Professional Documents
Culture Documents
7
LTE Architecture
Communication Establishment and Security Algorithms
LTE Architecture
User Equipment
UE
9
LTE Architecture
Evolved Node B
UE
eNodeB
10
LTE Architecture
Mobility Management Entity
UE
eNodeB
MME
11
LTE Architecture
Home Subscriber Server
HSS
UE
eNodeB
MME
12
LTE Architecture
E-UTRAN EPC
Internet
HSS
UE
eNodeB
MME
3. AS Security Mode
Command (EEAX, EIAX)
14
Security Algorithms
3. AS Security Mode
Command (EEAX, EIAX)
15
Security Algorithms
3. AS Security Mode
Encoding Integrity Ciphering Algorithm
Command (EEAX, EIAX)
X000X000 EIA0 EEA0 NULL
X001X001 128-EIA1 128-EEA1 SNOW3G
Security algorithms are X010X010 128-EIA2 128-EEA2 AES
selected by the provider
X011X011 128-EIA3 128-EEA3 ZUC
16
Security Algorithms
UE Null Algorithms:
eNodeB
1a. Authentication and Key Agreement
MME
1b. Authentication
HSS
No Security
2. NAS Security Mode Command (EEAX, EIAX)
Information Request
3. AS Security Mode
Encoding Integrity Ciphering Algorithm
Command (EEAX, EIAX)
X000X000 EIA0 EEA0 NULL
X001X001 128-EIA1 128-EEA1 SNOW3G
Security algorithms are X010X010 128-EIA2 128-EEA2 AES
selected by the provider
X011X011 128-EIA3 128-EEA3 ZUC
17
NULL Algorithms
Null Integrity:
Emergency calls even
when no key is available
Encoding Integrity Ciphering Algorithm
X000X000 EIA0 EEA0 NULL
Null Encryption:
1. Ciphering indicator
2. SIM card flag
3. User interface
Encoding Integrity Ciphering Algorithm
X000X000 EIA0 EEA0 NULL
19
Framework
Design and Tests
Baseband
Security functions are
implemented on the Baseband
21
Approach
Reverse Engineering
CMP r0, r1
ADDGE r2, r2, r3
ADDLT r2, r2, r4
22
Approach
Reverse Engineering
CMP r0, r1
ADDGE r2, r2, r3
ADDLT r2, r2, r4
23
Approach
Reverse Engineering
Design Criteria
• Low-cost CMP r0, r1
• Automated testing ADDGE r2, r2, r3
ADDLT r2, r2, r4
• Portability
24
Approach
Fuzzing (our choice)
Test Cases Test Cases
Fuzzing of input Validation of output
Reverse Engineering
Design Criteria
• Low-cost CMP r0, r1
• Automated testing ADDGE r2, r2, r3
ADDLT r2, r2, r4
• Portability
25
Tests
• Undefined Values
• Sequence of Messages
• Ciphering Indicator with Null Encryption
26
Framework Architecture
27
Framework Architecture
28
Framework Architecture
29
Framework Architecture
30
Framework Architecture
Low-Cost Hardware
• Ettus B2X0
• BladeRF
• LimeSDR
Evaluation
Analysis Results
Results
None of the devices show the
Ciphering Indicator
33
Results
Null Integrity Algorithm:
Normal data connections
34
Results
Commercial
UE Attacker Network
1. Authentication and Key Agreement 1. Authentication and Key Agreement
35
Conclusion
Conclusion
Implementation Flaws can
Undermine the LTE Security
• No Ciphering Indicator
• Authentication procedure
Attacker
37
Conclusion
Implementation Flaws can LTE Security Testing
Undermine the LTE Security Framework
Attacker
38
Conclusion
Implementation Flaws can LTE Security Testing Standard Test of Security
Undermine the LTE Security Framework Functions
Attacker
39
Thank You! Questions?
Implementation Flaws can LTE Security Testing Standard Test of Security
Undermine the LTE Security Framework Functions
Attacker
40
UE HSS
eNodeB MME
K K
Attach Request
(IMSI)
Attach Accept
Attach Complete
Backup