TY - GEN
T1 - Breaking LTE on Layer Two
AU - Rupprecht, David
AU - Kohls, Katharina
AU - Holz, Thorsten
AU - Popper, Christina
N1 - Funding Information:
ACKNOWLEDGMENT This work was supported by the Franco-German BERCOM Project (FKZ: 13N13741) co-funded by the German Federal Ministry of Education and Research (BMBF). In addition, this work was supported in part by Intel (ICRI-CARS). We would like to thank G Data Software AG for supporting our experiments with the shielding box and Software Radio Systems for giving us insights into their LTE software stack. Further, we thank our shepherd Michael Bailey for the guidance towards the camera-ready version.
Publisher Copyright:
© 2019 IEEE.
PY - 2019/5
Y1 - 2019/5
N2 - Long Term Evolution (LTE) is the latest mobile communication standard and has a pivotal role in our information society: LTE combines performance goals with modern security mechanisms and serves casual use cases as well as critical infrastructure and public safety communications. Both scenarios are demanding towards a resilient and secure specification and implementation of LTE, as outages and open attack vectors potentially lead to severe risks. Previous work on LTE protocol security identified crucial attack vectors for both the physical (layer one) and network (layer three) layers. Data link layer (layer two) protocols, however, remain a blind spot in existing LTE security research. In this paper, we present a comprehensive layer two security analysis and identify three attack vectors. These attacks impair the confidentiality and/or privacy of LTE communication. More specifically, we first present a passive identity mapping attack that matches volatile radio identities to longer lasting network identities, enabling us to identify users within a cell and serving as a stepping stone for follow-up attacks. Second, we demonstrate how a passive attacker can abuse the resource allocation as a side channel to perform website fingerprinting that enables the attacker to learn the websites a user accessed. Finally, we present the A LTE R attack that exploits the fact that LTE user data is encrypted in counter mode (AES-CTR) but not integrity protected, which allows us to modify the message payload. As a proof-of-concept demonstration, we show how an active attacker can redirect DNS requests and then perform a DNS spoofing attack. As a result, the user is redirected to a malicious website. Our experimental analysis demonstrates the real-world applicability of all three attacks and emphasizes the threat of open attack vectors on LTE layer two protocols.
AB - Long Term Evolution (LTE) is the latest mobile communication standard and has a pivotal role in our information society: LTE combines performance goals with modern security mechanisms and serves casual use cases as well as critical infrastructure and public safety communications. Both scenarios are demanding towards a resilient and secure specification and implementation of LTE, as outages and open attack vectors potentially lead to severe risks. Previous work on LTE protocol security identified crucial attack vectors for both the physical (layer one) and network (layer three) layers. Data link layer (layer two) protocols, however, remain a blind spot in existing LTE security research. In this paper, we present a comprehensive layer two security analysis and identify three attack vectors. These attacks impair the confidentiality and/or privacy of LTE communication. More specifically, we first present a passive identity mapping attack that matches volatile radio identities to longer lasting network identities, enabling us to identify users within a cell and serving as a stepping stone for follow-up attacks. Second, we demonstrate how a passive attacker can abuse the resource allocation as a side channel to perform website fingerprinting that enables the attacker to learn the websites a user accessed. Finally, we present the A LTE R attack that exploits the fact that LTE user data is encrypted in counter mode (AES-CTR) but not integrity protected, which allows us to modify the message payload. As a proof-of-concept demonstration, we show how an active attacker can redirect DNS requests and then perform a DNS spoofing attack. As a result, the user is redirected to a malicious website. Our experimental analysis demonstrates the real-world applicability of all three attacks and emphasizes the threat of open attack vectors on LTE layer two protocols.
KW - Attack
KW - DNS-Redirection
KW - Identity-Mapping
KW - LTE
KW - Mobile-Security
KW - Website-Fingerprinting
UR - http://www.scopus.com/inward/record.url?scp=85062721292&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85062721292&partnerID=8YFLogxK
U2 - 10.1109/SP.2019.00006
DO - 10.1109/SP.2019.00006
M3 - Conference contribution
AN - SCOPUS:85062721292
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 1121
EP - 1136
BT - Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 40th IEEE Symposium on Security and Privacy, SP 2019
Y2 - 19 May 2019 through 23 May 2019
ER -