In order to track them down, the Bochum-based group has developed an app for Android devices. Still, it can't be ruled out that there are radio cells somewhere in the world where the vulnerability occurs. David Rupprecht gives the all-clear: "We then tested several random radio cells all over Germany and haven't detected any problems since then," he says. By now, the manufacturers and mobile phone providers have updated the software of the base stations to fix the problem. The security gap affected 80 per cent of the analysed radio cells. In order to determine how widespread the security gap was, the IT experts tested a number of randomly selected radio cells across Germany. Identifying relevant base stations via app "The longer the attacker talked to the victim, the more content of the previous conversation he or she was able to decrypt." For example, if attacker and victim spoke for five minutes, the attacker could later decode five minutes of the previous conversation. "The attacker has to engage the victim in a conversation," explains David Rupprecht. Accordingly, if an attacker called one of the two people shortly after their conversation and recorded the encrypted traffic from the same cell, he or she would get the same key that secured the previous conversation. "The problem was that the same key was also reused for other calls," says David Rupprecht.
When two people call each other, a key is generated to encrypt the conversation.
The vulnerability affects Voice over LTE, the telephone standard used for almost all mobile phone calls if they are not made via special messenger services. The relevant providers and manufacturers were contacted prior to the publication by now the vulnerability should be fixed. Katharina Kohls, and Professor Thorsten Holz from the Chair of Systems Security together with Professor Christina Pöpper from the New York University Abu Dhabi at the 29th Usenix Security Symposium, which takes place as an online conference from 12 to 14 August 2020. The results were published by the HGI team David Rupprecht, Dr.