RETETRA
Security Analysis of Proprietary Cryptography in Terrestrial Trunked Radio
Terrestrial Trunked Radio (TETRA) is a European standard for trunked radio used globally by government agencies, emergency services and critical infrastructure. Apart from most European police agencies (such as BOSNET in Germany or RAKEL in Sweden), military operators and emergency services, TETRA is also widely used for SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities. TETRA authentication and encryption are handled by secret, proprietary cryptographic cipher-suites known as TAA1 and TEA which are only available to select parties under strict NDAs which runs counter to both the spirit of open technologies and Kerckhoffs's principle. The latter's potential consequences are illustrated by the fate of A5/1, A5/2 and their GMR variants in cellular and satellite communications, allowing ciphers that can be broken in practice to fester in public and critical infrastructure for far too long. This project aims to reverse-engineer and subsequently perform cryptanalysis on these cipher-suites and finally formulate a hardening roadmap in order to provide a research-oriented FOSS implementation of the cipher-suites and aid affected parties in moving away from unexamined, proprietary security mechanisms towards open standards.
- The project's own website: https://tetraburst.com
Why does this actually matter to end users?
Cryptography is everywhere in modern communication: when you pick up your mobile phone to answer a call, enter a site URL in your browser bar or send a chat message, there is a complex series of mathematical operations happening behind the scenes to guarantee that no one can spy on your conversation, that the site you visit is legitimate and that your messages can only be seen by the friends you sent it to. These cryptographic solutions need to be secure for communication to be trustworthy or even function in general. This becomes even more important when considering emergency services and governmental telecommunication channels: a faulty or leaking connection could potentially cost lives.
To make sure that the cryptographic algorithms at the core of emergency communication channels work as intended, they should be open to verification and auditing. In case of the European TETRA-standard, unfortunately, this is not possible due to proprietary cryptographic suites that are sealed off to the public. Reverse engineering has shown that the cryptographic algorithms, also known as cipers, are flawed. As TETRA is widely used by governmental agencies, emergency services and critical infrastructure like remote control of oil rigs, transportation and electric and water utilities, these vulnerabilities should be addressed. This project will reverse-engineer the proprietary cipher suites and instead provide a secure, transparent open source alternative, so this critical infrastructure can rely on trustworthy technology that anyone can inspect and audit to guarantee safe communications.
Update: the outcomes of the project have been made public and are available on tetraburst.com.
This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.
