Science & Enterprise subscription

Follow us on Twitter

  • Another way to connect 100 million people end-to-end with Covid-19 vaccines.
    about 14 hours ago
  • New post on Science and Enterprise: Celebrating the New Administration #Science #Business
    about 20 hours ago
  • A company applying Crispr gene-editing technology to treat inherited heart disease is raising $94 million in its se…
    about 2 days ago
  • New post on Science and Enterprise: Crispr Heart Disease Biotech Raises $94M in New Funds #Science #Business
    about 2 days ago
  • A vaccine protecting against multiple Covid-19 viral variations is in development, with an early-stage clinical tri…
    about 2 days ago

Please share Science & Enterprise

Gaps Found in Satellite Telephone Encryption Algorithms

Inmarsat-3 satellite (


Computer scientists at Ruhr-Universität in Bochum, Germany say they have cracked algorithms of European encryption standards used globally for satellite telephones in less than an hour and with simple equipment. The team from the university’s Horst Görtz Institute for IT Security (HGI) will present the findings of their proof-of-concept tests at the IEEE Symposium on Security and Privacy in May 2012.

Satellite telephony, often considered secure against eavesdropping, is the communications medium of choice when regular landline or mobile phone services are not available, such as on the high seas, in developing areas, or in war zones. These services that connect the user via radio directly to a satellite use encryption standards developed by the European Telecommunications Standards Institute (ETSI), known as A5-GMR-1 and A5-GMR-2.

The team led by HGI’s Benedikt Driessen used commercially available equipment, and randomly selected two widely used satellite phones on the commercial Thuraya satellite telephone network. For each phone, the researchers loaded a firmware update from the provider’s Web site and reconstructed the encryption mechanism.

Their analysis showed that the A5-GMR-1 standard was similar to encryption methods used in everyday Global System for Mobile Communications (GSM) cell phones. The research team verified their analysis by mounting an attack on their own satellite phone conversations. “Since the GSM cipher had already been cracked,” says Driessen “we were able to adopt the method and use it for our attack.”

The researchers have designed, but not yet implemented a similar test of the A5-GMR-2 standard. An extension of that encryption standard, according to the team, is used by satellite phone provider Inmarsat.

So far, the researchers have not been able to eavesdrop or reconstruct a voice call, which requires a separate speech coding scheme. Their work so far, say the researchers, applies only to non-voice data sent over satellite phones, such as SMS and fax that do not need speech coding.

The team says they informed the proper authorities of their findings well in advance. They note that ETSI has taken a new, more open approach to security standards development, using a series of workshops, which discuss recent findings and potential vulnerabilities. They believe this process will lead to a more involved user community and more secure standards.

Read more:

*     *     *

1 comment to Gaps Found in Satellite Telephone Encryption Algorithms