CVE-2022-24403

De-anonymization attack in TETRA

CVSS 4.3 MEDIUMEPSS 0.1%CWE-327

In short

TETRA's identity encryption method uses a weak 64-bit key that can be recovered from just three pairs of encrypted and unencrypted identities, allowing attackers to impersonate users or decrypt private communications.

Technical detail

The TA61 identity encryption function derives its key material from a single 64-bit SCK or CCK value, enabling key recovery through meet-in-the-middle attacks with minimal known plaintext-ciphertext pairs. An adversary with access to three encrypted/unencrypted identity pairs can reconstruct the encryption key and subsequently encrypt or decrypt arbitrary identities, compromising confidentiality and user anonymity in TETRA Class 2 and 3 networks.

Summary generated and translated by AI from the official description.

The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary to encrypt or decrypt arbitrary identities given only three known encrypted/unencrypted identity pairs.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:U/RC:C/CR:H/IR:H/AR:H/MAV:A/MAC:L/MPR:N/MUI:N/MS:U/MC:L/MI:N/MA:N

Affected products

ETSI · TETRA Standard

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tetraburst.com/