Researchers discovered intentional vulnerabilities in an encryption algorithm used in radios for critical infrastructure. The European Telecommunications Standards Institute advised deploying end-to-end encryption solutions for added security. However, a flawed implementation of the endorsed solution was later found to also be vulnerable to eavesdropping, using a 128-bit key compressed to 56 bits, facilitating easier cracking. The end-to-end encryption is widely used by law enforcement and military agencies, raising concerns over the security of sensitive communications given the flawed implementations.
At least one implementation of the end-to-end encryption solution endorsed by ETSI has a similar issue that makes it equally vulnerable to eavesdropping.
The encryption algorithm used for the device examined starts with a 128-bit key, but this gets compressed to 56 bits before it encrypts traffic, making it easier to crack.
Collection
[
|
...
]