Cryptanalysis of the DECT Standard Cipher
The DECT Standard Cipher (DSC) is a proprietary 64-bit stream cipher based on irregularly clocked LFSRs and a non-linear output combiner. The cipher is meant to provide confidentiality for cordless telephony. This paper illustrates how the DSC was reverse-engineered from a hardware implementation using custom firmware and information on the structure of the cipher gathered from a patent. Beyond disclosing the DSC, the paper proposes a practical attack against DSC that recovers the secret key from 215 keystreams on a standard PC with a success rate of 50% within hours; somewhat faster when a CUDA graphics adapter is available.
KeywordsDECT DECT Standard Cipher stream cipher cryptanalysis linear feedback shift register
- 1.MZA Telecoms & IT Analysts: Global cordless phone market. Press Release (August 2009)Google Scholar
- 2.DECT Forum: Positioning of DECT in relation to other radio access technologies. Report (June 2002)Google Scholar
- 7.Alcatel: Data ciphering device. U.S. Patent 5,608,802 (1994)Google Scholar
- 8.Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-engineering a cryptographic RFID tag. In: van Oorschot, P.C. (ed.) USENIX Security Symposium 2008, USENIX Association, pp. 185–194 (2008)Google Scholar
- 11.Biham, E., Dunkelman, O.: Differential cryptanalysis in stream ciphers. Cryptology ePrint Archive, Report 2007/218 (2007), http://eprint.iacr.org/2007/218