Encryption Flaws in Police and Military TETRA Radios Raise Security Concerns

Key Takeaways:

  • Dutch security firm Midnight Blue found that end-to-end encryption in TETRA radios reduces 128-bit keys to just 56 bits, weakening protection.
  • The discovery builds on 2023 research showing that TETRA’s TEA1 algorithm contained an intentional backdoor, cutting security from 80 bits to 32 bits.
  • The vulnerabilities impact radios used by police, military, intelligence, and critical infrastructure globally, raising questions about long-term operational security.

Researchers at Midnight Blue have uncovered a new weaknesses in the end-to-end encryption used in TETRA radios, a communications standard relied upon by law enforcement, defense agencies, and critical infrastructure operators in many countries. Their analysis revealed that the supposedly robust 128-bit encryption keys in some TETRA implementations are effectively reduced to just 56 bits, making them far easier to break with modern computing resources.

The findings, which the researchers plan to present at Black Hat 2025, follow a major 2023 disclosure in which the same team demonstrated that the TEA1 encryption algorithm in TETRA had an intentional backdoor. That flaw reduced security from an 80-bit key to an effective strength of only 32 bits, enabling far quicker brute-force attacks.

In addition to the reduced key strength, the researchers identified vulnerabilities that could allow attackers to inject false messages or replay intercepted communications. These weaknesses exist despite prior guidance from the European Telecommunications Standards Institute (ETSI) recommending that TETRA operators use end-to-end encryption overlays for added security. Midnight Blue’s new findings suggest that such overlays are not immune to compromise if the underlying cryptographic design is flawed.

TETRA radios have long been marketed as secure communications tools for high-stakes environments, but the research indicates that many deployed systems may be more vulnerable than their users realize. The design issues appear to be systemic across multiple vendors, as they stem from the TCCA’s E2EE protocol rather than a single manufacturer’s implementation.

The vulnerabilities could have far-reaching implications, especially for agencies conducting sensitive operations under the assumption that their radio communications were protected against interception. While exploiting these weaknesses requires significant expertise and resources, the reduced key sizes substantially lower the barrier for nation-state-level actors or well-funded adversaries.

Mitigation options include deploying updated encryption algorithms with full key strength, but such changes often require hardware replacements or firmware updates that can take years to complete across large fleets of radios. In the meantime, organizations dependent on TETRA may need to reassess the sensitivity of information transmitted over these systems and consider alternative secure channels where possible.

This latest research underscores that in cryptography, adding layers is not a substitute for strong foundations. Without robust algorithms at the core, even high-profile security tools can be undermined—potentially at the cost of operational integrity.


 

Loading
Share via
Copy link
Powered by Social Snap