TY - GEN
T1 - LTE security disabled-misconfiguration in commercial networks
AU - Chlosta, Merlin
AU - Rupprecht, David
AU - Holz, Thorsten
AU - Pöpper, Christina
N1 - Publisher Copyright:
© 2019 Copyright held by the owner/author(s).
PY - 2019/5/15
Y1 - 2019/5/15
N2 - Long Term Evolution (LTE) is the de-facto standard for mobile communication. It provides effective security features but leaves room for misunderstandings in its configuration and implementation. In particular, providers face difficulties when maintaining network configurations. In this paper, we analyze the security configuration of commercial LTE networks. We enhance the open baseband srsLTE with support for commercial networks and perform a subsequent analysis. In more detail, we test the security algorithm selection in a total of twelve LTE networks in five European countries.We expose four misconfigured networks and multiple cases of implementation issues. Three insecure networks fail to enforce integrity protection and encryption, which enables an adversary to impersonate victims towards the network. We provide a proof-of-concept attack in a live network, where the adversary obtains an IP address at the victim's cost. Our work is an appeal to security as a holistic state, which requires not only secure specifications but also secure configurations.
AB - Long Term Evolution (LTE) is the de-facto standard for mobile communication. It provides effective security features but leaves room for misunderstandings in its configuration and implementation. In particular, providers face difficulties when maintaining network configurations. In this paper, we analyze the security configuration of commercial LTE networks. We enhance the open baseband srsLTE with support for commercial networks and perform a subsequent analysis. In more detail, we test the security algorithm selection in a total of twelve LTE networks in five European countries.We expose four misconfigured networks and multiple cases of implementation issues. Three insecure networks fail to enforce integrity protection and encryption, which enables an adversary to impersonate victims towards the network. We provide a proof-of-concept attack in a live network, where the adversary obtains an IP address at the victim's cost. Our work is an appeal to security as a holistic state, which requires not only secure specifications but also secure configurations.
KW - LTE Security
KW - Man-in-the-middle attack
KW - Misconfiguration
UR - http://www.scopus.com/inward/record.url?scp=85066764920&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85066764920&partnerID=8YFLogxK
U2 - 10.1145/3317549.3324927
DO - 10.1145/3317549.3324927
M3 - Conference contribution
AN - SCOPUS:85066764920
T3 - WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
SP - 261
EP - 266
BT - WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks
PB - Association for Computing Machinery, Inc
T2 - 12th Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2019
Y2 - 15 May 2019 through 17 May 2019
ER -