Swiss Researchers Find 5G Security Gaps

Discussion in '[H]ard|OCP Front Page News' started by AlphaAtlas, Oct 10, 2018.

  1. AlphaAtlas

    AlphaAtlas Gawd Staff Member

    Messages:
    548
    Joined:
    Mar 3, 2018
    Swiss security researchers exposed gaps in the 5G AKA standard. Using a security protocol verification tool called Tamarin, the researchers ran the new wireless communication standard through a series of tests. Ralf Sasse, a senior scientist at ETH in Zurich, said their research "showed that the standard is insufficient to achieve all the critical security aims of the 5G AKA protocol. It is therefore possible for a poor implementation of the current standard to result in users being charged for the mobile phone usage of a third party." While the researchers say there are significant security improvements over existing 3G and 4G protocols, there are still gaps that can expose a user's location.

    As Basin's team determined, data protection will be improved significantly with the new protocol in comparison with 3G and 4G technologies. In addition, 3GPP succeeded in closing a gap with the new standard that had previously been exploited by IMSI catchers. With these devices, the International Mobile Subscriber Identity (IMSI) of a mobile phone card can be read to determine the location of a mobile device. To achieve this, the device masquerades as a radio station in order not to be caught by the mobile phone. "This gap is closed with the 5G AKA. However, we have determined that the protocol permits other types of traceability attacks," explains senior scientist and co-author Lucca Hirschi. In these attacks, the mobile phone does not send the user's full identity to the tracking device, but still indicates the phone's presence in the immediate vicinity. "We assume that more sophisticated tracking devices could also be dangerous for 5G users in the future," adds Hirschi. If the new mobile communication technology is introduced with these specifications, it may lead to numerous cyber attacks. Basin's team is thus in contact with 3GPP, in order to jointly implement improvements in the 5G AKA protocol.
     
  2. sfsuphysics

    sfsuphysics I don't get it

    Messages:
    13,164
    Joined:
    Jan 14, 2007
    "there are still gaps that can expose a user's location."
    ...
    "That's not a security gap, that's a feature!" said the NSA representative.
     
    Spidey329 and mynamehere like this.
  3. Jovian

    Jovian Limp Gawd

    Messages:
    345
    Joined:
    Jun 8, 2004
    Better to find this stuff now, but still a little late as a lot of rollout has already been started.
     
  4. katanaD

    katanaD [H]ard|Gawd

    Messages:
    1,604
    Joined:
    Nov 15, 2016
    AKA... really, could not find an acronym that isnt already in wide use with a different meaning??
     
  5. theBrownLlama

    theBrownLlama Gawd

    Messages:
    558
    Joined:
    Aug 3, 2017
    all for naft if a user turning off 5G or wireless does not actually turn it off. Call it a 'bug'
     
Tags: