Security researchers have discovered a new method to decrypt satellite phone calls encrypted with “GMR-2 cipher” in real time – which is to say in mere fractions of a second.
The new attack method has been found by two Chinese security researchers and is based on previous research by German academicians in 2012, showing that the phone’s encryption can be dissolved so quickly that attacks can listen to calls while they’re happening.
The research, published in a paper last week by the security researchers in the International Association for Cryptologic Research, focused on the GMR-2 encryption algorithm that is widely used in most modern satellite phones, including British satellite telecom Inmarsat, to encrypt voice calls so as to prevent eavesdropping – quite ironic.
Unlike previous 2012 research by German researchers who tried to recover the encryption key with the help of ‘plaintext’ attacks, the Chinese researchers attempted to “reverse the encryption procedure to deduce the encryption-key from the output keystream directly.”
For the attack to be successful, it requires brute-forcing a 3.3GHz satellite stream thousands of times with an inversion attack, which eventually produces the 64-bit encryption key and makes it easier to scavenge for the decryption key, allowing attackers to decrypt communications and listen in to a conversation.
“This indicates that the inversion attack is very efficient and practical which could lead to a real-time crack on the GMR-2 cipher,” the research paper reads. “The experimental results on a 3.3GHz platform demonstrate that the 64-bit encryption-key can be completely retrieved in around 0.02s.”
According to the pair, the attack can eventually crack satellite phone call encryption in fractions of a second when successful, allowing the attacker to break into the communications as the conversation happens.
The findings spark concerns surrounding security of satellite phones, which are mostly used by officers in war zones, as well as in remote areas precisely due to having no other alternatives.