Flaws in Encryption for Police and Military Radios Revealed

In a crucial discovery, researchers have unveiled vulnerabilities in encryption algorithms used in radios by critical infrastructure sectors, including police, military, and intelligence agencies globally. These flaws make communication channels susceptible to eavesdropping, creating a significant security concern.

The European Telecommunications Standards Institute (ETSI) recommended implementing an end-to-end encryption solution as a fix after the backdoor was disclosed in 2023. However, recent research suggests that at least one such encryption implementation has similar vulnerabilities.

Investigations revealed that the end-to-end encryption solution, initially using a 128-bit key, compresses it to 56 bits, making it easier to crack. This flaw exists in radios employed by law enforcement, special forces, and intelligence teams, necessitating high security. More concerning is the ETSI's broad endorsement of this algorithm, highlighting its potential widespread use.

The Dutch researchers responsible for this discovery are from the security firm Midnight Blue. Two years prior, they identified vulnerabilities in the TETRA (Terrestrial Trunked Radio) encryption, a standard by ETSI used extensively in critical communication. The same researchers discovered these new weaknesses in an end-to-end encryption system.

These issues were further explored after extracting and reverse-engineering an algorithm from a radio made by Sepura. They were presented at the BlackHat security conference in Las Vegas, revealing significant implications for the security frameworks used in various countries.

Though ETSI notes that this end-to-end encryption is not part of their standard but was developed by the Critical Communications Association, the organization acknowledges its widespread use. The TCCA and ETSI largely overlap, which blurs the responsibility lines.

Radio users worldwide, particularly in non-US regions, such as Eastern Europe, the Middle East, and parts of Asia, rely heavily on TETRA devices, potentially with compromised encryption standards. The encryption variants provided by TETRA have been a staple since the 90s, depending on differing security needs, but key length modifications have resulted in uncovered vulnerabilities.

A particular concern is that the shortened encryption key facilitates decryption of communications, including voice and data, leading to severe security risks. Furthermore, the vulnerability could allow fraudulent message injections and replay, compounding the potential for misinformation.

The extent of awareness of these flaws among government agencies and users is uncertain. Whilst ETSI assures that the involved entities have the knowledge needed to safeguard their communication systems, skepticism remains about the transparency and understanding of these vulnerabilities.

For continuous and secure communications in critical operations, a reassessment of encryption methods and transparent communication with all stakeholders are necessary. The discovery underscores the importance of rigorous security protocols, especially in devices handling sensitive information.