Researchers find ‘backdoor’ in encrypted police and military radios::The TETRA standard is used in radios worldwide. Security researchers have found multiple vulnerabilities in the underlying cryptography and its implementation, including issues that allow for the decryption of traffic.
A couple of things to keep in mind, some of which are in the article, some aren’t:
TETEA is mostly by first responders. The primary benefit of first responders using encrypted comm is to prevent unauthorized users interfering with real time communication in a crisis.
While the US military uses TETRA in some overseas locations, it is mainly used to coordinate with local emergency services, and has never been viewed as a secure form of communication.
Lastly, not to be too US centric but TETRA is almost never used in America, Project 25(P25) is mandated for most originations. P25 was developed after 9/11 as a radio interconnect standard for emergency services and first responders that allows radios to communicate regardless of manufacturer.
Good thing P25 is safe.
P25 only uses 56 bit encryption, there are better systems if you want to ensure that only the intended recipient will be able to receive your transmission. P25 is great for when you want to make sure that all your intended recipients can receive and intended senders can send, while minimizing undesired senders being received.
I probably could have done better with the wording on the link to a video contradicting what I’d said. It’s not meant to be taken seriously but that only really becomes obvious when you click through to find a video on how to make use of its flaws to disrupt traffic and listen in. Not everybody is going to do that though.
For now. Thanks love defcon videos!
A lot of the material in those videos is way over my head but it’s interesting to see what people are out there working on. Good for when I’m frustrated with my own projects and want to think about something else for a while. They show some interesting ways to mess with common P25 radios and while I don’t recall whether they went after a flaw in the protocol or the manufacturer’s implementation, part of it is also taking advantage of flaws built into the human operator which is always cool.