BOCHUM, Germany, Feb. 8 (UPI) -- Satellite telephony thought to be secure against eavesdropping because of encryption is unsafe, say German researchers who cracked the encryption.
Researchers at the Horst Gortz Institute for IT-Security at the Ruhr University Bochum said they've cracked the encryption algorithms of the European Telecommunications Standards Institute used globally for satellite telephones and in the process revealed significant weaknesses.
In less than an hour with simple equipment, they said, they found the crypto key needed to intercept telephone conversations, and using open-source software were able to exploit the security weaknesses, a university release said Wednesday.
The researchers randomly selected two widely used satellite phones and after uploading a simple firmware update from each provider's Web site used commercially available equipment to reconstruct the GMR-1 standard satellite encryption mechanism.
Analysis then showed encryption of the GMR-1 standard was similar to the one used in GSM, the most common cellphone system.
"Since the GSM cipher had already been cracked, we were able to adopt the method and use it for our attack," researcher Benedikt Dreissen said.
To verify their results, the researchers recorded their own satellite telephone conversations and developed a new attack based on the analysis.
"We were surprised by the total lack of protection measures, which would have complicated our work drastically," Carsten Willems of the Chair for System Security at the RUB said.