Abstract
Digital Enhanced Cordless Telecommunications (DECT) is a world-wide wireless standard sustained by ETSI and widely used in cordless telephony. Whilst domestic DECT cordless phones were primarily designed to be used in connection with the Public Switched Telephone Network, their presence in Unified Communications systems has become increasingly common given their reliability, flexibility and interoperability. The DECT protocol foresees the usage of authentication and encryption in order to protect the privacy of the voice communications. Unfortunately, the cryptographic mechanisms envisaged by the standard do not provide support for forward secrecy. As a consequence, the compromise of the long-term secret cryptographic key leads to the decryption of any previous, present and future encrypted communication. In this paper, we describe and demonstrate experimentally a new physical attack, able to recover the long-term cryptographic key from the memory of DECT devices and use it to decrypt voice communications previously intercepted in encrypted form. In order to mitigate this threat to the privacy of the DECT communications, we propose a set of countermeasures and proposals for modification of the standards to provide forward secrecy in the communications.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
