Science & Enterprise subscription

Follow us on Twitter

  • Statista published a map yesterday showing the states in the U.S. with the highest rates of diabetes, this weekend'… https://t.co/NcGZkMS9xl
    about 22 hours ago
  • New post on Science and Enterprise: Infographic – Highest Diabetes Rates in U.S. https://t.co/cyC9OBviUQ #Science #Business
    about 23 hours ago
  • FDA today approved a treatment for spinal muscular atrophy in young children that replaces a faulty gene in motor n… https://t.co/C8uIamFD3C
    about 2 days ago
  • New post on Science and Enterprise: FDA Approves Rare Infant Disease Gene Therapy https://t.co/wqx9iCTxVe #Science #Business
    about 2 days ago
  • FDA Approves First Mesothelioma Treatment in 15 Years https://t.co/PnKrL24HW0 via @medscape ATTN: @innerarchitect @deansguide
    about 2 days ago

Please share Science & Enterprise

RSS
Follow by Email
Facebook
Facebook
Google+
Twitter
Visit Us
LinkedIn
INSTAGRAM

Gaps Found in Satellite Telephone Encryption Algorithms

Inmarsat-3 satellite (NASA.gov)

(NASA.gov)

Computer scientists at Ruhr-Universität in Bochum, Germany say they have cracked algorithms of European encryption standards used globally for satellite telephones in less than an hour and with simple equipment. The team from the university’s Horst Görtz Institute for IT Security (HGI) will present the findings of their proof-of-concept tests at the IEEE Symposium on Security and Privacy in May 2012.

Satellite telephony, often considered secure against eavesdropping, is the communications medium of choice when regular landline or mobile phone services are not available, such as on the high seas, in developing areas, or in war zones. These services that connect the user via radio directly to a satellite use encryption standards developed by the European Telecommunications Standards Institute (ETSI), known as A5-GMR-1 and A5-GMR-2.

The team led by HGI’s Benedikt Driessen used commercially available equipment, and randomly selected two widely used satellite phones on the commercial Thuraya satellite telephone network. For each phone, the researchers loaded a firmware update from the provider’s Web site and reconstructed the encryption mechanism.

Their analysis showed that the A5-GMR-1 standard was similar to encryption methods used in everyday Global System for Mobile Communications (GSM) cell phones. The research team verified their analysis by mounting an attack on their own satellite phone conversations. “Since the GSM cipher had already been cracked,” says Driessen “we were able to adopt the method and use it for our attack.”

The researchers have designed, but not yet implemented a similar test of the A5-GMR-2 standard. An extension of that encryption standard, according to the team, is used by satellite phone provider Inmarsat.

So far, the researchers have not been able to eavesdrop or reconstruct a voice call, which requires a separate speech coding scheme. Their work so far, say the researchers, applies only to non-voice data sent over satellite phones, such as SMS and fax that do not need speech coding.

The team says they informed the proper authorities of their findings well in advance. They note that ETSI has taken a new, more open approach to security standards development, using a series of workshops, which discuss recent findings and potential vulnerabilities. They believe this process will lead to a more involved user community and more secure standards.

Read more:

*     *     *

Please share Science & Enterprise ...
error

1 comment to Gaps Found in Satellite Telephone Encryption Algorithms