Tagged: Terrestrial Trunked Radio

Encryption on the TETRA Protocol has been broken

TETRA (Terrestrial Trunked Radio) is a digital voice and text radio communications protocol often used by authorities and industry in European and many countries other than the USA. A major advantage to a digital communications protocol like TETRA is it's ability to be secured via encryption.

Recently the security researchers at Midnight Blue in the Netherlands have discovered a collection of five vulnerabilities collectively called "TETRA:BURST" and most of the five vulnerabilities apply to almost every TETRA network in the world. These two most critical vulnerabilities allow TETRA to be easily decrypted or attacked by consumer hardware.

The first critical vulnerability is designated CVE-2022-24401 is described as decryption oracle attack.

The Air Interface Encryption (AIE) keystream generator relies on the network time, which is publicly broadcast in an unauthenticated manner. This allows for decryption oracle attacks.

The second vulnerability CVE-2022-24402 notes that a backdoor has been built into TEA1 encrypted TETRA, which allows for a very easy brute force decryption.

The TEA1 algorithm has a backdoor that reduces the original 80-bit key to a key size which is trivially brute-forceable on consumer hardware in minutes.

Midnight Blue are due to release more technical details about the vulnerabilities on August 9 during the BlackHat security conference. Due to the sensitivity of the findings, the team have also held back on their findings for over 1.5 years, notifying as many affected parties as possible, and releasing recommended mitigations. It's unclear at the moment how many TETRA providers have implemented mitigations already.

For more detail about the possible implications the team write:

The issues of most immediate concern, especially to law enforcement and military users, are the decryption oracle and malleability attacks (CVE-2022-24401 and CVE-2022-24404) which allow for interception and malicious message injection against all non-E2EE protected traffic regardless of which TEA cipher is used. This could allow high-end adversaries to intercept or manipulate law enforcement and military radio communications.

The second issue of immediate concern, especially for critical infrastructure operators who do not use national emergency services TETRA networks, is the TEA1 backdoor (CVE-2022-24402) which constitutes a full break of the cipher, allowing for interception or manipulation of radio traffic. By exploiting this issue, attackers can not only intercept radio communications of private security services at harbors, airports, and railways but can also inject data traffic used for monitoring and control of industrial equipment. As an example, electrical substations can wrap telecontrol protocols in encrypted TETRA to have SCADA systems communicate with Remote Terminal Units (RTUs) over a Wide-area Network (WAN). Decrypting this traffic and injecting malicious traffic allows an attacker to potentially perform dangerous actions such as opening circuit breakers in electrical substations or manipulate railway signalling messages.

The deanonymization issue (CVE-2022-24403) is primarily relevant in a counter-intelligence context, where it enables low-cost monitoring of TETRA users and their movements in order to allow a state or criminal adversary to avoid covert observation or serve as an early warning of impending intervention by special forces.

Finally, the DCK pinning attack (CVE-2022-24400) does not allow for a full MitM attack but does allow for uplink interception as well as access to post-authentication protocol functionality.

Below is a demonstration of the TEA1 CVE-2022-24402 attack on TETRA, and if you are interested the Midnight Blue YouTube channel also contains a video demonstration for the CVE-2022-24401 decryption oracle attack.

Demo: TETRA TEA1 backdoor vulnerability (CVE-2022-24402)

Currently, it is possible to decode unencrypted TETRA using an RTL-SDR with software like TETRA-Kit, SDR# TETRA Plugin, WinTelive, and Telive. In the video the research team appear to use Telive as part of their work.

We also note that in the past we've run several stories about Dejan Ornig, a Slovenian researcher who was almost jailed because of his research into TETRA. Dejan's research was much simpler, as he simply discovered that many Police radios in his country had authentication turned off, when it should have been on.

TETRA Decoding (with telive on Linux)
TETRA Decoding (with telive on Linux)

TETRA Decoding on Windows with Telive

TETRA is a type of digital voice and trunked radio communications system that stands for “Terrestrial Trunked Radio”. It is used heavily in many parts of the world, except for the USA. Telive is a decoder for TETRA which is compatible with RTL-SDR dongles, and has been around and in use for almost 2 years now. If you have unencrypted TETRA signals available in your area it can be used to listen in on them.

Telive is dependent on GNU Radio, so it is normally installed and used on a Linux system. Previously we wrote a tutorial on it’s installation and use, and other users have also made bootable Linux images of telive available.

However, now a TETRA experimenter by the handle of “cURLy bOi” has released a new prototype of a telive modification that works on Windows systems. It makes use of the GNU Radio for Windows development. The telive Windows file can be downloaded from curly’s webserver. His reademe file shows how to install and use the software and it reads:

This has been put together as lowest-effort configuration
to run telive on Windows system. I have also optimized to process (for example adding the CQPSK block to GRC since the python code in the original telive package is IN FACT some unused part of GNU Radio)

Warning:
———
This package contains pre-compiled binaries that work on my 64-bit system. I have compiled them inside the M-SYS2 package. If you don’t trust me, you can follow the installation guide from telive docs, just be prepared you are going to need a lot of packages for the M-SYS2 (pacman -S gcc automake git wget, etc.)

Install:
———
1) Download GNU Radio for Windows from http://www.gcndevelopment.com/gnuradio/downloads.htm
and install
2) Copy contents of gnuradio_mod to c:\Program Files\GNURadio-3.7\
3) Download and install M-SYS2 from https://sourceforge.net/projects/msys2/ and install
4) Copy contents of msys_root to your M-SYS2 installation directory
5) Download FFmpeg for Windows (64-bit Shared) from https://ffmpeg.zeranoe.com/builds/
and extract everything from bin to usr\bin in your M-SYS2 installation directory
6) In M-SYS2 shell execute “pacman -S socat”
7) Get GNU Radio Companion (GRC) projects from original telive package at
https://github.com/sq5bpf/telive/tree/master/gnuradio-companion
(only udp or xmlrpc, pipes won’t work)
8) Open whatever GRC project you want to use and edit it:
– Delete the link between (all) Fractional Resampler and UDP Sink
– From the modules on the right (ctrl-f to search) drag CQPSK Demod to project
(If you don’t see CQPSK Demod then you have messed up #2)
– Connect Fractional Resampler -> CQPSK Demod -> UDP Sink
– Change UDP Sink Input Type to Float in its properties
– Save

Use:
——
1) Open GRC project of your choice (already with the CQPSK Demod box)
2) Use the Project/Execute to run the project from the GRC
– OR –
If you had headless (without GUI) project, use Project/Generate option
to generate top_block.py file in the GRC project directory.
Then open GNURadio Command Prompt from Start menu, the use this command
c:\Program Files\GNURadio-3.7\gr-python27\python.exe -u c:\path\to\grc\project\top_block.py
This will enhance performance.
3) Open new M-SYS2 shell for every channel in that project and execute
command “receiver1udp X” where X is the number of each channel in GRC project
4) Open new M-SYS2 shell, resize it to 203×60 and execute:
– cd /tetra/bin
– ./rxx OR ./rxx_xmlrpc (if you are using XMLRPC GRC project)
You can edit these files to match your preferences
5) That’s it, should work.

Note that we have not tested this out ourselves yet and can’t guarantee the file safety or that it works, but we have no reason to believe that it wouldn’t be safe or not work.

TETRA Decoding (with telive on Linux)
TETRA Decoding (with telive on Linux)

RTL-SDR Tutorial: Listening to TETRA Radio Channels

NOTE: There is now a plugin available for SDR# that will decode TETRA fairly easily. It is still in beta and misses a few features found in telive. Check it out in this post.

TETRA is a trunked radio communications system that stands for "Terrestrial Trunked Radio". It is used heavily in many parts of the world, except for the USA. Recently, a software program called Tetra Live Monitor (telive) was released on GitHub. This software can be used along with the (patched) Osmo-TETRA software to monitor and listen to unencrypted TETRA communications.

Below we show a tutorial on how to listen to TETRA communications using a RTL-SDR RTL2832U software defined radio. This tutorial is based heavily on the telive_doc.pdf file that is written by the author of telive and included in the telive git download. Please refer to that pdf file for further details on how the software works. We have modified their tutorial slightly to make it a little easier to understand. As this code is still under heavy development if you have trouble please check their PDF file for modifications to the procedures.

Again, we reiterate: This tutorial is not a substitute for a thorough reading of the documentation. If you have trouble setting this software up, please refer to the telive documentation first, before asking any questions. It contains a comprehensive FAQ section which solves most of the common problems. The documentation can be found directly at https://github.com/sq5bpf/telive/raw/master/telive_doc.pdf. There is also a discussion at http://forums.radioreference.com/digital-voice-decoding-software/302347-tetra-decoding.html.

Decoding and Listening to TETRA Tutorial

Most of this tutorial is performed in Linux and we assume that you have some decent Linux experience. We also assume you have some experience with the RTL-SDR dongle and have a decent antenna capable of picking up TETRA signals in your area. If you don't have a RTL-SDR dongle yet see our Buy RTL-SDR dongles page.

Note: As of October 2016 there is now a Windows port of the Telive decoding software available. This may be an option for you if you prefer to run in Windows. More information here.

First, we will need to find some TETRA signals. The easiest way to do this is to open SDR# or another program like GQRX and look for them. TETRA signals are continuously broadcasting with a bandwidth of around 25 kHz. In most European countries they can be found at 390 - 470 MHz. In some countries they may be found around 850 MHz or 915 - 933 MHz. There may be several TETRA signals grouped in close proximity to one another. See the example images below.

 
A Zoomed in TETRA Signal
A Zoomed in TETRA Signal
  
TETRA Signals Zoomed Out
A Grouping of TETRA Signals Zoomed Out

An example audio clip of a TETRA signal recorded in NFM mode is shown below.

Once you have found some TETRA signals, record their frequencies. Now close SDR#, or whatever software you were using and boot into Linux. In this tutorial we use a 32-bit Ubuntu 14.04 virtual machine running on VMWare Player as our Linux system. Some of the commands may vary if you are using a different system.

Continue reading