Putting LTE security functions to the test: A framework to evaluate implementation correctness

David Rupprecht, Kai Jansen, Christina Pöpper

Research output: Contribution to conferencePaperpeer-review


Long Term Evolution (LTE) is the most recent generation of mobile communications promising increased transfer rates and enhanced security features. It is todays communication technology for mobile Internet as well as considered for the use in critical infrastructure, making it an attractive target to a wide range of attacks. We evaluate the implementation correctness of LTE security functions that should protect personal data from compromise. In this paper, we focus on two security aspects: user data encryption and network authentication. We develop a framework to analyze various LTE devices with respect to the implementations of their security-related functions. Using our framework, we identify several security flaws partially violating the LTE specification. In particular, we show that i) an LTE network can enforce to use no encryption and ii) none of the tested devices informs the user when user data is sent unencrypted. Furthermore, we present iii) a Man-in-the-Middle (MitM) attack against an LTE device that does not fulfill the network authentication requirements. The discovered security flaws undermine the data protection objective of LTE and represent a threat to the users of mobile communication. We outline several countermeasures to cope with these vulnerabilities and make proposals for a long-term solution.

Original languageEnglish (US)
StatePublished - 2016
Event10th USENIX Workshop on Offensive Technologies, WOOT 2016 - Austin, United States
Duration: Aug 8 2016Aug 9 2016


Conference10th USENIX Workshop on Offensive Technologies, WOOT 2016
Country/TerritoryUnited States

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems
  • Software


Dive into the research topics of 'Putting LTE security functions to the test: A framework to evaluate implementation correctness'. Together they form a unique fingerprint.

Cite this