LTE networks and MITM

Yes, LTE uses bi-directional authentication.

From LTE Quick Reference:

Turns out LTE can use two types of algorithms for authentication and key generation:

1. Test – For Test algorithm the OP is not required, so if current LTE operator is supporting Test algorithm for authentication and key generation then OP is not required and in this case USIM doesn’t contain OP.

2. MILENAGE – For MILENAGE OP is mandatory. Meaning: if operator is using MILENAGE algorithm for authentication and key generation, then OP needs to be constructed in USIM.

^{Note: Here, “OP” is a pre-shared key. It’s optional/conditional and configured in the operator’s DB in the Authentication center and USIM.}

Skipping “Test” for rather obvious reasons, this leaves us with MILENAGE. MILENAGE is the base algorithm for the AKA authentication developed within the 3GPP standard (to be more exact, it’s the base for 2G [USIM], 3G and LTE authentication). MILENAGE is based on the AES block-cipher, and is also used in EAP-AKA and IMS-AKA protocols. The specifications are public.

In fact, ample details and technical specifications can be found at the “confidentiality algorithms” page of the 3gpp.org website. The 3GPP authentication and key generation functions (MILENAGE) have been developed through the collaborative efforts of the 3GPP Organizational Partners. They may be used only for the development and operation of 3G Mobile Communications and services, but – in contrast to KASUMI, where Mitsubishi Electric Corporation holds essential patents on the algorithms – there are no additional requirements or authorizations necessary for MILENAGE algorithms to be implemented.

The “3G Security ; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1, f2, f3, f4, f5 and f5*”* specs and sourcecode span over a total of 5 sections:

1. Document 1: General [3GPP TS 35.205]
2. Document 2: Algorithm specification [3GPP TS 35.206]
3. Document 3: Implementors’ test data [3GPP TS 35.207]
4. Document 4: Design conformance test data [3GPP TS 35.208]
5. Document 5: Summary and results of design and evaluation [3GPP TS 35.909]

As you might notice, 35.205 – once created for UMTS network but still used by LTE – specifically handles the MILENAGE algorithm, which is used for authentication and key generation.

For my part, that’s more info than I could have wished to find… the specs and code will surely be able to please my cryptanalytic heart. Yet, to dive in deeper yourself, you could check out things like the “LTE Security Architecture” article at 3glteinfo.com, you could go buy and read a book, or you can hunt for related research papers like “Modifying Authentication Techniques in Mobile Communication Systems”
^{(Surely not the best research paper out there, but it’s only meant to serve as an example.)}