TETRA hacking is coming: OsmocomTETRA

It’s very exciting to see the release of OsmocomTETRA, the first opensource SDR (Software Defined Radio) implementation of TETRA demodulator, PHY and lower MAC layers.

It’s the TETRA version of GSM airprobe that unlock access to the data and frame of TETRA communication protocol, thus giving great hacking opportunity!

Now that also TETRA technology has been opened we should expect, during this 2011, to see opensource TETRA sniffers and most probably also TEA encryption (the Tetra Encryption Algorithm) cracked!

TETRA is used by Police, Emergency Services and Militaries as an alternative mobile communication network that can works even without the availability of network coverage (only mobile-to-mobile without a base station) and provide some special high availability services.

I wrote about TETRA in my slide Major Voice Security Protocol Review .

In OsmocomBB mailing lists there was already discussion about some TETRA network status:

  • Belgium Police TETRA ASTRID network: unencrypted
  • German Police test TETRA network in Aachen: unencrypted
  • Some ex-jugoslawia TETRA network: unencrypted
  • Netherland C200 TETRA network: TEA2 encrypted with static keys
  • UK Airwave TETRA network: TEA2 encrypted with TEA2

It will be really fun to see that new Police and rescue service hacking coming back from old analog ages to the new digital radios :-)

5 Comments

  • 1
    Henrik
    27 June 2011 - 6:44 pm | Permalink

    I hope i can listen to Swedish Police soooon :)

  • 2
    Pepijn
    7 July 2011 - 10:39 pm | Permalink

    The Dutch C2000 network has a static key?! That can’t be…

  • 3
    Sylvain
    25 September 2011 - 2:45 pm | Permalink

    The belgian ASTRID network is now encrypted (TEA2).

  • 4
    Anton
    2 November 2012 - 2:37 am | Permalink

    Any more news on this? any one able to crack the UK airwaves yet?

  • 5
    Belico
    18 October 2013 - 11:30 am | Permalink

    Has there been any further research on TEA2 with TEA2 Encryption yet?

    This is probably not implemented yet but how about real-time voice or Data Decryption of Airwave TETRA?

    Speed up little programmers :)

  • Leave a Reply

    Your email address will not be published. Required fields are marked *