Update 9 August 2023 —
The full source code of the reverse-engineered
TETRA encryption algorithms
plus a paper written by the Midnight Blue researchers are now available
Digital two-way trunking radio network
TETRA, the abbreviation of Terrestrial Trunked Radio 1
is a standard for digital two-way trunked radio networks,
set in 1995 by the
European Telecommunications Standards Institute
(ETSI). It is used in more than 100 countries by public safety services
(police, ambulance, fire),
transport services, railways, intelligence services and the military.
It is often known under different national names
(Netherlands), ASTRID (Belgium) , BOSNET (Germany) and AIRWAVE (UK).
TETRA is the most widely used
police radio communications system outside the United States (US).
Like similar standards, such as
P25, DMR and TETRAPOL, it can be used for voice and data transmission.
TETRA uses time-division multiple access (TDMA) with four 'slots'
on a single carrier, with 25 kHz carrier spacing.
For speech, the ACELP codec is used, which is an improved variant of LPC.
In addition, voice and data can be secured by adding optional encryption.
On 24 July 2023, researchers from the Dutch security firm
Midnight Blue revealed several
weaknesses in the encryption and authentication algorithms,
and proved that these flaws were exploitable.
Among the discovered vulnerabilities was a deliberately
created backdoor. 2
The disclosure of these vulnerabilities is known under the project
Formerly known as Trans-European Trunked Radio
Whether or not it should be called a backdoor is a semantic
discussion. ➤ More
TETRA networks on this website
TETRA supports point-to-point as well as point-to-multipoint transmissions.
Data transmission is supported, albeit at low data rates.
The following modes of operation are supported:
TMOTrunked Mode Operation
DMODirect Mode Operation
The map below shows in which countries TETRA is used, based on open sources.
These are police forces, military and intelligence services,
and other critical infractructure such as airports, harbours,
power plants, etc. Scroll down for a more detailed overview of each user category.
Worldwide penetration of the TETRA standard for two-way radio networks
The map below shows the countries in which the police forces and
affiliated services use TETRA. This is the vast majority of public
safety services in the world. In many cases
the networks are known under different (local) names. Below the map
are some examples of networks used by the police and other emergency
services throughout Europe, with their network names .
TETRA used by police and affiliated services
Military & Intelligence services
The map below shows in which countries TETRA is used by one or more military
or intelligence organisations for primary, fallback or interfacing
communications, based on open sources .
TETRA used by military and/or intelligence services
The map below shows the countries in which TETRA is used in critical
infrastructure, such as airports, harbours, train stations, power plants,
chemical factories, large scale industry, etc. In most cases, TETRA is used
for voice communication. In addition, TETRA is used for data traffic in
SCADA WAN systems, such as
substation & pipeline control and railway signalling .
TETRA used in critical infrastructure
TETRA can be cryptographically secured by means of a set of proprietary
encryption algorithms, which are available to a limited number of parties
under strict NDA.
As the algorithms are secret, they have not been subjected to public
security research. This is generally regarded a violation of
Kerckhoffs' Principle .
The secret algorithms were developed and evaluated by international experts,
commissioned by ETSI-SAGE — the
Security Algorithms Group of Experts
The following algorithm suites are known:
- TETRA Authentication Algorithm
- TETRA Encryption Algorithm
TAA1 is a suite of cryptographic primitives used for authentication,
key derivation and Over The Air Re-keying (OTAR). It is based on the
HURDLE II block cipher, developed in 1996 at the Royal Holloway University of
London (UK) and evaluated by the other ETSI-SAGE members .
TEA is an encryption suite 1 for Air Interface Encryption (AIE) that
consists of four stream ciphers, each with an 80-bit key length, with a varying
level of security. The following TEAs are known:
- Commercial use, restricted export
- European emergency services
- Extra-European emergency services
- Commercial use, restricted export
The TEA1 and TEA2 algorithms were developed between January 1996
and February 1997 at Philips Crypto BV in the
Netherlands, and were evaluated by the other ETSI-SAGE members .
Once approved, the TAA and TEA algorithms were imlemented as ETSI
One of the people who worked on TEA1 and TEA2 on behalf of
Philips Crypto, was Cees Jansen .
The TEA2 algorithm was intended for use by emergency services within
Europe and is arguably the most secure one in the TEA suite.
The TEA1 algorithm is very similar, but as it was intended for commercial
use and export, its key had to be weakened as part of the specifications.
TEA3 was developed for use by emergency services outside Europe
and is very similar to TEA2.
In addition, optional vendor-specific end-to-end encryption (E2EE)
can be deployed on top of AIE, such as AES256 which can be added to
some TETRA devices in the form of a SIM card.
Not to be confused with Tiny Encryption Algorithm.
The diagram below shows which parts of the frequency spectrum are reserved
for use of TETRA equipment. Three segments are assigned in the 400 MHz
band: 380-400 MHz, 410-430 MHz and 440-470 MHz. In the first segment,
two ranges are reserved for the European emergency services: 380-385 MHz
for the mobile stations (uplink), and 390-395 MHz for the base stations
(downlink). The frequencies are harmonised throughout Europe to allow
The remaining two segments 410-430 MHz and 440-470 MHz, plus two smaller
segments (870-876 MHz and 915-921 MHz) are also used for TETRA, but
not exlusively. They are shared with other services, such as PMR, PAMR
A hint that the TEA1 algorithm might have a weakness, can be found
in a diplomatic cable from 2006
– published by WikiLeaks –
about the export of TETRA equipment from Italy to Iran .
In the event, the Italian company Finmeccanica
wanted to export TETRA equipment with TEA1 encryption to Iran, and
contacted the American Embassy in Rome (Italy) to seek for approval.
In the cable, Finmeccanica's Head of Public Affairs Camillo Pirozzi,
is quoted saying:
4. (SBU) Comparing the TETRA technology to that found in a GSM cell phone,
Pirozzi asserted repeatedly that "TETRA is absolutely not included in
In this context, Wassenaar refers to the Wassenaar Arrangement
on Export Controls for Conventional Arms and Dual-Use Goods and
Technologies, established on 12 July 1996 in Wassenaar (Netherlands)
. A little further in the cable, Pirozzi claims:
Pirozzi concluded by noting that the encryption of the TETRA radio system,
less than 40-bits, is below the level of encryption that is considered for
This suggests that any encryption with less than 40 bits is not
considered a weapon, and confirms that TEA1 is indeed less than
In July 2023, researchers of the Dutch security firm
Midnight Blue revealed
that they had found five vulnerabilities in the TETRA protocol set, two
of which are deemed critical. One of these critical vulnerabilities
appears to be a backdoor, that is likely to have been inserted
As the TAA and TEA algorithms are secret, they have never been
publicly disclosed and, hence, have never been subjected to in-depth
scrutiny by the public. In order to find any vulnerabilities in the
code, the researchers therefore first had to reverse-engineer the
TAA and TEA algorithms.
The reverse-engineering project — RE:TETRA — began
on 1 January 2020, after Midnight Blue
had received funding from the
non-profit NLnet foundation, as part of its
European Commission supported NGI0 PET fund.
Once the software had been extracted and reverse-engineered, the researchers
were able analyse the code with the intention to find flaws
and ultimately mount an attack. Over the course of more than one year,
the following vulnerabilities were discovered:
- ★★★★★ — Dependence on network time
- ★★★★★ — Backdoor in TEA1
- ★★★★☆ — Lack of ciphertext authentication
- ★★★☆☆ — Weak anonymisation
- ★☆☆☆☆ — DCK can be set to 0
The first two are deemed critical.
The vulnerabilities were shared with the Dutch NCSC (NCSC-NL)
in December 2020 and were made public on 24 July 2023. In the meantime,
equipment suppliers were given the ability to develop updates or
other mitigations for the reported issues.
➤ More about the TETRA:BURST vulnerabilities
TETRA equipment is also used by radio amateurs (HAMs) on frequencies that
have been assigned to the Amateur Radio Service. Note that the use of
encrypted communication is not allowed on amateur frequencies.
Instead, all TETRA radios must be programmed with CLEAR firmware.
In some countries, amateur TETRA repeaters are operational in DMO
and/or TMO modes.
Some useful links:
AccessTDMA, 4 slots
Ouput1, 3, 10 or 30 Watt
CodecACELP, 7.2 kb/s
Public safety308-385 MHz (uplink)
Civil use385-390 MHz
Public safety390-395 MHz (downlink)
Civil use395-400 MHz
Civil use410-430 MHz
Civil use440-470 MHz
Civil use870-876 MHz
Civil use915-921 MHz
Clear7.2, 14.4, 21.6, 28.8 kb/s
Secure4.8, 9.6, 14.4, 19.2 kb/s
Secure+2.4, 4.8, 7.2, 9.6 kb/s
- Ангстрем (Angstrem)
- Rohde & Schwarz Bick
- Wikipedia, Terrestrial Trunked Radio
Visited 27 July 2023.
- Wikipedia, ASTRID
Visited 27 July 2023.
Midnight Blue, 24 July 2023.
- Cees Jansen, TEA co-developer at Philips Crypto BV
Crypto Museum, July 2023.
- Royal Holloway, University of London, Impact case study (REF3b)
Design of a block cipher used in TETRA secure radio.
REF2014. Undated but probably 2014.
- Wikipedia, Algebraic code-excited linear prediction
Retrieved 5 AUgust 2023.
- Wikipedia, Kerckhoffs's principle
Retrieved 5 August 2023.
- Finmeccanica still pursuing radio contract with Iranian Police
Cable from Italy Rome to Joint Chiefs of Staff, Secretary of State.
B. ROME 01824, 18 July 2006. Obtained via WikiLeaks.
- Wikipedia, Wassenaar Arrangement
12 July 1996. Retrieved 7 August 2023.
- All Cops Are Broadcasting, Breaking TETRA after decades in the shadows
Presentation by Jos Wetzels, Carlo Meijer and Wouter Bokslag at Black Hat 2023.
Midnight Blue, 9 August 2023
- Cees Jansen, De Crypto van C2000
2 August 2023.
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?|
© Crypto Museum. Created: Sunday 30 July 2023. Last changed: Saturday, 26 August 2023 - 09:12 CET.