ID: IRCNE2012021394
Date: 2012-02-07
According to "techworld", German researchers claim they have found weaknesses in two commonly-used satellite encryption protocols that could render them vulnerable to eavesdropping in real time.
In the paper titled Don't Trust Satellite Phones (currently available only as an abstract), Benedikt Driessen and Ralf Hund of Ruhr University describe how they reverse engineered the GMR-1 and GMR-2 encryption algorithms or stream ciphers used to secure voice traffic on a range of commercial satellite networks.
The pair attacked different digital signal processor (DSP) firmware updates for two handsets, Thuraya’s GMR-1-based SO-2510, and Inmarsat’s GMR-2 IsatPhonePro, extracting the encryption keys used to secure communications in half an hour.
According to an interview with the Daily Telegraph, the researchers believe a more powerful system could achieve the same results in real time, necessary in most cases for eavesdropping to be useful.
Nohl followed this up last year with another and even more audacious attack based on a compromised Motorola handset.
- 2