Hello, welcome to the Friday, August 14th, 2020 edition of the Science Center at Storm Center's Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Researchers from the Rur University in Bohum and the New York University of Abu Dhabi came up with an interesting attack to decrypt

LTE voice calls.

When you're using a cell phone to make a call over LTE, a stream cipher is being used to encrypt

the data.

And in order for this stream cipher to provide good security, a new key stream, which means a new

set of bytes has to be selected for each call in order to guarantee the confidentiality of this call.

Now, the technique being developed by these researchers forces reuse of a key stream, and with that

calls may be able to decrypt it. They call the attack re-vo-L-E-T-E, so essentially re-voice-O-L-T,

and publish the paper outlining how the attack works. Now, this is not a problem with the standard of voice over LTE,

but an implementation issue,

and they actually worked with the standard bodies

to make sure that carriers were able to fix the problem

before the paper was released. The problem that the paper

outlines is that vulnerable base stations, which means essentially the cell phone towers,

will reuse keys if two calls are being made using the same radio connection, so essentially

immediately following each other. And the way

this would be attacked is that an attacker observes a call being made from a handset to a certain

tower. Once that call ends, the attacker will immediately call the victim and then that key stream will be reused.

And of course, the attacker will know the plain text content of the second call and will be

able to use it to derive the key stream, which, since it's the same one as for the first call,

can then be used to decrypt

...