Full details will be revealed in a new report due to be published on the university website in the next 24 hours: ‘Don’t trust satellite phones.’ Meanwhile, the researchers gave Infosecurity sight of the report’s abstract.
“We describe the details of the recovery of the two algorithms from freely available DSP-firmware updates for satphones, which included the development of a custom disassembler and tools to analyze the code,” it says. “Perhaps somewhat surprisingly, we found that the GMR-1 cipher can be considered a proprietary variant of the GSM A5/2 algorithm, whereas the GMR-2 cipher is an entirely new design... A major finding of our work is that the stream ciphers of the two existing satellite phone systems are considerably weaker than what is state-of- the-art in symmetric cryptography.”
A report in the Telegraph says that “Mr Driessen told The Telegraph that the equipment and software needed to intercept and decrypt satellite phone calls from hundreds of thousands of users would cost as little as $2,000. His demonstration system takes up to half an hour to decipher a call, but a more powerful computer would allow eavesdropping in real time.”
Bjoern Rupp, CEO at GSMK Cryptophone, warns that “This breakthrough has major implications for the military, civilians engaged on overseas operations, or indeed anyone using satellite phones to make sensitive calls in turbulent areas.” Since the broken ciphers are used by many geostationary satellite networks, each one covering vast geographical areas, it would be “easily possible to listen to a huge number of confidential satellite calls from your continent with only modest technical effort.”
The effect, he adds, “could pose a considerable threat to the armed forces and civilians alike,” and highlights “the need for strong end-to-end encryption.”
It is also a wake-up call for ETSI, the organization that sets the telecommunications standards that it is time to stop obfuscating and start updating its satellite encryption.