Back in 2012, a team of five German scientists from Ruhr University in Bochum, published a research paper in which they delineated the method to decrypt communication signals transmitted through satellite phones.
In 2016, a report from Chatham House revealed that hackers and even terrorists can exploit security flaws in the computer system of satellites. Now, however, two Chinese researchers propose (1 & 2) an even more practical and quicker way to do so.
Satellite communication
Satellite phones may not have many practical applications in a commercial setting. However, they are heavily used by the military and in areas where regular phone signals are unavailable.
People who go to rural areas or are in the sea, usually use satellite phones to communicate. As you may realize, the communication may be critical, and hence it needs to be secure so as to avoid cyber eavesdropping.
Essentially, in order to protect the user, the GMR-2 standard is utilized to encrypt all the communication that takes place. GMR-2 is a GEO-Mobile Radio interface and is the most recent version for satellite communication.
Chinese researchers find a way to break the GMR-2 cipher
The GMR-2 primarily encodes a user’s conversation with a 64-bit cipher. Two Chinese researchers have figured out a way to reverse engineer the encryption and hence decode the entire conversation within a matter of seconds.
The researchers belong to the National University of Defense Technology in Changsha. They stated that the process simply involves understanding the way in which GMR-2 encrypts data in the first place.
The method allows them to decrypt the entire conversation in real-time from the output itself.
How does it differ from the German method?
As mentioned earlier, the idea of decrypting satellite conversation existed since 2013 when a team of German researchers from Ruhr University published a paper explaining how the attack was to be carried out.
They too exploited the vulnerabilities present in the GMR-2 standard and devised a method which although practical, was nevertheless, quite complicated. It involved some very sophisticated techniques to get the encryption key.
The method was apparently a plaintext attack that was carried out multiple times. The attack was quite impractical as such.
The new method, however, finds out the encryption in seconds and does not involve lengthy mathematical problem-solving techniques.
Response from the scientific community
The method has gained attention, and one teacher from Johns Hopkins University wrote in a blog post that although the research indicates a scientific breakthrough, it is, however, dangerous and not yet practical.
The researchers themselves emphasized the weakness of the GMR-2 standard and stated that it needs to be upgraded immediately to avoid major catastrophes.
Sponsored: DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.