DECT Security Analysis
نویسندگان
چکیده
DECT is a standard for cordless phones. The intent of this thesis is to evaluate DECT security in a comprehensive way. To secure conversations over the air, DECT uses two proprietary algorithms, namely the DECT Standard Authentication Algorithm (DSAA) for authentication and key derivation, and the DECT Standard Cipher (DSC) for encryption. Both algorithms have been kept secret and were only available to DECT device manufacturers under a None Disclosure Agreement (NDA). The reader is first introduced into the DECT standard. The two algorithms DSAA and DSC have been reverse engineered and are then described in full detail. At first, attacks against DECT devices are presented, that are based on faults made by the manufacturers while implementing the DECT standard. In the next Chapters, attacks against the DSAA and the DSC algorithm are described, that recover the secret keys used by these algorithms faster than by brute force. Thereafter, a attack against the DECT radio protocol is described, that decrypts encrypted DECT voice calls. Finally, an outlook over the next release of the DECT standard is presented, that is expected to counter all attacks against DECT, that are described in this thesis. DECT ist ein Standard für schnurlose Telefone. Um die Funkübertragung zwischen DECT Geräten zu sichern, verwendet DECT zwei proprietäre Algorithmen, den DECT Standard Authentication Algorithm (DSAA) für die Authentifikation und Schlüsselableitung, sowie den DECT Standard Cipher (DSC) für die Verschlüsselung. Beide Algorithmen wurden geheim gehalten und waren nur DECT Geräteherstellern unter einem None Disclosure Agreement (NDA) zugänglich. Das Ziel dieser Arbeit ist eine umfassende Untersuchung der Sicherheit von DECT. Der Leser wird zuerst in den DECT Standard eingeführt. Die beiden ehemals geheimen Algorithmen DSAA und DSC wurden reverse engineered und sind hier mit allen Details beschrieben. Zuerst werden Angriffe auf DECT Geräte selbst vorgestellt, die weitestgehend auf Fehlern basieren, die von den Herstellern bei der Implementierung des DECT Standards gemacht wurden. In den nächsten Kapiteln werden Angriffe auf die Algorithmen DSAA und DSC selber vorgestellt, die es möglich machen die geheimen Schlüssel der Algorithmen schneller als durch eine erschöpfende Suche zu finden. Danach wird ein Angriff auf das DECT Protokoll selber vorgestellt, der es möglich macht, verschlüsselte Telefongespräche zu entschlüsseln. Zuletzt wird ein Ausblick auf die zukünftige Version des DECT Standards geboten, der voraussichtlich alle Angriffe, die hier beschrieben wurden, beheben wird.
منابع مشابه
Attacks on the DECT Authentication Mechanisms
Digital Enhanced Cordless Telecommunications (DECT) is a standard for connecting cordless telephones to a fixed telecommunications network over a short range. The cryptographic algorithms used in DECT are not publicly available. In this paper we reveal one of the two algorithms used by DECT, the DECT Standard Authentication Algorithm (DSAA). We give a very detailed security analysis of the DSAA...
متن کاملDelayed Dual-Energy CT (DECT) and conventional cardiac CT angiography (CCTA) in detection of chronic myocardial scar tissue: do we need delayed acquisition? Comparison with MRI
Methods 19 patients (m/f-16/3, mean age 59,6± 2,0 years) with history of myocardial infarction ( >1 year) were prospectively enrolled in the study. The CCTA protocol consisted of prospectively gated CTA and DECT. DECT was performed with single-tube 64-row CT in gemstone spectral imaging (GSI) mode with 8 min delay after contrast media injection. Using a 4-point transmurality scale CCTA images w...
متن کاملEvaluation of Urinary Stone Composition and Differentiation between Urinary Stones and Phleboliths Using Single-source Dual-energy Computed Tomography.
The aim of this study was to investigate the utility of single-source dual-energy computed tomography (SS-DECT) composition analysis in characterizing different types of urinary stones and differentiating them from phleboliths. This study included 29 patients with urinary stones who were scheduled for surgery. All patients were scanned, first using single-energy computed tomography acquisition ...
متن کاملLack of change in urate deposition by dual-energy computed tomography among clinically stable patients with long-standing tophaceous gout: a prospective longitudinal study
INTRODUCTION Dual-energy computed tomography (DECT) has potential for monitoring urate deposition in patients with gout. The aim of this prospective longitudinal study was to analyse measurement error of DECT urate volume measurement in clinically stable patients with tophaceous gout. METHODS Seventy-three patients with tophaceous gout on stable therapy attended study visits at baseline and t...
متن کاملDual-energy CT-based assessment of the trabecular bone in vertebrae.
BACKGROUND Osteoporosis can cause severe fractures of bone structures. One important indicator for pathology is a lowered bone mineral density (BMD) - conventionally assessed by dual-energy X-ray absorptiometry (DXA). Dual-energy CT (DECT) - being an alternative that is increasingly used in the clinics - allows the computation of the spatial BMD distribution. OBJECTIVES Using DECT, the trabec...
متن کامل