Published in April 2003

Secure Wireless Microphone Systems
By Bruce C. Jones

Basic concepts for preventing eavesdropping.

      Generally, the mobility provided by a wireless microphone system is welcome in almost any sound-reinforcement system. However, this convenience is accompanied by the potential for eavesdropping. The radio signal from the wireless transmitter can travel easily well beyond the confines of the meeting room and be picked up by unintended listeners.
       Transmitted radio signals penetrate non-metallic materials and are reflected by metallic surfaces, often finding pathways to unsuspected locations at surprising distances from the transmitter.

Approaches to Improved Security
      Modern, highly sensitive radio equipment makes eavesdropping on a wireless system from remote locations fairly simple. Applications requiring security with wireless microphone systems include corporate boardrooms, courtrooms and military briefing rooms. If a client expresses concerns about eavesdropping when using wireless microphones, you can offer several approaches to improving security, including:
• reduced transmitter power output
• digital wireless microphone systems
• special treatment of the meeting room
• IR (infrared) wireless systems
• audio scrambling techniques
• encrypted digital wireless systems
• a combination of several methods.
      Determining a suitable approach for the level of security required for a particular application is the first step indicating the equipment and costs involved. An assessment of the ramifications of a security “leak” should also be considered when determining the equipment and approach that is best for a particular client.
      Whether the application is in a temporary or a more permanent installation is a major consideration. A one-time meeting in an undisclosed location, for example, would make it somewhat difficult for an eavesdropper to mobilize and set up equipment to effectively eavesdrop without prior knowledge of the event. In a fixed installation, eavesdroppers have time to assemble the equipment and staff to implement effective methods of “listening in.”

Details

An example of a coaxial RF attenuator

Let’s detail the various approaches to improving security listed earlier.
Reduced transmitter power output can help improve security by reducing the amount of RF signal that escapes the room. However, it might also introduce or increase dropouts in that same room. Manufacturers generally try to design wireless systems to maximize operating range, and a high output transmitter could make eavesdropping at a great distance fairly easy.
      Coaxial RF attenuators, readily available from electronic parts distributors, can be used on the transmitter antenna jack to reduce the radiated signal (see picture on right). These attenuators are available in a wide variety of values to apply a specific amount of attenuation. Improvements in the receiver antenna(s), or placing it (them) in close proximity to the transmitter, allows even greater attenuation of the transmitter output power while still allowing the wireless system to work inside the room.
      An incorrect length, or modified transmitter antenna would also reduce the output power, although this is not the best choice. An incorrectly matched antenna may cause instability or other problems with the transmitter. A coaxial attenuator is a better choice to achieve a known amount of attenuation and to ensure that the transmitter will still work properly.
      If reduced transmitter output power is chosen as an approach, time must be devoted to some walk-testing to determine the optimal amount of attenuation that would allow just enough output to cover the meeting room (or rooms), but not reach much beyond the walls. With reduced transmitter output power, the wireless system will be operating near dropout conditions all of the time, and multi-path nulls will be more prevalent. Because multi-path dropouts in an empty room are different than when the room is full of people, some testing is required to assess the wireless operation in typical or actual use. In some cases, occasional dropouts or reduced mobility may be tolerable as a tradeoff for improved security.

Off-the-Shelf
      An off-the-shelf digital wireless microphone system might make it somewhat more difficult to eavesdrop and may provide an adequate level of security for some applications. Certainly, it would require that the eavesdropper use a receiver of the same make and model, or learn the type of modulation used and then decode it.
      Digital wireless microphone systems generally provide less operating range than similarly priced FM systems. The shorter operating range is due to the characteristics of digital reception, and to the lower transmitter output power typical of some digital transmitters. A digital wireless system will produce essentially the same signal-to-noise ratio at all RF signal levels until the RF signal becomes too weak for the receiver to operate, at which time the receiver simply mutes (squelches) abruptly.
      In an FM wireless system, however, the signal-to-noise ratio will gradually deteriorate as the RF signal level drops, but the system will continue to operate down to RF signal levels well below those required by a digital system. If the squelch threshold on an analog FM receiver is set to a very low level, or defeated altogether, the receiver will continue to produce audio (accompanied by noise gathered in the RF link) down to extremely low RF levels until the audio finally disappears into the background noise.
      Keep these differences between digital and analog systems in mind if you are considering the use of an attenuator on the transmitter to reduce the output power.

Special Room Treatment
      In theory, special treatment of the room to shield RF signals from escaping would be an effective approach to security — but this is expensive. “RF-proofing” a room would require seamless metallic surfaces such as those used in “Faraday cages” or “screen rooms,” to be installed on all walls, the ceiling, the floor and all doors and windows. Generally, this is feasible only in fixed installations. It would be best done at the time of construction, because implementing a thorough treatment would require seamless (perhaps welded) surfaces over all boundary surfaces of the room.
      Doors and windows would also have to be sealed when closed. Special types of RF blocking ventilation ducts are available but, again, this is costly. Wireless microphone operation inside a “Faraday cage” would also have to deal with significant multi-path reflections, which means that a diversity, multi-antenna setup probably would be required to reduce or minimize dropouts in the room.

IR Systems
Infrared wireless microphone systems can improve security. Typically, they are inexpensive, and light-proofing a room is much simpler than RF-proofing one. Each listener can wear a personal receiver to pick up the signal from the emitter directly, or a receiver can be used to feed a sound system in the room.
      There are also other considerations as well. There are not as many choices available in IR-based systems as there are in RF-based wireless systems, which can limit the microphone choices. Effective IR emitter designs are not implemented easily in a wireless microphone configuration that uses a battery-powered emitter where the output power may be limited by battery life. The result is that IR systems generally require a line-of-sight between emitter and receiver, and typically provide less operating range than RF-based designs. Reflections of the signal inside the room can sometimes improve coverage slightly to fill in areas that are in the shadow of the direct signal.
      The illustration in Figure 2 is highly simplified to convey the idea of directionality and shadowing that could occur in an IR system at a given instant. In reality, the signal levels and shadows vary dramatically as people and objects move about in the room. An operating range of 50 to 60 feet along a line-of-sight between the emitter and receiver is fairly common with IR wireless microphone systems. This may be adequate for a particular room, but dropouts can still occur as someone’s body blocks the direct path between the emitter and the receiver.
      Additional emitters or relay/emitters may be required to increase the coverage and avoid dead spots. Be sure to clarify the amount of mobility the client will need (where he will need to operate in the room), and identify microphone requirements before proposing an IR system.
      In contrast, RF-based wireless systems tend to fill a room evenly because RF signals radiate in all directions from the transmitter, penetrate non-metallic materials and reflect from various metallic surfaces. RF reflections effectively fill in areas where no line-of-sight exists between transmitter and receiver; in essence, the room is flooded with a myriad of signals from the transmitter.
      Multi-path nulls can occur in various locations in the room where direct and reflected signals arrive at the same location out of phase, and a cancellation occurs. A reflective surface such as a row of file cabinets or lockers, or a wall constructed of RF-reflective materials can exhibit fairly consistent dropouts along the surface. The illustration in Figure 3 is a simplified example of a theoretical situation at a given instant. In actual use, the RF energy in the room and the locations of “dropout zones” varies wildly as people and objects move around.

Audio Scrambling
Audio scrambling may be adequate for some applications, but there are few (if any) commercial wireless microphone systems offering this feature built in. Manufacturers and dealers specializing in security and law-enforcement markets offer a variety of voice-scrambling devices, some of which can be adapted to work with wireless microphone transmitters and mics. The less expensive devices use simple audio inversion techniques that may be adequate for some requirements, but the scrambling technique is widely known and the improvement to security is minimal.

Encrypted Digital Wireless System
An encrypted digital wireless system is the best choice to provide excellent security and flexibility. The cost of this type of system is more than conventional wireless systems, but there are distinct advantages. With an encrypted radio signal, the system can be used anywhere in temporary or fixed installations without special modifications, reduced transmitter output power or room treatment. With the transmitter running at full power, the system will provide excellent operating range and freedom from dropouts.
      Secure encryption in a wireless system requires high entropy (randomness), which can be provided with a unique digital audio compression algorithm, a lengthy encryption key to scramble the compressed audio data stream, and a unique digital modulation that would appear simply as random noise to a remote receiver (see Figure 4). Listening in on a system such as this would require that the eavesdropper first decode the digital radio modulation scheme, then figure out the encryption key and unscramble the data in the signal, and finally decode and reverse the compression algorithm.
      Even if an eavesdropper could decode the radio signal and reverse engineer the compression technique, his efforts would be futile without knowledge of the encryption key. If the encryption key is very large, purely random and is changed fairly often, it becomes essentially impossible to decode and decrypt the signal in any reasonable time frame, even with an immense amount of computer horsepower.

Best Security
      For the best security, the encryption key must be created independent of human intervention in a manner that cannot be observed or recorded, and be shared only by the receiver and its transmitter(s). The most secure method of generating a new key is to require a physical connection between a wireless transmitter and receiver during a single procedure that cannot be duplicated by anyone or anything other than the interconnected system components.
Once the transmitter and receiver are disconnected and the key generation session has ended, the unique encryption key cannot be duplicated. It is useful that any number of transmitters can share the unique key generated during the setup procedure, but critical that only one receiver can participate. If more than one receiver can share the same key, the possibility exists that this receiver could fall into the hands of an eavesdropper.
      The number of possible key combinations, and equal probability of any them being correct, is what determines the effectiveness of the key. A very large number of possibilities arranged in a purely random manner will produce the most effective key.
      In the digital realm, the number of possibilities can be enormous. For example, a 128-bit encryption key yields more than 300 trillion, trillion, trillion possible combinations (2 raised to the power of 128). If all of the possible combinations are equally available through a random selection process, finding the unique key to unlock the scrambling sequence is essentially impossible, given any reasonable time frame, even with the use of extensive computer hardware and software.
      High entropy is the essential ingredient in developing an effective encryption key, where all possible key combinations are equally probable. This eliminates the ability of an intruder to focus on more likely key combinations, requiring that he launch a brute-force attack that must try all possible key combinations. A unique, random event is required to generate a high level of entropy to provide a starting point for a unique key sequence. Precise timing of human keystrokes on a keyboard, or button presses on a control panel, is recognized presently as a valid and readily available source of entropy.

Combination is Best
      In conclusion, a combination of several methods listed here may be required to provide a secure wireless system for some applications. Consider whether or not the wireless system will be used in a temporary or permanent situation, discuss and understand the level of security required by the client, and the ramifications if a leak does allow eavesdropping to occur.
      For example, an off-the-shelf digital wireless system with reduced output power may be sufficient for some temporary setups, but would require only that someone have a receiver of the same make and model and a high gain antenna to effectively eavesdrop. In this scenario, deliberate eavesdropping could even be planned in advance; an encrypted digital wireless signal would be the surest way to guard against eavesdropping.
      As in any type of system integration, it is a matter of mixing and matching the options to meet the client’s needs. This always includes cost considerations. When security using a wireless microphone is an issue, research the options, and spend enough time to understand the consequences of an inadequate system. A successful system is just another sale, but a system with “security leaks” could lead to the end of your career.

Bruce C. Jones, vice-president of marketing at Lectrosonics, Inc., has written a number of technical guides and white papers about wireless microphones and sound system integration over the last 15 years.

Suggested Reading:
The 700 Series Encryption System by David Thomas, senior design engineer at Lectrosonics, Inc. (downloadable at www.lectrosonics .com), or available in hard copy by contacting the Lectrosonics factory).