Paper 2012/051

Eavesdropping on Satellite Telecommunication Systems

Benedikt Driessen

Abstract

While communication infrastructures rapidly intertwine with our daily lives, public understanding of underlying technologies and privacy implications is often limited by their closed-source nature. Lacking the funding and resources of corporations and the intelligence community, developing and expanding this understanding is a sometimes tedious, but nonetheless important process. In this sense, we document how we have decrypted our own communication in the Thuraya satellite network. We have used open-source software to build on recent work which reverse-engineered and cryptanalized both stream ciphers currently used in the competing satellite communication standards GMR-1 and GMR-2. To break Thuraya’s encryption (which implements the GMR-1 standard) in a real-world scenario, we have enhanced an existing ciphertext-only attack. We have used common and moderately expensive equipment to capture a live call session and executed the described attack. We show that, after computing less than an hour on regular PC-hardware, we were able to obtain the session key from a handful of speech data frames. This effectively allows decryption of the entire session, thus demonstrating that the Thuraya system (and probably also SkyTerra and TerreStar, who are currently implementing GMR-1) is weak at protecting privacy.

Note: Added some clarification to distinguish between decrypting and actually listening to a call. Minor editorial tweaks (more probably to come..).

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
benedikt driessen @ rub de
History
2012-02-08: last of 2 revisions
2012-02-06: received
See all versions
Short URL
https://ia.cr/2012/051
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/051,
      author = {Benedikt Driessen},
      title = {Eavesdropping on Satellite Telecommunication Systems},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/051},
      year = {2012},
      url = {https://eprint.iacr.org/2012/051}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.