Encryption Made For Police and Military Radios May Be Easily Cracked (wired.com)
- Reference: 0178607230
- News link: https://it.slashdot.org/story/25/08/07/217234/encryption-made-for-police-and-military-radios-may-be-easily-cracked
- Source link: https://www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/
> Two years ago, researchers in the Netherlands [1]discovered an intentional backdoor in an encryption algorithm baked into radios used by critical infrastructure -- as well as police, intelligence agencies, and military forces around the world -- that made any communication secured with the algorithm vulnerable to eavesdropping. When the researchers publicly disclosed the issue in 2023, the European Telecommunications Standards Institute (ETSI), which developed the algorithm, advised anyone using it for sensitive communication to deploy an end-to-end encryption solution on top of the flawed algorithm to bolster the security of their communications. But now the same researchers have found that at least one implementation of the end-to-end encryption solution endorsed by ETSI [2]has a similar issue that makes it equally vulnerable to eavesdropping . The encryption algorithm used for the device they examined starts with a 128-bit key, but this gets compressed to 56 bits before it encrypts traffic, making it easier to crack. It's not clear who is using this implementation of the end-to-end encryption algorithm, nor if anyone using devices with the end-to-end encryption is aware of the security vulnerability in them.
Wired notes that the end-to-end encryption the researchers examined is most commonly used by law enforcement and national security teams. "But ETSI's endorsement of the algorithm two years ago to mitigate flaws found in its lower-level encryption algorithm suggests it may be used more widely now than at the time."
[1] https://it.slashdot.org/story/23/07/24/1942216/researchers-find-backdoor-in-encrypted-police-and-military-radios
[2] https://www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/
Re:Why Encryption? (Score:4, Interesting)
Then the bad guy can just get a scanner and flee before the police show up.
Re: (Score:2)
You mean like they did for decades when all radio was open?
Re: (Score:2)
And that's a good thing?
Re: (Score:3)
Encryption doesn't matter. Just set up the scanner close call mode and scram when anyone transmits nearby. You don't actually need to know what they are saying. If you are up to no good, it's probably about you.
Re: (Score:2)
> Encryption doesn't matter. Just set up the scanner close call mode and scram when anyone transmits nearby. You don't actually need to know what they are saying. If you are up to no good, it's probably about you.
That's not how Land Mobile Radio works. They aren't using 2 way walkie talkies, they are transmitting to a base station that is networked together to hundreds of base stations across your city which then transmit out to any portable or mobile terminal that is registered to it. It's very similar to how mobile phones work and has been for about 50 years already, even back in the analogue days.
You'll pick up nothing but false positives with your method.
Re: (Score:2)
If you're planning mission critical communications over the radio you're doing it wrong.
Re:Why Encryption? (Score:5, Interesting)
> The police should not be able to have encrypted communications. Everything they say on the radio should be publicly accessible and a public record.
These two statements are not mutually exclusive. It's reasonable to assert that the communications should be a matter of public record while also suggesting that real time access to those communications should be restricted for the sake of officer safety and operational security. You might argue that leaving the records in the hands of the police is in itself a problem, but a different record keeping solution can be devised to solve that issue that doesn't require everybody and their grandmother to be able to eavesdrop on a police channel.
Re: (Score:2)
Yes, this. All communications should be secure. All official communications should be recorded, just like all officials who interact with the public should have those interactions recorded. Those communications should NOT be controlled by those who would be embarrassed by them, though this is a hard problem without a complete solution (and may be unsolvable). We should be able to approach a good solution though this requires pissing off officials and powerful/rich folks.
The current US administration has
Re: (Score:2)
Locally it is becoming a big question. The police maintain that sensitive/personally identifiable information is included in the transmissions and therefore access needs to be restricted. Encouraging out-of-band communication for that ends up pushing OOB for other things and it becomes a slippery slope. Locally they are trying to solve it where (certified) media has access to one talk group... but then you have issues like the current federal pressure on the media to limit reporting on some things.
Re: (Score:2)
With names, addresses, and specific details about crimes all redacted.
Agree! (Score:1)
I dispatched for a county sheriff for over 12 years and the sheriff, when (1995) we switched from VHF to UHF trunked, had the ability to scramble our communications and the sheriff sent down a pretty threatening memo to everyone. ONLY the drug & undercover units would be allowed to scramble. Any deputy, jail staff caught using scrambling over patrol channels would be fired. His reasoning was I do not want what our officers saying on the radio to be scrambled. The PUBLIC has a right to know what we are
Re: (Score:2)
So when they need to communicate sensitive information about victims, it should all be public?
RC4 is still widely used in APCO-25 systems (Score:3)
In the US, a lot of agencies are still using RC4 (known as Motorola advanced digital privacy, aka ADP ) for critical communications. And these agencies have zero clue how easy it would be to brute force the keys.
Re: (Score:2)
It's not about zero clue, it's about preventing inadvertent listening. There's very little operational need for perfect security for emergency services. Land mobile radio by design has very limited security in most cases just to stop someone setting up the wrong radio from accessing the wrong communications. It is like that with APCO-25 (P25) and it's like that with TETRA (which is what is used in Europe).
Re: (Score:2)
Yet would you use RC4 for wifi or web security?
Poor security is no security, and I'm shocked someone hasn't written a program that would tie into a cheap realtek SDR and eat ADP keys for breakfast.
It would be like when DVD encryption got cracked. Once someone buys a case a beer and spends a weekend coding it, the horse is out of the barn for good.
Re: (Score:2)
Two completely different things. With radios you need to be within physical range of the radio with advanced signal-interception gear to capture and decrypt the conversation, which will then give you some tactical comms that could well be out of date by the time you've recovered it.
With Internet-based stuff any attacker anywhere in the world with access to on-path capabilities can capture and decrypt at their leisure, and it's typically data that isn't short-term tactical comms that's stale after five min
Isn't this exactly what governments have demanded? (Score:3)
Back doors into encrypted communications? Is there a government in the world that hasn't demanded exactly this?
It should be a felony to insert backdoors (Score:1)
It should be a felony to insert backdoors in standards. It should not be free of consequences to threaten millions of peoples privacy.
Spooks backdoor encryption devices - who knew :o (Score:2)
Spooks backdoor encryption devices - who knew :o
Backdoor? (Score:3)
That doesn't really sound like a backdoor.
The original article says the standard cut it down to meet export control requirements. The algorithm in question is one of four choices, and the standard makes pretty clear that it's the one for shady foreigners:
> The Cipher Key has an input length of 80 bits;
> the Initialization Vector has a length of 29 bits. The effective Cipher Key length of TEA4 is reduced within the
> algorithm to 56 bits to permit worldwide exportability without restriction, at time of definition.
Re: (Score:2)
It gets worse, TEA1 truncates the key to 32 bits.
All these standards were developed in the 90's, back when they thought SSL 2.0 was fine, but turned out to the full of flaws. SSL 3.0 was also flawed.
40 bit RC4 and DES? You got the shitty algorithms in your web servers and browsers if you didn't work around the export restrictions of the time.
Military grade security (Score:3)
56 Bit RSA.
Re: (Score:1)
ROT-13 ? For double security, ROT-13 it twice sequentially.