back to article Now you, too, can snoop on mobe users from 3G to 5G with a Raspberry Pi and €1,100 of gizmos

A protocol meant to protect smartphone users' privacy is vulnerable to fake base station attacks all the way from 3G to 5G, according to a group of international researchers. All the baddies need is a little over €1,100 worth of kit and a laptop. The "Authentication and Key Agreement" protocol (aka AKA, hehe) is meant to …

  1. Version 1.0 Silver badge

    What a surprise!

    Who would have thought that crypto could be hacked like this? Realistically there are agencies all over the world that are probably a bit disappointed that this has leaked out - but the chance are that they have a backstop for any fix.

  2. Ogi
    FAIL

    A flaw, or a backdoor?

    The more I hear about these events, the more I suspect that these flaws are deliberate in order to allow intelligence agencies to access communications when they want, but in a way that is not obvious to the layman.

    Having the flaw in the protocol is a lot easier than having to twist every companies arm to implement a backdoor in their hardware/OS/Software, with all the variations. This way, any piece of equipment that follows the standard (and is certified as such) is automatically backdoored. Far more elegant.

    I know "security is hard", but we are talking about very large, very rich companies, who develop these standards over many years, with much ratification and consultation, and could easily afford the crypto and security specialists needed to do it properly.

    A lot of the telecom industry traces its lineage back to to the old telegraph and telephone systems, and interception by spies has been a long standing thing they facilitated, and at this point I would expect such agreements are grandfathered in.

    We have already had western governments request/demand tech companies cripple their security implementations to allow backdoor access, with push back from said companies (at least publicly). You notice they never request or demand the same from Telecoms. I suspect because an arrangement is already in place, and has been for a very very long time.

    The problem with the concept, is that when security researches eventually discover the backdoor and publish it, every single implementation is vulnerable, with no way to patch it (because it is protocol level), until a new revision of the protocol is published, hardware certified, etc.. and people actually buy the new hardware (without any backwards compatibility with the flawed system). Hence why every phone still supports 2G, with whatever flaws exist since then, we will have security holes for decades.

  3. Pete 2 Silver badge

    Form an orderly queue

    And how long before all the world's "security" services are on the phone with job offers, consultancy requests and causal enquiries regarding just what extra hardware they would need to, ahem, research this new vulnerability.

    The publication does sound a lot like an advertisement. It's just that what ordinary citizens would consider a fault is seen as an opportunity by those charged with protecting our freedoms!

    1. JetSetJim
      Headmaster

      Re: Form an orderly queue

      The extra hardware is off the shelf software defined radios that have an amount of FPGA's and take a stock image for 3GPP implementations. I have a couple under my desk at work - these ones. It's not too hard, although I'm not sure a pi had the cpu grunt necessary to power one as lots of fft's are involved with the s/w I used.

      1. Sanctimonious Prick

        Re: Form an orderly queue

        @JetSetJim

        Re: these ones

        That's a nice bit of kit (especially if it's just "under" your desk) :)

        1. JetSetJim

          Re: Form an orderly queue

          > if it's just "under" your desk

          yup - there's two, mounted in their little boxes, stuffed into a cardboard box with a big pile of cables. Tried to make a little LTE network for the office, using custom programmed SIMs and OpenAirInterface (which includes RAN and Core elements). Could get it to work, but needed GPS antennas to lock the timing sufficiently well. Nice little project. Needed reasonably powerful laptops to drive the radios, though. CN could be run in its entirety off a small laptop - didn't have many SIMs live, so not too much of a hit there. Even managed to get some licensed spectrum to use so that real mobiles could work.

      2. Chairman of the Bored

        Re: Form an orderly queue

        @JetSetJim,

        Quite right. The rPi is am amazing bit of kit but am uncertain the USB bandwidth is sufficient to handle the >2MSPS rates needed for this sort of work. I'm lucky to get 2MSPS sustained.

        I believe the rPi 3 has 'gigabit ethernet' and perhaps an N200 would work, but iirc the GB port is on a USB bridge, so I dont know if it would work any better.

        1. Old Used Programmer

          Re: Form an orderly queue

          The Pi3B+ has GbE "class" from it's LAN chip. Officially, it can run a bit over 300Mb/s. Tests by users are mixed. It does still share the single USB 2 connection to the SoC.

          1. JetSetJim

            Re: Form an orderly queue

            If the SDR is being run over USB, then USB3 is the interface of choice, not 2

  4. Nifty Silver badge

    3 years ago I watched a demo that was broadcast on live German TV. A woman from the studio audience was invited to send a text to her husband. A man with a laptop and a GSM card then proceeded to read it out to her.

  5. Tom 7

    Can I use this to hijack someones 4/5G BB connection?

    Asking for a friend.

  6. ShortLegs

    What is interesting (to me) is the equipment, and what device cost e1140

    "needed... a universal software radio peripheral, a smartcard reader, and the OpenLTE software. Excluding the laptop, they said the kit cost €1,140 "

    OpenLTE - free

    smartcard reader - e15 - e60

    Now what "universal software radio" component costs around £1000/e1100? I'm guessing a transceiver, capable of covering up to 6GHz, given that an RTL dongle can cover upto 1.750Ghz and costs around e30.

    Hmmm <starts looking at my ETL8000 and R820 based SDR hobby horses>

    1. mark.d

      Ettus Research USRP is usually the go to product for this type of use. Another might be the Hack RF One but that is around a quarter of the stated price.

    2. JetSetJim

      There's a bunch of them out there, at different prices. E.g.:

      EURECOM's ExpressMIMO2 PCIe card requiring a PC with a free 8/16-way PCIe

      slot. With an appropriate adaptor the card can function in a 1-way PCIe slot

      or ExpressCard slot in a laptop.

      NI/Ettus USRP B200/B210 USB3 radio card requring a PC with a free USB3 port. Plus the NXXX series radios (bit more powerful)

      BladeRF over USB3 port.

      LimeSDR over USB3 port.

  7. DMcDonnell

    The Acronym Diarrhea is quite strong in the story. It just spews them all over the place.

    1. MacroRodent

      Acronyms

      Seriously? I didn't notice, but then, I work with telecom where documents very nearly consist of acronyms only...

  8. hellwig

    only effective only when

    Yikes. That hurt my brain to read.

  9. Anonymous Coward
    Anonymous Coward

    This is why calls should have end to end encryption

    It is sad that I can get better privacy using something proprietary like Facetime or Skype than I can on a cellular call despite over a decade of the industry claiming the security issues will be fixed in the NEXT rev.

    One has to believe the 3GPP is either deliberately leaving holes in their protocols, or are blithely accepting protocol submissions that ultimately originate from the various TLAs of major world governments.

    If 3GPP won't solve this, Apple and Google ought to get together and come up with an open P2P encryption scheme for two party calls supported by iOS and Android, and hopefully then VOIP providers will follow. No doubt it would enrage the FBI, but fuck them. Calls are "data" when placed on LTE (VoLTE) and 5G, so the carriers can't prevent this like they could with 2G/3G protocols.

    1. EnviableOne

      Re: This is why calls should have end to end encryption

      3GPP know that no matter how bad their protocols are, SS7 is worse and thats not getting changed any time soon.

    2. Harry Stottle

      Re: This is why calls should have end to end encryption

      Unless you're using the new feature (version 8+) "Private Conversation" I hope you're not under any illusion that your "normal" Skype calls are E2EE. Frankly, we should be seriously sceptical even about their so called Private Conversation. There is no formal independent audit (in the public domain) to verify its claims and Microsoft's track record of co-operation with the TLAs is legendary (and, as many of us, including fellow Reg commentards, speculated at the time, probably accounts for their purchase of Skype in the first place)

      I've tried out their allegedly "Private Conversation" and it "feels" like Security Theatre. Unlike the much better attested E2EE options (eg Wire, Viber, Blizz, Signal, Qtox, Wimi etc ) all of which all manage to cope with conference calls and video, and some of which also manage screen sharing, Skype's PC offers voice only and one party at each end only. No Video, no screen sharing. Why is that? I can list some of the more obvious options:

      1) the other providers are incompetent and bluffing about their security.

      2) Microsoft are unable to find competent security engineers to create their own multiparty version

      3) They have calculated this is the "least they can do" to ward off demands for genuine privacy/security but by making its functionality so limited, they ensure that most users will ignore it (and stick out like sore thumbs when they choose it)

      4) They just want to make users feel "it's so limited it must be secure" while, in reality the TLAs continue to have unimpeded access.

      My money's on the last option, with an each way bet on (3)

    3. Michael Wojcik Silver badge

      Re: This is why calls should have end to end encryption

      End-to-end encryption of calls doesn't help with this class of attack, which is tracking a phone from station to station and observing traffic such as call establishment. It's not breaking the confidentiality of calls or other messages; it's breaking infrastructure confidentiality.

  10. whoseyourdaddy

    Idiots.

    More encryption means your call consumes more battery power and thus your phone radiates more heat.

    Be careful what you ask for.

    1. Michael Wojcik Silver badge

      Yeah, and car seatbelts require producing more non-biodegradable nylon. If that thought doesn't keep you up at night ... well, you're probably at least marginally capable of critical thinking.

  11. TrumpSlurp the Troll
    Paris Hilton

    Smartcard reader?

    Doesn't that imply that you also need a smartcard?

    If so, which one and why?

  12. Anonymous Coward
    Anonymous Coward

    It was worse in 1983....

    Reminds me of back in the day when working on the TEP4 contract in Saudi Arabia. You could pick up mobile phone conversations on your car FM radio - I think it was the 4th harmonic or something - Telecommunications Minister Alawi Darwish Kayyal summoned LM Ericsson and they agreed to upgrade the network from analogue to digital. It was so much easier to get stuff done back then.....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like