Russia is decrypting 256-bit radio. Cryptographers HN is it plausible?

9 points by kranke155 ↗ HN
made a new post that's better titled... can't delete this one. https://news.ycombinator.com/item?id=36003391

/ Seems like they've both caught on.. Here is the original post. Not sure if there's a way to merge.

I'm part of a subreddit that reads defence reports and tries to keep up with "credible" news about the War in Ukraine. A newly released report by RUSI (The Royal United Services Institute, the world’s oldest defence and security think tank) says that Russians are now "near real time" decrypting 256-bit Motorola radio communications by Ukrainian forces. Here is the relevant passage. Ukrainian officers recalled one incident in which the Russian headquarters gave pre-emptive warning to its units of an artillery strike based on Ukrainian troops calling in a fire mission. The Ukrainian troops were communicating with Motorola radios with 256-bit encryption, but it appeared that the Russians were able to capture and decrypt these transmissions in near real time. The most likely system for such functions is the Torn-MDM. (57)

They cite two interviews with Ukrainian military personnel and their own analysis of the system as a source:

57. Technical assessment of Torn-MDM conducted in Ukraine, June 2022

Some are saying this is impossible, that near real time decryption of 256-bit encryption is not possible.

I'm not an expert, so I'm punting over to the cryptographers here at HN. Could this be? Is it possible/feasible to do battlefield decryption of 256-bit radio encryption?

I don't know the particular model of the Motorola radio they are referring to.

Here is the report in question. Page 23 https://static.rusi.org/403-SR-Russian-Tactics-web-final.pdf

7 comments

[ 2.6 ms ] story [ 21.4 ms ] thread
There is probably an opsec violation on the part of their target or something wrong with the radio. Che Guevara was using an “unbreakable” one time pad but the US was able to break it because he reused it more than once, so they tracked him down and killed him. The U.S. navy also found it was a problem when they had both a local teletype network with unencrypted messages and a radio teletype with encrypted messages in a ship when electrical signals leaked between the networks.

If you work as a software dev you would be aware that people are able to screw things up in the most incredible ways.

What if the vector is not the messages but a compromised device or other part in the key chain provenance.
It's probably this. If there is some other weakness in their system, I doubt anyone is allowed to tell you if we know. But Russia tends to exaggerate their capabilities to make people not trust their comms, too.

fwiw, I was a 17 alpha.

So people go back to ancient practice and use code books?