Shulou(Shulou.com)11/24 Report--

CTOnews.com, July 25, TETRA (Trans EuropeanTrunked Radio) is an open wireless digital trunking standard developed by the European Telecommunications Standards Institute (ETSI). Security researchers have recently found that there are several security vulnerabilities in the standard, which can expose sensitive data transmitted through the standard.

Image source: commsroomCTOnews.com inquires relevant information. China confirmed the adoption of the TETRA standard in 2000 and worked in the 800MHz band according to the requirements of the Ministry of Information Industry; the Ministry of Public Security issued the TETRA system standard working in the 350MHz band in June 2004.

At present, the police, military and key infrastructure institutions in many countries and regions around the world have adopted the TETRA standard. After in-depth study, researchers believe that these loopholes have existed for decades and are specially reserved back doors.

ETSI subsequently issued a statement that disagreed with the researchers that these vulnerabilities were not backdoors, but export controls used to determine encryption strength.

Security experts say that consumer-grade hardware such as regular laptops can be used to decrypt radio traffic within 1 minute.

Jos Wetzels, one of the researchers at cyber security company Midnight Blue, said: "this is clearly a deliberate backdoor reserved by the agency, otherwise the vulnerability cannot be made effective."

This time, the focus is mainly on the TEA 1 encryption algorithm of the TETRA standard, and the researchers found that the loopholes in the encryption algorithm can be exploited for historical decryption and anonymization.

Midnight Blue will present their findings at the Black Hat Network Security Conference in August.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.