Critical security vulnerabilities in Voice over WiFi
CISPA researcher Adrian Dabrowski, together with colleagues from SBA Research and the University of Vienna, has discovered two major security vulnerabilities in the mobile protocol Voice over WiFi (VoWiFi), also known as WLAN calling. These vulnerabilities put the communication security of millions of mobile phone customers worldwide at risk. Updates to fix the problems have now been implemented.
Modern smartphones can establish phone connections not only via mobile networks, but also via Wi-Fi, thus ensuring connectivity even in places with poor mobile network quality, such as tunnels, basements or on train journeys. The so-called Wi-Fi calling, which has been around since 2016, is now offered by almost all major mobile network operators and is preset on all new smartphones. “The service itself is highly useful. However, in a study we conducted, we found that in some cases the connection between the smartphone and the mobile network was not secure,” explains Adrian Dabrowski.
Weaknesses on the part of mobile network providers
The services of 13 (of the 275 examined) mobile network providers were affected, including those from Austria, Slovakia, Brazil and Russia, and as a result of this weakness alone, around 140 million customers whose communication security was at risk. “The fault lies with an important network component in LTE and 5G network architecture: the so-called Evolved Packet Data Gateway (ePDG),” explains Dabrowski. For WLAN calls, a smartphone must register with the mobile operator’s core network. To ensure that this can happen securely, so-called IPsec tunnels are set up between the device and the ePDG, which is the Internet access point to the mobile network. IPsec tunnels are a type of VPN, or virtual private network, that cannot be viewed from the outside.
IPsec tunnels are built in several steps. Communication security is primarily guaranteed by the exchange of cryptographic keys according to the so-called Internet Key Exchange Protocol (IKE). “These are ancient methods in themselves and are usually secure. Unless you do something wrong with the keys,” explains Dabrowski. The keys have to be private, i.e. secret, and random. According to the researcher, neither of these conditions was met by the operators. To the researchers’ surprise, the 13 operators used the same global set of ten static private keys instead of random keys. “Anyone in possession of these not really private ‘private keys’ could easily eavesdrop on the communication between the smartphones and the mobile operators,” explains Gabriel Gegenhuber, security researcher at SBA Research and in the Security and Privacy research group at the University of Vienna. ‘Anyone of the affected mobile operators, the manufacturer, and possibly the security authorities of each of these countries has access to the keys.’ The networks of the Chinese provider ZTE were affected.
Vulnerabilities in smartphone chips and in the configuration of smartphones
As if that were not enough, the researchers also found that many new chips (including 5G) from the Taiwanese manufacturer MediaTek, which are used in some Android smartphones from manufacturers such as Xiaomi, Oppo, Realme and Vivo, have another vulnerability. “This chip works with the SIM card to register users in the mobile network using VoWiFi. We discovered that it is possible to reduce the encryption on the smartphone side to the weakest variant using targeted attacks,” says Dabrowski. Their measurements and analyses of the configurations on the client and server sides of many other manufacturers, including Google, Apple, Samsung and Xiaomi, also showed that there is even more to be done in the area of mobile security. In up to 80 percent of the cases in which we simulated a connection, we found that outdated cryptographic methods were used that no longer meet the standard,” says Dabrowski.
Damage is unclear, updates have been installed
The researchers aren’t able to confirm how many users worldwide were actually affected by attacks or were eavesdropped on via the vulnerability on the side of the mobile operators. However, they have informed the Global System for Mobile Association (GSMA) and the relevant providers and companies and given them the opportunity to develop updates. These have now been implemented. Only after this responsible disclosure has taken place are they now publishing their work at the USENIX Security Symposium 2024, thus making their findings available to other researchers.
Full Paper:
“Diffie-Hellman Picture Show: Key Exchange Stories from Commercial VoWiFi Deployments” by Gabriel K. Gegenhuber, Florian Holzbauer, Philipp E. Frenzel, Edgar Weippl and Adrian Dabrowski
About CISPA
The CISPA Helmholtz Center for Information Security is a German national Big Science institution within the Helmholtz Association. CISPA researchers explore all aspects of information security. They address the pressing global challenges in cybersecurity, data protection and trustworthy artificial intelligence. Conducting modern foundational research as well as innovative application-oriented research, they work to protect the digital space and improve industrial applications and products. CISPA promotes scientific talent, supports promising founders, and trains experts and executives for business and industry. In this way, it carries its research findings into society and strengthens Germany’s as well as Europe’s competitiveness.
Wissenschaftliche Ansprechpartner:
Adrian Dabrowski dabrowski@cispa.de
Originalpublikation:
https://publications.cispa.de/articles/conference_contribution/VoWiFi/26367205
Media Contact
All latest news from the category: Information Technology
Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.
This area covers topics such as IT services, IT architectures, IT management and telecommunications.
Newest articles
A ‘language’ for ML models to predict nanopore properties
A large number of 2D materials like graphene can have nanopores – small holes formed by missing atoms through which foreign substances can pass. The properties of these nanopores dictate many…
Clinically validated, wearable ultrasound patch
… for continuous blood pressure monitoring. A team of researchers at the University of California San Diego has developed a new and improved wearable ultrasound patch for continuous and noninvasive…
A new puzzle piece for string theory research
Dr. Ksenia Fedosova from the Cluster of Excellence Mathematics Münster, along with an international research team, has proven a conjecture in string theory that physicists had proposed regarding certain equations….