Signaling Vulnerabilities in Wiretapping Systems
IEEE Security and Privacy
Security, Wiretapping, and the Internet
IEEE Security and Privacy
Risking Communications Security: Potential Hazards of the Protect America Act
IEEE Security and Privacy
On the (un)reliability of eavesdropping
International Journal of Security and Networks
Exploiting open functionality in SMS-capable cellular networks
Journal of Computer Security
IEEE Spectrum
Wiretap-proof: what they hear is not what you speak, and what you speak they do not hear
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Although modern communications services are susceptible to third-party eavesdropping via a wide range of possible techniques, law enforcement agencies in the US and other countries generally use one of two technologies when they conduct legally-authorized interception of telephones and other communications traffic. The most common of these, designed to comply with the 1994 Communications Assistance for Law Enforcement Act(CALEA), use a standard interface provided in network switches. This paper analyzes the security properties of these interfaces. We demonstrate that the standard CALEA interfaces are vulnerable to a range of unilateral attacks by the intercept target. In particular, because of poor design choices in the interception architecture and protocols, our experiments show it is practical for a CALEA-tapped target to overwhelm the link to law enforcement with spurious signaling messages without degrading her own traffic, effectively preventing call records as well as content from being monitored or recorded. We also identify stop-gap mitigation strategies that partially mitigate some of our identified attacks.