Gabriel Gegenhuber @ Black Hat Europe 2024

Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

January 22, 2025

In December, our colleague Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Adrian Dabrowski (FH Campus Wien) held a talk together on WiFi Calling: Revealing Downgrade Attacks and Not-so-private private Keys at Black Hat Europe 2024.

Abstract

VoWiFi (aka Wi-Fi Calling) is a convenient way for the customer to get better cell coverage while also externalizing the costs for the last mile to the customer without losing call revenue. On a technical level, this is standardized by using IPsec tunnels directly into the mobile network operator’s core network.

We found that for years, at least 140 million cellular customers worldwide were only using one of ten IPsec keys. Furthermore, a major phone chipset manufacturer allowed downgrades to key lengths well below the 3GPP specification: 768 bits, which is widely considered inadequate for a resourceful attacker.

Links

Black Hat Europe 2024
Presentation Slides
Corresponding papers and open source projects

News