Critical Flaw in Voice Over Wi-Fi Allows Eavesdropping

Home/BOTNET, Compromised, Evilproxy, Exploitation, Security Advisory, Security Update, vulnerability/Critical Flaw in Voice Over Wi-Fi Allows Eavesdropping

Critical Flaw in Voice Over Wi-Fi Allows Eavesdropping

Voice Over Wi-Fi (VoWiFi) is commonly used for making voice calls over Wi-Fi, improving call quality and reliability. Recently, cybersecurity researchers discovered a vulnerability in VoWiFi that allows attackers to eavesdrop on calls and SMS.

Voice Over Wi-Fi flaw

Voice over Wi-Fi (VoWiFi) uses IPsec tunnels to route IP-based calls through mobile network operators’ core networks via the Evolved Packet Data Gateway (ePDG).

The process involves negotiating encryption parameters and exchanging keys via the Internet Key Exchange protocol, followed by authentication. VoWi-Fi enhances coverage and saves costs by providing cellular network access without traditional radio networks.

However, many operators still use outdated Diffie-Hellman groups, ignore 3GPP specs, and share private keys across regions, raising security concerns.

These vulnerabilities risk exposing VoWiFi communications to MITM attacks, compromising data integrity and confidentiality. Security practices in VoWiFi are assessed by examining carrier configurations on various smartphone platforms.

Devices like iPhones and Android models may use outdated or weak cryptographic algorithms, such as the insecure DH21024 group.

Apple uses single-algorithm settings for VoWiFi, while Android supports multiple options. Key lifetimes of 10 to 24 hours may allow for attacks.

This highlights the need for standardized VoWiFi configurations. An analysis of Internet Key Exchange (IKE) handshakes revealed vulnerabilities: 275 of 423 tested ePDG domains responded, and 33 rejected all key exchange methods.

Most alarmingly, session security was compromised as 12 operators shared ten static private keys, allowing decryption of session secrets. Poor practices, such as handshake and nonce reuse, violate IKEv2 specifications. These findings expose systemic flaws in VoWiFi, increasing vulnerability to man-in-the-middle attacks and underscoring the need for improved security measures in VoWiFi protocols.

Recommendations for Addressing Voice Over Wi-Fi Flaws:

  1. Update Cryptographic Algorithms: Transition from outdated algorithms and weak Diffie-Hellman groups to more secure, modern algorithms.
  2. Implement Strong Key Management: Avoid sharing static private keys across operators and ensure unique key management practices to prevent decryption of session secrets.
  3. Enhance Configuration Standards: Standardize VoWiFi configurations across manufacturers and operators to ensure consistent security practices and reduce vulnerabilities.
  4. Regularly Update Firmware: Ensure that all devices use the latest firmware versions to address known vulnerabilities and apply security patches promptly.
  5. Improve Security Practices: Adhere strictly to IKEv2 specifications to prevent handshake and nonce reuse, which can lead to security breaches.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 270
By | 2024-08-19T22:17:58+05:30 August 5th, 2024|BOTNET, Compromised, Evilproxy, Exploitation, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!