Submitted via IRC for TheMightyBuzzard
Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved.
The GMR-2 is a stream cipher with 64-bit key-length.
"Generally speaking, stream ciphers firstly generate keystreams by implementing a series of complex cryptographic transformation on the initial vectors and the encryption-key, and then XOR the keystreams with plaintexts to obtain the ciphertexts. Therefore, to resist known plaintext attack, a vital requirement of stream ciphers is the one-way property, i.e., it must be difficult for the adversary to derive the encryption-key from the keystream through inversion procedure," the researchers explained.
Currently, the phones of British satellite telecom Inmarsat use the GMR-2 standard, and those of United Arab Emirates-based satellite phone provider Thuraya use the (competing) GMR-1 standard.
[...] "With respect to the GMR-2 cipher, in a known-plaintext setting where approximately 50–65 bytes plaintext are known to the attacker, it is possible to recover a session key with a moderate computational complexity, allowing the attack to be easily performed with a current PC," they demonstrated at the time.
Source: https://www.helpnetsecurity.com/2017/07/07/satellite-phone-communications-decrypted/
(Score: 0) by Anonymous Coward on Friday July 07 2017, @11:55PM (1 child)
"The algorithm as now fielded is a French design." I.e. bolloxed up by the French.
(Score: 2) by kaszz on Saturday July 08 2017, @01:52AM
France requires explicit permission for exportation and importation of cryptographic tools. So they are for practical purposes a 3rd world country when it comes to cryptography.
What algorithm and key size does GMR-1 use?
Anyway "64-bit key-length" in 2017 says it all. Fucking morons.