CVE-2022-24403
- EPSS 0.03%
- Published 05.12.2023 14:15:07
- Last modified 21.11.2024 06:50:20
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively from the SCK (Class 2 networks) or CCK (Class 3 networks). The structure of TA61 allows for efficient recovery of this 64-bit value, allowing an adversary ...
CVE-2022-24401
- EPSS 0.18%
- Published 19.10.2023 10:15:09
- Last modified 21.11.2024 06:50:20
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner....
CVE-2022-24402
- EPSS 0.39%
- Published 19.10.2023 10:15:09
- Last modified 21.11.2024 06:50:20
The TETRA TEA1 keystream generator implements a key register initialization function that compresses the 80-bit key to only 32 bits for usage during the keystream generation phase, which is insufficient to safeguard against exhaustive search attacks.
CVE-2022-24404
- EPSS 0.14%
- Published 19.10.2023 10:15:09
- Last modified 21.11.2024 06:50:20
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion.
CVE-2022-24400
- EPSS 0.16%
- Published 19.10.2023 10:15:08
- Last modified 21.11.2024 06:50:20
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero.