Prajwol Kumar Nakarmi

Srinath Potnuru, Prajwol Kumar Nakarmi

Telecom networks together with mobile phones must be rigorously tested for robustness against vulnerabilities in order to guarantee availability. RRC protocol is responsible for the management of radio resources and is among the most important telecom protocols whose extensive testing is warranted. To that end, we present a novel RRC fuzzer, called Berserker, for 4G and 5G. Berserker's novelty comes from being backward and forward compatible to any version of 4G and 5G RRC technical specifications. It is based on RRC message format definitions in ASN.1 and additionally covers fuzz testing of another protocol, called NAS, tunneled in RRC. Berserker uses concrete implementations of telecom protocol stack and is unaffected by lower layer protocol handlings like encryption and segmentation. It is also capable of evading size and type constraints in RRC message format definitions. Berserker discovered two previously unknown serious vulnerabilities in srsLTE -- one of which also affects openLTE -- confirming its applicability to telecom robustness.

Prajwol Kumar Nakarmi

Authentication and Key Agreement (AKA) is a type of security protocol, used in 3GPP mobile networks, that provides two security capabilities. The first capability, called authentication, is to cryptographically assert that a mobile phone or a network is indeed who it claims to be, and the second capability, called key agreement, is to put necessary cryptographic keys in place for protection of traffic between the mobile phone and the network. Jointly, these two capabilities lay the foundation of secure 3GPP mobile networks. From 2G-5G, there are eight main versions of AKA, details of which are spread over and embedded deep in multiple technical specifications. It is getting increasingly difficult to quickly check a certain property of a certain AKA, let alone grasp the full picture of all AKAs. Therefore, I have prepared cheatsheets for all AKA versions and listed their main properties. I hope these will benefit university students, security researchers, and 3GPP standardization community. I welcome any corrections and feedback.

John Preuß Mattsson, Prajwol Kumar Nakarmi

IMSI catchers have been a long standing and serious privacy problem in pre-5G mobile networks. To tackle this, 3GPP introduced the Subscription Concealed Identifier (SUCI) and other countermeasures in 5G. In this paper, we analyze the new SUCI mechanism and discover that it provides very poor anonymity when used with the variable length Network Specific Identifiers (NSI), which are part of the 5G standard. When applied to real-world name length data, we see that SUCI only provides 1-anonymity, meaning that individual subscribers can easily be identified and tracked. We strongly recommend 3GPP and GSMA to standardize and recommend the use of a padding mechanism for SUCI before variable length identifiers get more commonly used. We further show that the padding schemes, commonly used for network traffic, are not optimal for padding of identifiers based on real names. We propose a new improved padding scheme that achieves much less message expansion for a given $k$-anonymity.

Prajwol Kumar Nakarmi, Mehmet Akif Ersoy, Elif Ustundag Soykan et al.

In recent years, there has been an increasing interest in false base station detection systems. Most of these rely on software that users download into their mobile phones. The software either performs an analysis of radio environment measurements taken by the mobile phone or reports these measurements to a server on the Internet, which then analyzes the aggregated measurements collected from many mobile phones. These systems suffer from two main drawbacks. First, they require modification to the mobile phones in the form of software and an active decision to participate from users. This severely limits the number of obtained measurements. Second, they do not make use of the information the mobile network has regarding network topology and configuration. This results in less reliable predictions than could be made. We present a network-based system for detecting false base stations that operate on any 3GPP radio access technology, without requiring modifications to mobile phones, and that allows taking full advantage of network topology and configuration information available to an operator. The analysis is performed by the mobile network based on measurement reports delivered by mobile phones as part of normal operations to maintain the wireless link. We implemented and validated the system in a lab experiment and a real operator trial. Our approach was adopted by the 3GPP standardization organization.