LTE & IMSI Catcher Myths

Presented at Black Hat Europe 2015, Unknown date/time (Unknown duration)

It is true that LTE (4G) is more secure than its old generations GSM (2G) & UMTS (3G). In theory, most of the traditional IMSI catchers would not work in a straightforward manner against LTE-based mobile phones due to LTE's enhanced security mechanisms. However, in practice, it is possible to bypass these LTE security features, due to vulnerabilities in baseband software and in deployed LTE networks. In this talk, we build an LTE IMSI catcher and show how most popular phones fail when they are on LTE networks.

Presenters:

• Jean-Pierre Seifert - TU Berlin and T-Labs
  Jean-Pierre Seifert is a Professor at TU Berlin. In parallel he leads the security research at T-Labs, the R&D Labs of Deutsche Telekom AG. His research interest lies in the area of Computer & Communication Security with an emphasis on Hardware and Telecommunication Security.
• Valtteri Niemi - University of Helsinki, Finland and University of Turku, Finland
  Valtteri Niemi is a Professor of Computer Science at University of Helsinki and Professor of Mathematics in University of Turku. His main research areas are wireless security, applied cryptography and privacy. Niemi was the chairman of 3GPP security group during 2003-2009.
• N. Asokan - Aalto University and University of Helsinki
  Asokan is a professor of computer science at Aalto University and University of Helsinki. He leads the Secure Systems research group and is the lead academic PI for ICRI-SC in Finland.
• Altaf Shaik - TU Berlin
  Altaf Shaik recently started his PhD at security in the telecommunication's department at TU Berlin and he primarily works on LTE security aspects.
• Ravishankar Borgaonkar - Aalto University
  Ravishankar Borgaonkar works as a Senior Researcher in Secure Systems Department at Aalto University & at ICRI-SC. His research themes are related to mobile telecommunication and involved security threats. This ranges from GSM/UMTS/LTE network security to end-user device security. Ravishankar's research has previously been presented at the Black Hat, Hack In The Box, Ruxcon, Troopers, T2, and HES.

Links:

• https://www.blackhat.com/eu-15/briefings.html#lte-and-imsi-catcher-myths
• https://infocon.org/cons/Black Hat/Black Hat Europe/Black Hat Europe 2015/Videos/LTE & IMSI Catcher Myths.mp4
• https://infocon.org/cons/Black Hat/Black Hat Europe/Black Hat Europe 2015/Videos/LTE & IMSI Catcher Myths.srt (subtitles)
• https://www.youtube.com/watch?v=t6q97Vzu5Uk
• https://www.blackhat.com/docs/eu-15/materials/eu-15-Borgaonkar-LTE-And-IMSI-Catcher-Myths.pdf
• https://www.blackhat.com/docs/eu-15/materials/eu-15-Borgaonkar-LTE-And-IMSI-Catcher-Myths-wp.pdf

Similar Presentations:

• DEF CON 23 (2015) / Scared Poopless - LTE and *your* laptop
• Black Hat USA 2018 / LTE Network Automation Under Threat
• ShmooCon XII (2016) / LTE Security and Protocol Exploits