DECT Forum Responds To Cracking Of DECT Encryption

sl965_tit_sys_tro_220x279Earlier today the DECT Forum issued a press release in response to news from last months Chaos Communications Congress (25C3) that the DECT encryption has been cracked. Their press release (PDF) is about what you’d expect. It merely asserts their willingness to work with researchers to develop new and better security provisions as part of the CAT-iQ standard that replaces DECT.

I would hope that they would not only develop a better standard, but also ensure that the encryption provisions are in fact implemented by manufacturers. To my mind the most frightful part of the DeDECTed groups work was finding that some DECT implementations were not encrypted at all. Further, that there was essentially no way for a non-technical user to know if the DECT system that they were buying was encrypted or not.

In a sort of related move it appears that Siemens Gigaset range now includes a model S965 (pictured left) that includes 3072 bit public key encryption. From their description of the device:

If privacy is a priority, look no further than the Gigaset SL965, the world’s first cordless DECT telephone with point-to-point call encryption .

From the features page on the device:

  • Comfortable menu for easy use in English, French and German (other languages on request)
  • Illuminated MWI
  • Improved range and voice quality in secure mode
  • Strongest and most secure algorithms commercially available today
  • 3072 bit Diffie-Hellman Public Key exchange
  • AES 128 bit in CBC mode
  • 256 bit Secure Hash Function
  • Readout-hash based key authentication
  • Entire Key Generation, Key Exchange and Encryption done in the handset for maximum security
  • Encryption key is destroyed as soon as the call ends and freshly generated with each call
  • Also supports normal unencrypted calls, unencrypted SMS, address telephone book, appointments etc.
Of course, this model does not support VoIP, just PSTN calling. Go figure.
  • linuxninjas

    I was at the conference. Very interesting talk. It seems if your basestation or another rogue basestation says that it does not support encryption then the handset talks unencrypted.
    The same if a handset says I don’t support encryption the basestation does not use encryption.

    You can watch the video of the presentation and a few other interesting ones around building your own GSM basestation at
    http://events.ccc.de/congress/2008/wiki/Conference_Recordings