The DECT pages

How about security?

One of the main problems with analogue cordless telephones is that everyone with a FM radio receiver can listen in on the conversation. Simple digitial cordless telephones make it harder to listen in since the speech is digitally encoded. However with a little knowledge and some general available digital components this is easy to decode. Another problem is unauthorized use of the base system. With analogue cordless telephones others can easily make call's through your base system without paying for it. Lost or stolen handsets open up your base system for the unauthorized user to access and use on your cost. All these issues are addressed by the DECT standard and solutions provided.

Gaining access

Before a DECT handset can be used on a base system at all a subscription has to be made. During this subscription process identity information is exchanged between the base system and the DECT handset. These are stored on both sides for later use. But this procedure itself must be secure as well. This is done in two ways. First of all the identities aren't exchanged in their pure form, but encrypted. Together with a authentication code provided by the base system and entered in the DECT handset this encryption is seeded. Since the encryption algorithm itself is secret it is very hard to intervene in this procedure.

The conversation

Making a conversation means that a link has to be established between the DECT handset and the base system. As soon as this link is established an encryption request is exchanged. This request is accompanied by a seed which is used together with values established during the subscription procedure. Therefore the encryption parameters are different for every session. These encryption parameters are then used to encrypt the speech data send between the DECT handset and base system, thus making it virtually impossible to listen in on the conversation.

Denying access

Removing the subscription data from a DECT handset effectively blocks the access by this DECT handset to the base system. If the DECT handset is stolen or lost this cannot be done on the handset itself. But the subscription can be marked in the base system as disabled. In case the DECT handset tries to start a communication session it identifies itself to the base system. The base system then sends a command to remove the subscription data for this base system from the DECT handset. Now without a new subscription it is impossible to even start a communication session with this base system let alone initiate a call.
Written by my own two hands and an ASCII editor. Problems? write me Last updated June 24, 2000 DECT home

This page is Anybrowser