Tuesday, November 28, 2023

Radio Security news

Not to steal any thunder from The Silicon Graybeard, but this is pretty interesting:

A set of encryption algorithms used to secure emergency radio communications will enter the public domain after an about-face by the European Telecommunications Standards Institute (ETSI).

The algorithms are used by TETRA – short for the Terrestrial Trunked Radio protocol – and they are operated by governments, law enforcement, military and emergency services organizations in Europe, the UK, and other countries.

In mid-2023, Netherlands-based security firm Midnight Blue disclosed five vulnerabilities affecting all TETRA radio networks that could allow criminals to decrypt and intercept communications in real time.

The saying is that "Open Source makes bugs shallow" - more eyes on the code finds bugs faster, but we shall see.  Linked to this is how easy it will be to update vulnerable radios - my guess is not very.  We will also see if radios will need to support dual encryption schemes - one that is more secure for communicating with updated devices, and the old version for backwards compatibility.

As another old saying goes, the only reason that The Lord created the entire heaves and Earth in only six days was because he had no installed base to support.


1 comment:

Richard said...

Of course, encryption also prevents honest citizens from monitoring the police. It probably doesn't prevent terrorists who have more resources than either criminals or honest citizens.