Satellite phone encryption hacked under one hour

By on February 12, 2012
submit to reddit

For science, of course.

A group of researchers from the Horst Görtz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB) were commissioned by the European Telecommunications Standards Institute (ETSI) to crack the encryption algorithms of Satellite Telecoms.

The researchers used readily available hardware and open source software to crack the A5-GMR-1 encryption within 1 hour. All they used were two satellite phones, Thuraya SO-2510 and Inmarsat IsatPhone PRO that use the GMR-1 and GMR-2 algorithms for encryption. First they reconstructed the encryption algorithm from the firmware of each phone. They then created an antenna that was connected to a  USRP (programmable radio hardware) hooked up to a PC. The computer in turn was using GNURadio and OsmocomGMR to capture and decode the data.

Using this they created an attack on their call using their two satellite phones, to break the encryption algorithm. Admittedly they haven’t been able to eavesdrop on voice calls yet as the decoding of speech-codec requires manual workarounds. But SMS and Fax doesn’t require such codec, and work directly on the GMR-1 algorithms. “We were surprised by the total lack of protection measures, which would have complicated our work drastically,” said Carsten Willems of the Chair for System Security (Prof. Holz) at the RUB.

Nobody's safe!

Esentially the researchers set out to prove that even one of the most “secure” forms of telecommunication isn’t actually safe. “Our results show that the use of satellite phones harbours dangers and the current encryption algorithms are not sufficient,” emphasized Ralf Hund of the Chair for System Security at the RUB. Currently there are now safeguards against the decoding of this encryption, and with more effort, it’s entirely possible to actually listen in on conversations.

The end result of the research: “Since users cannot rely on their security against interception, similar to the security of standard cell phones, they will have to wait for the development of new technologies and standards, or make use of other means of communication for confidential calls.”


About

From auditing to editing, I now test and analyze the latest gadgets and games instead of the latest financial statements. Both jobs are equally intense and rewarding. When I'm not burning up hardware in the name of science, you'll find me nuking in DOTA 2 or engineering in TF2.

Comments
Most Read
Most Commented
Competitions
Win two Toshiba AT200 tablets

This festive season Toshiba has 2 tablets to giveaway.

Win an MSI FM2-A85XA-G65 Motherboard

Thanks to MSI we have an great AMD FM2 motherboard to giveaway.

Win a Nokia Asha 311

Thanks to Nokia we have a great entry-level smartphone to giveaway.