Introduction: This analysis examines vulnerabilities discovered in the TETRA (Terrestrial Trunked Radio) standard, a European radio standard used by military and police forces, as detailed in a Schneier.com blog post. The TETRA standard, which has been in use since the 1990s, incorporates encryption algorithms that were previously kept secret, contributing to the delayed public awareness of these security flaws.
In-Depth Analysis: The core of the issue lies in five vulnerabilities identified by three Dutch security analysts: Carlo Meijer, Wouter Bokslag, and Jos Wetzels, from the security firm Midnight Blue. These vulnerabilities are present within the encryption algorithms that are part of the TETRA standard, a system developed by ETSI (European Telecommunications Standards Institute). The TETRA standard is integrated into radio systems manufactured by prominent companies such as Motorola, Damm, Hytera, and Sepura. The fact that these flaws remained undisclosed for decades is attributed to ETSI’s prior refusal to permit external examination of the proprietary algorithms used in TETRA. The blog post notes that the author previously wrote about this topic in 2023, indicating a continuing relevance and development of the story. The disclosure of these vulnerabilities in 2023 by Midnight Blue marked the first public awareness of these weaknesses, as the proprietary nature of the encryption algorithms had effectively shielded them from scrutiny.
Pros and Cons: The primary strength of the TETRA system, as implied by its widespread adoption by military and police since the 1990s, is its established presence and presumed reliability for secure communication within critical sectors. However, the significant weakness exposed is the presence of multiple vulnerabilities within its encryption algorithms, which were hidden due to the proprietary nature of the standards. This proprietary approach, while perhaps intended to safeguard the technology, ultimately prevented independent security researchers from identifying and addressing potential flaws for an extended period. The delayed disclosure means that these vulnerabilities may have been exploitable for a considerable time without the knowledge of users or manufacturers.
Key Takeaways:
- Five vulnerabilities have been discovered in the TETRA (Terrestrial Trunked Radio) standard.
- These vulnerabilities are present in the encryption algorithms used within the TETRA standard.
- TETRA has been in use since the 1990s and is employed by military and police radio systems.
- Major manufacturers like Motorola, Damm, Hytera, and Sepura utilize the TETRA standard.
- The vulnerabilities remained unknown publicly for decades because ETSI kept the proprietary encryption algorithms secret.
- The discovery was made by Dutch security analysts Carlo Meijer, Wouter Bokslag, and Jos Wetzels of Midnight Blue in 2023.
Call to Action: Educated readers should consider the implications of these discovered vulnerabilities for the security of critical communications infrastructure. It would be prudent to monitor further disclosures and updates from security researchers and the TETRA standards body regarding the remediation of these flaws. Additionally, organizations utilizing TETRA systems should investigate the extent to which their specific radio models and configurations are affected and what mitigation strategies are available or being implemented by manufacturers.
Annotations/Citations: The information presented in this analysis is based on the content of the blog post found at https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html. The discovery of the vulnerabilities and the details regarding the TETRA standard, its manufacturers, and the role of ETSI are all derived from this source.