Decrypting Satellite Phones

Tuesday, July 11, 2017 @ 10:07 AM gHale

Once thought of as a secure communications method, satellite phones encrypted with the GMR-2 cipher can end up decrypted in the blink of an eye, researchers said.

GMR-2 is a stream cipher with 64-bit key-length.

UK Man Admits Stealing Satellite Data
Boosting Critical Infrastructure GPS Ops
Android Ransomware Copies WannaCry
Petya Malware Variant Alert Released
Ransomware Attack Part II

“Generally speaking, stream ciphers firstly generate keystreams by implementing a series of complex cryptographic transformation on the initial vectors and the encryption-key, and then XOR the keystreams with plaintexts to obtain the ciphertexts. Therefore, to resist known plaintext attack, a vital requirement of stream ciphers is the one-way property, i.e., it must be difficult for the adversary to derive the encryption-key from the keystream through inversion procedure,” said researchers Jiao Hu, Ruilin Li and Chaojing Tang from the School of Electronic Science and Engineering, National University of Defense Technology, Changsha, China, in a paper.

Currently, the phones of British satellite telecom Inmarsat use the GMR-2 standard, and those of United Arab Emirates-based satellite phone provider Thuraya use the (competing) GMR-1 standard.

Details about the GMR-1 and the GMR-2 cipher were not publicly known, but in 2012, a group of German researchers reverse engineered them, and found they are considerably weaker than state-of-the-art ciphers.

The Chinese researchers said their attack allows de facto real-time decryption of target communications.

They did not opt for a known plaintext attack to recover the encryption key – instead, they tried, and succeeded, to reverse the encryption procedure so they could extrapolate the encryption key directly from the output keystream.

“Our analysis shows that, using the proposed attack, the exhaustive search space for the 64-bit encryption key can be reduced to about 2(13) when one frame (15 bytes) keystream is available,” they said. “(…) the proposed attack are carried out on a 3.3GHz platform, and the experimental results demonstrate that the 64-bit encryption key could be recovered in around 0.02s on average.”

“Given that the confidentiality is a very crucial aspect in satellite communications, the encryption algorithms in the satellite phones should be strong enough to withstand various eavesdropping risks,” they said.

Flaws found in the GMR-2 cipher should spur satellite phone providers to upgrade to more secure cryptographic modules, the researchers said.

Leave a Reply

You must be logged in to post a comment.