"Privacy on the Line: Boffins Break VoLTE Phone Security"

A group of academics from the Beijing University of Posts and Telecommunications and the University of Birmingham developed a telecom network attack that can reveal call metadata during VoLTE/VoNR conversations. Voice over LTE (VoLTE) is a packet-based telephony service that is an integral feature of the LTE standard and is widely used by the largest telecommunications operators. It is similar to Voice over New Radio (VoNR), a 5G variant of this technology. Using a stream cipher, VoLTE/VoNR encrypts voice data transmitted between the phone and the network. It was demonstrated to be vulnerable to a reused key attack three years ago. This enabled the development of the ReVoLTE attack, which exposes encrypted LTE calls. The data shared between mobile phones and cell towers continues to be poorly safeguarded at both the physical and data layers, as revealed by numerous earlier studies. The researchers have discovered a method for accessing encrypted call metadata, including VoLTE activity logs specifying call times, duration, and direction for mobile network conversations. The team's paper titled "Watching your call: Breaking VoLTE Privacy in LTE/5G Networks," explains how they were able to use this metadata to map phone numbers to LTE and 5G-SA anonymized network identifiers without being detected. This article continues to discuss the study on breaking VoLTE phone security in LTE/5G Networks. 

The Register reports "Privacy on the Line: Boffins Break VoLTE Phone Security"