Researchers crack satellite encryption

Researchers at a university in Bochum, Germany claim to have cracked encryption algorithms of the European Telecommunications Standards Institute (ETSI) that are used to secure certain civilian satellite phone communications.

More news: Hacking stunt: stealing smartphone crypto keys using plain old radio

The Ruhr University Bochum's (RUB) Horst Görtz Institute for IT-security today issued an announcement detailing how researchers there have broken encryption algorithms known as A5-GMR-1 and A5-GMR-2 that are used to secure civilian communications between mobile phones and satellites based on the GMR-1 and GMR-2 satphone standards. The researchers explained that in some regions of the world standard cell phone communication is still not available, so "in war zones, developing countries and on the high seas, satellite phones are used instead."

The group of RUB scientists there said they simply used generally-available phone equipment and found the crypto key and managed to break it fairly easily by analyzing the software running on the satphones, in this case the Thuraya SO-2510 and inmarsat IsatPhone PRO.

"We have performed mathematical analysis and discovered serious weaknesses, which is documented here," the researchers note in their announcement. The RUB researchers include Benedikt Driessen, Ralf Hund, Carsten Willems, Christof Paar, and Thorsten Holz.

According to the university's announcement about their research, they used open-source software, a special antenna and a PC as part of the research to capture and demodulate speech data, and then processed the captured data through an implementation of an attack they'd conceived to break the crypto.

They did point out that in terms of real-world attacks, there were limits to their experiments. Although they say they can decrypt communications secured according to the GMR-1 standard, there were still some barriers that prevented a full disclosure of a voice conversation. Based on an experiment with the Thuraya network, which makes use of GMR-1, the researcher say they weren't able to reproduce the voice conversation in their own downlink because the speech-codec for GMR-1 is "currently unknown, we were not able to actually reproduce the conversation that took place."

The researchers said they had informed authorities well in advance of their announcement today. "Our results show that the use of satellite phones harbors dangers and the current encryption algorithms are not sufficient," said Ralf Hund, chair of system security at RUB. The researchers indicated, "There is, as yet, no alternative to the current standards."

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Fraud Management Solutions

Reduce fraud losses regardless of channel by preventing cybercrime, identity theft, and other threats targeting your customers.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.