Paper 2012/321
DECT Security Analysis
Erik Tews
Abstract
DECT is a standard for cordless phones. The intent of this thesis is to evaluate DECT security in a comprehensive way. To secure conversations over the air, DECT uses two proprietary algorithms, namely the DECT Standard Authentication Algorithm (DSAA) for authentication and key derivation, and the DECT Standard Cipher (DSC) for encryption. Both algorithms have been kept secret and were only available to DECT device manufacturers under a None Disclosure Agreement (NDA). The reader is first introduced into the DECT standard. The two algorithms DSAA and DSC have been reverse engineered and are then described in full detail. At first, attacks against DECT devices are presented, that are based on faults made by the manufacturers while implementing the DECT standard. In the next Chapters, attacks against the DSAA and the DSC algorithm are described, that recover the secret keys used by these algorithms faster than by brute force. Thereafter, a attack against the DECT radio protocol is described, that decrypts encrypted DECT voice calls. Finally, an outlook over the next release of the DECT standard is presented, that is expected to counter all attacks against DECT, that are described in this thesis.
Note: PhD thesis of Erik Tews
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. Paper is also available at http://tuprints.ulb.tu-darmstadt.de/2932/
- Keywords
- DECTDSCDSAAstream cipherblock cipher
- Contact author(s)
- erik @ datenzone de
- History
- 2012-06-12: received
- Short URL
- https://ia.cr/2012/321
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2012/321, author = {Erik Tews}, title = {{DECT} Security Analysis}, howpublished = {Cryptology {ePrint} Archive, Paper 2012/321}, year = {2012}, url = {https://eprint.iacr.org/2012/321} }