back to article Bug hunters on your marks: TETRA radio encryption algorithms to enter public domain

A set of encryption algorithms used to secure emergency radio communications will enter the public domain after an about-face by the European Telecommunications Standards Institute (ETSI). The algorithms are used by TETRA – short for the Terrestrial Trunked Radio protocol – and they are operated by governments, law enforcement …

  1. Lee D Silver badge

    Well, let's see what kind of rubbish is in that, I'm guessing at this point it'll be obsoleted within a year (because presumably most TETRA radios are pretty much unpatchable, despite it being 2023) and replaced with something else because of what's found when this happens.

    1. dermotw

      In fact most are patchable.

    2. Ball boy Silver badge

      Obsolete within a year, maybe - but still be in daily use

      TETRA is used extensively and it won't be an easy upgrade if it can't be patched to cope seamlessly with both old and new standards. By way of example, in the UK, each regional Police force has its own budget. In order to swap their radio kit to a new standard, all forces would have to align their strategies and buying cycles. If not, they'd be pretty much obliged to stick to the old standard until their neighbouring forces had also upgraded. At a time when budgets are under huge pressure, I can't see this being a quick change for them.

      Granted, some users (higher security users like government spooks and other very specialist sub-groups) might get new kit sooner - but the existing hardware is in the hands of so many 'normal' users it could take a while to effect a changeover unless in-field patching is possible.

    3. emfiliane

      Most of these units run on a mobile OS, like Symbian, WinCE/Mobile/Embedded, VxWorks, etc, with updateable software on top. You'd have to go *way* back to find bare-hardware systems. Firmware updates are a fact of life for the departments that use them -- newer ones even do OTA!

      In fact, the release of the vulnerability coincided with availability of new firmware across most in-service models and confirmation that major customers had applied them. (There are really only a few big makers, for that matter.)

      I have no idea where you guys are getting the idea that these are some black box that once put out into the world, just exists in stasis forever, and can only be fixed by a total upgrade cycle.

      1. Lee D Silver badge

        It's not the black-box or even the software that would be the problem.

        The hardware has to be able to do what you need it to do and cope with any new encryptions required, or patch any flaws in the radio end of the protocol.

        They are not, presumably, software-defined radios, and they are based on a given base encryption requirement which may well be about to change if this one is obsoleted.

        In the same way as Wifi / 3G means changes to previous generations and the next generation requires hardware changes or far more oomph to manage (and thus not every hardware is upgradeable), or other assumptions built into the hardware design mean that it can't actually do what you want no matter what software you throw at it.

        To pick an analogy in a field we should all be familiar with - it's relatively easy to change the software on an Wifi router to talk WPA3 if it's just using software supplicants. It's a different thing entirely if it uses any kind of hardware supplicant or acceleration for such, and may not be possible at all. Hence obsoleting rafts of hardware that were working fine.

        And if you factor in that you just listed 3 different mobile OS, and hardware systems are likely to vary depending on manufacturer and purchase date, that could mean a lot of radios obsoleted, or a lot of radios running insecure portions of the software for backwards compatibility.

        This looks to me to be a far bigger potential problem - if those protocols are actually insecure and need to be changed for something that requires even a little more oomph.

        1. Blazde Silver badge

          The protocol being old is not the same as the hardware being old. I'd bet very little in active use is much beyond 10-15 years old, which means - like modern Wi-Fi routers - it will have very programmable signals processing and general purpose chips, and will have way more 'oomph' than any hypothetical future TETRA encryption can possibly require because they all come bundled with modern Wi-Fi/Bluetooth/LTE capability too.That TETRA is so old is extra reason to expect that, aside from the antenna size, it's all/almost all software implemented.

        2. Anonymous Coward
          Anonymous Coward

          As someone who is familiar with UK TETRA Implementations I'll say that any handset made after around 2007 will be upgradable with new keys and software. Prior to that you're probably going to have more problems finding the right cable than doing the actual upgrade. There are still some orgs still using ancient 15+ Year old MTH800s and SRG3500 handsets that are WAY past their design life. These may present a problem in that they're quite difficult to upgrade unless you spend half an hour cleaning the contacts first. Any org even remotely bothered will be on sub-10 year old radios anyway.

          Saying the above is all dependent on ESWhen delivering -more than likely not- in the near future and if TETRA is kept (Probably). General Opinion is that any incoming government will take ESN out behind the shed and quietly put it out of its misery.

  2. nojobhopes
    Black Helicopters

    Quantum-proof ?

    "quantum-proof" err ok. What do they know we don't?

    1. druck Silver badge

      Re: Quantum-proof ?

      The post quantum snake-oil salesmen have jumped on this bandwagon too.

  3. PB90210 Bronze badge

    In other news...

    The government want us to weaken public encryption standards...

    Oops!!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like