Posts

On the (In)Security of 4G - Part XI: Non Access Stratum and Access Stratum Security

In this series, I’d like to have a deeper look on 4G security measures. Here we have a look at Non Access Stratum (NAS) and Access Stratum (AS) security, just after Authentication and Key Agreement Procedure (AKA) has completed.
Sep 24, 2020 10 min read

Overthewire Natas Level 22, 23, 24 and 25

This is a writeup for the overthewire natas web application hacking challenge for level 22, 23, 24 and 25.
Nils Mäurer
Aug 22, 2020 9 min read

Overthewire Natas Level 20 and 21

This is a writeup for the overthewire natas web application hacking challenge for level 20 and 21.
Nils Mäurer
Jul 26, 2020 9 min read

Overthewire Natas Level 18 and 19

This is a writeup for the overthewire natas web application hacking challenge for level 18 and 19.
Nils Mäurer
Jul 25, 2020 8 min read

On the (In)Security of 4G - Part X: Authentication and Key Agreement Procedure

In this series, I’d like to have a deeper look on 4G security measures. Here we look closely at step 5a in the Initial Attachment Procedure - the Authentication and Key Agreement Procedure (AKA).
Jul 13, 2020 11 min read

On the (In)Security of 4G - Part IX: Cryptographic Overview, Key Hierarchy and Key Derivation of 4G

In this series, I’d like to have a deeper look on 4G security measures. Here we are going to have a look on some of 4G’s cryptography, key hierarchies and which key is derived from where and how.
Jul 13, 2020 7 min read

On the (In)Security of 4G - Part VIII: 4G Security Architecture Overview and Features

In this series, I’d like to have a deeper look on 4G security measures. Here we are finally going to have a look on the 4G Security Architecture and its features.
Jul 13, 2020 12 min read

On the (In)Security of 4G - Part VII: Understanding the Initial Attachment Procedure

In this series, I’d like to have a deeper look on 4G security measures. In this part I’d like to start looking at the initial attachment procedure between UE and Network.
Jul 13, 2020 14 min read

On the (In)Security of 4G - Part VI: 4G Security - A First Look

In this series, I’d like to have a deeper look on 4G security measures. In this part I’d like to start looking at the security between different 4G entities and their interfaces.
Jul 13, 2020 11 min read

On the (In)Security of 4G - Part V: Logical Channels

In this series, I’d like to have a deeper look on 4G security measures. Here we are going to have a look on the different logical channels of 4G.
Jul 13, 2020 7 min read