ReVoLTE attack breaks the encryption on VoLTE calls.
Every year, we see a wide variety of attacks targeting different platforms. Some are done using the same old methods while some use completely new attack vectors unseen before.
Discovering one of the latter, a team of researchers has recently reported on a way to bypass the encryption of recorded calls made using the Voice over LTE (VoLTE) protocol.
To put matters into perspective, VoLTE is used by a very large number of people globally supporting over 1200 devices.
Dubbed as ReVoLTE, the technique exploits a flaw in the implementation found today of LTE by cellular network operators instead of a vulnerability in VoLTE itself.
See: New tool detects fake 4G cell phone towers
Talking about the flaw, it is centered around the apparent re-use of keystreams – characters that are used to encrypt a message – when 2 successive calls take place “during one active radio connection”[when connected to the same base station].
Watch the demo video:
[embedded content]
Therefore let’s suppose I make a call which the attackers want to eavesdrop on. In this scenario, as soon as I end my call, the attacker could make a second call from their end within seconds which would use the same keystream used during my first call and hence grant them the opportunity to know the keystream. Using this newly obtained information, they could now decrypt my first recorded call.
Howeve ..
Support the originator by clicking the read the rest link below.
