Open Source P25 Key Fill Device
Compliant with P25 standards (TIA-102.AACD-A)
Purchase Hardware: online store
Download Software: latest release
Demonstration: video
The KFDtool as a computer peripheral has several important considerations to keep in mind when secure keyloading is required:
-
The following points are only valid with unmodified software, firmware, and hardware. With physical access to the PC or adapter, the software, firmware, or hardware could be modified to covertly retain the plaintext keying material.
-
Plaintext keying material is present in the PC's RAM, over the USB connection, in the adapter's RAM, and over the keyload connection. Therefore, you must trust the PC that the software is running on, or air gap it.
-
It is possible that plaintext keying material in the PC's RAM is paged out to disk. It is also possible that Windows crash dumps may contain plaintext keying material. Therefore, it is recommended that the PC's hard drive is protected using full disk encryption such as BitLocker and powered off when unattended.
-
After the KFDtool adapter has been disconnected from the USB port, any residual plaintext keying material present in the microcontroller's RAM will be lost.
-
When certain non-default logging is enabled, plaintext keying material is written out to the log file on disk. This logging should only be enabled when diagnostic information needs to be collected, and only used with dummy keying material.
Key Fill Device (KFD)
Supported Manual Rekeying Features (TIA-102.AACD-A section 2.3)
- 2.3.1 Keyload
- 2.3.2 Key Erase
- 2.3.3 Erase All Keys
- 2.3.4 View Key Info
Motorola refers to the P25 standard 3 wire interface (3WI) keyload protocol as ASTRO 25 mode or CKR mode.
The legacy Motorola proprietary keyloading formats SECURENET and ASN (Advanced SECURENET) are NOT supported by KFDtool. PID mode is also used to refer to ASN mode.
Key validators/generators are available for the following algorithms:
- AES-256 (Algorithm ID 0x84)
- DES-OFB (Algorithm ID 0x81)
- DES-XL (Algorithm ID 0x9F)
- ADP/RC4 (Algorithm ID 0xAA)
Mobile Radio (MR) Emulator
Supported Manual Rekeying Features (TIA-102.AACD-A section 2.3)
- 2.3.1 Keyload
Any statements of compatibility do not imply endorsement by the vendor. Testing has not been performed by the vendor themselves.
A detailed list of compatible radios and adapters is available here.
Radios that are compatible with Motorola KVL3000/KVL3000+/KVL4000/KVL5000 keyloaders in ASTRO 25 mode should be compatible with KFDtool.
Keyloading cables made for other radios with MX (Motorola KVL) connectors can be modified by soldering an AC101 or AC102 Hirose pigtail in parallel with the MX connector according to these instructions.
Operations encapsulated with encryption (commonly referred to as FIPS mode) are not supported at this time for either the KFD or MR emulation modes.
Assembled and tested KFDtool hardware is available from me directly. I can ship internationally. Please visit the online store to place an order.
Proceeds from hardware sales enables me to further develop the software.
Part Number | Description |
---|---|
KFD100 | Single Hirose port USB key fill device (includes 1 m / 3 ft USB A to USB B cable) |
AC100 | 6 pin male plug Hirose to 6 pin male plug Hirose cable (0.5 m / 1.5 ft) |
AC101 | 6 pin male plug Hirose pigtail for custom cables (0.5 m / 1.5 ft) |
AC102 | 6 pin female jack Hirose pigtail for custom cables (0.5 m / 1.5 ft) |
AC103 | Motorola R2670 compatible adapter, requires AC100 (0.15 m / 6 in) |
AC104 | Kenwood KPG-115 compatible adapter, requires AC100 (0.15 m / 6 in) |
AC105 | 4 way female jack passive Hirose splitter |
AC106 | Kenwood KPG-93 compatible adapter, requires AC100 (0.15 m / 6 in) |
AC107 | Motorola XTS4000 compatible adapter, requires AC100 (0.15 m / 6 in) |
-
KFDtool software supports 32-bit and 64-bit Windows 7, Windows 8.1, and Windows 10
-
The .NET Framework 4.7.2 or later compatible must be installed
-
The use of a virtual machine with USB passthrough is NOT supported at this time
- Changing the USB controller from USB 2.0 mode to USB 3.0 mode has been reported to resolve the issue
- Do not attempt to update the adapter firmware or initialize an adapter using USB passthrough
- Software Changelog
- Firmware Changelog
- Hardware Changelog
- TWI Cable Assembly Notes
- MX Connector Modification Notes
- Developer Notes
KFDtool software, firmware, and hardware is distributed under the MIT License (see LICENSE.txt).
KFDtool is a trademark of Florida Computer and Networking, Inc.
All product names, trademarks, registered trademarks, logos, and brands are property of their respective owners. All company, product, and service names used are for identification purposes only. Use of these names, trademarks, logos, and brands does not imply endorsement.
Note about hardware:
I request that no one else manufactures identical or compatible units and sells them to others while I am still doing so - I have put quite a bit of my own money into developing this hardware. I am totally fine with someone making a unit for themselves or a couple of extras to give to their friends, just that they don't charge for them. Proceeds from hardware sales enables me to further develop the software.
Included open-source components:
Software (see doc/SW_LICENSE.txt):
- NLog - MIT License
- Mono.Options - MIT License
- HidLibrary - MIT License
- Microsoft Reference Source - MIT License
- InnovasubBSL430 - GPL v3+ License
- Texas Instruments - BSD 3 Clause License
Firmware (see doc/FW_LICENSE.txt):
- Texas Instruments - BSD 3 Clause License