DSAA Reversing project

The four DECT algorithms named A11, A12, A21, A22 are usually named DECT Standard Authentication Algorithm (DSAA). DSAA is secret and only available to DECT system vendors who sign an NDA. We reverse engineered the algorithm.

A short summary of DSAA

  • A12, A21, and A22 are just wrappers around A11
  • A11 uses four different but similar blockciphers go generate the output
  • We decided to name these block ciphers cassable
  • cassable is a 64 bit block length and 64 bit key block cipher
  • cassable is optimized for 8 bit cpus
  • cassable is a SPN type construction
  • All four versions of cassable only differ in the key schedule


Open source implementations of the DSAA algorithm can be found at the DSAA Implementation page.

Security Analysis

A security analysis can be found at the DSAA-Analysis page.

Last modified 10 years ago Last modified on Dec 28, 2008, 9:39:48 PM