wiki:DSAA-Analysis

DSAA Security Analysis Project

After the DSAA Algorithm was recovered, we analyzed the security of DSAA.

People involved in the analysis

  • Stefan Lucks
  • Andreas Schuler
  • Erik Tews
  • Ralf Weinmann
  • Matthias Wenzel

Results

The results have been accepted as a paper to CT-RSA 2009. From the Abstract:

Digital Enhanced Cordless Telecommunications (DECT) is a standard for connecting cordless telephones to a fixed telecommunications network over a short range. The cryptographic algorithms used in DECT are not publicly available. In this paper we reveal one of the two algorithms used by DECT, the DECT Standard Authentication Algorithm (DSAA). We give a very detailed security analysis of the DSAA including some very effective attacks on the building blocks used for DSAA as well as a common implementation error that can practically lead to a total break of DECT security. We also present a low cost attack on the DECT protocol, which allows an attacker to impersonate a base station and therefore listen to and reroute all phone calls made by a handset.

The paper is also available on http://eprint.iacr.org/2009/078.

Last modified 10 years ago Last modified on Feb 16, 2009, 9:58:57 PM

Attachments (1)

Download all attachments as: .zip