Conducted by Chinese security specialists, a new security research has shown there is another way to decrypt satellite phone calls, initially encrypted using the GMR-2 cipher.
Jiao Hu, Ruilin Li and Chaojing Tang have discovered this method, which is also based on a research conducted by academicians from Germany. According to the researchers, attackers can quickly crack encrypted communications and listen in on them in real time.
Last week, security researchers in the International Association for Cryptologic Research (IACR) published a paper, in which they talked about the research focusing on the GMR-2 encryption algorithm. The latter is widely used for encrypting communications and protecting most modern satellite phones from eavesdropping.
Back in 2012, researchers from Germany tried using known-plaintext attacks for recovering the encryption key. However, the Chinese researchers tried reversing the encryption process “to deduce the encryption-key from the output keystream directly.”
In order for this method to work, researches used an inversion attack on a 3.3GHz satellite stream numerous times. Eventually, it would produce the 64-bit encryption key, making it easier to search for the decryption key.
The research paper states: “This indicates that the inversion attack is very efficient and practical which could lead to a real time crack on the GMR-2 cipher. The experimental results on a 3.3GHz platform demonstrate that the 64-bit encryption-key can be completely retrieved in around 0.02s.”
A successfully-pulled attack could enable cybercriminals to crack encrypted communication within less than a second.
Matthew Green, a cryptography teacher at Johns Hopkins University, described the attack being “fast enough to allow key recovery (and decryption) in real time if one could get the known plaintext.”
The research has shown how dangerous such an attack could potentially be, greatly damaging the privacy of satellite phone users. The security of the GMR-2 cipher needs improvement in order to provide safe, confidential communication. As the research noted, “the encryption algorithms in the satellite phones should be strong enough to withstand various eavesdropping risks.”