00:00:00.334-->00:00:06.273 >>Alright so um, this is the point where you see the scary talk and at the end you probably 00:00:06.273-->00:00:12.212 turn your phone off. Um. So these guys have presented for us before they've uh they've done 00:00:12.212-->00:00:17.084 some amazing research uh very uh... Kind of like they did last year which was a really, really 00:00:17.084-->00:00:20.754 cool talk. I think you guys are in for a real treat. Let's give these guys a big hand! 00:00:27.794-->00:00:31.665 [Applause] >> Thank you. Thank you guys, I really appreciate it. Uh there's so many people. 00:00:31.665-->00:00:38.305 So last year uh, my team have, uh had about three presentations, and uh we got GPS 00:00:38.305-->00:00:43.310 spoofing, ... , and we got uh you know the ZigBee and uh I'm really happy to be standing here 00:00:46.246-->00:00:51.251 right again, and um you know, share something. So, Here's my talk, and uh this is LTE 00:00:56.757-->00:01:01.695 redirection so people will know about uh, we, uh people will know about, you know, LTE is 00:01:04.564-->00:01:10.837 four generation, fourth generation but people think it's more secure than the two 00:01:10.837-->00:01:15.842 generation and the third generation. So, today let's uh learn how to break it. 00:01:20.681-->00:01:25.352 [Laughter] And uh my name is Haoqi Shan and uh here is my colleague and his name is 00:01:25.352-->00:01:30.357 Wanqiao. So we come from the Qihoo 360 and the Unicorn Team. Uh, our team are focusing on you 00:01:32.693-->00:01:37.698 know, cellular security issues in about uh wireless system and embedded hardware, hardware so 00:01:41.735-->00:01:46.740 uh... This is a topic, uh this topic is about LTE network. Uh it's uh, we will show you how to 00:01:50.177-->00:01:56.850 force a target LTE cell phone uh, into a specific unsafe network so uh, but don't worry. 00:01:56.850-->00:02:01.788 We didn't bring the device so your phone is still safe. Uh... So fourth generation network is 00:02:07.828-->00:02:14.768 more advanced than uh, is more advanced more than second generation and third generation. 00:02:14.768-->00:02:19.773 But, absolutely, it's not absolutely secure so there are already some papers um, uh that 00:02:25.445-->00:02:30.450 shows how to expose those vulnerabilities of LTE networks and one of them has, uh one of 00:02:32.652-->00:02:37.657 them is the presentations in the last year, and uh, if you guys had listened to it, it's on the 00:02:40.761-->00:02:45.766 Blackhat Europe, yeah. So this presentation introduced the LTE IMSI catcher and the LTE 00:02:48.135-->00:02:53.140 cellphones check in and the DOS attack, DOS attack of you LTE cellphone so, uh let my 00:02:56.710-->00:03:01.648 colleague show you how to break you LTE cellphone network and uh, in detail. Please. >>Hello, 00:03:06.486-->00:03:12.826 glad to see you, my name is Wanqiao and to start with, let's have a look at the two common 00:03:12.826-->00:03:19.132 attacks against LTE network. The first one is IMSI catcher. How does this work? From this 00:03:19.132-->00:03:25.505 picture we can see the left tower is a real LTE network base station which is controlled by 00:03:25.505-->00:03:31.445 operators. While the right one is the fake LTE base station which cover a- which covers a 00:03:31.445-->00:03:36.450 small space. Okay, when the cell phone comes into the area of the fake LTE network it will 00:03:39.619-->00:03:44.624 immediately ask it to reported its IMSI number by the fake base station. Okay. While you know 00:03:47.561-->00:03:51.932 the IMSI number stands for the use of sorry- well you know the IMSI number stands for the user 00:03:51.932-->00:03:56.937 identifier which can use location and moments. This kind of device is mostly used by 00:04:02.142-->00:04:07.147 national security departments to check criminal suspects. Also here is there are some illegal 00:04:09.282-->00:04:14.287 casinos to use it for raising alerts when some strangers approach. Well, the other attack 00:04:16.623-->00:04:22.929 is called a denial of service attack. After fake base station gets the IMSI number with caller 00:04:22.929-->00:04:28.902 cell phone it can do further attack to cell phone. It can send a reject message such as, 00:04:28.902-->00:04:35.575 you are illegal cell phone or there is no available network. Well when the cell phone gets 00:04:35.575-->00:04:41.882 this kind of message, it usually turns into the no service status for a very long time. What's 00:04:41.882-->00:04:47.521 more, some cell phone can only recover by rebooting. But different kinds of cell phones 00:04:47.521-->00:04:53.760 react in different manners. According to the experiments we have take, the old iPhones and 00:04:53.760-->00:04:58.765 the majority of Android system cell phones are influenced by their re-learnable elements. 00:05:01.134-->00:05:06.439 Okay, now let's take a look at the new attack we've been working on. Uh the picture 00:05:06.439-->00:05:12.879 shows, there are two fake network. One, the LTE base station while the other is a GSM 00:05:12.879-->00:05:17.884 fake base station. When the cell phone approach them, then the uh, it firstly attach in the 00:05:21.555-->00:05:26.560 malicious LTE base station. Then the uh- auto- then the malicious LTE base station will tell the 00:05:29.462-->00:05:36.269 phone 'Go to my GSM network' Okay, the cell phone has to follow its command and enters 00:05:36.269-->00:05:41.975 into the malicious GSM network. Well when the cell phone enters uh, the malicious GSM network, 00:05:41.975-->00:05:46.980 the malicious GSM network, the attackers could do further attacks such as eavesdropping on 00:05:51.618-->00:05:56.623 conversations, intercepting the SMS, or analyzing bit traffic. Here is the demonstration 00:06:00.193-->00:06:06.967 platform we've developed to modify the redirection attack. There are two computers with the 00:06:06.967-->00:06:11.972 USRP piece. The right one is the, a mini desktop computer with a USRP B210 and it runs an 00:06:16.776-->00:06:21.781 open RT program and it creates a fake LTE network. Well the left one is uh, Apple Mac laptop with 00:06:25.452-->00:06:30.457 a USRP B200 mini running the open BTS program. Ok, let's show the video... >>It's downloaded 00:06:37.764-->00:06:42.769 video so we can't put it in our powerpoint, so let's play it for you. It's just one minute. >> 00:06:59.452-->00:07:04.391 Okay, you know the LTE uh, the cell phone from the real 4g network to the fake 4g network 00:07:08.862-->00:07:13.867 to- and then down to the GSM network at uh, a the faster processor so it very difficult 00:07:18.138-->00:07:23.143 to show this supervision. ay attention to this short video. It lasts only one minute. Okay 00:07:27.147-->00:07:32.152 now lets take the computer with 2g fake network. Okay we can see the IMSI number from the fake 00:07:37.090-->00:07:42.095 network. Now, yeah? Okay, in this video we utilized the open BTS to build a fake network 00:08:12.192-->00:08:17.764 which means the cell phone can't connect to the internet. In other words, it loses connection 00:08:17.764-->00:08:24.471 with the real world. But, the fake networks still can do some malicious attacks, such as 00:08:24.471-->00:08:30.343 making a call or sending SMS with any calling numbers. Okay besides, there is a more 00:08:30.343-->00:08:35.348 advanced attack. This attack utilized open- uh Femto cell, yeah a rogue network uh, the 00:08:38.385-->00:08:45.392 picture shows. This is uh- already hacked by our team. This is the femto cell and it was 00:08:45.392-->00:08:50.397 already hacked by our team. Last year, my partner Haoqi had given a presentation about how to hack 00:08:53.133-->00:08:58.138 this femto cell and uh- and you know the femto cell can connect to the operators real network 00:09:00.940-->00:09:07.747 uh- but it can also controlled by attacker's, then the attacker can eavesdrop all the traffic 00:09:07.747-->00:09:12.752 including voice and data. Such rogue femto cell can be 2g or even 3g. Okay let's- now let's 00:09:15.221-->00:09:20.226 go further into the protocol to see how this attack is realized. Here is the LTE basic procedure. 00:09:24.764-->00:09:29.769 When the cell phone is powered on, it firsts searches the cell around it and with choose the 00:09:31.938-->00:09:36.943 cell with uh- the strongest signal to attach. In this case, the cell phone will initiate an 00:09:40.413-->00:09:47.120 RRC connection or will do connection, the cell phone will send attach request, a message 00:09:47.120-->00:09:53.426 to start authentication. Okay when the authentication procedure finished the RRC 00:09:53.426-->00:09:58.431 connection will enter a status with the cur- will enter the uh- will enter the status- ok- enter 00:10:05.605-->00:10:11.845 the status with integrity and deciphering protection. In other words, the base station and the 00:10:11.845-->00:10:17.517 cell phone will establish a security network service, but before this step, all the 00:10:17.517-->00:10:22.522 messages are not encrypted, so this unauthorized part is the attack space. Yeah? The blue 00:10:24.624-->00:10:29.629 signalings. Let's see how to realize IMSI catcher from the signaling process. Now we 00:10:32.298-->00:10:37.303 presume our uh- the phone is staying in the operators network through a setup fake network 00:10:40.473-->00:10:46.679 around it. Then it finds a better cell, the fake cell, and try to connect to it. To avoid 00:10:46.679-->00:10:51.684 easily exposing the cell for itself, it will not directly send the IMSI number, but uh- 00:10:54.754-->00:11:00.226 send a tracking area update request with a TMSI number. The TMSI number stands for the 00:11:00.226-->00:11:06.399 temporary mobile subscriber identity which is decided by the base station. If this is a 00:11:06.399-->00:11:11.404 normal cell reselection from a normal network, then the base station should know the TMSI 00:11:13.706-->00:11:20.480 number and then can play it- tracking area updating. But obviously uh- fake LTE base 00:11:20.480-->00:11:27.320 station doesn't know the cell phone's identity so it sends back a tracking area update 00:11:27.320-->00:11:32.926 reject message. At the same time, this message will come with a reason: why network 00:11:32.926-->00:11:39.566 refused cell phone's request. There are many kinds of causes for refusal. And each cause has 00:11:39.566-->00:11:46.072 a number. If we send the cause number 9 to cell phone which it is uh- describe in the 00:11:46.072-->00:11:52.512 specification, your identity can't be derived by the network, then the cell phone will 00:11:52.512-->00:11:59.385 initiate the attach procedure by sending attach request. This message contains information 00:11:59.385-->00:12:04.324 what the attackers want, yes, the IMSI number. We already know that there are many kinds of 00:12:08.228-->00:12:13.233 causes for refusal. Where will we get- when we get the IMSI number we can do further attack 00:12:15.234-->00:12:21.207 through the next message. In this case, we can send attach reject with some special causes. 00:12:21.207-->00:12:28.147 Here are several- uh here are several causes for typical DOS attack: number 3, number 7, 00:12:28.147-->00:12:34.320 number 8 and number 14. Cause number 3 means illegal EOE. Cause number 7 means EPS service 00:12:34.320-->00:12:36.322 is not allotted. While cause number 8 means EPS service and non EPS service are not 00:12:36.322-->00:12:41.327 allotted. Cause number 14 means EPS service are not allotted in this PRMM. All of this causes 00:12:50.169-->00:12:55.174 mainly the cell phone to shut down their modem and keep off for a very long time. Okay, the 00:12:57.910-->00:13:02.849 third attack, RRC redirection follows the attack reject message. From this picture we 00:13:05.084-->00:13:10.089 can see the red words, yeah? The malicious network sends a RRC connection release message 00:13:13.426-->00:13:18.431 additional. Um- Well the release message could collect extension information called redirection 00:13:20.600-->00:13:25.605 carrier info. The redirected carrier can be undetectable to the network 4g, 3g or 2g, so we 00:13:29.609-->00:13:36.416 can redirect a targeted cellphone into 2g or 3g network and redirect other cell phones 00:13:36.416-->00:13:42.221 into the neighboring 4g network. Well someone may argue that you just downgraded the cellphone 00:13:42.221-->00:13:47.226 into an unsafe uh- network, uh- to 2g or 3g or 2g, but the poi- um- we could use jamming tool as 00:13:51.230-->00:13:56.235 well and it much easier than coding. Yes? Jamming tool can also le- uh- let 4g network work 00:13:59.572-->00:14:04.510 though, and the downgrade cell phone into 3g or 2g. But the point is in this manner, the- it 00:14:07.313-->00:14:12.318 will influence all cell phones. Thats why we claim that our uh- thats why we claim that a 00:14:14.587-->00:14:20.660 redirection attack could accurately attack the targeted cell phone and does not 00:14:20.660-->00:14:26.899 influence any other cell phone. They can still keep in the 4g network and don't need to worry 00:14:26.899-->00:14:31.904 about revealing information. Okay, after knowing about the principle of the- of this 00:14:34.373-->00:14:39.378 attack, lets talk about the method to build a demo system to modify this attack. Well, here 00:14:42.749-->00:14:47.754 is the test platform, we used a common tool: USRP plus a computer. The modem of the USRP 00:14:50.089-->00:14:55.094 is B210 uh- B210 yeah. The computer is a Gigabyte and uh- its small enough to hide itself. 00:14:59.532-->00:15:05.938 There are several open source LTE project. Well I think these two projects are most popular. 00:15:05.938-->00:15:10.943 The first one is Open Air Interface, developed by EURECOM. This is the most complicated- 00:15:13.045-->00:15:18.050 this is most completed open source LTE project and it has been developed for many years. 00:15:20.353-->00:15:25.358 What's more, it provides a connection between the real cell phone and the internet. But OAI 00:15:29.996-->00:15:36.569 system refers to a very complicated software architecture so there's a little 00:15:36.569-->00:15:41.574 difficult to modify its source code. Well the second project is named Open LTE written by only 00:15:44.010-->00:15:50.950 one person, Ben. He was a Motorola engineer and joined a Google project line last year. 00:15:50.950-->00:15:55.955 Ben gives this project a very beautiful coding style so it's quite easy to understand the 00:15:58.524-->00:16:03.462 whole architecture and to extend its function. This is why it has a more popular situation in 00:16:06.799-->00:16:11.804 open- in security research. However, the shortcoming of this project is, it hasn't too sta- 00:16:14.574-->00:16:19.579 uh stable LTE data connection. Uh, but for our experiment, the functionality is enough, yeah, 00:16:22.582-->00:16:27.587 to build a fake LTE network. I wrote a few slides to give the TP and OpenLTE source code if 00:16:32.725-->00:16:39.232 you want to build a fake LTE network just look at this release. Let's see the signaling 00:16:39.232-->00:16:45.905 again. In IMSI catcher, we need to send tracking area update reject message with special 00:16:45.905-->00:16:50.910 cause, yeah. In current OpenLTE software, the TAU request isn't handled. You can see the line, 00:16:54.113-->00:17:01.053 'Not handling tracking area update request' Luckily, we found uh- TU- the TAU reject 00:17:01.053-->00:17:06.058 message packing function is ready, so in this part, we can see this, uh- this part. MME 00:17:08.628-->00:17:13.633 pack tracking area update reject message so what we need to do is just add in some codes to ... 00:17:18.738-->00:17:23.743 with this function. Okay- just like the principle- Okay, we are receiving the TAU request from 00:17:29.282-->00:17:34.287 cell phone which should firstly set the MME procedure TAU request. Then what we need to do 00:17:37.356-->00:17:42.361 is just writing a function to call a TAU reject message. um- Yeah. When writing this TAU 00:17:48.401-->00:17:53.406 reject function you can refer to the attach rejecting function. It was already told. The- How 00:17:56.509-->00:18:03.316 about DOS attack? We can directly use this function, send attach/reject. There you see the 00:18:03.316-->00:18:08.321 highlighted line, you can send your rejection causes here. Yeah. In the next message, we 00:18:10.923-->00:18:15.928 can do further attack. Send- uh- Sending attach/reject with some special causes. Here uh- okay- 00:18:19.465-->00:18:24.470 and the third case is RRC redirection. This is a little complicated. You have to read 00:18:28.307-->00:18:33.312 the specification to know the message format and inside the redirect carrier info into RRC 00:18:35.548-->00:18:40.553 connection release message. From the red circle, uh- we can see, we write a one to this function. 00:18:43.723-->00:18:48.728 Yeah, it is because here, yeah, this part is a 3g PP protocol about RRC connection release 00:18:50.763-->00:18:57.303 message. We can see the top layer of this message, yeah? The red line. The redirect carrier 00:18:57.303-->00:19:02.241 info choice is optional, so in this case we just need to uh- open this uh- open this uh- 00:19:05.978-->00:19:10.983 choice, and set one in this bit, then we can modify the last code in this manner. Okay. Thats all 00:19:17.356-->00:19:22.361 the message we need to modify. Now, its how to stand less, let me introduce why we do this. 00:19:24.664-->00:19:29.668 >>[Inaudible] >>Okay, okay- this, yeah. Sorry. This picture is a cell phone screenshot and 00:19:32.238-->00:19:37.243 this uh- this cell phone has logging ability and I use it to check whether it uh- really 00:19:41.981-->00:19:46.986 received my redirection info so yes, it did receive! The carrier info is GERAN, that means GSM 00:19:51.190-->00:19:56.195 network, it uh- and its ARFCN frequency number is 42. Then the cell phone will firstly search 00:19:59.131-->00:20:04.136 this frequency. Yeah. This is almost all the source code you'll need to modify if you'll 00:20:07.440-->00:20:12.445 want to build an attack tool, quite simple, right? Now it's Haoqi's turn. Let him introduce 00:20:14.880-->00:20:19.885 why we do this. Okay >>Alright, thanks to my colleagues, good work. And actually she did most 00:20:23.089-->00:20:28.094 of the job. Yeah, pretty awesome! [Applause] Thank you. [Applause] So, actually we are, 00:20:37.269-->00:20:42.274 our team's not a team that has a very strong attack abilities. Uh- we often said we, you know- 00:20:46.045-->00:20:52.618 they can imagine us doing some bad things which is to find the vulnerabilities, but we don't 00:20:52.618-->00:20:57.623 know how to use it. We prefer to be a defender so, with that, you're upset, you know- for this 00:21:01.026-->00:21:06.932 presentation. And uh- we emphasize not only the risk, also the vulnerabilities of the 00:21:06.932-->00:21:11.937 LTE network, you know, from the attackers side. But also, think about background. So, the 00:21:16.775-->00:21:21.780 reasons why these vulnerabilities exist, so are question is, why is the RRC 00:21:25.251-->00:21:30.256 redirection message not encrypted. I suppose some of you will think of the same question. 00:21:32.658-->00:21:37.663 Uh- first question is, is this really a new problem? We consulted with several, you 00:21:42.468-->00:21:47.473 know, high security, really large company in China, and the 3GPP standard experts. So, 00:21:50.209-->00:21:55.214 surprisingly, uh- she found this finding is not new, and 3GPP knows risk about it about 10 00:21:59.618-->00:22:04.557 years ago, really. 10 years ago. So here is a document in generally uh- general 20- yeah, 00:22:07.593-->00:22:12.598 26, 26 years so which introduced a "forced handover" attack. So Lets see this bar graph. I don't 00:22:17.002-->00:22:22.007 know, yeah. You can see it clearly? So this compromised base station can be- can be- 00:22:25.144-->00:22:30.149 initiate a reconfiguration procedure to the UE, directing it to a cell or network chosen 00:22:33.385-->00:22:39.725 by the attacker. So this could be, this could function as a denial of service, you know, if 00:22:39.725-->00:22:46.298 the target network cannot, or will not, offer to the UE service or to allow uh- chosen 00:22:46.298-->00:22:52.805 network to capture EUs. So this docu- document writes this problem I just mentioned before. 00:22:52.805-->00:22:57.810 Uh- And then, about 10 months later, so in November 2006, 3GPP made a decision so let us read 00:23:03.048-->00:23:08.053 the two key points in this decision. And the point one is, you know, the RRC is integrating 00:23:11.590-->00:23:16.595 and ciphering will be started only once, just once, during the attach procedure. And uh- for 00:23:19.498-->00:23:24.503 example, after the AKA has been performed, so it cannot be deactivated later and there's a 00:23:30.075-->00:23:36.315 point 2 is the RRC integrity and ciphering algorithm can only be changed in the case, you know, 00:23:36.315-->00:23:41.320 of the eNodeB handover. So you see here, 3GPP's they gave an explanation on the RRC ciphering 00:23:45.491-->00:23:50.496 and uh- here is a question. Why does it do this? So, you know, because some special in some- 00:23:53.132-->00:23:58.137 special case such as earthquake, or during a hot event, there would be too many cell phones 00:24:01.206-->00:24:08.047 trying to access one- just one base station, they make these base stations will be overloaded 00:24:08.047-->00:24:13.052 so to let a network load balanced, so this base station can ask the new coming cell 00:24:15.721-->00:24:22.094 phone to redirect to the um- another base station. Uh- If we don't- if you don't have the 00:24:22.094-->00:24:28.600 cell phone you know, which base station is light-loaded the cellphone will- might- might 00:24:28.600-->00:24:35.507 blindly and ineffectively to search, one by one. This cause a lot of problems, so finally 00:24:35.507-->00:24:40.512 increase the whole network loaded. So 3GPP's they think the new base station should take 00:24:45.718-->00:24:50.723 responsibility to all the cell phones so they decide to increa- eh- they decide not to encrypt 00:24:55.394-->00:25:00.332 the RRC redirection procedure. So, I explained, just explained the background reason of this 3 00:25:04.770-->00:25:09.775 attacks here. And IMSI catcher that cannot avoid- avoid- be avoided because we need a global 00:25:12.211-->00:25:17.216 roaming and you have to firstly identify and [inaudible]. So Wifi security system, you know, 00:25:20.419-->00:25:26.992 they have the same situation. We all know that you know, the Mac cha- MAC address, people can use 00:25:26.992-->00:25:31.997 it to track you, yeah. So from iOS 8 and Windows 10, so there will be some, you know, MAC 00:25:36.902-->00:25:41.907 randomization and uh- this measure it will be yours. But, actually, you know, to actualize 00:25:45.711-->00:25:52.551 the network manager- uh management, a random MAC address only abled in a strict 00:25:52.551-->00:25:57.556 condition, yes, strict conditions. So if a terminal used Wifi hotspot, such as 2.0, 00:26:00.058-->00:26:05.063 yeah, the WIFI hotspot 2.0 is a specification for the WIFI roaming, so it means that in 00:26:07.366-->00:26:12.371 this case, this make randomization will also be disabled. This is a little bit 00:26:16.408-->00:26:21.413 so global roaming and identify- identity privacy is in conflict and it needs to trade-off. Uh- 00:26:26.452-->00:26:31.457 DOS attack and you know the battery energy savings is another trade-off. Suppose this 00:26:35.427-->00:26:40.432 network is really really unusable so if you- if this cell phone keeps searching, you 00:26:42.634-->00:26:47.639 consume too much energy and quickly consume out. So this is also bad things. As you can see, 00:26:55.614-->00:27:02.020 this network protocol designer, they have to make many many tradeoffs between the basic 00:27:02.020-->00:27:07.960 connection requirements and the high level requirement, the privacy. The privacy is what we 00:27:07.960-->00:27:12.965 care about. So I give the excuse of this vulnerabilities, I believe people should. So do not 00:27:17.202-->00:27:22.207 think I refuse to face this problem. So let's find out how to fix this. In this slide, uh- 00:27:28.780-->00:27:34.486 let's discuss this uh- yeah- let's discuss this countermeasures. So firstly, at 00:27:34.486-->00:27:39.925 the cell phone manufacturer's side, uh- since you know the standard and modern set of 00:27:39.925-->00:27:44.930 chipsets haven't fixed this problem so what can they do for example, uh is- uh- such as, 00:27:48.233-->00:27:54.806 yeah- don't follow the redirection command, but also, auto-search the other available 00:27:54.806-->00:28:00.679 base stations. Or you can say, Cell phone can follow the redirection command but you 00:28:00.679-->00:28:05.684 should give your user's some alert that says "waring you are downgraded to a lower security 00:28:08.387-->00:28:13.392 network" but I think it's really hard work. So we know about the root of this problem uh is an 00:28:17.296-->00:28:23.368 unsafe GSM network so why don't we try to solve this problem. And the GSM network is still 00:28:23.368-->00:28:29.207 needed by uh- by the operators, you know. There's a lot of devices, you need to just 00:28:29.207-->00:28:34.212 support a GSM network. So, you want to change it, you need a long time. So from the standard 00:28:36.782-->00:28:41.787 side, they're making efforts to fix, you know, the weak point of the GSM network. So here is a 00:28:43.822-->00:28:48.827 very fresh news. Just a couple months ago 3GPP received a proposal of the GSMA, uh- so the 00:28:52.297-->00:28:57.302 best guide here of the upgrade of the mobile device's security capabilities and since, you 00:29:00.505-->00:29:05.510 know, the older GSM equipment, we cannot, how you can say, difficult to upgrade. So GSMA, 00:29:08.880-->00:29:10.882 they proposed two methods. One is the mobile device, you know, they refuse one-way auth and if 00:29:10.882-->00:29:12.884 they uh- visit a network is 3G capable. And the second method is you know, disable some weak 00:29:12.884-->00:29:16.822 encryption such as A1 uh- A51, yeah, F5 algorithm in mobile. So, [inaudible] so these two 00:29:16.822-->00:29:21.827 proposals have finally standardized by 3GPP because you want- you want standards real 00:29:31.136-->00:29:36.141 hard and uh- not quite easy. But, we see a good beginning, someone trying to fix this 00:29:58.497-->00:30:03.502 situation and uh- okay, yeah. Uh-n actually we uh- show you how to break and show you how to 00:30:09.841-->00:30:14.846 fix this problem and uh- we did it both way but uh- I think there are some cell phone 00:30:18.750-->00:30:24.823 manufacturers can learn something from this presentation and I hope so. So here is our 00:30:24.823-->00:30:29.828 presentation today. And we thank so many companies gave us a lot of help such as Huawei, and uh- 00:30:33.732-->00:30:40.338 Qualcomm and uh- Apple. Yeah, Apple. So uh- if you have any questions about how to build 00:30:40.338-->00:30:45.343 your own LTE networks that or, some malicious unsafe uh- unsafe network so, please feel free to 00:30:49.314-->00:30:54.319 contact us. And you're welcome to take a picture. [Applause] Thank you [Applause]