Practical Interception of DECT Encrypted Voice Communication in Unified Communications Environments

Author

Coisel, Iwen ; Sanchez, Israel

Author_Institution

Joint Res. Centre, Eur. Comm., Ispra Varese, Italy

fYear

2014

fDate

24-26 Sept. 2014

Firstpage

115

Lastpage

122

Abstract

Digital Enhanced Cordless Telephony, DECT, is a worldwide standard for cordless telephony that is frequently integrated into Unified Communications systems both in enterprise and residential environments. DECT supports encryption to protect the confidentiality of the communications whilst allowing the interoperability between products from different models and manufacturers. In this paper we explore, from both a theoretical and a practical standpoint, the security of the DECT cryptographic pairing process which plays a vital role in the security chain of Unified Communications systems involving DECT technology. We demonstrate a practical security attack against the DECT pairing process that is able to retrieve the cryptographic keys and decrypt in real-time any subsequent encrypted voice communication. We also present suggestions for a more secure alternative pairing process that is not vulnerable to this type of passive attack.

Keywords

computer network security; cordless telephone systems; cryptography; open systems; telephony; voice communication; DECT cryptographic pairing process; DECT encrypted voice communication; digital enhanced cordless telephony; enterprise environments; interoperability; residential environments; security; unified communications environments; Authentication; Encryption; Protocols; Radio access networks; Standards;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint

Conference_Location

The Hague

Print_ISBN

978-1-4799-6363-8

Type

conf

DOI

10.1109/JISIC.2014.26

Filename

6975562