Article illustration 1

Two years after exposing intentional backdoors in TETRA radio encryption used by global military and police forces, Dutch security researchers have uncovered equally severe vulnerabilities in the very solution recommended to fix them. The end-to-end encryption (E2EE) added atop flawed TETRA protocols—deployed by agencies from European special forces to Middle Eastern intelligence services—weakens cryptographic keys to levels easily crackable with modern computing power, enabling real-time eavesdropping and message manipulation.

The Broken Fix

Midnight Blue researchers Carlo Meijer, Wouter Bokslag, and Jos Wetzels reverse-engineered Sepura radios using E2EE endorsed by the European Telecommunications Standards Institute (ETSI). They found:
- Key Reduction Vulnerability: 128-bit keys get truncated to 56 bits before encryption, slashing entropy to levels crackable in minutes.
- Message Injection Flaw: Attackers can spoof or replay communications to spread disinformation—a systemic protocol design failure affecting all TCCA E2EE implementations.

"We consider it highly unlikely non-Western governments are willing to spend millions if they know they're only getting 56 bits of security," Wetzels told WIRED.

The E2EE was promoted by ETSI in 2023 as a mitigation for earlier TETRA algorithm weaknesses, where keys were reduced to 32 bits to comply with export controls. Ironically, the "fix" replicates the same pattern of cryptographic weakening.

Global Impact and Denial

Affected users span:
- Police in Belgium, Scandinavia, and Eastern Europe
- Intelligence agencies in Lebanon, Saudi Arabia, and Syria
- Military units in Finland, Poland, and Kazakhstan

Though ETSI claims governments "fully understand" their systems' security, researchers found minimal transparency. Confidential Sepura documents reference key-length reductions due to export rules, but most users remain unaware. Brian Murgatroyd of ETSI/TCCA acknowledged the E2EE design allows customization for export compliance but insisted national agencies bear responsibility for configurations.

The Core Failure: Opaque Standards

This saga underscores critical flaws in security-by-obscurity:
1. Proprietary Algorithms: TETRA's encryption remained unaudited for decades due to secrecy.
2. Export-Driven Weaknesses: Cryptographic integrity is sacrificed for regulatory compliance.
3. Broken Trust: Agencies deploying "enhanced" encryption unknowingly inherited fatal flaws.

As Wetzels notes, the vulnerabilities highlight how "security through obscurity is not security at all." With TETRA embedded in pipelines, railways, and grids globally, these findings demand urgent reevaluation of how critical infrastructure secures communications—and who gets to inspect the locks.