Mobile Phone Privacy?
September 13, 2019
Mobile devices are supposed to contain the best, reliable technology at the hands of an individual’s fingertips. Along with this great technology, we believe that our privacy and information are protected. The reason being is that we shell out huge amounts for the technology, pay a monthly bill, and expect the security to match the investment. Hackaday explains that is not the truth with the newest 5G technology in the article, “5G Cellphones Location Privacy Broken Before It’s Even Implemented.”
Our location information is one of the top things that is supposed to be secure on mobile devices, but the Authentication and Key Agreement (AKA) protocol has been broken at the most basic level since 3G, 4G, and 5G inceptions. What? Once upon a time when 3G was the latest craze, it was expensive to spoof cell phone towers and so difficult that that a device’s International Mobile Subscriber Identity (IMSI) was transmitted unencrypted. The new 5G does have a more secure version with asymmetric encryption and a challenge response protocol with sequential numbers to prevent replay attacks. However, there is a way to override this:
“This hack against the AKA protocol sidesteps the IMSI, which remains encrypted and secure under 5G, and tracks you using the SQN. The vulnerability exploits the AKA’s use of XOR to learn something about the SQN by repeating a challenge. Since the SQNs increment by one each time you use the phone, the authors can assume that if they see an SQN higher than a previous one by a reasonable number when you re-attach to their rogue cell tower, that it’s the same phone again. Since the SQNs are 48-bit numbers, their guess is very likely to be correct. What’s more, the difference in the SQN will reveal something about your phone usage while you’re away from the evil cell.”
Perhaps burner phones are a possible solution to some alleged 5G privacy issues?
Whitney Grace, September 13, 2019