Title: Physical Attacks against the Lack of Perfect Forward Secrecy in DECT Encrypted Communications and Possible Countermeasures
Publisher: IEEE
Publication Year: 2015
JRC N°: JRC94866
ISBN: 978-1-4799-5343-1
URI: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7289150
DOI: 10.1109/IWCMC.2015.7289150
Type: Articles in periodicals and books
Abstract: Digital Enhanced Cordless Telecommunications (DECT) is a world-wide wireless standard sustained by ETSI and widely used in cordless telephony. Whilst domestic DECT cordless phones were primarily designed to be used in connection with the Public Switched Telephone Network, their presence in Unified Communications systems has become more and more common given their reliability, flexibility and interoperability. The DECT protocol foresees the usage of authentication and encryption in order to protect the privacy of the voice communications. Unfortunately, the cryptographic mechanisms foreseen by the standard do not provide support for forward secrecy. As a consequence, the compromise of the long-term secret cryptographic key leads to the decryption of any previous, present and future encrypted communication. In this paper, we describe and demonstrate experimentally a new physical attack, able to recover the long-term cryptographic key from the memory of DECT devices and use it to decrypt voice communications previously intercepted in encrypted form. In order to mitigate this threat to the privacy of the DECT communications, we propose a set of countermeasures and proposals for modifications of the standard to provide forward secrecy in the communications.
JRC Directorate:Space, Security and Migration

Files in This Item:
There are no files associated with this item.

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.