No security threat for Norwegian Public Safety TETRA network - Nødnett
In a statement on the website of the Directorate for Emergency Communication (DNK), it was clearly stated that Nødnett is based on the international TETRA-standard, which is developed specifically for public safety networks.
Aftenposten, the Norwegian news agency, surveyed and revealed an extensive network of secret base stations in Oslo last year. The newspaper recorded a number of places in Oslo with suspicious mobile activity.
The false base stations called called IMSI catcher have been probably used to monitor the movements of ministers, politicians, government officials and ordinary people going in, out and around central state buildings in Oslo.
As an reaction of this incident, Nødnett, the Norwegian multi-agency emergency public safety network, stated that they are not affected by the rogue base stations. Safety mechanisms in Nødnett make sure that rogue base stations will not be able to interfere with communication in Nødnett.
Further in the statement on the website of the Directorate for Emergency Communication (DNK), it was clearly stated that Nødnett is based on the international TETRA-standard, which is developed specifically for public safety networks. There are strong built-in security mechanisms in TETRA. Mutual authentication between radio terminals and base stations, encryption of the air interface and end-to-end encryption are examples.
In Nødnett, as opposed to GSM networks, there is mutual authentication between base stations and radio terminals. All communication is encrypted. In this process the base station checks that the radio terminal is valid (authenticated) before contact is enabled. Information can then be transferred securely to the intended receiver.
The information on the TETRA network is encrypted, therefore intruders are not able to intercept the traffic between the radio terminal and the base station. Mutual Authentication is a service required to ensure that a TETRA system can control access to it and for a radio terminal to check if a network can be trusted. In TETRA, as in most other secure systems, authentication is the basis for much of overall network security and can also be used to ensure validated billing in public access systems, and can provide the foundation for a secure distribution channel for sensitive information such as other encryption keys. The mutual authentication security mechanisms protect both Voice and Data services.