White Paper for UC, Office & Contact Center Professionals. DECT Security

Similar documents
White Paper for UC, Office & Contact Center Professionals. Bluetooth Security

Conference calls with style

DECT. DECT Density. Wireless Technology. and WHITE PAPER

Activate. your. Potential. Activate. your. Potential. Activate. your. Potential CULTURE PLUS SERIES

Brilliant. comfort. sound. exceptional. Mobile Business Series MB Pro 1 & MB Pro 2 Bluetooth Headsets

The. Working Tool. for all day. Performance CIRCLE SERIES

CENTURY Quality speaks. louder. than words. Sennheiser SC 630/660, SC 630/660 USB CTRL and SC 630/660 USB ML

Activate. your. Potential. Activate. your. Potential. Activate. your. Potential CULTURE PLUS SERIES

Premium Sound. Quality. SD Wireless Series

Activate. your. Potential. Activate. your. Potential. Activate. your. Potential CULTURE PLUS SERIES

Wireless DECT Headsets Sennheiser DW and D 10 Series

headset offers 3 types of wearing styles with choice of headband, ear hook or neckband* for the perfect customized fit. Features and Benefits:

User focus The D 10 USB has a built-in ringer and is UC optimized for maximum productivity

Sennheiser Softphone. Compatibility. Guide

The. Working Tool. for all day. Performance CIRCLE SERIES

intelligibility for both speaker and listener. Advanced wideband audio and DSP

User focus DW Pro 2 is designed to maximize productivity and flexibility in busy offices with its

around the office. The iconic design of the DW Pro 1 puts it in a class of its own.

technology provides protection against acoustic injury. Its lightweight headset offers 3 types of wearing styles with choice

efficient encryption ensures secure conversations. Easy call management, convenient phone conferencing and hot desking offer maximum flexibility.

Designed for all-day use, the DW Office connects directly to desk phone and softphone/pc to deliver excellent sound quality

High comfort wearing styles with choice of headband and ear hook with leatherette

User focus SD Office is designed to maximize productivity and flexibility in busy offices with its long distance wireless range up to 590 ft

* Answer/end call requires EHS cable for desk phone and Sennheiser software for certain softphones

Certified for Skype for Business and designed

* Answer/end call requires EHS cable for desk phone and Sennheiser software for certain softphones

Brilliant. comfort. sound. exceptional. Mobile Business Series MB Pro 1

* Answer/end call requires EHS cable for desk phone

Reclaim. Your Office MOBILE BUSINESS SERIES MB 660 UC / MB 660 UC MS. with MB 660 adaptive ANC headset

User focus DW Office ML is designed to maximize productivity and flexibility in busy offices. Note: Neckband available as accessory

* Answer/end call requires EHS cable for desk phone

encryption ensures secure conversations. Easy call management, convenient phone conferencing and hot desking offer maximum flexibility.

efficient encryption ensures secure conversations. Easy call management, convenient phone conferencing and hot desking offer maximum flexibility.

wireless solution within reach of even more everyday users.

Premium Sound. Quality. SD Pro 2 ML

Full workday of talk time 8 hours wideband and 12 hours narrowband Two years warranty for peace of mind

Microsoft Lync compatibility. Sennheiser Communications solutions overview

Take Control of Your Sound Environment

Excelling your. Unified Communications. Experience

Avaya compatibility. Sennheiser Communications solution overview

Experience Sennheiser sound

Aastra Telecom compatibility. Sennheiser Communications solution overview

Experience. Excelling your. Unified communications. Experience Sennheiser. Sennheiser Communications A/S Industriparken 27 DK-2750 Ballerup Denmark

Excelling your. Unified Communications. Experience

Excelling your. Unified Communications. Experience Sennheiser. Sennheiser Communications A/S Industriparken 27 DK-2750 Ballerup Denmark

than words Give your people the ultimate tools for the job CENTURY Quality speaks louder Experience Sennheiser

Reclaim. Your Office. Mobile Business Series MB 660 UC MS. with MB 660 adaptive ANC headset

than words Give your people the ultimate tools for the job CENTURY Quality speaks louder Experience Sennheiser

Experience. Excelling your. Unified Communications. Experience Sennheiser. Sennheiser Communications A/S Industriparken 27 DK-2750 Ballerup Denmark

Excelling your. Unified Communications. Experience

Excelling your. Unified communications. Experience

University of Central Florida Headsets and Accessories

Excelling your. Unified Communications. Experience

Experience. Excelling your. Unified Communications. Experience Sennheiser. Sennheiser Communications A/S Industriparken 27 DK-2750 Ballerup Denmark

WHITE PAPER WHITE PAPER DW OFFICE. Comfort. The key to efficiency.

Wireless Attacks and Countermeasures

University of Central Florida Skype For Business Headsets and Accessories Brochure

Single Message Report for the Information Server. SIMATIC PCS 7, SIMATIC Information Server Siemens Industry Online Support

Skype for Business compatibility. Sennheiser Communications solution overview

IGEL Compatibility. Sennheiser Solution Overview

Contract on the use of the myaxa client portal by a company

Message Cycle Report for the Information Server. SIMATIC PCS 7, SIMATIC Information Server Siemens Industry Online Support

Application example 02/2017. SIMATIC IOT2000 Connection to IBM Watson IoT Platform SIMATIC IOT2040

Excelling your. Unified Communications. Experience

Alcatel-Lucent compatibility. Sennheiser Communications solution overview

Library Description 08/2015. HMI Templates. TIA Portal WinCC V13.

Tabular SIMATIC BATCH report for the Information Server. SIMATIC PCS 7 / SIMATIC Information Server 2014 / Customized Reporting

Polycom compatibility. Sennheiser Communications solution overview

BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)

HiPath Cordless Office for the HiPath 500 and HiPath 3000 Series


CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

Mitel compatibility. Sennheiser Communications solution overview

HF Markets SA (Pty) Ltd Protection of Personal Information Policy

An Introduction to a Unique Safeguard Technology for Headset Users

CREATE A CONCENTRATION ZONE TO BOOST FOCUS AND PRODUCTIVITY.

Drive System Application

THE VIRTUAL COLLABORATION HEALTH CHECK

Application example 12/2016. SIMATIC IOT2000 OPC UA Client SIMATIC IOT2020, SIMATIC IOT2040


Define information security Define security as process, not point product.

Data Storage on Windows Server or NAS Hard Drives


Engineering of the Configuration Control for IO Systems

Applikationen & Tools. Network Address Translation (NAT) and Network Port Address Translation (NAPT) SCALANCE W. Application Description July 2009

Ingate SIParator /Firewall SIP Security for the Enterprise

TeleService of a S station via mobile network

PRODUCTS & SOLUTIONS.

HiPath Cordless Office for the HiPath 500 and HiPath 3000 Series

Internet of Things Toolkit for Small and Medium Businesses

EN V1.1.1 ( )

Snom Compatibility. Sennheiser Solution Overview

Product Summary, CA12CD Cordless Push-to-Talk Adaptor. Part No Category Code: 97 Revision: C

HiPath Cordless Office for the HiPath 500 and HiPath 3000 Series

Wildix Compatibility. Sennheiser Solution Overview


RAID systems within Industry

IBM App Connect Enterprise on IBM Cloud


Keep the Door Open for Users and Closed to Hackers

Transcription:

White Paper for UC, Office & Contact Center Professionals DECT Security

TABLE OF CONTENTS Executive Summary 3 About DECT Technology 3 The DECT Security Chain 3 The Pairing Process 4 Other Security Measures in DECT Devices 5 Security Concerns and Countermeasures 6 Sennheiser Legal Disclaimer 7 2

Executive Summary This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of Pairing, Per Call Authentication and Encryption, which are all part of the standard DECT protocol. Furthermore, it explains that an intruder can only compromise the security of a DECT system by gaining access to the data exchanged between the headset and base station during initial pairing. Therefore, protecting the pairing process from unauthorized access is at the heart of a secure wireless communication system. In Sennheiser devices, pairing is only possible when the headset is physically docked in the base station. A potential intruder therefore has no way of calculating or intercepting the pairing data wirelessly. This, together with the added security layers provided by the standard DECT protocol, makes the overall security of Sennheiser DECT products very high. As a result, they are virtually immune to the commonly perceived threats to a wireless system, namely passive eavesdropping, base station impersonation and fraud. About DECT Technology 1 Digital Enhanced Cordless Telecommunications (DECT ) is the European Telecommunications Standards Institute s (ESTI) standard for short-range cordless communications, which can be adapted for voice, data and networking applications. DECT technology has become the global standard for secure residential and business cordless phone communications. More than 110 countries have adopted the DECT system with more than 100 million new devices sold annually. The DECT Security Chain The DECT security chain is made up of the three main processes: Order Process Description Main purpose Frequency 1 Pairing Registration of security bindings between headset & base station Ensure connection established between authorized devices Once, during set-up 2 Per Call Authentification Verification of security bindings between registered headset & base Verify that call is made between authorized devices Every call 3 Encryption Encoding of voice data during calls Make call data unusable to intruders Every call Most DECT enabled devices follow these processes. The DECT standard however, does not define exactly how pairing data should be exchanged. The sections below detail the generic DECT processes, as well as the two common pairing methods used by headset manufacturers. 1 Please refer to www.etsi.org and www.dect.org for more information. 3

The Pairing Process The Backbone of a Wireless Communication System s Security An overview of Validation and Pairing In order for a DECT headset and base station to pair, they first need to validate each other with a matching 4-digit PIN code. An automatic process known as easy pairing is used in most DECT headsets, enabling pairing to start without the user having to manually enter a PIN code. When validation is complete, pairing can initiate. This process is driven by an algorithm only available to DECT manufacturers, called the DECT Standard Authentication Algorithm (DSAA). The algorithm is executed simultaneously in the headset and base using the 4-digit PIN code and a random number stream. The results of the algorithm are exchanged and must match for successful pairing. The Master Security Key the key to keeping out DECT intruders Another output of the DSAA algorithm is the Master Security Key (also known as the 128-bit UAK). The Master Security Key is used in all subsequent DECT security procedures. Since it could be used to compromise the security of a DECT communication system, it is critical to keep the Master Security Key protected from potential intruders. Wireless pairing a vulnerable area in the DECT security chain in some DECT devices It is a DECT requirement that the PIN code and Master Security Key are never exchanged over the air. However, some DECT devices transfer the data used to calculate the Master Security Key wirelessly. This opens up the possibility of an attacker sniffing the pairing data, using highly sophisticated equipment. With very deep and specialized knowledge about DECT encryption, the intruder could, in theory, calculate the Master Security Key and thereby compromise the security of the system. Protected pairing the key to security in Sennheiser DECT devices Sennheiser DECT devices have a very high security level, due to the process required to pair a Sennheiser headset and base station. Rather than transferring pairing data over the air, the charging terminals are used for data communication. This means that a Sennheiser headset needs to be physically docked in a Sennheiser base, in order for the registration and security bindings to be established. This makes it virtually impossible for a third party to sniff or intercept the pairing data from a remote location. Since the Master Security Key is stored on the devices and never transmitted over the air, this feature provides best in class security against any kind of unauthorized access. Protected Pairing (Sennheiser) Wireless pairing (Alternative) Data exchanged over the charging interface Data exchanged over the air Conference pairing a unique Master Security Key in each headset ensures no misuse In Sennheiser headsets, it is possible to establish a DECT conference with up to four headsets connected to one base. In this scenario, each headset will get its own unique Master Security Key. This ensures that the Master Security Key stored in a guest headset cannot be misused later on the conference base station. 4

Other Security Measures in DECT Devices Per Call Authentication Every time a call is made, the base needs to ensure that the connected headset has been paired and is therefore safe to communicate with. The base does this by sending a random number stream also known as a challenge to the headset. The headset and base station then simultaneously run an authentication algorithm, using the random numbers and Master Security Key as input. The headset sends its response back to the base station and if the calculation outputs match, the call can be placed. If not, the call is rejected. Another output of the Per Call Authentication process is the generation of a Session Encryption Key, which is further described in the Encryption section below. The Per call authentication process flow: BASE STATION AIR HEADSET 1 Generate Random 2 Send Challenge 3 5 number stream Calculate response 4 Send response Calculate response 6 7a 7b Check if Base station and headset responses match Match: Continue call Session Key generated No match: Call rejected It is the industry standard to authenticate headsets over the air prior to each call. While this data can be sniffed by an intruder, it is of little value without knowing the Master Security Key. In the case of Sennheiser devices, it would only be possible to retrieve the data used to calculate the Master Security Key with physical access, making it even more difficult, and virtually impossible, for intruders to attack. Encryption Once a secure link is established between the headset and base, the units can communicate. To protect against passive eavesdropping, voice data is encrypted in both directions. A DECT standard encryption algorithm called DSC (with 64-bit encryption key) is used to encrypt voice data and call- related digital signaling. For an unauthorized user, the encrypted data would look like a meaningless stream of digital data. The encryption process flow: Caller speaking Headset Air Base station Speech Cyphering Transmitted Decyphering Speech received Caller listening Headset Air Base station Speech received Decyphering Transmitted Cyphering Speech A new Session Encryption Key is produced for each call during the Per Call Authentication process (as described previously). As a result, an intruder cannot gain access to the Session Encryption Key without hacking into the pairing process. In the case of Sennheiser devices, this can only be done through a physical connection between headset and base, making the exchange of voice data extremely secure. 5

Security Concerns and Countermeasures The security features described provide a very high security level against unauthorized access. The table below summarizes the main perceived threats and countermeasures. Security breach Description of threat Security level: Standard DECT devices* Security level: Sennheiser DECT devices Eavesdropping A third-party gains access to a call and listens in. High The standard built-in DECT protocol provides a high level of security. However, the system is exposed during the pairing process if data is transferred wirelessly. The security level is further weakened if easy pairing is enabled; Specialized skills and equipment would be required. Very high An intruder would require access to the Master Security Key, which is never exchanged over the air. The standard built-in DECT protocol provides additional security. Base station impersonation A third-party uses an unauthorized base station to gain access to an authorized headset. The unauthorized base can then be used to listen to or redirect calls. High There are practical barriers to this type of intrusion and even more specialized knowledge and equipment are required. If access is gained, the chances of deciphering anything meaningful from the data are slim. Very high Due to the Protected Pairing process, physical access to the devices would be required to try to impersonate the base station. Fraud A third-party uses an unauthorized headset to connect to an authorized base. The unauthorized headset is then used to place unauthorized calls. High This is unlikely, since a user would need to gain access to a headset and know how to re-program the identities. It also requires a 'sniffing tool' and to physically be in the DECT range to capture the identities. Very high A sniffing tool would be of no use since pairing data is transferred over the charging terminals. Physical access to the headset would be required, which makes this kind of intrusion extremely challenging to execute in practice. Intruders focus point * Standard DECT devices defined as those using over the air pairing procedures 6

SENNHEISER LEGAL DISCLAIMER At Sennheiser we strive for ensuring the best security measures in our DECT products. However, we cannot be held responsible with regard to compensation for damages or expenses due to any security breaches taking place on the part of the customer by using our DECT products. The customer acknowledges that no technology provides complete security. For higher security requirements than provided by the DECT standard, additional measures must be implemented by the customer. Nevertheless, Sennheiser Communications will be liable for damages from injury to life, body or health due to negligent breach of duty by Sennheiser Communications or damages arising from a breach caused by gross negligence or willful intent by Sennheiser Communications. Sennheiser Communications is also liable for negligent breaches of essential contractual obligations. Essential contractual obligations means obligations whose performance is a fundamental prerequisite for the proper execution of the contract and on which a contracting party may rely upon. In this case, compensation is limited to foreseeable, typical damages. The above provisions also apply to damages caused by a legal representative or a person used to perform an obligation of Sennheiser Communications. Sennheiser Communication s liability according to the Danish/European Product Liability Act unaffected. 7

Experience Sennheiser Perfection is always relative: Users have different expectations from their headsets and speakerphones depending on their needs. For professional users, that need is to communicate as effectively as possible. With Sennheiser s range of headsets and speakerphones, the combination of Sennheiser sound leadership, quality design and build and a focus on real life usability give the best performance possible in offices, contact centers and Unified Communications environments. Please visit us at: www.sennheiser.com/cco Sennheiser is one of the world s leading manufacturers of headphones, microphones, wireless transmission systems and high-quality headsets for both business and entertainment. Drawing on the electro acoustics expertise of Sennheiser and the leading hearing healthcare specialist William Demant, Sennheiser Communications wireless and wired headsets and speakerphones for contact centers, offices and Unified Communications professionals are the result of Sennheiser s and William Demant s joint leadership in sound quality, design, wearing comfort and hearing protection. 0437 2016-01 Sennheiser Communications A/S One Enterprise Drive, Old Lyme, CT 06371 USA www.sennheiser.com/cco

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback