CryptoDB
Cellular Radio “Null Ciphers” and Android
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Abstract: | Historically, the cryptographic algorithms used for ciphering and integrity-protection between mobile phones and cell towers intended to protect SMS, voice calls, etc ... have been shrouded in mystery. Additionally, there is a history of mobile phones accepting cellular connections with no or improperly configured cryptography (the “null cipher” problem, as it’s called in the field of cellular security) with users having little control over this. In an upcoming Android release, users will be able to choose to disable connecting to cell towers with no ciphering and integrity protection. This will be a talk about the history of null ciphers in cellular standards, their real life use in the field, how this problem space overlaps with fake base stations (aka “IMSI-catchers” or “Stingrays”), and an overview of how we’ve addressed these issues in an upcoming Android release, and some of the engineering challenges we faced. |
| Video: | https://youtu.be/WEjgFMuwIAc?t=1206 |
BibTeX
@misc{rwc-2023-35442,
title={Cellular Radio “Null Ciphers” and Android},
note={Video at \url{https://youtu.be/WEjgFMuwIAc?t=1206}},
howpublished={Talk given at RWC 2023},
author={Yomna Nasser},
year=2023
}