Description: Radix Security’s mission is to enable everyone to build and use secure mobile networks. Therefore we training, consulting and tools. Tools like Radix SEAL allow you to test and secure your mobile network. network. We use AI and machine learning to provide you with the best possible security.
security (9992) certification (1953) 5g (688) 4g (437) lte (424) radix (69) security testing (69) mobile network (18) scas (13) campus network (10)
Ruhr-Universität Bochum & New York University Abu Dhabi
In mobile networks, mutual authentication ensures that the smartphone and the network can verify their identities. In LTE , mutual authentication is established on the control plane with a provably secure authentication and key agreement protocol. However, missing integrity protection of the user plane still allows an adversary to manipulate and redirect IP packets .
The IMP4GT (IMPersonation Attacks in 4G NeTworks) (/ˈɪmˌpæk(t)/) attacks exploit the missing integrity protection, and extend it with an attack mechanism on layer three which allows an attacker to impersonate a user towards the network and vice versa. We conduct two IMP4GT variants in a LTE commercial network and demonstrate how this completely breaks the mutual authentication of the user plane LTE and early 5G networks.