Secrets in the sky: on privacy and infrastructure security in DVB-S satellite broadband

Demands for ubiquitous global connectivity have sparked a satellite broadband renaissance. Secure satellite broadband is vital to ensuring that this growth does not beget unanticipated harm. Motivated by this need, this paper presents an experimental security analysis of satellite broadband signals using the Digital Video Broadcasting for Satellite (DVB-S) protocol. This analysis comprises 14 geostationary platforms encompassing over 100 million square kilometers of combined coverage area. Using less than €300 of widely available equipment, we demonstrate the ability to identify individual satellite customers, often down to full name and address, and their web browsing activities. Moreover, we find that these vulnerabilities may enable damaging attacks against critical infrastructure, including power plants and SCADA systems. The paper concludes with a discussion of possible confidentiality protections in satellite broadband environments and notes a need for further cryptographic research on link-layer encryption for DVB-S broadband.

[1]  Prof.Dr.-Ing. Ulrich Reimers Digital Video Broadcasting (DVB) , 2001, Springer Berlin Heidelberg.

[2]  G. Fairhurst,et al.  Security requirements for IP over satellite DVB networks , 2007, 2007 16th IST Mobile and Wireless Communications Summit.

[3]  Bernhard Collini-Nocker,et al.  Internet over direct broadcast satellites , 1999, IEEE Commun. Mag..

[4]  Haitham S. Cruickshank,et al.  Dynamics of key management in secure satellite multicast , 2004, IEEE Journal on Selected Areas in Communications.

[5]  Jean Dezert,et al.  An introduction to DSmT , 2009, ArXiv.

[6]  Dan F. Lester,et al.  Human space exploration and human spaceflight: Latency and the cognitive scale of the universe , 2011 .

[7]  Wei Li Security Analysis of DVB Common Scrambling Algorithm , 2007, The First International Symposium on Data, Privacy, and E-Commerce (ISDPE 2007).

[8]  Pascal Berthou,et al.  SatIPSec : an optimized solution for securing multicast and unicast satellite transmissions , 2004 .

[9]  G. Hernandez,et al.  Satellite — A New Opportunity for Broadband Applications , 2002 .

[10]  Breaking DVB-CSA , 2011, WEWoRC.

[11]  John S. Baras,et al.  Security issues in hybrid networks with a satellite component , 2005, IEEE Wireless Communications.

[12]  R. Santamarta Last Call for SATCOM Security , 2018 .

[13]  Haitham S. Cruickshank,et al.  Securing multicast in DVB-RCS satellite systems , 2005, IEEE Wireless Communications.

[14]  Stefan Lucks,et al.  Western European Workshop on Research in Cryptology , 2005 .

[15]  André Adelsbach,et al.  Satellite Communication without Privacy - Attacker's Paradise , 2005, Sicherheit.

[16]  Mincong Tang,et al.  Culture's Role in E-Commerce Success: A Conceptual Model , 2007, The First International Symposium on Data, Privacy, and E-Commerce (ISDPE 2007).

[17]  R. Budiarto,et al.  A Comparison of IP Datagrams Transmission using MPE and ULE over Mpeg-2/DVB Networks , 2005, 2005 5th International Conference on Information Communications & Signal Processing.