Cracked Encryption: A Threat to Police and Military Communications

Two years ago, a major vulnerability was discovered in the encryption algorithms used in radios by critical infrastructure, police, and military services globally. This backdoor, identified by Dutch researchers, could expose sensitive communications to eavesdropping.

Following the revelation in 2023, the European Telecommunications Standards Institute (ETSI) recommended implementing an additional layer of end-to-end encryption to secure communications. However, recent findings expose similar vulnerabilities in the latest implementations of these encryption solutions.

The compromised end-to-end encryption, mainly deployed for police and covert operations, utilizes a key initially designed at 128-bit strength, which is then weakened to 56 bits during encryption, rendering it susceptible to interception.

The security flaw originates from the TETRA (Terrestrial Trunked Radio) standard developed by ETSI, which has been in use by radio systems from manufacturers like Motorola and Sepura since the ’90s. Researchers detected these issues after extracting and reverse-engineering the TETRA algorithms.

Despite not being a part of the official ETSI standard, the Critical Communications Association’s (TCCA) end-to-end encryption is widely adopted. The problem stems from security design flaws, making it possible to intercept or replay messages fraudulently.

Globally, TETRA and its associated encryption protocols are applied across the police forces in Europe and the Middle East, with TEA1, TEA2, TEA3, and TEA4 algorithms tailored for different security needs and regions.

Currently, many end users may not be aware of these vulnerabilities, threatening the integrity of communications meant for high-stakes security operations.

#TETRA, #Encryption, #RadioSecurity, #ETSI, #CriticalCommunications