Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others.

  • cosmo
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    Funny how this came out when there’s been a renewed push for backdoors in cryptography. They all seem to forget that all it’d take for an adversary to get in is for them to find the backdoor… Sadly this kind of thing is pretty common in the radio sphere - the “basic” encryption (better called ‘privacy code’) on DMR radios is often one of 16 or 256 different codes, and the next step up is 40-bit ARCFOUR. For AES, you have to pay through the nose for software licences, and most users won’t or can’t bear the costs. The only good news is the higher-tier algorithms like TEA2/TEA3 weren’t vulnerable - and they’re more likely the ones in use by emergency services.

    • Ret the Folf@furry.engineer
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      @cosmo @stefenauris @bersl2 agree except that TEA2/3 weren’t vulnerable *in this particular study*. ETSI/TCCA are (foolishly, I think) sticking to their guns on the algorithms being tightly controlled. Without proper, widespread academic scrutiny there is little confidence that they are *actually* secure.

      • Ret the Folf@furry.engineer
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        @cosmo @stefenauris @bersl2 I like how the researchers in their release squarely blame the TEA1 issues on failure to adhere to Kerckhoffs’s principle; but ETSI in their response completely fail to address that and adopt a “this is fine” stance.