Voice over LTE leaks like a sieve, because nobody’s paying attention to the details. That’s the conclusion in a paper (PDF) presented to the Symposium on Information and Communications Technology Security in Rennes, France last week. The researchers, from Priority 1 Security, warn the vulnerabilities could affect any of the hundred-plus operators using VoLTE worldwide.
VoLTE is the technology that back-ports voice calls onto the IP data-centric 4G standards via the IP Media Subsystem (IMS). Without it, phones need the ability to fall back to 3G standards to place calls. Phones use the Session Initiation Protocol (SIP) for call signalling, with the Session Description Protocol (SDP) to let the callee know what type of call (for example voice or video) is requested.