In an unexpected development in the contest between insurgents and drone-wielding western armies, it seems that cheap software is capable of intercepting video feeds from UAVs, and that this is being put to use in Afghanistan, Iraq, and Pakistan. This is done using software like SkyGrabber, which is available online for about $25.
Insurgents with radio gear and the software cannot control the drones, but they can see what the Americans consider to be worth watching, work out where convoys are located, etc. The US is apparently working on improving the encryption used by the drones, in order to make it harder to intercept and interpret their communication. You wouldn’t think it would be so difficult to put chips on the drones that are capable of applying strong symmetric or public key encryption algorithms to outgoing communications. And as for bandwidth on the network, few contemporary encryption algorithms produce ciphertext that is substantially larger than plaintext; as such, the burden of transmission should be about the same with or without strong encryption.
Partly, all this is an illustration of how the security of a whole chain of operations can be compromised by the weakest components – especially when other components in the system will reduce their security level for the sake of compatibility. Just as it is problematic to have card readers for chip and PIN cards that will fall back to using the magnetic strip when the chip doesn’t work, it is problematic to have a drone communications network in which a few non-upgraded components degrade the quality of encryption across the entire link.
Making the transmissions more directional, and employing other techniques like frequency hopping, could also reduce the vulnerability of UAVs to both cryptanalysis and simple traffic analysis. Drones operating off satelite uplinks could be set up to broadcast overwhelmingly upward, where signals are unlikely to be intercepted. More autonomous drones that can operate independently and transmit information in short bursts might also be more resistant to interception. While the Taliban can’t be too advanced in their cryptographic capabilities, you can be sure that competing navies will be tryingt to get into the drone-based Broad Area Maritime Surveillance (BAMS) system the US Navy is building.