Stories
Slash Boxes
Comments

SoylentNews is people

Satellite Phone Communications Can be Decrypted in Near Real-Time

posted by Fnord666 on Friday July 07 2017, @07:52PM   Printer-friendly
from the wishful-thinking dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved.

The GMR-2 is a stream cipher with 64-bit key-length.

"Generally speaking, stream ciphers firstly generate keystreams by implementing a series of complex cryptographic transformation on the initial vectors and the encryption-key, and then XOR the keystreams with plaintexts to obtain the ciphertexts. Therefore, to resist known plaintext attack, a vital requirement of stream ciphers is the one-way property, i.e., it must be difficult for the adversary to derive the encryption-key from the keystream through inversion procedure," the researchers explained.

Currently, the phones of British satellite telecom Inmarsat use the GMR-2 standard, and those of United Arab Emirates-based satellite phone provider Thuraya use the (competing) GMR-1 standard.

[...] "With respect to the GMR-2 cipher, in a known-plaintext setting where approximately 50–65 bytes plaintext are known to the attacker, it is possible to recover a session key with a moderate computational complexity, allowing the attack to be easily performed with a current PC," they demonstrated at the time.

Source: https://www.helpnetsecurity.com/2017/07/07/satellite-phone-communications-decrypted/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Satellite Phone Communications Can be Decrypted in Near Real-Time | Log In/Create an Account | Top | 3 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by MrGuy on Friday July 07 2017, @08:04PM (2 children)

    by MrGuy (1007) on Friday July 07 2017, @08:04PM (#536249)

    People don't use satellite phones because they're more secure than cellphones. They use satellite phones because they work in places cellphones don't.

    Is it a problem that GMR-2 (the cypher used by satellite phones) has been broken? Yeah, it probably is.

    But it's a way, way bigger problem for almost anyone who uses a cellphone that A5/1 [wikipedia.org], which is the cypher used by most cellphones, has ALSO been broken, and has been broken for years (since 2009). And the industry has made no movement to anything more secure (reportedly partially due to pressure from state actors who worry about cellphones becoming too secure to crack).

    Bad as I feel for people who own satphones, I can't get a ton of outrage up for them when me and the other 99.5% of the mobile calling public have been in the same boat for years. I'd much rather see some effort put into getting A5/1 fixed before I care too much about GMR-2.

    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Informative=1, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 0) by Anonymous Coward on Friday July 07 2017, @11:55PM (1 child)

    by Anonymous Coward on Friday July 07 2017, @11:55PM (#536324)

    "The algorithm as now fielded is a French design." I.e. bolloxed up by the French.

    • (Score: 2) by kaszz on Saturday July 08 2017, @01:52AM

      by kaszz (4211) on Saturday July 08 2017, @01:52AM (#536361) Journal

      France requires explicit permission for exportation and importation of cryptographic tools. So they are for practical purposes a 3rd world country when it comes to cryptography.

      What algorithm and key size does GMR-1 use?

      Anyway "64-bit key-length" in 2017 says it all. Fucking morons.