Close this search box.
Close this search box.

Written by: Mike Yang

A team of researchers from China has developed a new attack on one of the ciphers used to secure the communications of satellite phones that enables them to recover a 64-bit key in a fraction of a second under some circumstances.

The work focuses on the GMR-2 cipher used in Inmarsat satellite phones and the attack the researchers developed cuts the time needed for a brute-force attack on the encryption key by reducing the space that has to be searched.

“With the help of an extra 6KB memory storage, this attack can reduce the exhaustive search space from 264 to about 213 on average when one frame (15 bytes) keystream is available. This indicates that the inversion attack is very efficient and practical which could lead to a real time crack on the GMR-2 cipher. The experimental results on a 3.3GHz platform demonstrate that the 64-bit encryption-key can be completely retrieved in around 0.02s,” the researchers wrote in their paper, “A Real-time Inversion Attack on the GMR-2 Cipher Used in the Satellite Phones“.

“This again demonstrates that there exists serious security flaws in the GMR-2 cipher.”


GMR-2 (GEO mobile radio interface 2) is one of the main cryptographic ciphers used in satellite communications and it has been in use for several years. It’s a stream cipher with a 64-bit key and the team from the National University of Defense Technology in China is not the first group to find weaknesses in the cipher. In 2012 researchers at Ruhr University Bochum in Germany were able to recover an encryption key using a known-plaintext attack. The Chinese team took a different tack by trying to “reverse the encryption procedure to deduce the encryption-key from the output keystream directly.”

The Chinese researchers, Jiao Hu, Ruilin Li, and Chaojing Tang, concentrated on reducing the exhaustive key search space, which in turn cut down the amount of time needed to recover an encryption key. They said that their results show the need for satellite phone providers to switch to a more secure encryption scheme.

“This again demonstrates that there exists serious security flaws in the GMR-2 cipher, and it is crucial for service providers to upgrade the cryptographic modules of the system in order to provide confidential communication,” the researchers said.

CC By-sa license image from tszchungwing