SBN

LTE and 5G Integrity attacks – An in-depth briefing

Even 5G networks are far from bulletproof

4G, Long Term Evolution (LTE) cellular networks, are currently providing the backbone of cellular communication and are leading in terms of active deployments. 5G based networks are in an advanced phase of deployment, expected to take an increasing part in cellular connectivity in the coming years.[i]

Significant efforts were devoted to the design of 4G to cope with major security issues threatening former cellular technologies (2G, 3G). Even more security enhancements were included in the design of 5G[ii] .

However, despite those efforts, recent publications reveal very effective attack methods, practically overcoming very significant security aspects of 4G networks and are applicable also to some deployments of 5G networks.

In this briefing, we provide a short description of those attacks, explain their effectiveness and give a general description of the unique capabilities of FirstPoint Mobile Guard solutions in applying protection to cellular devices as well as explaining how this solution is efficient in protecting also against these newly published threats.

Identity verification as a cornerstone of security

One of the specific security issues carefully handled by 4G, and also by 5G, is defining the process of mutual identification, which was designed to be attack resistant– the device identity is verified by the network and the network identity is verified by the device. The security of such mutual identity verification is crucial in the operation of a cellular network:

–           The assurance of the device identity is crucial for the network bill the user for services consumed and is also important to assure the legal liability of the user while using various services.

–        The verification of the network identity from the device perspective is essential in protection from Man-in-the-Middle type attacks (MitM). MiTM attacks are commonly carried out by attackers using a malicious fake cell-tower which assumes the identity of a genuine network towards the target device. Network identity verification aims to assure connectivity to a genuine network.

–           Mutual identity verification is also essential for applying encryption of the mobile communication channel to protect from eavesdropping. Initiating encryption requires an exchange of encryption keys – which is possible only once the identities of the parties are verified.

The verification process implemented in 4G and 5G is termed AKA – Authentication and Key Agreement.

As already mentioned above, in addition to the AKA protocol – the actual communication exchanged between the user and the network is protected for assuring the privacy of the information and for securing against a variety of attacks. The protection of communication is implemented in two levels:

–           Control plane communication is not only protected for privacy by applying encryption, but also protected against malicious modifications possibly applied by an attacker. This type of protection is termed “integrity protection” – assuring that the data reaching the destination was indeed generated by a legitimate source, and that no modifications were applied en route.

–           Actual content information is however only protected for privacy with encryption – no integrity protection is applied for the content data in 4G! 5G networks do enable also integrity verification for content data – but this is only optional and not mandatory.

The lack of integrity checks of content data is at the core of executing the attacks recently published.

3. Integrity based attacks

3.1 aLTEr attack

This attack was first published at the 2019 IEEE Symposium on Security & Privacy described in[iii]. It is implemented using a fake eNodeB (the 4G cell tower), acting as Man-in-The-Middle (MiTM): the attacked User Equipment (UE) is persuaded to connect to the network through this equipment, acting as a malicious relay. The researchers have named it “aLTEr attack”.

The vulnerability

The attacker, having access to the encrypted communication of the target UE, takes advantage of the fact that there is no integrity protection on this channel, and manipulates (or aLTErs..) the transmitted information so that the actual communication which arrives at the destination is actually fabricated by the attacker. Since the manipulation is performed on the encrypted channel, the attacker has to alter the communication is such a way so that desired content is produced after decryption. The process of performing this manipulation on the encrypted channel, without having access to the encryption key, is based on the fact that the attacker knows the clear (unencrypted) part of the communication which he intends to manipulate. The mechanism is as elaborated below.

The goal

The goal of the attack is to perform what is known as DNS spoofing. Domain Name Servers (DNS) are the Internet network elements that are responsible for resolving the textual internet addresses (URL) to numerical IP addresses. The attacker’s goal is to alter the IP address of the DNS query issued by the target UE so that the DNS request is routed to a malicious DNS server operated by the attacker. The fake DNS server thus replies maliciously to a request from the target about the IP address of a website to be accessed by the target, ending in the target accessing a malicious site operated by the attacker.

The mechanism

The actual attack is accomplished by the attacker changing the IP address of the DNS server in the query issued by the target device. As described above – the manipulation is performed while the communication is still encrypted. The attacker uses the fact that he or she knows the correct IP address of the legitimate DNS server, so once access is gained to the part in the communication carrying the encrypted true IP address, the attacker knows how to construct a false substitute that will result, once decrypted, in the IP address of the fake DNS server.

Such an attack could be very effective, overcoming the basic security capabilities of LTE and 5G, using the fact that no integrity protection was included.

3.2 The IMP4GT attack

The IMP4GT attack was published by the same researchers that published the aLTEr attack[iv].

The vulnerability

This attack is another step in the path used for implementing the aLTEr attack, taking advantage of the fact that there is no integrity protection of content data in 4G (and partially in 5G too).

The goal

The goal of this attack is much more far-reaching than the aLTEr – the attacker’s objective is to modify the IP identities of each of the parties: the victim device on the uplink or the network server identity on the downlink. The possible damages of such an attack are tremendous: the attacker can get access to any service, assuming the victim’s identity (uplink impersonation) or assume the identity of any legitimate service provider (downlink impersonation).

The mechanism

We provide here a very general description of the attack – for the full description, please refer to the detailed description published by the researchers. In addition to the fake eNodeB acting as a relay, this attack involves also several relay servers acting on the open internet. In addition to the lack of integrity check of the content data, the attack is also based on what is called a reflection mechanism of some internet protocols. This reflection mechanism creates a situation that for some specific protocols the response from a device includes a copy of some part of the request.

By cleverly utilizing this reflection feature, the attacker creates a situation in which the same node (the fake relay eNodeB), which is controlled by the attacker, includes copies of the encrypted and non-encrypted messages to be sent. The attacker takes advantage of this situation and manipulates the messages in both directions to reach the desired outcome: having the fake identity received at the destination (user device or network) after decryption.

Consequences

Implementing this attack means that the attacker can impersonate the identity of the victim device (towards the network) or the identity of the network server (towards the attacked device). This can have very severe consequences: the operators cannot rely on device identity for billing (as well as other service providers), The users can be held liable for activities (perhaps illegal activities) not performed by them, users can be attracted to receive malicious services from fake sites, and much more.

4. Network-based cellular protection, by FirstPoint

4.1. General architecture

FirstPoint’s solution is based on integration with the core network of the hosting MNO (Mobile Network operator). For data connectivity, FirstPoint’s solution provides connectivity functionality to the external Internet. This includes termination of the cellular internal IP connectivity tunnel (GTP – GPRS Tunneling Protocol) and assigning an external IP address to each connection (implementing NAS function). This GW functionality is achieved by implementing the P-GW functionality, or by providing LNS termination functions (dependent on the hosting MNO capabilities).

4.2 DNS related attacks protection

This unique approach positions the FirstPoint node as a true GW – one leg inside the cellular network, while the other leg is on the public Internet, is what enables FirstPoint’s unique protection capabilities including:

–           Enforcement of FirstPoint secure Domain Name Service (DNS) service to mobile subscribers providing protection against DNS hijacking, DNS poisoning, DNS Spoofing and DNS redirection by malware or even radio-based attacks.

–           DNSSEC (Domain Name System Security Extensions) backhaul/query forwarding.

–           Sanitation of DNS queries and responses versus threat intelligence databases.

4.3 From LTE to 5G and beyond

As mentioned, the new attacks described here, which are based on the lack of user data integrity protection, are applicable in LTE networks. Nevertheless, the same attacks are also relevant and applicable in 5G networks, if user data integrity, which is not mandatory, is not implemented.

As described above, the (lack of) integrity attacks described above, are based on redirection of user communication by implementing initially a DNS spoofing attack. This attack vector is completely eliminated by the FirstPoint solution.

References

[[i]]  GSMA The Mobile Economy 2019 https://www.gsmaintelligence.com/research/?file=b9a6e6202ee1d5f787cfebb95d3639c5&download

[[ii]]  5GAmericas The Evolution of Security in 5G https://www.5gamericas.org/wp-content/uploads/2019/08/5G-Security-White-Paper_8.15.pdf

[[iii] ] D. Rupprecht, K. Kohls, T. Holz, and C. P¨opper, “Breaking LTE on Layer Two,” in IEEE Symposium on Security & Privacy (SP). IEEE, 2019.

[[iv]] D. Rupprecht, K. Kohls, T. Holz, and C. P¨opper, “IMP4GT: IMPersonation Attacks in 4G NeTworks,” https://imp4gt-attacks.net/#paper

The post LTE and 5G Integrity attacks – An in-depth briefing appeared first on FirstPoint.


*** This is a Security Bloggers Network syndicated blog from Blog – FirstPoint authored by Adam Weinberg. Read the original post at: http://www.firstpoint-mg.com/blog/lte-and-5g-integrity-attacks-an-in-depth-briefing/