TEA2 & Encryption
Demodulator vs. decoder — the difference. The TEA1 backdoor (2023), TEA2 in the German emergency-services network (128-bit, not crackable), OTAR key management and what SDR users can actually see.
Demodulator vs. decoder — the difference
In the TETRA SDR world these terms are often confused — but they describe two fundamentally different steps:
Demodulator: Receives the analogue RF signal, digitises and filters it (AGC, FLL, RRC filter), establishes carrier synchronisation (Costas loop), extracts symbols and delivers a raw TETRA bit stream — no voice data.
Decoder: Reads TETRA protocol layers (MAC, LLC, MLE), recognises channel types, extracts metadata (GSSI, ISSI, network numbers). With unencrypted voice: ACELP codec → audio. With encrypted voice: only metadata is readable.
Decoder: Reads TETRA protocol layers (MAC, LLC, MLE), recognises channel types, extracts metadata (GSSI, ISSI, network numbers). With unencrypted voice: ACELP codec → audio. With encrypted voice: only metadata is readable.
TEA — TETRA Encryption Algorithms
| Algorithm | Status 2026 | Use | Security |
|---|---|---|---|
| TEA1 | COMPROMISED (2023) | Older commercial systems | Claimed 80-bit, effectively only 32-bit — backdoor |
| TEA2 | Secure (current) | Emergency services Germany, European authorities | 128-bit key, no known weakness |
| TEA3 | Secure | Commercial systems outside the EU/US | 128-bit key, similar to TEA2 |
| TEA5/TEA6 | Secure | Newer systems (TETRA Release 2) | 256-bit key |
| Unencrypted | — | Some commercial/local TETRA networks | No protection — fully decodable |
⚠ TEA1 backdoor — ETSI discovery 2023
Researchers from Midnight Blue Security discovered that TEA1 contains a deliberately built-in weakness (by design, for export control). 80-bit key → effectively only 32-bit. Brute force possible on ordinary hardware within minutes. Affected: oil platforms, railways, airports, dam monitoring. Source: TETRA:BURST, CVE-2022-24401 to CVE-2022-24404.
How TEA2 works
TEA2 is a proprietary stream cipher, licensed to device manufacturers only under NDA. What is known:
TEA2 facts: Stream cipher, XORed with a key stream · key length: 128 bit · initialisation vector: frame number + sync data (prevents identical output for the same key) · key exchange via OTAR (over-the-air rekeying) · no publicly known cryptanalysis since introduction
OTAR — over-the-air rekeying
| Component | Function | In Germany |
|---|---|---|
| KMC | Central key management | BDBOS operates the KMC for the emergency-services network |
| SCK | Long-term key, changed infrequently | Stored in devices, updated via OTAR |
| DCK | Session key, new for each connection | Derived from SCK and session parameters |
| GCK | Group key for group calls | Each emergency-services group has its own GCK |
What SDR users can (and cannot) do
| Question | Answer | Reason |
|---|---|---|
| Can TEA2 be cracked with SDR? | No — as of 2026 | 128-bit key, no public cryptanalysis |
| Can the key be read from the device? | No (without a physical hack) | Key stored in a secure enclave |
| How do I recognise TEA2 in the osmo-tetra output? | encrypted=1 | The frame header shows the encryption status |
| What does the cropinghigh plugin show for TEA2? | Metadata, no voice | GSSI, time slot visible — audio stays silent |
| What if osmo-tetra shows MCC=262? | Stop | MCC=262 = Germany, TKG §148 applies |
TEA2 conclusion: Germany's emergency-services digital radio is secured with TEA2 at the current state of the art. There is neither a known cryptographic attack nor a public tool that can break TEA2 without knowing the key. SDR receivers can only see the encrypted bit stream.
osmo-tetra — protocol analysis (advanced)
# install osmo-tetra:
sudo apt install osmo-tetra
# OR from source:
git clone https://gitea.osmocom.org/cellular-infrastructure/osmo-tetra.git
cd osmo-tetra && autoreconf -i && ./configure && make && sudo make install
# In the SDR++ TETRA plugin: enable UDP output → 127.0.0.1:7373
# tetra-rx receives the bit stream from the plugin:
tetra-rx udp://127.0.0.1:7373
# Example output (unencrypted):
# D-MLE-SYNC: MCC=262 MNC=01 LA=1234 ColorCode=3
# D-VOICE: GSSI=1234567 TimeslotNo=1 encrypted=0
# ! If MCC=262: German TETRA network — stop here (TKG §148)
🎯 Aim for an amateur radio licence
The knowledge from this tutorial is a good basis for the exam. Licence → your own call sign → transmit instead of only receiving.
To the licence info →