Encryption made for police and military radios may be easily cracked
26 comments
·August 7, 2025genocidicbunny
Huh, I was catching up on DEFCON videos recently, and just earlier this morning watched the talk about Tetra. How serendipitous.
tptacek
The funny thing about this is that my municipality just recently started encrypting their radios at all. And it was controversial! Residents liked being able to listen in to the scanners.
nonameiguess
I'll never forget 8 years ago someone managed to set off every tornado siren in Dallas for an entire Friday night, apparently because they're controlled by radio and the control signal was not encrypted, so the "hacker" just recorded it during a real alert and then played it back to attack the system.
lazide
Previously you could hear what was going on in town - a degree of transparency around police.
Now you can’t. For better or worse, eh?
ronsor
And now they're going to be unencrypted again, but not by choice!
tptacek
No, this story is about TETRA radios, which are used in Europe; I'm in Chicago, on Motorola's STARCOM (P25), which is ostensibly AES (it wouldn't be shocking to find vulnerabilities; in fact shocking not to, but it won't be as crazy as TETRA, which freelanced its entire encryption stack).
colmmacc
I listened to your great podcast and the remark along the lines of "unencrypted police comms let the robbers know when the police are getting close" made me wonder if anyone has built a simple signal intensity detector for the encrypted radios. You don't need to hear the contents to know that the radios are closing in on you. I can't imagine police forces practice RF silence like special forces do.
It really would be better to hide in the noise of 5G.
drewnick
Note this affects TETRA which is not used in North America. Most US systems use P25 which is not mentioned in the article.
kotaKat
Not like there’s not enough problems with P25… until the day they can deploy LLE (link-layer encryption) across all P25 systems, there will always be a way to gather some kind of intelligence about the system and its radio traffic.
(And the fact that it’s taking so long to implement link layer authorization, barely a scratch in the security dent…)
anfractuosity
Very interesting, curious how long it would take to brute force the 56 bit key, with something like a GPU/FPGA. It looks like hashcat supports DES, which is also 56 bit.
tonetegeatinst
I believe TETRA was already vulnerable to being broken based of some research that a group did into the protocol. They showed a proof video but didn't release any technical info or poc due to security fear.
theturtle
Cool! Maybe all the apps and sites intended to let you keep track of what your local kopz are doing will work again!
null
drumhead
I mean, in this day and age is it such a bad thing that police and military radio is crackable?
dist-epoch
Is it still illegal in Europe to buy radios with 128 bit encryption?
cluckindan
As in TETRA? Probably not, as SDRs are widely available anyway, as are scanners capable of decrypting TETRA traffic.
You do need authorization to buy a transmitter though, at least where I live.
dist-epoch
I meant like hand-held walkie talkies. But with 128 bit encryption.
Weird it's regulated, given you can use mobile phones like that (sure, you need coverage).
GauntletWizard
It's still illegal to point out that the emperor has no clothes
mystraline
Its also illegal to report hospitals that post PHI (protected health information) over POCSAG or FLEX - pager networks. Of course, theres no encryption or anything. The encoding is plain text.
Yes, it is also illegal to post PHI over pagers, due to HIPAA addendum in 2016.
But 1986 ECPA law forbids decoding pager messages unless they were intended for you.
eitland
> You’ve read your last free article.
Haven't read a Wired article in months :-|
And thanks to poster for adding archive link.
robterrell
Wired is killing it with great reporting this year. Worth subscribing and supporting.
kstrauser
I've done that. It seemed like Wired got lost on the road for a while, but lately they're back with a vengeance, which I'm delighted to see (and to support).
https://archive.ph/5GMa5