Scientists crack satellite telephony security codeFebruary 9th, 2012 - 4:59 pm ICT by IANS
London, Feb 9 (IANS) Satellite telephony is believed to be impregnable and perfectly foolproofed against eavesdropping. But, researchers now have cracked the encryption algorithms of the European Telecommunications Standards Institute (ETSI), which is used globally for satellite phones, and revealed significant weaknesses.
In less than an hour, and with simple equipment, scientists found the crypto key which is needed to intercept telephone conversations. Using open-source software and building on their previous research results, they were able to exploit the security weaknesses.
In some regions of the world, standard cell phone communication is still not available. In war zones, developing countries and on the high seas, satellite phones are used instead.
Here, the telephone is connected via radio directly to a satellite. This passes the incoming call to a station on the ground. From there, the call is fed into the public telephone network. So far this method, with the ETSI’s encryption algorithms A5-GMR-1 and A5-GMR-2, was considered secure.
For their project, the inter-disciplinary group of researchers from the Horst Gortz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB), Germany, used commercially available equipment, and randomly selected two widely used satellite phones.
A simple firmware update was then loaded from the provider’s website for each phone and the encryption mechanism reconstructed, according to a university statement.
Based on the analysis, the encryption of the GMR-1 standard demonstrated similarities to the one used in GSM, the most common mobile phone system.
“Since the GSM cipher had already been cracked, we were able to adopt the method and use it for our attack,” explained Benedikt Driessen, from the Embedded Security at the RUB.
To verify the results in practice, the research group recorded their own satellite phone conversations and developed a new attack based on the analysis.
“We were surprised by the total lack of protection measures, which would have complicated our work drastically,” said Carsten Willems, also from RUB.
Encryption algorithms are implemented to protect the privacy of the user.
“Our results show that the use of satellite phones harbours dangers and the current encryption algorithms are not sufficient”, emphasized Ralf Hund of RUB.
- German scientist cracks secret mobile phone code - Dec 30, 2009
- Motorola Unwraps Droid Pro To take On RIM - Oct 06, 2010
- MP3 can cost you your car - Mar 17, 2011
- Scientists unravel how nose differentiates smell - Dec 30, 2011
- Coming soon: Stronger, more effective password protection - Apr 21, 2011
- We don't have 'master key' to access encrypted data: BlackBerry (Lead) - Aug 27, 2010
- BlackBerry standoff: Some questions and answers - Aug 22, 2010
- Nortel's GSM business also on auction block - Oct 02, 2009
- BlackBerry says no 'master key' to access encrypted data - Aug 27, 2010
- NASA loses command codes to control space station - Mar 02, 2012
- New encoding for foolproof email security - Sep 11, 2012
- BlackBerry says India can't access encrypted data - Dec 31, 2010
- Satellite phones to help Bihar fight Maoists, floods - Apr 23, 2012
- Blackberry manufacturer set Aug 31 deadline - Aug 12, 2010
- BlackBerry draws 'a firm line' on access to key services - Aug 13, 2010
Tags: available equipment, crypto key, disciplinary group, encryption algorithms, european telecommunications, firmware update, gortz, london feb, mobile phone system, open source software, phone communication, phone conversations, public telephone network, ruhr university bochum, satellite phone, satellite phones, satellite telephony, security weaknesses, telephone conversations, telephony security