Researchers Find ‘Backdoor’ in TETRA Encrypted Police and Military Radios

dimab

Member
Joined
Dec 19, 2002
Messages
500
Location
CT
Yikes. Hopefully this post stays up. It's in the general tech news. Not intended to start a decryption debate.

 

ecps92

Member
Joined
Jul 8, 2002
Messages
14,892
Location
Taxachusetts
Yikes. Hopefully this post stays up. It's in the general tech news. Not intended to start a decryption debate.

Glad TETRA has not taken off in the good ole US of A, then.
 

GTR8000

NY/NJ Database Guy
Database Admin
Joined
Oct 4, 2007
Messages
16,033
Location
BEE00
Guess what, it has!
It has? There are around a dozen TETRA systems in the U.S., most of them small systems at airports or refineries. The two largest are the NJ Transit and NYC Transit Authority systems. I would hardly call that "taking off" compared to the hundreds and hundreds of P25, DMR, NXDN, etc. system types in the country.
 

Pr999

WRYF747
Premium Subscriber
Joined
Aug 8, 2021
Messages
326
Location
Plainwell, Michigan
It has? There are around a dozen TETRA systems in the U.S., most of them small systems at airports or refineries. The two largest are the NJ Transit and NYC Transit Authority systems. I would hardly call that "taking off" compared to the hundreds and hundreds of P25, DMR, NXDN, etc. system types in the country.
well i'm saying 'technically' it has.
 

BinaryMode

Blondie Once Said To Call Her But Never Answerd
Joined
Jul 3, 2023
Messages
848
Location
75 parsecs away
Very interesting. Question: is P25's use of AES256 a closed, proprietary crypto? I mean its implementation?
 

mmckenna

I ♥ Ø
Joined
Jul 27, 2005
Messages
25,288
Location
United States
Very interesting. Question: is P25's use of AES256 a closed, proprietary crypto? I mean its implementation?

AES256 is not a closed/proprietary crypto. It's supported by all the big LMR radio manufacturers. It is import restricted.

The keys, on the other hand…..
 

Ubbe

Member
Joined
Sep 8, 2006
Messages
9,698
Location
Stockholm, Sweden
TETRA is a spectrum hog. The signal is just as wide as iDEN so it's nearly impossible for anyone to use an adjacent channel. And that's a 25 kHz channel, not 12.5.
It's a spectrum hog but Tetra are often assigned to reserved frequency ranges where no other communication are allowed. It has 4 time slots in a 25KHz wide channel so you can see it as 6.25KHz per slot. It also has a fantastic audio quality, in most cases you can't tell is digital.

The title are misleading as it says they have found a backdoor in police and military radios. The weak encryption are found in TEA1, the lowest level of encryption that are more or less just a scramble function. Police and military use TEA2 that haven't been found to have any weakness in its encryption. I haven't seen anyone actually using TEA1. The Tetra systems are either in the clear unencrypted or use TEA2 as TEA1 are something that's only useful for blocking monitoring programs like a Tetra plugin for #SDR as it doesn't cost anything to use TEA1 but are instead not secure enough to be used for critical users.

/Ubbe
 
Last edited:

maus92

Member
Premium Subscriber
Joined
Jun 23, 2004
Messages
8,270
Location
The OP
TETRA is a spectrum hog. The signal is just as wide as iDEN so it's nearly impossible for anyone to use an adjacent channel. And that's a 25 kHz channel, not 12.5.
TETRA also does not support simulcasting, adding to its spectrum inefficiencies.
 

R0am3r

Salt Water Conch
Premium Subscriber
Joined
Apr 13, 2014
Messages
761
Location
Oneida County, NY
A Wired article provides a few more details about the TETRA TEA1 hack. "All four TETRA encryption algorithms use 80-bit keys, which, even more than two decades after their release, still provides sufficient security to prevent someone from cracking them, the researchers say. But TEA1 has a feature that reduces its key to just 32 bits—less than half the key’s length. The researchers were able to crack it in less than a minute using a standard laptop and just four ciphertexts."

 

RayAir

Member
Joined
Dec 31, 2005
Messages
1,946
TEA1 and 4 are approved for export.
90's proprietary encryption.
Not surprised at all.

Reminds me of Motorola DVP. Has a very large key variable on paper but turns out it is linear and after analysis there were only 255 (approximately) possible keys.

I'd be highly suspect of any proprietary encryption:
Motorola DVI-XL, DVP-XL
GE/Macom VGE

I would love to see an analysis on DVP-XL and VGE.

Thankfully today open encryption standards are used (AES).
 

Ubbe

Member
Joined
Sep 8, 2006
Messages
9,698
Location
Stockholm, Sweden
TETRA also does not support simulcasting, adding to its spectrum inefficiencies.
I'm not sure that simulcast are that more spectrum efficient over a large area. You will need to have a high capacity for the city area to handle all its users. And then you'll need to build just as high channel capacity in the suburbs where there are perhaps 5 times fewer users. In a non-simulcast system you can use a high capacity number of channels for the city but in the suburbs you only need 1/5 of the number of channels to not get a busy. And at the other side of the city in the suburbs you can reuse the frequencies from the other suburb area across town without interference issues. You free up 4/5 of the frequencies at the outer side of the suburbs to be used for other purposes. In simulcast you block the frequencies from being used by others in a very large area.

It probably depends a lot of the terrain and how directional antennas are being used to favor a simulcast solution. I hope they use unbiased third party evaluaters before deciding for a system design as the radio companies will suggest a system that will sell as much hardware as possible. Simulcast systems are a real money pit that needs good finances.

The main reason for simulcast must be that radios do not have to roam between sites, it's seamless between sites and the control channel will then have a very light load when stripped of roaming info. For a Tetra system the control channel data can be so excessive that it needs users to roam to secondary data channel slots if they transmit a lot of GPS positions and other additional info and at the same time switch sites at a high frequent rate when moving between high rise buildings.

But I can see that in simulcast the control channel of a site will be interfered from users not local, as they use the same frequency, and will load the control channel and asks for repeats of data from local users that gets interfered. So perhaps the interference level for site receivers might be higher in simulcast that reduce the max possible load level.

/Ubbe
 

radionx

Member
Joined
May 31, 2022
Messages
183
"Thankfully today open encryption standards are used (AES)."

Correct implementation is relevant. The whole chain has to fit.

And no, I do not trust anybody. Encryption won't save a failing society under hybrid warfare.

Would be very sad if the chinese and russians knew about your backdoors...
 

mikenet

Member
Joined
May 16, 2007
Messages
15
TEA1 and 4 are approved for export.
90's proprietary encryption.
Not surprised at all.

Reminds me of Motorola DVP. Has a very large key variable on paper but turns out it is linear and after analysis there were only 255 (approximately) possible keys.

I'd be highly suspect of any proprietary encryption:
Motorola DVI-XL, DVP-XL
GE/Macom VGE

I would love to see an analysis on DVP-XL and VGE.

Thankfully today open encryption standards are used (AES).

If anyone is interested, here‘s that paper on DVP (non-XL):

https://www.cryptomuseum.com/crypto/motorola/saber/files/vulcan_201409.pdf
 
Top