Hi!
My name is Marius and yesterday, though I was in a hurry to catch my train back to HL, I was in Harald's ETSI Tetra presentation. It was great; and I do have a USRP2, portable power supply, a sailing license (there're these big coast-guard towers here). Any implications are theoretically of course at this point.
Just a small question: can one expect legal trouble if... accidently though... some Tetra signals found their way into a GR cfile onto some web server and would be shared (here)? Afaik it's not excactly ISM band.
And to the second question: what was the name of the recommendable book, that was not marketing foo? I'd like to give the cryptanalysis a try, but before I can say that I have to look at the standards and algorithms.
Did anyone already review that? I know that Stephen Glass of the OP25 project did some research on APCO 25. - Which isn't ETSI.
Best, Marius
Hi,
Just a small question: can one expect legal trouble if... accidently though... some Tetra signals found their way into a GR cfile onto some web server and would be shared (here)?
Depends on your local laws. And on the content of the trace as well probably.
If there is only broadcast info, I don't think that's a problem. If OTOH there is some cleartext traffic then it probably violates some privacy intrusion law. And if it's not private but law enforcement, then other laws probably supercedes the 'normal' case ...
(IANAL,statements based on my understanding of Belgian law which may not be applicable)
I'd like to give the cryptanalysis a try, but before I can say that I have to look at the standards and algorithms.
Did you miss the part about the algorithm being secret and never leaked ?
We have no idea what TEA{1,2,3,4} are so there is no public analysis of them ...
Cheers,
Sylvain Munaut
On Mon, April 25, 2011 2:03 pm, Sylvain Munaut wrote:
Hi,
Just a small question: can one expect legal trouble if... accidently though... some Tetra signals found their way into a GR cfile onto some web server and would be shared (here)?
If there is only broadcast info, I don't think that's a problem. If OTOH there is some cleartext traffic then it probably violates some privacy intrusion law.
My question was more related to the listening freqs. I don't have any interest on priviate contents. And furthermore these can be deleted.
Did you miss the part about the algorithm being secret and never leaked ?
We have no idea what TEA{1,2,3,4} are so there is no public analysis of them ...
Nope I didn't miss that. Chosen Ciphertext or Known Plaintext attacks might still proof some valueable points. Actually otherwise this would be less interesting.
Best, Marius
Nope I didn't miss that. Chosen Ciphertext or Known Plaintext attacks might still proof some valueable points. Actually otherwise this would be less interesting.
Well, yeah but how would you get chosen / known plaintext ?
You can't really buy equipment that has TEA support in theory, its distribution is limited. Finding TETRA stuff is already not trivial, but finding some that has TEA is even harder.
It's sometime possible to find just the FW files from some "shady connections", but it's unclear if they'd work or if they depend on some HW feature and at > 200 eur per handset not many people are ready to risk bricking them for experiments :p
And even then you often don't control enough to know / choose what it sends.
Definitely quite a challenge :) But yeah can be fun if you can afford it.
Cheers,
Sylvain
Hello Sylvain,
On Mon, 25 Apr 2011 14:23:03 +0000, 246tnt@gmail.com wrote:
It's sometime possible to find just the FW files from some "shady connections", but it's unclear if they'd work or if they depend on some HW feature and at > 200 eur per handset not many people are ready to risk bricking them for experiments :p
You can buy handsets with TEA on ebay, you can even buy TEA firmware files for certain handsets on ebay (TEA1, TEA2 and TEA3) are available.
I don't know if selling the firmware files is perfectly legal and I don't want to discuss this. But having a handset with TEA firmware does not help much, at least not for Motorola handsets. The reason is that there seems to be no obvious way to put know keys into the handset. From what I heared there seems to exist some sort of obfuscated/encrypted key file which can transfer keys to a handset but I never seen one of those files.
If anyone knows more details and/or has a key file with know keys, please let me know.
Best regards, Dieter
Hi Marius,
On Mon, Apr 25, 2011 at 01:32:16PM -0000, Marius Ciepluch wrote:
Just a small question: can one expect legal trouble if... accidently though... some Tetra signals found their way into a GR cfile onto some web server and would be shared (here)? Afaik it's not excactly ISM band.
This is highly dependent on your jurisdiction and its local laws.
We at the OsmocomTETRA project provide only software and no actual communications traces.
In Germany I can think of some legal issues related to this, mostly
Paragraph 89 Telekommunikationsgesetz:
=============== § 89 Abhörverbot, Geheimhaltungspflicht der Betreiber von Empfangsanlagen
Mit einer Funkanlage dürfen nur Nachrichten, die für den Betreiber der Funkanlage, Funkamateure im Sinne des Gesetzes über den Amateurfunk vom 23. Juni 1997 (BGBl. I S. 1494), die Allgemeinheit oder einen unbestimmten Personenkreis bestimmt sind, abgehört werden. Der Inhalt anderer als in Satz 1 genannter Nachrichten sowie die Tatsache ihres Empfangs dürfen, auch wenn der Empfang unbeabsichtigt geschieht, auch von Personen, für die eine Pflicht zur Geheimhaltung nicht schon nach § 88 besteht, anderen nicht mitgeteilt werden. § 88 Abs. 4 gilt entsprechend. Das Abhören und die Weitergabe von Nachrichten auf Grund besonderer gesetzlicher Ermächtigung bleiben unberührt. ===============
So generally you are not allowed to receive communication that is not destined/intended for * the operator of the radio receiver, or * a licensed radio amateur, or * the general public, or * an undefined group of people (i.e. not destined for anyone in particular)
Even if you unintentionally receive such messages, you are not permitted to tell other people of the content of those messages - not even the fact that you have received them.
Interesting in connection with this is also § 206 StGB:
=============== § 206 Verletzung des Post- oder Fernmeldegeheimnisses
(1) Wer unbefugt einer anderen Person eine Mitteilung über Tatsachen macht, die dem Post- oder Fernmeldegeheimnis unterliegen und die ihm als Inhaber oder Beschäftigtem eines Unternehmens bekanntgeworden sind, das geschäftsmäßig Post- oder Telekommunikationsdienste erbringt, wird mit Freiheitsstrafe bis zu fünf Jahren oder mit Geldstrafe bestraft.
(2) Ebenso wird bestraft, wer als Inhaber oder Beschäftigter eines in Absatz 1 bezeichneten Unternehmens unbefugt
1. eine Sendung, die einem solchen Unternehmen zur Übermittlung anvertraut worden und verschlossen ist, öffnet oder sich von ihrem Inhalt ohne Öffnung des Verschlusses unter Anwendung technischer Mittel Kenntnis verschafft, 2. eine einem solchen Unternehmen zur Übermittlung anvertraute Sendung unterdrückt oder 3. eine der in Absatz 1 oder in Nummer 1 oder 2 bezeichneten Handlungen gestattet oder fördert.
(3) Die Absätze 1 und 2 gelten auch für Personen, die 1. Aufgaben der Aufsicht über ein in Absatz 1 bezeichnetes Unternehmen wahrnehmen, 2. von einem solchen Unternehmen oder mit dessen Ermächtigung mit dem Erbringen von Post- oder Telekommunikationsdiensten betraut sind oder 3. mit der Herstellung einer dem Betrieb eines solchen Unternehmens dienenden Anlage oder mit Arbeiten daran betraut sind.
(5) Dem Postgeheimnis unterliegen die näheren Umstände des Postverkehrs bestimmter Personen sowie der Inhalt von Postsendungen. Dem Fernmeldegeheimnis unterliegen der Inhalt der Telekommunikation und ihre näheren Umstände, insbesondere die Tatsache, ob jemand an einem Telekommunikationsvorgang beteiligt ist oder war. Das Fernmeldegeheimnis erstreckt sich auch auf die näheren Umstände erfolgloser Verbindungsversuche. ===============
If you read this carefully, you will note "(3) 3." which clearly extends the scope of this law to "Individuals, who are entrusted/assigned to the operation of, manufacturing of or other work with a communications device of a telecommunications operator"
So to me (IANAL) tihs means:
1) accidential reception should not be a legal offence 2) sharing/relaying/publishing the content of the communication or even the fact that a communication took place is definitely a legal offence, possibly against two separate laws
The most interesting question is: The laws mostly talk about communications between people. I wonder how much of it applies for communication between machines, such as the general broadcast/signalling traffic that is unrelated to an actual user-generated voice, text or packet data content.
Also, what about M2M communication.
I guess I will have to ask some of my lawyer friends ;)
And to the second question: what was the name of the recommendable book, that was not marketing foo?
Digital mobile communications and the TETRA system By John Dunlop, Demessie Girma, James Irvine; published by Wiley.
http://books.google.com/books?printsec=frontcover&id=Kr3ori9Ify4C
Sells roughly between 130 and 200 USD. The first chapters are again general marketing / high-level foobar, but after that it walks you through the air interface, the PHY layer, MAC layer, etc.
-
246tnt@gmail.com -
Dieter Spaar -
Harald Welte -
Marius Ciepluch -
Sylvain Munaut