If until now you thought that you were making a secure call via satellite, forget it. The protection systems used to make these connections have proved to be unsafe as we thought.
This is at least demonstrated by a group of researchers who have discovered the way to decrypt satellite calls via the GMR-2 encryption algorithm in virtually real time.
Based on a research by German researchers in 2012, they have demonstrated how easy it is to hack these communications, supposedly “top secret”. Specifically, they have managed to intervene a private call with a delay of 0.02 seconds, thus exposing the vulnerability of satellite calls.
It is important to make it clear that we are not talking about conventional telephone calls , which are those that we make through the network of a telephone company and whose signal is bounced by different antennas spread all over the world.
Satellite calls are those that are often used in special situations, for example to carry coverage to areas where normal networks do not arrive or to hold conversations that no one can hear. This mode ensures that two people can communicate by phone without cuts or interference. And in a safe way, thanks to the encryption technology you use, thus preventing a third person from accessing this confidential information.
The privacy of the satellite calls is achieved through the encryption that forms the algorithm GMR-2. It generates a series of keys implementing cryptographic transformations in the initial vectors of the encryption key, adding plain text using XOR to obtain the final ciphertext.
“For this method to be secure, it must be difficult for an attacker to obtain the original encryption key, something that does not happen in the case of GMR-2,” the researchers explain.
How did you find the encryption key? Instead of focusing like the Germans did in a plain text attack, Chinese researchers bet on reversing the encryption process and checking the output data stream. By means of tests and repetitions in a channel of 3.3 GHz of satellite communication they were able to reduce the search time of the code key of 64 bits, which was easier for them to arrive with the private key of the algorithm GMR-2, and demonstrate the non-security of satellite calls.
In this way, they managed to intercept a private conversation with a delay of 0.02 seconds on average (20 milliseconds), exposing the serious security problems that the GMR-2 encryption system has today.
Finally, Chinese researchers recommend that satellite communications operators update their cryptographic modules so that communications remain confidential, as they say. “Because confidentiality is a crucial aspect in satellite communications, encryption algorithms on satellite phones must be secure enough to support multiple levels of listening,” the researchers conclude.
The research was carried out by Jiao Hu, Ruilin Li and Chaojing Tang of National University of Defense Technology, Changsha, China.