Digital Enhanced Cordless Telecommunications

Mobility properties

DECT supports short-term mobility with specified quality and good intelligibility. The base station can be changed within a multi-cell radio network by forwarding it to another cell (automatic handover ) and long-term mobility is achieved by logging into a foreign network (automatic roaming ). Alternatively, manual registration takes place at another base station or in another base network. These mobility properties are not completely standardized and, depending on the type, require appropriate precautions in the end devices or manual settings.

Data transmission properties

The properties for data transmission differ in DECT terminals depending on the device type and device family based on the standards of the ITU or the IETF .

Radio transmission and frequencies

The transmission is based on a time division duplex as well as time division multiple access and frequency division multiple access method and works in Europe in the frequency range from 1880  MHz to 1900 MHz, in which 10 channels with 1728 each kHz bandwidth are defined. ETSI also specifies expansion bands in the 1900–1980 MHz, 2010–2025 MHz and 2400–2480 MHz ranges.

DECT uses a frame of 10 ms duration, which is divided into 24 time slots . Each time slot can be used both in the uplink and in the downlink . By coupling time slots, asymmetrical transmission rates up to a ratio of 23: 1 are possible.

In this time slot of 416.7 µs duration, a burst is sent which usually lasts 368 µs and contains 424 bits. This results in a bit duration of 868 ns and a bit frequency of 1.152 MHz.

When modulation is Gaussian Frequency Shift Keying (GFSK) is used. A binary one is transmitted by increasing the frequency by 288 kHz, a binary zero by reducing the frequency by 288 kHz. With stable radio links, 4-level or 8-level modulation can also be used, whereby 2 or 3 bits are transmitted in each step.

The 424 bits of a burst are divided into the following fields:

• 32 bits synchronization (S field)
• 388 bits of data (D field) of which
  • 64 bits header field (A field)
  • 320 bits of user data (B field)
  • 4 bits for determining the channel quality (X field)
• 4 bits for determining the channel quality (Z field)

The resulting standard data rate for the user data is 32 kbit / s, which is available in both directions.

In addition to the normal basic burst of 424 bits in 368.1 μs, there are three more:

• Short burst with 96 bits in 83.3 μs at the beginning of a time slot. This burst can be used, for example, when the base station is not transmitting a call but still needs to broadcast its identifier.
• Low capacity burst with 184 bits in 159.7 μs. This burst occupies only half of a time slot, so that two bursts can be sent within one time slot. The B field for the user data is reduced disproportionately from 320 to 80 bits, so that the data rate is reduced to a quarter.
• High capacity burst with 904 bits in 784.7 μs. This burst occupies two time slots and always begins in an even-numbered time slot. The B-field increases to 800 bits, so that the net data rate increases by a factor of 2.5.

With DECT, the transmission frequency and time slot are always selected by the mobile device.

DECT performs dynamic channel selection and assignment. For this purpose, all DECT devices keep an RSSI list ( Received Signal Strength Indication ). At regular intervals (at least every 30 seconds) all idle channels are scanned and entered in the list. If a new channel is required, the mobile device or the base station selects the channel with the least interference using the RSSI list.

Health aspects

Electromagnetic environmental compatibility

The electromagnetic environmental compatibility describes the immissions of electromagnetic fields (EMF) on the environment, in particular on humans. The maximum transmission power of the base station and handset is 250 milliwatts (mW) each. To ensure smooth operation, a conventional DECT base station also sends continuous pulses outside of the call time to enable the mobile devices to synchronize. For these, Short bursts are used which have only a quarter of the duration of the normal burst, then the average transmit power that is reduced accordingly.

So far, other effects apart from the low level of warming (thermal effect) caused by non-ionizing radiation, as is also the case with the frequencies of DECT, have either not been investigated or not found in numerous studies. Nevertheless, the Federal Office for Radiation Protection (BfS) published the following recommendation in a press release on January 31, 2006:

When purchasing DECT devices, the BfS recommends that you ensure that

• the base station is not transmitting in standby,

• the user can limit the range to the necessary extent and thus reduce the radiated power,
• the actual radiated power automatically adapts to requirements.

The following measures are also recommended for conventional DECT telephones that do not support these functions:

• Set up the base station in a location with favorable radio technology where people are not constantly present, for example in the hallway

• Use hands-free equipment
• Make short phone calls

ECO-DECT

The term ECO-DECT is not defined uniformly across manufacturers. Depending on the manufacturer and device generation, one or more of the following functions can be meant

• Power supplies with particularly high efficiency
• Distance-dependent regulation of the transmission power of the handset and / or the base station
• Establishing the radio connection as required
• Other functions to reduce power consumption or radio transmission power

With a view to reducing radiation exposure as a precautionary measure, the Federal Office for Radiation Protection asked manufacturers in January 2006 to switch off the base stations automatically in stand-by mode and to equip the telephones with a needs-based control of the transmission power. Low radiation DECT telephones ("Low Radiation") reduce the transmission power of the handset if it is in sufficient proximity to the base station, and the particularly criticized continuous transmission of the base station when the handset is placed on the base station is over. However, only one handset may be registered on this base station for this. The term ECO-DECT is becoming more and more popular for these functionalities. In the meantime, devices with a “Full Eco Mode” are on the market that only transmit when a phone call is made or the phone rings. Some manufacturers also refer to this mode as "Eco Mode Plus". In its normal state, the handset is in a pure receive mode; the base station only establishes a radio connection when a call is received. This means that one or two ring signals pass without the handset ringing. Another disadvantage: The user can carry the handset out of the base station's transmission range without noticing that a radio connection is no longer possible. In addition, the standby battery runtimes are considerably reduced for many devices in "Eco mode".

DECT ULE (Ultra Low Energy)

In January 2011, at DECT World in Barcelona, ​​an energy-saving variant of DECT radio (DECT ULE - Ultra Low Energy) was presented for the first time in a white paper by Sitel Semiconductors (today Dialog). In the same year, the DECT Forum in Bern announced the first interoperability tests and founded its own umbrella organization, the ULE Alliance, in February 2013.

The power requirement of the DECT-ULE standard is 250 mW in the microampere range despite full transmission power and is therefore particularly suitable for battery-operated products. As a rule, no new DECT base is required to use DECT ULE. There are now various commercial products in the field of security and home automation that use the new DECT-ULE radio. This includes products such as remote controllable ("intelligent") sockets, motion and smoke detectors or door intercoms. In December 2013 it became known that the ULE Alliance and ETSI had concluded an agreement on the joint development and marketing of the DECT ULE standard.

safety

With DECT, as with other mobile radio systems, unauthorized use and eavesdropping are made more difficult by three methods, two of which are mandatory:

1. Register: The mobile subscriber reports to the base station that it is ready to receive.
2. Identification: Each time a call is set up, the mobile device must identify itself to the base station using a secret key.

Security risk with and without encryption

According to press reports, DECT calls can be listened to with little effort. For example, a PC card, the Com-On-Air card, which is actually intended for VoIP , can be used to listen to a call being made via DECT. This requires special software under Linux, which was developed by members of the Chaos Computer Club and scientists from TU Darmstadt . The intercepted calls are stored on the computer and can then be digitally processed by the attacker. Above all, it is also criticized that the packaging of the device does not show whether the phone has implemented encryption or not.

The German Federal Office for Information Security criticizes the strength of the DECT encryption algorithm, saying that it “does not meet today's requirements for secure encryption by far.” It has been shown that the standard-compliant and correctly implemented encryption with only 64-bit - with the performance of modern computers - can be broken in ever shorter time. In addition, critics complain about the design weakness of DECT. An attacker could cause the base station to send data, even without knowing the key, in order to then analyze it for decryption, so tapping phone calls are not necessary for this. The BSI therefore recommends using DECT telephones only "where calls with sensitive content can be excluded and the use of a corded landline telephone would require a disproportionately large amount of effort." This applies to both encrypting and non-encrypting devices.

DSAA (1) 64-bit encryption

Even simple 64-bit encryption is not supported by many devices or is switched off by default. Technical information is only available from some manufacturers on request (e.g. by email from AVM ), from most manufacturers not at all. Gigaset was the first manufacturer to publish a list of devices that integrate voice encryption at the factory. Since the list was published in 2010, it can be assumed (as of June 2014) that most of the models mentioned, which have been available on the market for a number of years, generally do not encrypt with AES (128 bit), but only with 64 bit. However, they are compatible with base stations from other manufacturers, as 64-bit encryption is part of the GAP profile. In addition to AVM and Gigaset, encryption is also available in devices from Panasonic (in models since 2010) and Swissvoice , in all of the inexpensive models tested, as well as in Audioline and Hagenuk , no encryption was detectable. There is practically no indication of the available encryption on packaging boxes. A test portal's advice to ask the retailer if necessary fails because the retailers also have no information on encryption.

AES encryption with 128 bit and higher

In August 2013, the European Telecommunications Standards Institute (ETSI) announced a new description of the Common Interface Module (CI) under the title “ETSI EN 300 175-1 V2.5.1”. The security functions were already communicated in April 2012, but largely to the exclusion of public awareness. AES has implemented a symmetrical encryption method that is currently (as of February 2016) considered secure. The lowest key length supported by AES of 128 bits is used in standard cipher # 2 (DSC2). AES was implemented independently of CAT-iq as DSAA2, a further development of the 64-bit encryption DSAA (1) and has found its way into the standard with version 2.4.1.

A problem for the consumer is currently the lack of implementation by the manufacturer in the GAP profile (see section below ). The cross-model compatibility is limited to the old DSAA (1) encryption with 64 bits. A first model from Gigaset was released in 2007 (SL965), but the compatibility of 128-bit encryption does not apply to all models. No fallback to 64-bit encryption is negotiated between different models, instead the device transmits unencrypted and is relatively expensive as a twin set for around 3000 euros. Official information from most manufacturers on 128-bit encryption is still missing.

In the meantime (as of 2019) there are indications that despite a lack of social awareness and often a lack of product information, at least AES with 128 bits is developing as the standard for sensitive areas of application. Individual models have been available since around 2016 and address target groups in the health sector. Individual devices are also available that encrypt voice connections with AES-256 bit in "DECT security class C" (with 128 bit authentication). In the mass market, which addresses end users, there is still a lack of specific information on encryption.

System-related interference radiation

DECT telephones and DECT base stations can receive certain channels of the satellite television interfere when the wiring from the LNB to the satellite broadcast receiver is not sufficiently shielded, since DECT same frequency range makes use of certain link signal transport transponder between the LNB and the receiver is used. With analog satellite reception, for example via Astra 19.2 ° East, the intermediate frequency was 1891 MHz on the DECT frequency, and the 10 ms long DECT frames could cause interference stripes in the television picture. (At 100 Hz, the "clock frequency" of DECT corresponds exactly to twice the 50 Hz field frequency of PAL .) The transponder (11.641 MHz horizontally) has been empty since the analog switch-off. With digital satellite reception via Astra, the BetaDigital transponder (12.480 MHz vertical) is disturbed with the intermediate frequency 1880 MHz, which is why some of the programs of the ProSieben-Sat.1 group that used this transponder have been on a different transponder since April 2007 be emitted. Sport1 and Tele 5, for example, continue to transmit on this transponder .

DECT GAP profile

A subset of DECT, DECT-GAP ( Generic Access Profile ), allows DECT devices from different manufacturers to communicate with one another. GAP is just one of the profiles defined by ETSI that help to integrate DECT, which in itself basically only replaces the data cable, into larger networks. While there used to be compatibility problems between devices from different manufacturers, DECT telephones without a GAP are now rarely offered.

GAP guarantees that a handset from one manufacturer works with the base station of another manufacturer, but this only extends to pure telephony, not to convenience functions such as listening to the answering machine or browsing the phone book. In addition, the mobile device must first be registered with the base station. Since the registration procedures of the various manufacturers often differ, difficulties can arise.

More profiles

• Public Access Profile (PAP), predecessor of GAP
• Radio in the Local Loop Access Profile (RAP)
• DECT Packet Radio System (DPRS)
• DECT Multimedia Profile (DMAP)
• Multimedia in the Local Loop Access Profile (MRAP)
• Data Service Profiles (DSP)
• ISDN Interworking Profiles (IIPs)
• CTM Access Profiles (CAP)
• DECT / GSM Interworking Profile (GIP)
• DECT / UMTS Interworking Profile (UIP)
• Remote control of building technology (e.g. Home Control from Gigaset); comparable to smart home , but limited to the DECT network
• Cordless Advanced Technology - internet and quality ( CAT-iq )

Web links

• DECT side at ETSI
• Jürgen Kozlik: More than a cordless phone ...
• Page about radio data transmission via DECT
• Explanation of the DECT standard

Individual evidence

1. ^ Digital Enhanced Cordless Telecommunications (DECT); A High Level Guide to the DECT Standardization (PDF; 855 kB) ETSI. February 2005. Retrieved November 12, 2013.
2. ^ Bernhard Walke: Cellular networks and their protocols 1 - Basics, GSM, UMTS and other cellular cellular networks . 3. Edition. BG Teubner Verlag , 2001, ISBN 3-519-26430-7 , p. 10–11 ( excerpt online from Google [accessed November 12, 2013]). 
3. ↑ ^{a b} Walter HW Tuttlebee: Cordless Personal Communications (PDF; 78 kB) In: IEEE Communications Magazine . December 1992. Retrieved November 12, 2013.
4. ↑ CEPT: Frequency Band to be designated for the european digital cordless Telecommunication System (DECT) (PDF; 8 kB) European Communications Office. January 15, 1990. Retrieved November 12, 2013.
5. ↑ Council Directive 91/287 / EEC of June 3, 1991 on the frequency band to be provided for the coordinated introduction of European wireless digital communication (DECT) in the Community , accessed on November 12, 2013
6. ↑ CEPT: Licensing Regime for Digital European Cordless Telecommunications (DECT) Equipment (PDF; 7 kB) European Communications Office. August 26, 1994. Retrieved November 12, 2013.
7. ↑ DECT - cordless telephony (PDF; 61 kB) Federal Network Agency . Retrieved November 12, 2013.
8. ↑ Operating ban on cordless telephones of the standards CT1 + and CT2 . Federal Network Agency , May 27, 2008, accessed on January 26, 2014 . 
9. ↑ Federal Network Agency warns against using old cordless telephones after 2008 . In: Heise online . May 27, 2008, accessed November 12, 2013 . 
10. ↑ Cordless telecommunications systems of the DECT system: general allocation, bundesnetzagentur.de, published on June 19, 2015.
11. ↑ Knowledge - everything about CAT-iq and AMR-WB. ( Memento of November 5, 2013 in the Internet Archive ) Weka Media publishing, accessed on November 5, 2013
12. ↑ ^{a b c} Cordless landline telephones / DECT telephones. Federal Office for Radiation Protection, August 1, 2012, accessed on August 20, 2018 (information sheet). 
13. ↑ Low- radiation DECT cordless phones - publication. Federal Office for Radiation Protection, archived from the original on October 12, 2007 ; Retrieved October 29, 2007 . 
14. ↑ Gitti Müller: The electric sniffer. WDR , archived from the original on August 23, 2010 ; Retrieved July 5, 2016 . 
15. ↑ The best telephone - product finder cordless telephones ( Memento of May 13, 2012 in the Internet Archive ). Website of Stiftung Warentest , accessed on April 27, 2012
16. ↑ press release . ULE Alliance website, accessed February 2, 2014
17. ↑ 25C3: Serious security gaps in cordless telephony with DECT . Heise-Newsticker, accessed on December 30, 2008 . 
18. ↑ deDECTed.org - project page ( Memento from October 27, 2010 in the Internet Archive )
19. ↑ Listening made easy . ZDF frontal21 , accessed on October 24, 2013 . 
20. ↑ ^{a b} Federal Office for Information Security Security advice: Security advice: Security of cordless telephones according to the DECT standard. ( Memento from August 31, 2014 in the Internet Archive ) Status: February 14, 2012
21. ↑ Karsten Nohl, Erik Tews: Can you still make confidential calls with DeCt? (PDF; 354 ​​kB) Data protection and data security (DuD). November 2010
22. ↑ Peer Heinlein: Dect: Horrible security, actually irresponsible? Heinlein Support, March 30, 2012
23. ↑ Gigaset telephones with DECT encryption implemented at the factory (base and associated handset). Status: March 1, 2010. gigaset.com, accessed on June 15, 2014 (no more up-to-date list available at this time)
24. ↑ Janko: Telephones: Encryption for DECT telephones. testberichte.de (undated, accessed November 28, 2017)
25. ↑ ^{a b} Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); - Part 1: Overview (PDF file). P. 36/37 European Telecommunications Standards Institute ETSI, August 26, 2013 (date of the PDF file)
26. ↑ ETSI EN 300 175-7 V2.4.1 (2012-04) - Common Interface (CI) Part 7: Security features. (PDF file) European Telecommunications Standards Institute, April 2012
27. ↑ Bastian van Venrooy: Security in home automation. Technical thesis at the Bonn-Rhein-Sieg University of Applied Sciences, February 18, 2016
28. ↑ Erik Tews DECT Security Analysis (dissertation, PDF file). see. Chapter 9: "Improvements and Countermeasures"
29. ↑ Andreas Donath: Making wireless encrypted calls with the Siemens Gigaset. Golem, February 9, 2007
30. ^ Dusan Zivadinovic: Siemens encrypts landline calls. Heise, February 12, 2007
31. ↑ DECT (digital enhanced cordless telecommunications). itwissen.info, February 10, 2019, accessed on February 23, 2020
32. ^ Elke von Rekowski: DECT devices for hospitals and co.CRN.de, June 21, 2016
33. ↑ Folker Lück: New mobile devices especially for the health sector. mednic.de, June 17, 2016
34. ↑ Gianluca Rizzo: More security against eavesdropping through DECT encryption. Specialist blog at direct.de, September 27, 2019
35. ↑ cf. Product information on Engage 75 Convertible (Jabra) , accessed February 23, 2020 and DECT and Bluetooth - Wireless Technologies in Comparison. Jabra Cordless Headsets Technical Guide (Haco), accessed February 23, 2020