The interview that is linked[0] in the footnotes of the article with the person from ETSI is absolutely wild... Some excerpts:
> kz (interviewer): How did it go about meeting those requirements, because that's the one they're saying has a backdoor in it. Was that the condition for export?
> BM (ETSI): Backdoor can mean a couple of things I think. Something like you'd stop the random number generator being random, for instance. [But] what I think was revealed [by the researchers] was that TEA1 has reduced key-entropy. So is that a backdoor? I don't know. I'm not sure it's what I would describe as a backdoor, nor would the TETRA community I think.
...
> KZ: People ... believe they're getting an 80-bit key and they're not.
> BM: Well it is an 80-bit long key. [But] if it had 80 bits of entropy, it wouldn't be exportable.
...
> kz: You're saying 25 years ago 32 bit would have been secure?
> BM: I think so. I can only assume. Because the people who designed this algorithm didn't confer with what was then EP-TETRA [ETSI Project-TETRA is the name of the working group that oversaw the development of the TETRA standard]. We were just given those algorithms. And the algorithms were designed with some assistance from some government authorities, let me put it that way.
...
> bm: That's what we now know yeah - that it did have a reduced key length.
> KZ: What do you mean we now know? SAGE created this algorithm but the Project-TETRA people did not know it had a reduced key?
> BM: That's correct. Not before it was delivered. Once the software had been delivered to them under the confidential understanding, that's the time at which they [would have known].
...
You've really got to wonder who at ETSI gave the thumbs up on doing this interview.
The researchers added a footnote explicitly refuting the claim that 32 bit keys were secure 25 years ago, too.
> The Midnight Blue researchers have since demonstrated real-life exploitations of some of the vulnerabilities, for example at the 2023 Blackhat Conference in Las Vegas (USA). They have shown that TETRA communications secured with the TEA1 encryption algorithm can be broken in one minute on a regular commercial laptop and in 12 hours on a classic laptop from 1998 [III].
In the mid-late 90s, 40-bit encryption was common due to US export control restrictions, and even then, that was thought to be insecure against a nation state attacker.
In 1998, the EFF built a custom DES Cracker[0] for around $250k that could crack a 56-bit DES message in around 1 week. As was the custom at the time, they published the source code, schematics, and VHDL source in a printed book to evade (and, I guess, mock) export restrictions.
(If that's the case I'm thinking of) it was actually documented as a challenge to export restrictions, mocking them was merely a pleasant byproduct.
The EFF's legal challenge was essentially that if crypto is a munition, then this printed book explaining the crypto is also at least as much of a munition, if not more so. They gave the judge the choice between deciding that a printed book is some sort of deadly tool, or deciding that crypto wasn't conceptually a munition. Strangely, the judge ruled in the EFF's favor.
> kz (interviewer): How did it go about meeting those requirements, because that's the one they're saying has a backdoor in it. Was that the condition for export?
> BM (ETSI): Backdoor can mean a couple of things I think. Something like you'd stop the random number generator being random, for instance. [But] what I think was revealed [by the researchers] was that TEA1 has reduced key-entropy. So is that a backdoor? I don't know. I'm not sure it's what I would describe as a backdoor, nor would the TETRA community I think.
...
> KZ: People ... believe they're getting an 80-bit key and they're not.
> BM: Well it is an 80-bit long key. [But] if it had 80 bits of entropy, it wouldn't be exportable.
...
> kz: You're saying 25 years ago 32 bit would have been secure?
> BM: I think so. I can only assume. Because the people who designed this algorithm didn't confer with what was then EP-TETRA [ETSI Project-TETRA is the name of the working group that oversaw the development of the TETRA standard]. We were just given those algorithms. And the algorithms were designed with some assistance from some government authorities, let me put it that way.
...
> bm: That's what we now know yeah - that it did have a reduced key length.
> KZ: What do you mean we now know? SAGE created this algorithm but the Project-TETRA people did not know it had a reduced key?
> BM: That's correct. Not before it was delivered. Once the software had been delivered to them under the confidential understanding, that's the time at which they [would have known].
...
You've really got to wonder who at ETSI gave the thumbs up on doing this interview.
0 - https://www.zetter-zeroday.com/p/interview-with-the-etsi-sta...