voice and data communications for all public safety entities at all levels of government.”
Other efforts underway to encourage the adoption of AES include coordinating with federal agencies with the aim of establishing a multi-year AES transition grant program for SLTT entities; determining whether cybersecurity funding can be repurposed to finance SLTT AES transitions; and formulating a stakeholder engagement strategy to increase awareness about the need to adopt AES.
