The legal definition prohibiting encryption is in §97.113(4) and says that "messages encoded for the purpose of obscuring their meaning" are prohibited. This is generally accepted to be a blanket prohibition of "encryption" in the sense that SSH, SSL, TLS, VPN type traffic would be prohibited.
However, there are some interesting and positive nuances because the rule specifically doesn't ban "crypto". For instance, it is my belief that cryptography for the purpose of authentication or message signing/integrity checking is completely permissable. That is to say that you can even technologically allow things like TLS and HTTPS so long as you force a NULL cipher; so you get message integrity but no encryption so some observer could see all the traffic but not be able to interfere.
More broadly, the purpose of the ham radio allocation is learning / experimentation / personal use between hams / etc., not production services (and not even personal use between a ham and a non-ham, e.g., while listening in on ham frequencies doesn't require a license, a ham intentionally broadcasting to those listeners is not authorized under their license). These rules predate the world in which encryption for everything is commonplace, and they envision a world in which encryption means that other people can't learn from your communications practice. These rules are also written to discourage actual commercial users from using the ham frequencies, to keep the frequencies clear for hams.
Now that we live in a world where my writing this message to you (and, in fact, to the world, publicly under my name) goes over an encrypted channel and it would be unthinkable if it didn't, and where my texts to my friends about where to get dinner happen over an end-to-end secure messenger, and where most competent cryptography is developed in public, it's not clear the rules make sense any more. But that's where they come from.
BTW, one ham has argued that encryption for the purpose of using a standard protocol like WPA/802.1x (or, probably, SSH or SSL) that is otherwise compliant with the intent of the amateur service is legal, because the purpose of the encryption is not obscuring their meaning, the obscured meaning just a side effect of other goals: http://www.n5dux.com/ham/files/pdf/Data%20Encryption%20is%20...
Sometimes I wish a large company, like Google, bought large spectrum and released it to the public. We fight over Mhz here and there, but tons of the spectrum is allocated but barely used.
Speaking as an amateur radio operator who does experimental stations....
Encryption is illegal as you stated. However "Unique encodings of an analog or digital nature" are completely legal. You don't even need to tell the protocol.
We had this issue with D.star where it was an amateur radio digital protocol in which they didn't tell how to encode or decode. Brought up at an FCC hearing and deemed completely legal.
So call all encryption a "Unique encoding" and you're legally in the clear.
We had this issue with D.star where it was an amateur radio digital protocol in which they didn't tell how to encode or decode. Brought up at an FCC hearing and deemed completely legal.
This can't be right. IIRC you have to publish in a public place how your code works, and I believe the D-STAR specs are public; its just that any implementation is blocked because of copyright or whatever dumb crap.
This part of the regs have nothing to do with encryption. This is the so called "documented protocol" requirement. §97.113(4) is the relevant main rule that would govern encryption. There are various exceptions to this through the rest of the document such as spread spectrum, space stations, and telemetry/radio control all having some special case language.
Well, I stand corrected. I had admittedly just googled it myself. I had known the ban on encryption was pretty accepted in the amateur radio community. Thanks for the correction.
The legal definition prohibiting encryption is in §97.113(4) and says that "messages encoded for the purpose of obscuring their meaning" are prohibited. This is generally accepted to be a blanket prohibition of "encryption" in the sense that SSH, SSL, TLS, VPN type traffic would be prohibited.
However, there are some interesting and positive nuances because the rule specifically doesn't ban "crypto". For instance, it is my belief that cryptography for the purpose of authentication or message signing/integrity checking is completely permissable. That is to say that you can even technologically allow things like TLS and HTTPS so long as you force a NULL cipher; so you get message integrity but no encryption so some observer could see all the traffic but not be able to interfere.