Breaking NATO Radio Encryption [video]

A recent presentation at the 38th Chaos Communication Congress (38c3) highlighted significant vulnerabilities in the HALFLOOP-24 encryption algorithm, which is utilized by NATO and the US military for high-frequency radio communications. The research indicates that an attacker can recover the secret key with just two hours of intercepted radio traffic, undermining the security of the automatic link establishment (ALE) protocol. HALFLOOP-24, standardized in 2017, was designed to enhance the security of ALE frames, which protect against unauthorized access and traffic analysis. However, flaws in the algorithm's handling of tweaks allow for differential cryptanalysis, enabling attackers to bypass substantial portions of the encryption process. This vulnerability not only compromises the confidentiality of ALE handshake messages but also facilitates denial-of-service attacks. The findings are detailed in two research papers titled "Breaking HALFLOOP-24" and "Destroying HALFLOOP-24," which build upon earlier work on the SoDark cipher, the predecessor to HALFLOOP. The implications of these vulnerabilities raise concerns about the security of military communications and the need for more robust encryption standards.

- HALFLOOP-24 encryption used by NATO and the US military has critical vulnerabilities.

- An attacker can recover the secret key with only two hours of intercepted traffic.

- The algorithm's flaws allow for differential cryptanalysis, compromising communication security.

- The findings are documented in two research papers that build on previous work on the SoDark cipher.

- The vulnerabilities highlight the need for improved encryption standards in military communications.