WiFi Calling: Revealing Downgrade Attacks and Not-so-private Private Keys

This conference talk from Black Hat reveals critical security vulnerabilities in VoWiFi (Wi-Fi Calling) implementations that affect at least 140 million cellular customers worldwide. Discover how researchers uncovered that many mobile operators were using only one of ten shared IPsec keys for their supposedly secure tunnels into core networks. Learn about dangerous downgrade attacks that allowed a major phone chipset manufacturer to reduce key lengths to just 768 bits—well below the 3GPP specification and considered breakable by resourceful attackers. The presentation, delivered by researchers Adrian Dabrowski, Gabriel Gegenhuber, Florian Holzbauer, and Philipp É. Frenzel from various academic institutions, examines how these vulnerabilities compromise the security of a technology that mobile operators use to externalize last-mile costs while maintaining call revenue. The 38-minute talk provides detailed insights into the technical aspects of these security flaws and their implications for cellular network security.