DECT Protocol

You find more informations about the DECT protocol here:

Intresting observations

During the pairing process of a fritz!box fon wlan 7270 and PT from several manufactures we recorded the debug files. This has enabled us to infer from the transmitted messages the used NWK layer procedures.

1. Siemens, A2, A15
In the analyzed debug files following NWK layer procedures were executed:

a) Obtaining access rights
b) Key allocation
c) Location registration
d) Authentification of a PT

There is no difference between the initial pairing and the repeated pairings.

2. Philips, SE 250
In contrast to the Siemens portable phones there is a difference between the initial pairing and the repeated pairing process.
In the analyzed debug files the same procedures like mentioned in 1. were executed. During the repeated pairing process only the following two procedures were executed:

a) Location registration
b) Authenification of a PT

It's interesting to get the randoms send by the PT. The PT sends a Random during the 'Key Allocation' procedures, in the second step, the {Authentification-Request}-message.
Because of missing the Key allocation during repeated pairings at the Philips phone it is only possible during initial pairing to get randoms created by the Philips PT.
More phones from other manufactures wil be tested soon.

Last modified 10 years ago Last modified on Dec 28, 2008, 8:00:57 PM