New vulnerability found in 3G, 4G and 5G protocols

A new vulnerability has been discovered in the upcoming 5G communication protocol. According to the researchers, this is a vulnerability that is worse than any of the previously found vulnerabilities that had an impact on the 3G and 4G standards. A fix must be rolled out by 2019 at the latest.

The vulnerability was described in the research paper New Privacy Threat on 3G, 4G and Upcoming 5G AKA Protocols and affects all commonly used communication standards today. Malicious parties can exploit those vulnerabilities by generating IMSI-catchers that work for just about any modern telephony protocol.

AKA abuses

According to the researchers, the vulnerability affects AKA, which stands for Authentication and Key Agreement, a protocol that provides authentication for a user’s phone and the mobile network to which a connection is made. The AKA protocol works by setting up keys that encrypt and unlock communication between the phone and the network.

IMSI-catcher devices focus on vulnerabilities in this protocol and cause AKA to become weakened. This allows the device to intercept the metadata in mobile traffic and track the location of smartphones. The AKA version designed for the 5G protocol was specifically designed with the idea of making IMSI catchers unusable. A stronger authentication system was designed for this purpose.

But the vulnerability discovered by academics from SINTEF Digital Norway, ETH Zurich and the Technical University in Berlin allows malicious people to create a new type of IMSI-catchers. This is a new type of IMSI catcher, which does not intercept the metadata of mobile traffic, but does reveal details about a user’s mobile activity. Think of the number that is used, but also the text messages and phone calls that come in.

In itself, it seems as if this vulnerability is not very bad, but as the researchers have made clear, it can be misused to follow politicians or embassy staff, for example.