The three less-than-critical vulnerabilities consist of: CVE-2022-24404, a high-severity vulnerability arising from lack of ciphertext authentication on the AIE that enables a malleability attack CVE-2022-24403, a high-severity vulnerability that allows radio identities to be identified and tracked due to weak cryptographic design and CVE-2022-24400, a low-severity vulnerability that allows confidentially to be partial compromised through a flawed authentication algorithms that permits the setting of the Derived Cypher Key (DCK) to 0. The European Telecommunications Standards Institute (ETSI), which oversees the TETRA specification, did not immediately respond to a request for comment.
£2B in UK taxpayer cash later, and still no Emergency Services Network.Midnight Blue managed to reverse-engineer and publicly analyze the TAA1 and TEA algorithms for the first time, and as a result discovered the TETRA:BURST vulnerabilities." "In order to shed light on this important piece of technology, Midnight Blue was granted funding by the non-profit NLnet foundation as part of its European Commission supported NGI0 PET fund. "Despite being widely used and relying on secret cryptography, TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy," Midnight Blue explained in its disclosure.
These issues follow largely from export control practices that insist on weak encryption, they suggest. The security pros explain that the use of secret, proprietary cryptography has been a common theme in previously identified flaws affecting GSM (A5/1, A5/2), GMR (GMR-1), GPRS (GEA-1), DMR ('Basic' and 'Enhanced' encryption), and P25 (ADP) – used in North America.
0 kommentar(er)
