Encryption made for police and military radios may be easily cracked
17 days ago
- #encryption
- #security
- #TETRA
- Researchers discovered a backdoor in an encryption algorithm used in radios for critical infrastructure, police, and military, making communications vulnerable.
- An end-to-end encryption solution recommended to fix the issue was found to have similar vulnerabilities, reducing key strength from 128-bit to 56-bit.
- The flawed encryption is primarily used by law enforcement, special forces, and intelligence agencies needing high security.
- The vulnerabilities were found in TETRA-based radio systems, widely used globally except in the US, affecting many countries' security services.
- ETSI and TCCA, responsible for the standards, claim the end-to-end encryption's key strength varies based on export controls and government requirements.
- Researchers found that the weakening of encryption keys is not transparently communicated to end-users, raising concerns about security awareness.
- The vulnerabilities allow eavesdropping, message injection, and replay attacks, impacting all users of the TCCA's end-to-end encryption scheme.