[CSS-research] 5G and the IMSI catchers
Cooper Quintin
cooperq at eff.org
Fri Dec 14 16:18:09 PST 2018
Super interesting paper, the main attack seems to be the abililty to
obtain n bits of the SEQ identifier used in the authentication and key
agreement protocol. Obtaining the SEQ allows an attacker to
differentiate unique UEs and determine how many outgoing communications
(calls and SMS in aggregate) have been sent. The attacker can then also
measure how many communications were sent outside the target area when
the victim moves back into the target area by observing how much the
sequence number has grown. Apparently also the differentiation of
devices allows the attacker to determine if a specific device is in the
area, as described in section 4.3, by comparing a known CONCā° parameter
of a target phone to a random CONC parameter. What I don't understand
from the paper is how an attacker would accquire the CONC parameter from
a specific phone in the first place, presumably knowing only it's IMSI.
Cooper Quintin
Senior Staff Technologist | EFF
PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA
Twitter: @cooperq
On 12/7/18 3:38 AM, Siddharth Rao wrote:
>
>
> Recently I attended a lecture where I was told that 5G is going to be an
> "IMSI-catcher free". Well! IMSI catchers seem to bother us even in the
> 5th gen cellular networks.
>
> Yet another great work by Ravi et.al <http://et.al>.
> https://eprint.iacr.org/2018/1175.pdf
>
> --
> Thanks and Regards,
> *Sid*
>
> Siddharth Prakash Rao
> Ford-Mozilla Open Web Fellow
> <https://advocacy.mozilla.org/en-US/open-web-fellows/fellows2016> @
> EDRi, Belgium <http://edri.org/>
> Doctoral Candidate <https://users.aalto.fi/~raos1/> @ Secure Systems
> Research Group
> <http://cs.aalto.fi/en/research/research_groups/secure_systems/> - Aalto
> University, Finland <http://www.aalto.fi/en/>
>
> *Twitter*/: @sidnext2none <https://twitter.com/sidnext2none>/
> *Website*/: http://siddharthrao.me/academic
>
> /
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at lists.eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
More information about the CSS-research
mailing list