We seek to understand and document all radio transmissions, legal and otherwise, as part of the radio listening hobby. We do not encourage any radio operations contrary to regulations. Always consult with the appropriate authorities if you have questions concerning what is permissible in your locale.

Author Topic: Eavesdropping on LTE Calls with a USRP Software Defined Radio  (Read 1801 times)

Offline Josh

  • DXing Phenomena
  • *******
  • Posts: 4322
    • View Profile
It turns out that many LTE carriers reuse the same keystream when two calls are made within a single radio connection. An attacker can then record an encrypted conversation, then immediately call the victim after that conversation. The attacker can now access the encrypted keystream, and as the keystream is identical to the first conversation, the first conversation can now be decoded.
https://www.rtl-sdr.com/eavesdropping-on-lte-calls-with-a-usrp-software-defined-radio/
We do not encourage any radio operations contrary to regulations.

Offline sat_dxer

  • DX Legend
  • ******
  • Posts: 2360
    • View Profile
Re: Eavesdropping on LTE Calls with a USRP Software Defined Radio
« Reply #1 on: August 23, 2020, 1523 UTC »
Thank you for wasting my time listening to another boring cellular phone conversation  :-X
Most times & frequencies posted are only an approximation.
Wishing the 1980's PopComm was still around.

 

HFUnderground T-Shirt
HFUnderground House Flag
by MitchellTimeDesigns