Wi-Fi, which has existed since 2016, is now offered by almost all major mobile network operators and comes pre-installed on all new smartphones. "The service itself is very useful. However, in a study we conducted, we discovered that in some cases the connection between the smartphone and the mobile network was not secure," explains Adrian Dabrowski.
Weak points of mobile network providers:
The services of 13 (out of the 275 examined) mobile network providers were affected, including those in Austria, Slovakia, Brazil, and Russia, and as a result of this weakness alone, some 140 million customers saw their communications security compromised. "The flaw lies in a key network component in the architecture of LTE and 5G networks: the so-called Evolved Packet Data Gateway (ePDG)," explains Dabrowski. For WLAN connections, a smartphone must register with the mobile operator's core network. To ensure this happens securely, IPsec tunnels are established between the device and the ePDG, which is the mobile network's internet access point. IPsec tunnels are a type of VPN, or virtual private network, that cannot be seen from the outside.
IPsec tunnels are built in several steps. Communication security is primarily ensured through the exchange of cryptographic keys using the Internet Key Exchange (IKE) protocol. "These are old methods in themselves and are usually secure, unless something goes wrong with the keys," explains Dabrowski. The keys must be private, meaning secret, and random. According to the researcher, the operators failed to meet either of these conditions. To the researchers' surprise, all 13 operators used the same global set of ten static private keys instead of random keys. “Anyone in possession of these not-quite-private ‘private keys’ could easily spy on communication between smartphones and mobile operators,” explains Gabriel Gegenhuber, a security researcher at SBA Research and the Security and Privacy research group at the University of Vienna. “Any of the affected mobile operators, the manufacturer, and possibly the security authorities in each of these countries have access to the keys.” The networks of the Chinese provider ZTE were affected.
Vulnerabilities in smartphone chips and their configuration.
If that weren't enough, researchers also discovered that many of the new chips (including 5G chips) from the Taiwanese manufacturer MediaTek, used in some Android smartphones from manufacturers like Xiaomi, Oppo, Realme, and Vivo, have another vulnerability. “This chip works with the SIM card to register users on the mobile network via VoWiFi. “We discovered that it’s possible to reduce the encryption on the smartphone side to the weakest variant using targeted attacks,” says Dabrowski. Their measurements and analysis of client-side and server-side configurations from many other manufacturers, including Google, Apple, Samsung, and Xiaomi, also demonstrated that there is still much work to be done in the field of mobile security. “In up to 80 percent of the cases where we simulated a connection, we found that outdated cryptographic methods were being used that no longer meet the standard,” says Dabrowski.
The damage is unclear; updates have been installed.
The researchers cannot confirm how many users worldwide were actually affected by the attacks or spied on through the vulnerability by mobile network operators. However, they have informed the Global System for Mobile Communications Association (GSMA) and the relevant providers and companies, giving them the opportunity to develop updates. These have already been implemented. Only after this responsible disclosure did they publish their work at the USENIX Security Symposium 2024, thus making their findings available to other researchers.
Full article:
"Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments," by Gabriel K. Gegenhuber, Florian Holzbauer, Philipp E. Frenzel, Edgar Weippl, and Adrian Dabrowski.
