Security Researchers Make A Shocking Backdoor Discovery In Police Radio Encryption Algo
The vulnerabilities and backdoor lie within TETRA or Terrestrial Trunked Radio, a European radio standard used by several large radio vendors. This standard has been in play since the mid-1990s, and given its age, it has found its way into use by law enforcement, militaries, critical infrastructure, and other fields, according to the researcher’s report. This is especially concerning when it comes to the backdoor, which allows the easy cracking of the encryption of communications.
Tracked as CVE-2022-24402, the backdoor in the TETRA standard has to do with TEA1, a stream cipher that is “intended for commercial use and restricted export scenarios.” In short, there is a feature in the algorithm that shortens the original 80-bit key size, which makes it possible to brute force. If brute forced, this would allow an attacker to intercept or inject messages into the communications if that communication line is not end-to-end encrypted (E2EE).
Aside from the backdoor, four other vulnerabilities could allow an attacker to compromise communications, deanonymize information, and generally compromise the CIA triad (confidentiality, integrity, and authentication). Generally speaking, this is not a pretty situation, as these problems are not necessarily easily fixed. While there have been some firmware updates, some of the problems would need remediation, such as E2EE, which is rather troublesome.
At the end of the day, this situation shows that there is quite a problem with security by obscurity. If you think your product is bulletproof by hiding it away, you would be incorrect as there will always be someone able to get that information and start breaking things. It is simply not how cybersecurity is done.
