It's a cool paper and almost none of it depends on knowing much about low-level crypto vulnerabilities.
Police tactical radios are an interesting case where denial of service and traffic analysis are genuinely threatening scenarios. Most modern crypto protocols aren't built to be secure from either. So right off the bat, you have a paper saying they can shut police tactical radios off for entire metro areas.
I'm not sure how true that is of digital domain RF in general, though.
The confidentiality flaws here seem to boil down to usability; the configuration and metadata used by this system is so brittle that trivial real-world setbacks preclude encryption; these happen so often that police teams don't even notice when encryption isn't enabled.
The paper addresses (to a small extent) the problem of jamming spread-spectrum digital radio. Ideally, you want to focus your jamming effort on as small a window as possible, in order to ensure you drown out the target source, but if you're channel-hopping[1,2], that's a much wider band you have to saturate.
The sender and receiver (eventually) synchronise, and so they know where they're going to hop next, and can filter tightly around that channel.
The biggest problems with this system seems to be:
1) trying to retrofit digital & encrypted comms into currently used bands, requiring all sorts of horrible compromises to make it work.
2) Real-time voice (along with those compromises, and 'intelligibility-driven error correction') requires them to use a less capable encryption method. Accepting degraded voice signals means they can't reliably use MAC
to avoid replay attacks.
3) User training and device usability are terrible. Combined with cargo-cult security ideas (must change keys fast good!) are worse.
Triangulation of interference can be a time-consuming process. Like my EE professor (who spent the war years building $100 radar jamming tools that rendered million-dollar radar sets inoperative) said, the odds are stacked in favor of the jammer.
A crude example is a ham-radio fox hunt. A radio is hidden somewhere in a pre-agreed area and teams of foxhunters are set loose once the fox ready to go. If the fox is exactly one transmitter and its power is steady, it can still take the better part of an hour, for example, to locate a fox hidden within a one block area.
So increase the ability of the trackers, say with doppler direction finders mounted on roofs. Now the jammers can do the following things to continue to wreak havoc.
1) Vary the power in 3db steps, perhaps in a loose random fashion. Fox-hunting techniques include rotating an antenna and pinpointing where signal strength peaks.
2) Using carefully time-syncronized jamming boxes, scatter three or four of them around the area and have them turn take turns being on. Or have two out of three on in some overlapping way.
Also, there is detailed in the paper a $15 toy (the girltech imme) which can be reflashed to work as a jammer. There is a huge signal strength advantage to the attacker (13dB) vs. a regular transmitter. You could make $100 (with amp, antenna) disposable jammers, powered ~forever by some batteries, and just replace them every few years when discovered.
There's also a purely-passive direction finding thing for all radios (active or not); I remember a Dutch guy created a "fuzz meter" which would ID local cops; trivial to do with this description of the P25 protocol.
When I first heard Sandy Clark (one of the authors of the paper) talk about this I was pretty amazed. One would presume that "most" use of the system is as designed but alas no.
Police tactical radios are an interesting case where denial of service and traffic analysis are genuinely threatening scenarios. Most modern crypto protocols aren't built to be secure from either. So right off the bat, you have a paper saying they can shut police tactical radios off for entire metro areas.
I'm not sure how true that is of digital domain RF in general, though.
The confidentiality flaws here seem to boil down to usability; the configuration and metadata used by this system is so brittle that trivial real-world setbacks preclude encryption; these happen so often that police teams don't even notice when encryption isn't enabled.