Security Experts:

Connect with us

Hi, what are you looking for?



Researchers Decrypt Satellite Phone Communication in Real-Time

A group of security researchers detailed a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks.

A group of security researchers detailed a real-time inversion attack against the GMR-2 stream cipher used in satellite phone communication, claiming it is much more efficient than previously devised attacks.

In a research paper (PDF), Jiao Hu, Ruilin Li, and Chaojing Tang from the School of Electronic Science and Engineering at the National University of Defense Technology in China, explain that the real-time inversion attack uses one frame keystream and contains three phrases.

One of the two widely deployed variants of GMR (GEO-Mobile Radio Interface), the GMR-2 cipher has been found vulnerable to two types of plaintext attacks. A read-collision technique was presented in 2012, when the details of the satellite cipher algorithms were made public, and a dynamic guess-and-determine attack was devised in 2013.

“In this paper, we study the inverse properties of the GMR-2 cipher to show a bad one-way character of such cipher, then by introducing a new concept “valid key chain”, we propose what we call the inversion attack against the GMR-2 cipher. This attack can reduce the exhaustive search space from 264 to about 213 on average when one frame (15 bytes) keystream is available,” the researchers explain.

Because of this, the inversion attack is very efficient and practical, and could be used to perform real-time decryption on the GMR-2 cipher, the security researchers argue. When carried out on a 3.3GHz platform, the attack can completely retrieve the 64-bit encryption-key in around 0.02 seconds, the researchers say.

The technique contains three phases, namely table generation; dynamic table looks-up, filtration and combination; and verification. The attack can be used to “retrieve the complete 8-byte encryption-key from only 1 frame (15 bytes) of keystream on average.” It also significantly reduces the exhaustive search space, and requires only 6KB of extra storage space.

The security researchers reveal that, in 10,000 experiments, the newly devised technique was able to uniquely determine 97.2% of the encryption-keys by the 15 bytes of keystream. The remaining 2.8% of the keys needed an extra keystream byte to retrieve.

According to the paper, not only does the proposed inversion attack prove more efficient than the previously detailed dynamic guess-and-determine method and the read-collision based technique, but it also proves that serious security flaws exist in the GMR-2 cipher.

“Compared with previous known attacks, this inversion attack is much more efficient. It is crucial for service providers to upgrade the cryptographic modules of the system in order to provide confidential communication,” the researchers say.

Related: Wi-Fi Flaws Expose iPhone, Nexus Phones to Attacks

Related: Vulnerability in Mobile Networks Allows Easy Phone Tracking

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...


Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...