Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



07:30 AM
Larry Loeb
Larry Loeb
Larry Loeb

ToRPEDO Attack Surfaces to Hit 5G

GSMA had better start looking at ways around it, and fast.

In a paperto be presented at this week's Network and Distributed System Security Symposium in San Diego, researchers from Purdue University and the University of Iowa outline an attack on both 4G and the upcoming 5G mobile telephony protocols that can enable an adversary to verify a victim's coarse-grained location information, inject fabricated paging messages, and mount denial-of-service attacks.

When this attack (which they call ToRPEDO) is used as a subset of another attack, it can also reveal a victim device's persistent identity known as International Mobile Subscriber Identity (IMSI). But they didn't stop there.

They also found that on some 4G paging protocol deployments, an implementation oversight on the part of several network providers enabled an adversary to launch an attack (which they named PIERCER) that will associate a victim's phone number with its IMSI. That gives the attacker targeted user location tracking.

The specifics of how it all works gets pretty geeky pretty fast, so look at the paper if you want all the details and all the math.

In many ways, this kind of attack resembles the side-channel attacks that have shown up recently.

It starts with the Temporary Mobile Subscriber Identity (TMSI) that is randomly assigned to a device when in first enters a cell's area. An attacker would place multiple phone calls to the victim device in a short period of time and sniffs the paging messages. Enough TMSI messages (from the placed calls) over a short period of time says the victim is in the cell's area.

IMSIs can be represented as a 49-bit binary number. The leading 18-bits (the mobile country code and the mobile network code) can be found from a phone number using paid, Internet-based home location register lookup services.

The researchers say that, "Identifying the victim's paging occasion with ToRPEDO additionally leaks the trailing 7 IMSI bits for US subscribers leaving 24 bits for the attacker to guess. Using a brute-force attack and two oracles (one for 4G and another for 5G) we designed, the attacker can guess the victim's IMSI in less than 13 hours."

This latter attack is called IMSI-Cracking and will be used on encrypted IMSIs found on some 4G and 5G networks. It needs ToRPEDO to be carried out first.

One could try a defense against ToRPEDO by primarily focusing on either thwarting the root cause (that is, fixed paging times) of ToRPEDO or through the detection of its (behavioral) signature. The researcher found that both these approaches did not work. Instead, they came up with a countermeasure which prevents the adversary from retrieving accurate side channel information through the addition of noise.

The basic idea is to increase the paging rate of all paging occasions to a certain level so that the adversary would need a high number of silent calls to sufficiently differentiate the paging rate of victim's paging occasion from others. To pull that off, they propose that a node that injects new paging messages at the paging occasions for which the paging rate is relatively lower than the expected rate. The researchers found AT&T, Verizon, Sprint and T-Mobile were all vulnerable to ToRPEDO attacks.

Fixing the vulnerability requires major work by GSMA, an industry body that represents mobile operators. GSMA has not stated when a fix might be forthcoming.

While the researchers have not let a PoC out that could be misused by others, just knowing the attack vector is present may cause threat actors to try and exploit it. GSMA had better start looking at ways around it, and fast.

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-13
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying th...
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...
PUBLISHED: 2021-05-13
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.