Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved.
The GMR-2 is a stream cipher with 64-bit key-length.
"Generally speaking, stream ciphers firstly generate keystreams by implementing a series of complex cryptographic transformation on the initial vectors and the encryption-key, and then XOR the keystreams with plaintexts to obtain the ciphertexts. Therefore, to resist known plaintext attack, a vital requirement of stream ciphers is the one-way property, i.e., it must be difficult for the adversary to derive the encryption-key from the keystream through inversion procedure," the researchers explained.
Currently, the phones of British satellite telecom Inmarsat use the GMR-2 standard, and those of United Arab Emirates-based satellite phone provider Thuraya use the (competing) GMR-1 standard.
[...] "With respect to the GMR-2 cipher, in a known-plaintext setting where approximately 50–65 bytes plaintext are known to the attacker, it is possible to recover a session key with a moderate computational complexity, allowing the attack to be easily performed with a current PC," they demonstrated at the time.
(Score: 2) by MrGuy on Friday July 07, @08:04PM
People don't use satellite phones because they're more secure than cellphones. They use satellite phones because they work in places cellphones don't.
Is it a problem that GMR-2 (the cypher used by satellite phones) has been broken? Yeah, it probably is.
But it's a way, way bigger problem for almost anyone who uses a cellphone that A5/1 [wikipedia.org], which is the cypher used by most cellphones, has ALSO been broken, and has been broken for years (since 2009). And the industry has made no movement to anything more secure (reportedly partially due to pressure from state actors who worry about cellphones becoming too secure to crack).
Bad as I feel for people who own satphones, I can't get a ton of outrage up for them when me and the other 99.5% of the mobile calling public have been in the same boat for years. I'd much rather see some effort put into getting A5/1 fixed before I care too much about GMR-2.
