TETRA (TErrestrial Trunked RAdio) (TErrestrial Trunked RAdio)

History

2023

All TETRA encryption algorithms will be opened. Special communications try to protect against wiretapping

The Technical Committee of the European Institute of Telecommunications Standards (ETSI TCCE), which is responsible for the development of TETRA trunking technology , announced the discovery of all encryption algorithms that were used in the radio interface of this communication standard. TETRA contains a set of proprietary cryptographic algorithms for the radio interface, which are called TEA 1,2,3 and 4 - they are already actively used. However, this year there were several studies that showed the unreliability of the encryption used in them.

In addition, in 2022, ETSI introduced additional sets of post-quantum encryption algorithms called TEA 5, 6 and 7, which assume protection against possible attacks using quantum computers. With its decision, TCCE decided to fully open this whole set of algorithms to discussion with the community. Additionally, a specification of authentication and key management mechanisms will be published, both the old version (TAA1) and the new version (TAA2). Work to open, discuss and improve encryption and authentication standards will be supported and based on TCCA.

ETSI headquarters in Antipolis

The decision came at a TCCE meeting in October after a lengthy discussion of problems caused by research published earlier this year about hacking encryption algorithms that are used in TETRA. The discovered vulnerabilities allowed outsiders to both listen to the transmission of messages and de-anonymize the communicating parties. Since the TETRA standard is used both in Europe and in Russia in government, local government, police, rescue services, fire brigade, emergency medical care and other operational services to coordinate their actions, its wiretapping can have socially dangerous consequences.

The meeting was attended by a significant portion of the TETRA community, which includes operators, users, equipment manufacturers and government structures, "Brian Murgatroyd, TCCE ESTI Committee Chairman, noted in a press release. - After the publication of algorithms, we are open to academic research and independent evaluation.

Moreover, the press release refers to the public development of the AES standard, which was selected as a result of a competition organized by the American Institute of Standards NIST in 1997. Perhaps TCCE plans to organize a similar competition to improve encryption algorithms for TETRA, including post-quantum - since this part of TCCE's developments will be published. "Effective verification of publicly available algorithms allows you to identify any shortcomings and mitigate them before their widespread implementation occurs," the press release said. In any case, the technical committee will not repeat the process of private development of encryption standards, which "was a common practice in the early 1990s^[1].

Holes in the TETRA wireless standard have allowed hackers to sabotage police-army communications in 170 countries for 25 years

On July 24, 2023, the Dutch company Midnight Blue, specializing in information security issues, announced the discovery of a number of dangerous vulnerabilities in the international wireless standard TETRA (Terrestrial Trunked Radio). Holes for about a quarter of a century allowed hackers to sabotage police-army communications in 170 countries.

The TETRA open standard for digital trunking radio communication was developed by the ETSI European Telecommunications Standards Institute. TETRA is widely used in service and technology communication networks. However, Midnight Blue experts say, the technology has never been subjected to in-depth security research in its more than 20-year history.

Holes in the TETRA wireless standard have allowed hackers to sabotage police-army communications in 170 countries for 25 years

In total, Midnight Blue specialists have identified five vulnerabilities called TETRA: BURST: they are described in the bulletins CVE-2022-24401, CVE-2022-24402, CVE-2022-24403, CVE-2022-24404 and CVE-2022-24400. The first two of these holes have a critical level of danger, two more are high, one is low. Vulnerabilities potentially allow an attacker to decrypt traffic in real time or after the fact, de-anonymize users, intercept incoming calls, inject messages and perform other malicious actions.

One of the problems is due to incorrect processing of timestamps. Another vulnerability affects the TEA1 algorithm: the standard 80-bit encryption key is reduced to such a length that it can be selected in a matter of minutes by brute force on a regular personal computer. In addition, authentication problems were detected. Most of the vulnerabilities identified affect all types of TETRA networks. Holes can be exploited by cybercriminals to spread misinformation, sabotage or espionage.^[2]

LTE settles TETRA

Experts are confident that in the next five to seven years, TETRA networks and other professional mobile radio standards will be replaced by LTE networks due to the growing market requirements for^[3] data transmission quality^[4].

This is stated in the study "Prospects for the introduction of broadband services in professional mobile radio networks based on LTE," conducted by J'son & Partners Consulting in 2013. According to the data presented by the company, TETRA and other standards of professional mobile radio communication (PMR) do not meet the modern requirements for the exchange of "heavy" content (video transmission in real time, fast transfer of large files, etc.).

According to an estimate made in 2013 by the TCCA (TETRA Critical Communications Association) working group, the use of LTE for emergency services communications will not be available until 2018, acceptable VoLTE quality for such subscribers is expected no earlier than 2020.

Motorola Dimetra SR

Motorola Solutions announced in May 2011 the Dimetra SR 8.0, a new software platform for the TETRA (TErrestrial Trunked RAdio) radio system. According to the developers, the Dimetra SR 8.0 platform will provide high performance for compact sizes and help customers optimally use limited installation space. The platform will increase the stability and functionality of the network, reduce operating costs and offer new opportunities for modernization and network management, the company notes.

Dimetra SR 8.0 can connect to networks other than TETRA, including compatible LTE networks. Thanks to the capabilities of the new solution, public safety organizations - law enforcement, fire services and ambulances - will be able to communicate on both broadband and TETRA networks. The new features will help customers further develop their network infrastructure, as well as meet their specific requirements, improve operational efficiency and optimize operator capital expenditures.

As reported in Motorola Solutions, the Dimetra SR 8.0 platform supports a new generation architecture that will help network operators significantly reduce operating costs (OPEX). The solution will reduce energy costs by 60% and reduce the total area of ​ ​ the switching premises by 30% compared to the previous version. In addition, the new platform has an automatic system update function that will allow network operators to eliminate the involvement of expensive IT services and reduce the total time spent on updating. The new system has the function of almost an instant update, reducing service costs by more than 60% compared to the previous version. The integrated features of the broadband network will provide users with the opportunity to constantly update and develop the TETRA system in accordance with their needs and with the advent of new technologies.

Chronicle

Notes