3G protocols come up short in privacy, say researchers

Oct 11, 2012 by Nancy Owano report
Experimental Attack Setup. Credit: Nico Golde et al.

(Phys.org)—Researchers from the UK and Germany have found that 3G telephony systems pose a security weakness that results in threats to user privacy. The weakness makes it possible for stalkers to trace and identify subscribers. Their paper, "New Privacy Issues in Mobile Telephony: Fix and Verification," says that 3G systems come up short in preventing unauthorized parties from tracking the physical location of users "We have shown that the protocols are vulnerable to new privacy threats and that these threats lead to attacks that can be mounted in practice at low cost."

The authors, Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan of University of Birmingham, and Nico Golde, Kevin Redon, Ravishankar Borgaonkar of Ttechnische Universität Berlin and Laboratories, note a security timeline to 3G:

When 3G protocols were first introduced in 1999, the possibility of an active attack was remote, partly because of the high cost of the equipment that would have been required and the lack of open source implementations of the protocol stack. The possibility is no longer remote. They said that cheap base stations can be produced by programming USRP (Universal Software Radio Peripheral) boards. "These lower the cost of producing radio devices thanks to software emulation of specialized functions once executed by expensive hardware."

The researchers said that devices' physical locations could be identified at any time with relative ease, as the attacker does not need to know any keys, or to get involved with "fancy cryptography." Instead, the weaknesses involve errors in the protocol logic.

Encroachments on user could range from personal stalking to worker harassment to other kinds of spy operations, to commercial profiling.

The team tested phones on four networks and found they showed vulnerabilities. They tested networks of major operators , O2, SFR, and Vodafone. They showed that these were vulnerable to the researchers' attacks. The authors propose fixes in the paper that use public key cryptography.

"We used formal methods to show that the exposed privacy vulnerabilities could have been detected at design time. We developed and verified lightweight solutions to avoid the privacy vulnerabilities."

They noted that additional costs of using public-key cryptography are small.

"The solutions we propose show that privacy friendly measures could be adopted by the next generation of mobile telephony standards."

Explore further: Time Warner Cable says outages largely resolved (Update)

Related Stories

Apple, Google to attend hearing on mobile privacy

May 16, 2011

US lawmakers have invited Apple, Facebook and Google to attend a hearing on mobile phones and privacy on Thursday -- the second Capitol Hill appearance in a week for executives from Apple and Google.

Senator calls for smartphone app privacy policies

May 25, 2011

(AP) -- A key member of the Senate Judiciary Committee is challenging Apple Inc. and Google Inc. to require all developers that make apps for their mobile devices to adopt formal privacy policies.

Automated analysis of security-sensitive protocols

Oct 25, 2005

The sheer number and variety of security protocols for Internet applications under development makes it difficult to be sure that any one protocol is 100 per cent secure from attack. Now an automated tool can systematically ...

Scientists break satellite telephony security standards

Feb 08, 2012

Satellite telephony was thought to be secure against eavesdropping. German researchers at the Horst Gortz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB) have cracked the encryption algorithms of the European ...

Recommended for you

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Parsec
not rated yet Oct 11, 2012
When quantum computers fit on a thumbnail sized chip, even the current public/private key algorithms will no longer work.

Counting on the lack of technology to protect privacy will always be a fools errand in the end.

Please do not misunderstand. I use public/private key encryption techniques myself. There just isn't anything better today. But I wish there was.
Even with QC the size of a room, privacy problems could arise.
alfie_null
not rated yet Oct 12, 2012
What will service providers do?

This situation reminds me a little bit of back when cell phones were analog (FM for the audio). They used frequencies that could easily be listened to on radio scanners.

Cell service providers did not want to gain the reputation of not ensuring phone conversations were private. Their egregious solution was to get congress to pass a law making it illegal to manufacture radios that could receive those frequencies. Thus, potential customers were given the warm fuzzies, while no actual improvement in privacy was effected.

Every so often, I hear rumors of similar ill-thought efforts now-a-days. I can imagine, for instance, legislation restraining the use of FPGAs or high speed ADCs in radios. The kind of actions that won't effectively fix the problem, but will produce enormous collateral damage.
packrat
1 / 5 (1) Oct 12, 2012
What will service providers do?

This situation reminds me a little bit of back when cell phones were analog (FM for the audio). They used frequencies that could easily be listened to on radio scanners.


If you had an old fashioned tv where the uhf tuner dial was able to go across the entire range smoothly instead of stepped you could listen to cell phones without a problem. Quite a lot of other stuff too.