Critical Flaws in Police and Military Radio Encryption
Two years ago, researchers in the Netherlands discovered a significant backdoor in an encryption algorithm built into radios used by essential services, including police, military, and intelligence across the globe. This issue made encryption vulnerable to potential eavesdropping.
Upon public disclosure of this vulnerability in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, recommended users implement an end-to-end encryption solution on top of the existing algorithm to secure their communications.
However, the same researchers have now uncovered that one endorsed implementation of the ETSI end-to-end encryption solution harbors similar vulnerabilities. The encryption initially uses a 128-bit key, but compresses it to 56 bits before encrypting traffic, significantly reducing its security.
Despite the cost of deploying end-to-end encryption (E2EE), it is primarily utilized by law enforcement, special forces, and covert military and intelligence teams engaged in national security work requiring enhanced security levels. Despite previous endorsements, the extent of E2EE's use today remains unclear, with potential undisclosed vulnerabilities in some implementations.
The renowned security firm Midnight Blue, from the Netherlands, identified these weaknesses in the TETRA (Terrestrial Trunked Radio) standard used in radios by several major manufacturers since the ‘90s. The vulnerabilities remained hidden as ETSI’s proprietary algorithms were beyond public examination for years.
The researchers revealed the issues with the E2EE system only after reverse-engineering the algorithm in a radio by Sepura. They detailed their startling findings at the BlackHat security conference in Las Vegas.
ETSI, reached for comment, stated that the end-to-end encryption for TETRA radios was not part of its standard, but developed by The Critical Communications Association’s (TCCA) security and fraud prevention groups. There's a complex relationship between ETSI and TCCA, as they often share personnel and collaborate closely.
Radio communication using the flawed E2EE scheme appears widespread, affecting police and military units globally, including in Belgium, Scandinavian countries, Eastern Europe, and the Middle East, as well as parts of Asia and Europe.
The TETRA standard incorporates four distinct encryption algorithms with security levels tailored for different markets, with some specifically restricted based on geographic and political considerations. The TEA1 algorithm, in particular, has its key reduced to just 32 bits, allowing breach within a mere minute under specific conditions.
The researchers also pointed out a major flaw in TCCA E2EE design that allows message interception and replay, creating scope for misinformation, which all users of the TCCA scheme are vulnerable to.
While ETSI was reluctant to discuss specifics, it emphasized that end-user customization with TCCA’s encryption solutions exists—highlighting a voluntary approach that aligns with export regulations and proprietary security needs.
The presence of an obscure algorithm identifier, allowing for encryption variant selections based on security restrictions, raises concerns about end-user awareness of these vulnerabilities. Despite internal notifications being cryptic, government and security agencies likely possess critical knowledge of these embedded flaws.
