Slashdot Mirror

← Back to Stories (view on slashdot.org)

Satellite Phone Encryption Cracked

Posted by Soulskill on from the our-fictional-military-characters-are-in-trouble dept.

New submitter The Mister Purple writes "A team of German researchers appears to have cracked the GMR-1 and GMR-2 encryption algorithms used by many (though not all) satellite phones. Anyone fancy putting a cluster together for a listening party? 'Mr. Driessen told The Telegraph that the equipment and software needed to intercept and decrypt satellite phone calls from hundreds of thousands of users would cost as little as $2,000. His demonstration system takes up to half an hour to decipher a call, but a more powerful computer would allow eavesdropping in real time, he said.'"

7 of 54 comments (clear)

  1. sony's psn botnet by crutchy · · Score: 1, Insightful

    so they strung a few playstations together... PSN is really just a huge botnet that Sony uses to crack encryption of all sorts. How do you think they're going to sue (save) people that use SSH or VPN from illegally downloading pirated copies of "Not Another Teen Movie"?

  2. Security through obscurity by munozdj · · Score: 5, Insightful

    These guys have once again proven that security through obscurity is not a sensible strategy. If the codes were published in due time, the flaw could have been found with enough time to allow for preventive measures to be deployed. (I know there are a lot of inferences in the sentence, but it seems plausible to me, taking into account what has happened with other algorithms (DES, anyone?))

    --
    Democracy: Crowdsourcing a country near you
    1. Re:Security through obscurity by saleenS281 · · Score: 4, Insightful

      You're assuming they want it truly secure. Reality is governments around the world want backdoors.

    2. Re:Security through obscurity by hairyfeet · · Score: 4, Insightful

      While i'm sure that is true to a point, everyone seems to forget just how fricking fast we jumped on computing power. When i first started toying with computers in the early 80s we measured memory in bytes and the multimillion dollar supercomputers had less computing power than that $8 calculator at Fred's. In just 30 years we went from computers measured in single digit MHz cost nearly as much as a car to being able to build a DIY PC for $1000 that could run every single major OS of the last 20 years at the same time. Hell just look at the beginning of this century, where we had just broken the GHz barrier and having 512Mb of RAM meant you had some cash to blow. Who would have thought then that just 12 years later we'd be looking at machines with dozens of CPUs and huge pools of RAM and hundreds of specialized graphical cores we could run our own code on?

      The sat phone system IIRC was designed in the mid 80s and put up in the early 90s correct? i can see them simply not seeing the huge leaps that we would make nor would the tech of the time have been able to process crypto hard enough not to be at risk from these modern monsters. If we keep leaping ahead with regards to computing power as we have been these past 15 years I don't even want to think about how big and complex an encryption system you'll need to protect yourself from what the average geek will have sitting on his desk in 2030.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  3. Redundant stupidisms in written English by Anonymous Coward · · Score: 0, Insightful

    I'm so sick of reading gibberish like this:

    "many (though not all)".

    Is there a variety of "many" that doesn't mean "not all"?

    1. Re:Redundant stupidisms in written English by somersault · · Score: 1, Insightful

      Is there a variety of "many" that doesn't mean "not all"?

      Yes. It's called "many". It means "a large number". You could say for example "Many humans live in the Solar system", even though none have ever lived outside of it.

      --
      which is totally what she said
  4. Is sensible encryption really that hard? by mark-t · · Score: 5, Insightful

    Is it really so hard to use an encrypted key exchange, such as DHKE, to establish a completely private connection on something that you are broadcasting, and do not know who might be listening in?

    Such key exchanges practically scream "USE ME" for situations like encrypting anything being transmitted over the air, such as cell phone usage.

    Of course, it also means that the police wouldn't be able to listen in either without setting up a fake cell phone tower to be a MitM, at least not until somebody develops an other efficient algorithm to solve the discrete log problem, or unless they had a quantum computer on the job that is more powerful than any ever yet built,

    --
    File under 'M' for 'Manic ranting'