Explore the security vulnerabilities of Voice over LTE (VoLTE) and Voice over WiFi (VoWiFi) in this 35-minute conference talk from Hack.lu 2017. Delve into five different attacks on these IP Multimedia Subsystem (IMS)-based technologies, including sniffing interfaces, extracting IPSec keys from SIM cards, and performing injection attacks on Session Initiation Protocol (SIP) headers. Discover how these exploits can lead to information disclosures such as IMSI and IMEI leaks, user location exposure, and private IP address revelations. Learn about the extraction of ciphering and integrity keys used for IPSec from ISIM using specialized hardware. Examine three SIP header injection attacks enabling location manipulation and side channel attacks. Gain insight into the relevance of understanding and mitigating these vulnerabilities within current 3GPP standards used by telecom providers.
Overview
Syllabus
Hack.lu 2017 Are your VoLTE and VoWiFi calls secure? by Sreepriya Chalakkal
Taught by
Cooper