Encrypting VoLTE communication via baseband firmware extension

Yao Wang; Wencong Han; Lianfang Wang; Lu Liu; Xiao Yu

doi:10.1007/978-3-030-37337-5_5

Encrypting VoLTE communication via baseband firmware extension

Yao Wang, Wencong Han, Lianfang Wang, Lu Liu^*, Xiao Yu

^*Corresponding author for this work

School of Physics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

VoLTE is a technology carried on 4G network by RTP, and realizes the unification of data and voice communication. At the same time, it also faces the vulnerability of wireless communication. This paper proposes a HOOK-based method to modify the mobile phone baseband to implement end-to-end encrypted VoLTE calls. The experiment first builds a framework with assembly code, which can hook the process functions for sending and receiving packet, in order to capture the RTP data packet and inject the encryption and decryption patch function. Then through the analysis of the data packet, the key agreement and extension using the packet header is completed by C language. The automatic voice data encryption with AES 256 algorithm is realized through the library functions in the baseband. In conclusion, the experiment implements a one-time pad encryption mechanism to ensure VoLTE communication security, so that even if a third party intercepts the data packet, the information cannot be leaked.

Original language	English
Title of host publication	Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings
Editors	Jaideep Vaidya, Xiao Zhang, Jin Li
Publisher	Springer
Pages	45-56
Number of pages	12
ISBN (Print)	9783030373368
DOIs	https://doi.org/10.1007/978-3-030-37337-5_5
Publication status	Published - 2019
Event	11th International Symposium on Cyberspace Safety and Security, CSS 2019 - Guangzhou, China Duration: 1 Dec 2019 → 3 Dec 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11982 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Symposium on Cyberspace Safety and Security, CSS 2019
Country/Territory	China
City	Guangzhou
Period	1/12/19 → 3/12/19

Keywords

Android
Baseband firmware
Communication encryption
RTP

Access to Document

10.1007/978-3-030-37337-5_5

Cite this

Wang, Y., Han, W., Wang, L., Liu, L., & Yu, X. (2019). Encrypting VoLTE communication via baseband firmware extension. In J. Vaidya, X. Zhang, & J. Li (Eds.), Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings (pp. 45-56). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11982 LNCS). Springer. https://doi.org/10.1007/978-3-030-37337-5_5

Wang, Yao ; Han, Wencong ; Wang, Lianfang et al. / Encrypting VoLTE communication via baseband firmware extension. Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings. editor / Jaideep Vaidya ; Xiao Zhang ; Jin Li. Springer, 2019. pp. 45-56 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{35c80cf3e87c41cb8c0369167c26dc15,

title = "Encrypting VoLTE communication via baseband firmware extension",

abstract = "VoLTE is a technology carried on 4G network by RTP, and realizes the unification of data and voice communication. At the same time, it also faces the vulnerability of wireless communication. This paper proposes a HOOK-based method to modify the mobile phone baseband to implement end-to-end encrypted VoLTE calls. The experiment first builds a framework with assembly code, which can hook the process functions for sending and receiving packet, in order to capture the RTP data packet and inject the encryption and decryption patch function. Then through the analysis of the data packet, the key agreement and extension using the packet header is completed by C language. The automatic voice data encryption with AES 256 algorithm is realized through the library functions in the baseband. In conclusion, the experiment implements a one-time pad encryption mechanism to ensure VoLTE communication security, so that even if a third party intercepts the data packet, the information cannot be leaked.",

keywords = "Android, Baseband firmware, Communication encryption, RTP",

author = "Yao Wang and Wencong Han and Lianfang Wang and Lu Liu and Xiao Yu",

note = "Publisher Copyright: {\textcopyright} 2019, Springer Nature Switzerland AG.; 11th International Symposium on Cyberspace Safety and Security, CSS 2019 ; Conference date: 01-12-2019 Through 03-12-2019",

year = "2019",

doi = "10.1007/978-3-030-37337-5_5",

language = "English",

isbn = "9783030373368",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "45--56",

editor = "Jaideep Vaidya and Xiao Zhang and Jin Li",

booktitle = "Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings",

address = "Germany",

}

Wang, Y, Han, W, Wang, L, Liu, L & Yu, X 2019, Encrypting VoLTE communication via baseband firmware extension. in J Vaidya, X Zhang & J Li (eds), Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11982 LNCS, Springer, pp. 45-56, 11th International Symposium on Cyberspace Safety and Security, CSS 2019, Guangzhou, China, 1/12/19. https://doi.org/10.1007/978-3-030-37337-5_5

Encrypting VoLTE communication via baseband firmware extension. / Wang, Yao; Han, Wencong; Wang, Lianfang et al.
Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings. ed. / Jaideep Vaidya; Xiao Zhang; Jin Li. Springer, 2019. p. 45-56 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11982 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Encrypting VoLTE communication via baseband firmware extension

AU - Wang, Yao

AU - Han, Wencong

AU - Wang, Lianfang

AU - Liu, Lu

AU - Yu, Xiao

PY - 2019

Y1 - 2019

N2 - VoLTE is a technology carried on 4G network by RTP, and realizes the unification of data and voice communication. At the same time, it also faces the vulnerability of wireless communication. This paper proposes a HOOK-based method to modify the mobile phone baseband to implement end-to-end encrypted VoLTE calls. The experiment first builds a framework with assembly code, which can hook the process functions for sending and receiving packet, in order to capture the RTP data packet and inject the encryption and decryption patch function. Then through the analysis of the data packet, the key agreement and extension using the packet header is completed by C language. The automatic voice data encryption with AES 256 algorithm is realized through the library functions in the baseband. In conclusion, the experiment implements a one-time pad encryption mechanism to ensure VoLTE communication security, so that even if a third party intercepts the data packet, the information cannot be leaked.

AB - VoLTE is a technology carried on 4G network by RTP, and realizes the unification of data and voice communication. At the same time, it also faces the vulnerability of wireless communication. This paper proposes a HOOK-based method to modify the mobile phone baseband to implement end-to-end encrypted VoLTE calls. The experiment first builds a framework with assembly code, which can hook the process functions for sending and receiving packet, in order to capture the RTP data packet and inject the encryption and decryption patch function. Then through the analysis of the data packet, the key agreement and extension using the packet header is completed by C language. The automatic voice data encryption with AES 256 algorithm is realized through the library functions in the baseband. In conclusion, the experiment implements a one-time pad encryption mechanism to ensure VoLTE communication security, so that even if a third party intercepts the data packet, the information cannot be leaked.

KW - Android

KW - Baseband firmware

KW - Communication encryption

KW - RTP

UR - http://www.scopus.com/inward/record.url?scp=85078518732&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-37337-5_5

DO - 10.1007/978-3-030-37337-5_5

M3 - Conference contribution

AN - SCOPUS:85078518732

SN - 9783030373368

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 45

EP - 56

BT - Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings

A2 - Vaidya, Jaideep

A2 - Zhang, Xiao

A2 - Li, Jin

PB - Springer

T2 - 11th International Symposium on Cyberspace Safety and Security, CSS 2019

Y2 - 1 December 2019 through 3 December 2019

ER -

Wang Y, Han W, Wang L, Liu L, Yu X. Encrypting VoLTE communication via baseband firmware extension. In Vaidya J, Zhang X, Li J, editors, Cyberspace Safety and Security - 11th International Symposium, CSS 2019, Proceedings. Springer. 2019. p. 45-56. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-37337-5_5

Encrypting VoLTE communication via baseband firmware extension

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this