A vulnerability that allows eavesdropping of interception and location information can be found in next generation communication '5 G'

In the wireless communication system used mainly for smartphones, standardization is aimed at " 4 th generation mobile communication system (4 G) " which is mainstream as of February 2019 aiming for higher capacity and higher speed communication There is " 5th generation mobile communication system (5G) " that is being done. Researchers point out that 4G and 5G "common vulnerability threatening the life of modern people was discovered for the first time".

(PDF file) Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information

New flaws in 4G, 5G allow attackers to intercept calls and track phone locations - TechCrunch

According to Said Rahf Hussein of Purdue University who is a coauthor of the paper, the defect found this time can be said to be able to attack even those who are not very familiar with computer algorithms.

One of the deficiencies of 4G and 5G communication is stated in the paper as being in the "paging protocol" where the carrier calls the terminal before the phone or mail arrives before the phone or mail arrives. It is possible to identify the location of the victim by confirming by activating only the internal paging message without repeating calling and cancellation in a short time without notifying the incoming call. Also, grasping the internal message will not only disguise the mail, but also the internal protocol itself jack.

By attacking the internal message, Hussein also says that it is possible to identify " IMEI (international mobile unit identification number) " assigned to each terminal. Furthermore, not only the current 4G, but also the next generation communication 5G compliant equipment, there is a danger of being identified from this vulnerability, and there is a possibility that the call and the mail may be intercepted.

According to Hussein, it is said that all of the four major telecommunications carriers in the United States are affected by attacks on paging messages, and that European and Asian networks have similar defects. Researchers seem to have not disclosed empirical code in view of the ease of attack etc. If this is demonstrated, it will be responsible for 4 G and future future which was said to be safer than the previous generation It can be said that it is a fatal vulnerability of Deaf 5G.

Mr. Hussein reported this defect to an industry organization representing mobile phone company · GSMA , and GSMA recognized this defect. The paper was published at the Symposium on Network and Distributed System Security to be held in San Diego from February 24, 2019, and the future reaction is seen.

in Software, Posted by log1e_dh