The European Telecommunications Standards Institute (ETSI) has made the decision to release the encryption algorithms used in the Terrestrial Trunked Radio (TETRA) standard to the public domain. This move addresses concerns raised in the security community regarding the secrecy surrounding the algorithms, which hindered third-party researchers from testing the code and identifying vulnerabilities [1] [3].
Description
The TETRA protocol [1] [2] [3], currently utilized by various organizations such as governments [1] [3], law enforcement [1] [3], military [1] [3], and emergency services in Europe and the UK [1] [3], will now have its encryption algorithms accessible for scrutiny and bug detection. The TETRA standards committee unanimously voted in favor of making the algorithms open-source, although the release date has not yet been specified. Additionally, in response to the discovery of critical vulnerabilities in the TEA1 algorithm by Midnight Blue Labs, the TETRA system will incorporate three new quantum-proof algorithms, namely TEA 5, 6, and 7 [3], which were introduced in 2022.
Conclusion
This shift towards openness and transparency in encryption protocols signifies a significant change in addressing security vulnerabilities in communication standards [4]. It will have implications for device manufacturers and critical infrastructure networks that rely on TETRA for secure radio communication [4]. By allowing scrutiny and bug detection, the release of the encryption algorithms aims to enhance the overall security of the TETRA system.
References
[1] https://vuink.com/post/gurertvfgre-d-dpbz/2023/11/14/tetraencryptionalgorithmsopensourced
[2] https://www.bankinfosecurity.com/european-telecom-body-to-open-source-radio-encryption-system-a-23599
[3] https://cyber.vumetric.com/security-news/2023/11/14/bug-hunters-on-your-marks-tetra-radio-encryption-algorithms-to-enter-public-domain/
[4] https://cybersecurity-see.com/european-telecom-body-to-launch-open-source-radio-encryption-system/
