ReVoLTE – vulnerability allowing decryption and eavesdropping of 4G calls

ReVoLTE – vulnerability allowing decryption and eavesdropping of 4G calls

This attack vector is dubbed ReVoLTE by experts at the Ruhr University in Bochum, and it exists because of the practices of cellular operators who often use a single encryption key to protect multiple 4G calls within a single tower.

However, employees of the Ruhr University in Bochum have found that not all operators are conscientious about following the recommendations of the 4G standard. In particular, several calls can be protected at once with one encryption key.



Typically, this problem manifests itself at the cell tower level, which in most cases reuses the encryption key.

If we transfer the exploitation of this vulnerability to a real attack, then the attacker will be able to record the conversation between two subscribers using 4G for communication. Then, in order to fix the encryption key, the attacker will make the call himself. And later, the criminal will be able to decrypt the communication using the same encryption key.

A demonstration of the exploitation of the ReVoLTE attack vector is available in the video below:



Source: anti-malware

ORIGINAL PAGE – Go to open the original article



WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


43 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: