In 1995, the European Telecommunications Standards Institute (ETSI) released the TETRA (Terrestrial Trunked Radio) standard, which has been widely used by police, military, and critical infrastructure agencies in various countries around the world. However, researchers discovered in 2023 that the encryption algorithms within the TETRA standard (such as TEA1) have serious vulnerabilities that could be exploited to decrypt communication content, and may even have been intentionally implanted with backdoors. This vulnerability could be used for eavesdropping on communications, understanding system operations, and even sending commands to manipulate critical infrastructure (such as power grids, railways, public transportation, etc.).
Although ETSI denies the term ‘backdoor’, claiming that its design is due to export control needs, researchers have found through reverse engineering and analysis that this vulnerability may have been maliciously exploited.
Historically, similar ‘backdoor’ incidents are not uncommon. For example, in 1999, the RSA encryption algorithm was accused of having backdoor controversies, which, although unproven, raised public concerns about the security of encryption algorithms. Additionally, cases such as the NSA’s BULLRUN project and AT&T’s TSD3600 chip are also considered typical examples of backdoors in encryption systems. These incidents indicate that the security of encryption systems relies not only on the algorithms themselves but also on the transparency of their design, implementation, and management.