iTeh Standards logo
EURUSD
Your shopping cart is empty.
SIST

SIST EN 300 175-7 V2.6.1:2015

Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features

Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the security architecture, the types of cryptographic algorithms required, the way in
which they are to be used, and the requirements for integrating the security features provided by the architecture into the
DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and
local network configurations.
The security architecture is defined in terms of the security services which are to be supported at the CI, the
mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which
are associated with these mechanisms.
The security processes specified in the present document are each based on one of three cryptographic algorithms:
• an authentication algorithm;
• a key stream generator for MAC layer encryption; and
• a key stream generator plus a Message Authentication Code generator for CCM authenticated encryption.
The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate
proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed
algorithm is specified in the present document.
Integration of the security features is specified in terms of the protocol elements and processes required at the Network
(NWK) and Medium Access Control (MAC) layers of the CI.
The relationship between the security features and various network elements is described in terms of where the security
processes and management functions may be provided.
The present document does not address implementation issues. For instance, no attempt is made to specify whether the
DSAA or DSAA2 should be implemented in the PP at manufacture, or whether the DSAA, DSAA2 or a proprietary
authentication algorithm should be implemented in a detachable module. Similarly, the present document does not
specify whether the DSC or DSC2 should be implemented in hardware in all PPs at manufacture, or whether special
PPs should be manufactured with the DSC, DSC2 or proprietary ciphers built into them. The security architecture
supports all these options, although the use of proprietary algorithms may limit roaming and the concurrent use of PPs
in different environments.
Within the standard authentication algorithms, DSAA2, DSC2 and CCM are stronger than DSAA and DSC and provide
superior protection. DSAA2 and DSC2 are based on AES [10] and were created in 2011. CCM is also based on
AES [10] and was added to the standard in 2012.
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements.
The present document also includes DECT Ultra Low Energy (ULE), a low rate data technology based on DECT
intended for M2M applications with ultra low power consumption.

Digitalne izboljšane brezvrvične telekomunikacije (DECT) - Skupni vmesnik (CI) - 7. del: Varnostne lastnosti

Ta dokument je eden od delov specifikacije skupnega vmesnika (CI) za digitalne izboljšane brezvrvične telekomunikacije (DECT).
V tem dokumentu so določeni varnostna arhitektura, vrste zahtevanih kriptografskih algoritmov in način njihove uporabe ter zahteve za integriranje varnostnih lastnosti arhitekture v skupni vmesnik za digitalne izboljšane brezvrvične telekomunikacije. Opisuje tudi načine upravljanja funkcij ter njihovo povezavo z določenimi fiksnimi sistemi digitalnih izboljšanih brezvrvičnih telekomunikacij in lokalnimi konfiguracijami omrežij.
Varnostna arhitektura je določena v okviru varnostnih storitev, ki jih podpira skupni vmesnik, pri čemer mehanizmi tega vmesnika zagotavljajo storitve ter kriptografske parametre, ključe in procese, povezane s temi mehanizmi.
Varnostni procesi, določni v tem dokumentu, so osnovani na treh kriptografskih algoritmih:
• algoritem preverjanja pristnosti;
• generator toka ključev za šifriranje plasti kode MAC; in
• generator toka ključev in generator kode pristnosti sporočil za preverjeno šifriranje CCM.
Vendar je arhitektura neodvisna od algoritma, zato je načeloma mogoče uporabiti algoritme standarda digitalnih izboljšanih brezvrvičnih telekomunikacij, ustrezne lastniške algoritme ali kombinacijo obeh. Uporaba algoritma je določena v tem dokumentu.
Integriranje varnostnih lastnosti je določeno v okviru protokolnih elementov in postopkov, ki so potrebni v omrežnih (NWK) plasteh in plasteh krmiljenja dostopa do prenosnega medija (MAC) skupnega vmesnika.
Razmerje med varnostnimi lastnostmi in različnimi omrežnimi elementi je opisano glede na lokacije, na katerih bodo zagotovljeni varnostni postopki in funkcije upravljanja.
Ta dokument ne obravnava vprašanj uvedbe. Ta dokument na primer ne vsebuje nobene navedbe, ki bi določala uvedbo DSAA ali DSAA2 v PP med proizvodnjo oz. uvedbo DSAA, DSAA2 ali lastniškega algoritma za preverjanje pristnosti v snemljivi modul. Prav tako ta dokument ne določa uvedbe DSC ali DSC2 v strojno opremo vseh PP-jev med proizvodnjo oz. proizvodnje posebnih PP-jev z vgrajenimi DSC, DSC2 ali lastniškimi šiframi. Varnostna arhitektura
podpira vse te možnosti, čeprav lahko uporaba lastniških algoritmov omejuje gostovanje in hkratno uporabo PP-jev v različnih okoljih.
V okviru standardnih algoritmov za preverjanje pristnosti so DSAA2, DSC2 in CCM močnejši od DSAA in DSC ter zagotavljajo nadstandardno zaščito. DSAA2 in DCS2 temeljita na AES [10] ter sta bila izdelana leta 2011. Tudi CCM temelji na AES [10] in je bil v standard dodan leta 2012.
Ta dokument vključuje novo generacijo digitalnih izboljšanih brezvrvičnih telekomunikacij, nadaljnji razvoj standarda za digitalne izboljšane brezvrvične telekomunikacije, ki uvaja širokopasovni govor, izpopolnjene podatkovne storitve, nove tipe rež in druge tehnične izpopolnitve. Ta dokument vključuje tudi ultra nizko porabo energije (ULE) digitalnih izboljšanih brezvrvičnih telekomunikacij, podatkovno tehnologijo nizke stopnje, ki temelji na digitalnih izboljšanih brezvrvičnih telekomunikacijah in je namenjena uporabi M2M z ultra nizko porabo energije.

General Information

Status
Published
Publication Date
01-Oct-2015
ICS
33.070.30 - Digital Enhanced Cordless Telecommunications (DECT)
Technical Committee
MOC - Mobile Communications
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
04-Aug-2015
Due Date
09-Oct-2015
Completion Date
02-Oct-2015
Ref Project
ETSI EN 300 175-7 V2.6.1 (2015-07) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features

Overview

SIST EN 300 175-7 V2.6.1:2015 defines the security features of the Digital Enhanced Cordless Telecommunications (DECT) Common Interface (CI). It specifies a security architecture, the types of cryptographic algorithms required, how they are to be used, and how security is integrated into the DECT CI at the Network (NWK) and Medium Access Control (MAC) layers. The document covers authentication, confidentiality, key derivation and management, and how security features relate to DECT fixed systems, local networks, New Generation DECT (wideband speech and improved data) and DECT Ultra Low Energy (ULE) for M2M/IoT.

Key topics and technical requirements

  • Security architecture and services: Definitions of supported services such as PT/FT authentication, mutual authentication, data confidentiality and user authentication.
  • Algorithm families and processes:
    • Authentication algorithms (e.g., DSAA, DSAA2)
    • Key stream generators for MAC-layer encryption (e.g., DSC, DSC2)
    • CCM authenticated encryption (key stream + MAC) for authenticated confidentiality
    • Note: DSAA2, DSC2 and CCM are AES-based and considered stronger than DSAA/DSC; DSAA2/DSC2 introduced in 2011 and CCM added in 2012.
  • Algorithm independence: The architecture is algorithm-independent - DECT algorithms, proprietary algorithms, or combinations may be used, although proprietary choices may limit roaming and interoperability.
  • Cryptographic parameters and keys: Requirements for authentication keys (K), session keys (KS), cipher keys (CK), derived keys (DCK), static/default keys and associated processes.
  • Processes and integration: NWK and MAC protocol elements and procedures for authentication exchanges, CK transfer, re-keying, CCM re-keying and sequence reset, and multicast encryption for C/L channels.
  • Management and topology: Guidance on where security processes and management functions may reside in network elements; implementation decisions (hardware vs module) are deliberately out of scope.

Practical applications

  • Secure cordless voice and data for residential, enterprise and industrial DECT systems.
  • M2M and IoT deployments using DECT ULE for ultra low-power, secure sensor and control communications.
  • New Generation DECT deployments requiring wideband speech and enhanced data security.
  • Interoperability and roaming scenarios where standardized authentication and key management are required.

Who should use this standard

  • DECT device manufacturers and module vendors
  • System integrators and network architects deploying DECT or ULE-based solutions
  • Security engineers implementing authentication and encryption for DECT CI
  • Certification bodies and regulators assessing DECT security compliance

Related standards

  • ETSI/EN 300 175 series (DECT Common Interface parts)
  • AES-related specifications referenced by DSAA2/DSC2/CCM

Keywords: DECT security, DECT CI, DSAA2, DSC2, CCM authenticated encryption, AES, ULE, New Generation DECT, authentication, cipher key management, NWK MAC integration.

ETSI EN 300 175-7 V2.5.7 (2015-03) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security featuresETSI EN 300 175-7 V2.5.7 (2015-03) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features
PreviousNext
Standard
ETSI EN 300 175-7 V2.5.7 (2015-03) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features
English language
161 pages
sale 15% off
Preview
sale 15% off
Preview
ETSI EN 300 175-7 V2.6.1 (2015-07) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security featuresETSI EN 300 175-7 V2.6.1 (2015-07) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features
PreviousNext
Standard
ETSI EN 300 175-7 V2.6.1 (2015-07) - Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features
English language
161 pages
sale 15% off
Preview
sale 15% off
Preview
SIST EN 300 175-7 V2.6.1:2015SIST EN 300 175-7 V2.6.1:2015
PreviousNext
Standard
SIST EN 300 175-7 V2.6.1:2015
English language
161 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


Draft ETSI EN 300 175-7 V2.5.7 (2015-03)

EUROPEAN STANDARD
Digital Enhanced Cordless Telecommunications (DECT);
Common Interface (CI);
Part 7: Security features
2 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)

Reference
REN/DECT-000304-7
Keywords
authentication, DECT, IMT-2000, mobility, radio,
security, TDD, TDMA
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2015.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)
Contents
Intellectual Property Rights . 10
Foreword . 10
Modal verbs terminology . 10
Introduction . 11
1 Scope . 15
2 References . 15
2.1 Normative references . 15
2.2 Informative references . 16
3 Definitions and abbreviations . 17
3.1 Definitions . 17
3.2 Abbreviations . 17
4 Security architecture . 19
4.1 Background . 19
4.2 Security services . 20
4.2.1 Authentication of a PT . 20
4.2.2 Authentication of an FT . 20
4.2.3 Mutual authentication . 20
4.2.4 Data confidentiality. 20
4.2.5 User authentication . 20
4.3 Security mechanisms . 20
4.3.0 General . 20
4.3.1 Authentication of a PT (type 1 procedure) . 21
4.3.2 Authentication of an FT (type 1 procedure) . 22
4.3.3 Mutual authentication . 23
4.3.4 Data confidentiality. 24
4.3.4.0 General . 24
4.3.4.1 Derived Cipher Key (DCK) . 24
4.3.4.2 Static Cipher Key (SCK) . 24
4.3.4.3 Default Cipher Key (DefCK) . 24
4.3.5 User authentication . 25
4.3.6 Authentication of a PT (type 2 procedure) . 25
4.3.7 Authentication of a FT (type 2 procedure) . 28
4.4 Cryptographic parameters and keys . 30
4.4.1 Overview . 30
4.4.2 Cryptographic parameters . 30
4.4.2.0 Description of parameters . 30
4.4.2.1 Provisions related to the generation of random numbers . 33
4.4.3 Cryptographic keys . 33
4.4.3.0 General . 33
4.4.3.1 Authentication key K . 33
4.4.3.2 Authentication session keys KS and KS' . 34
4.4.3.3 Cipher key CK . 34
4.5 Security processes . 35
4.5.1 Overview . 35
4.5.2 Derivation of authentication key, K . 35
4.5.2.0 General . 35
4.5.2.1 K is derived from UAK . 35
4.5.2.2 K is derived from AC . 36
4.5.2.3 K is derived from UAK and UPI . 36
4.5.3 Authentication processes . 36
4.5.3.0 General . 36
4.5.3.1 Processes for the derivation of KS and KS' . 36
4.5.3.2 Processes for the derivation of DCK, RES1 and RES2 . 37
4.5.4 Key stream generation . 37
ETSI
4 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)
4.5.5 CCM Authenticated Encryption . 38
4.6 Combinations of security services . 38
4.6.0 Service combinations and related considerations . 38
4.6.1 Combinations of security algorithms . 39
4.6.1.0 General . 39
4.6.1.1 Limitations related to capering algorithms . 39
5 Algorithms for security processes . 39
5.1 Background . 39
5.1.0 General . 39
5.1.1 A algorithm . 40
5.1.1.0 A algorithm, general. 40
5.1.1.1 A algorithm, DSAA based (A-DSAA) . 40
5.1.1.2 A algorithm, DSAA2 based (A-DSAA2) . 40
5.1.1.3 A algorithm, proprietary . 41
5.2 Derivation of session authentication key(s) . 41
5.2.1 A11 process . 41
5.2.2 A21 process . 42
5.3 Authentication and cipher key generation processes . 42
5.3.1 A12 process . 42
5.3.2 A22 process . 43
5.4 CCM algorithm . 44
6 Integration of security . 44
6.1 Background . 44
6.2 Association of keys and identities . 44
6.2.1 Authentication key . 44
6.2.1.0 General . 44
6.2.1.1 K is derived from UAK . 44
6.2.1.2 K derived from AC. 45
6.2.1.3 K derived from UAK and UPI . 45
6.2.2 Cipher keys . 45
6.2.3 Cipher keys for CCM . 46
6.2.3.0 General . 46
6.2.3.1 Single use of the keys for CCM . 46
6.2.3.2 Cipher keys for CCM encryption of C/L multicast channels . 47
6.3 NWK layer procedures . 47
6.3.1 Background . 47
6.3.2 Authentication exchanges . 48
6.3.3 Authentication procedures . 49
6.3.3.1 Authentication of a PT type 1 procedure . 49
6.3.3.2 Authentication of an FT type 1 procedure . 49
6.3.3.3 Authentication of a PT type 2 procedure . 50
6.3.3.4 Authentication of an FT type 2 procedure . 50
6.3.4 Transfer of Cipher Key, CK. 51
6.3.5 Re-Keying . 51
6.3.6 Encryption with Default Cipher Key . 51
6.3.7 Transfer of Cipher Key CK for CCM . 51
6.3.7.0 General . 51
6.3.7.1 Transfer by Virtual Call setup CC procedure . 51
6.3.7.2 Transfer using MM procedures for CCM re-keying and sequence reset . 52
6.3.8 Transfer of Cipher Keys for CCM encryption of multicast channels . 52
6.3.8.1 General . 52
6.3.8.2 Multicast encryption parameter assignation procedure, FT initiated . 52
6.3.8.2.0 General . 52
6.3.8.2.1 Transport of the security parameters . 53
6.3.8.2.2 <> coding . 53
6.3.8.3 Multicast encryption parameter retrieval procedure, PT initiated . 53
6.3.8.3.0 General . 53
6.3.8.3.1 Transport of the security parameters . 54
6.3.8.3.2 <> coding . 54
6.3.8.4 Error cases . 54
ETSI
5 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)
6.3.8.4.1 FT initiated parameter assignation procedure - PT reject . 54
6.3.8.4.2 PT initiated parameter retrieval procedure - FT reject . 54
6.3.8.4.3 Coding of the {MM-INFO-REJECT} in the error cases . 54
6.4 MAC layer procedures . 55
6.4.1 Background . 55
6.4.2 MAC layer field structure . 55
6.4.3 Data to be encrypted . 56
6.4.4 Encryption process . 57
6.4.5 Initialization and synchronization of the encryption process . 60
6.4.5.0 General . 60
6.4.5.1 Construction of CK . 60
6.4.5.2 The Initialization Vector (IV) . 60
6.4.5.3 Generation of two Key Stream segments . 60
6.4.6 Encryption mode control . 61
6.4.6.1 Background . 61
6.4.6.2 MAC layer messages. 61
6.4.6.3 Procedures for switching to encrypt mode . 61
6.4.6.4 Procedures for switching to clear mode . 66
6.4.6.5 Procedures for re-keying . 67
6.4.7 Handover of the encryption process . 68
6.4.7.0 General . 68
6.4.7.1 Bearer handover, uninterrupted ciphering . 69
6.4.7.2 Connection handover, uninterrupted ciphering . 69
6.4.7.3 External handover - handover with ciphering . 69
6.4.8 Modifications for half and long slot specifications (2-level modulation) . 70
6.4.8.1 Background . 70
6.4.8.2 MAC layer field structure . 70
6.4.8.3 Data to be encrypted. 70
6.4.8.4 Encryption process . 71
6.4.8.5 Initialization and synchronization of the encryption process . 71
6.4.8.6 Encryption mode control . 71
6.4.8.7 Handover of the encryption process . 71
6.4.9 Modifications for double slot specifications (2-level modulation) . 71
6.4.9.1 Background . 71
6.4.9.2 MAC layer field structure . 72
6.4.9.3 Data to be encrypted. 72
6.4.9.4 Encryption process . 73
6.4.9.5 Initialization and synchronization of the encryption process . 74
6.4.9.6 Encryption mode control . 74
6.4.9.7 Handover of the encryption process . 74
6.4.10 Modifications for multi-bearer specifications . 74
6.4.11 Modifications for 4-level, 8-level, 16-level and 64-level modulation formats . 74
6.4.11.1 Background . 74
6.4.11.2 MAC layer field structure . 75
6.4.11.3 Data to be encrypted. 75
6.4.11.4 Encryption process . 75
6.4.11.4.0 General . 75
6.4.11.4.1 Encryption process for the A-field and for the unprotected format . 75
6.4.11.4.2 Encryption process for the single subfield protected format . 77
6.4.11.4.3 Encryption process for the multi-subfield protected format . 78
6.4.11.4.4 Encryption process for the constant-size-subfield protected format . 80
6.4.11.4.5 Encryption process for the encoded protected format (MAC service I ) . 80
PX
6.4.11.5 Initialization and synchronization of the encryption process . 82
6.4.11.6 Encryption mode control . 82
6.4.11.7 Handover of the encryption process . 82
6.4.12 Procedures for CCM re-keying and sequence reset . 82
6.5 Security attributes . 82
6.5.1 Background . 82
6.5.2 Authentication protocols . 83
6.5.2.0 General . 83
6.5.2.1 Authentication of a PT type 1 procedure . 83
6.5.2.2 Authentication of an FT type 1 procedure . 84
ETSI
6 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)
6.5.2.3 Authentication of a PT type 2 procedure . 85
6.5.2.4 Authentication of an FT type 2 procedure . 86
6.5.3 Confidentiality protocols . 87
6.5.4 Access-rights protocols . 89
6.5.5 Key numbering and storage . 89
6.5.5.0 General . 89
6.5.5.1 Authentication keys . 89
6.5.5.2 Cipher keys . 90
6.5.6 Key allocation . 91
6.5.6.1 Introduction . 91
6.5.6.2 UAK allocation (DSAA algorithm) . 91
6.5.6.3 UAK allocation (DSAA2 algorithm) . 92
6.6 DLC layer procedures . 93
6.6.1 Background . 93
6.6.2 CCM Authenticated Encryption . 93
6.6.2.0 CCM overview . 93
6.6.2.1 CCM operation . 93
6.6.2.2 Key management . 94
6.6.2.3 CCM Initialization Vector . 94
6.6.2.3.0 CCM Initialization Vector: overview . 94
6.6.2.3.1 CCM Initialization Vector: first byte . 95
6.6.2.3.2 CCM Initialization Vector: bytes 8-11 . 95
6.6.2.3.3 CCM Initialization Vector: bytes 12. 95
6.6.2.4 CCM Sequence Number . 95
6.6.2.5 CCM Start and Stop . 96
6.6.2.6 CCM Sequence resetting and re-keying . 96
6.6.2.7 CCM encryption for multicast channels . 96
6.6.2.7.0 General . 96
6.6.2.7.1 Applicable types of multicast channels and identifiers . 96
6.6.2.7.2 Process for encryption of multicast channels . 96
6.6.2.7.3 DLC service for encrypted multicast channels . 96
6.6.2.7.4 Encryption key for multicast channels . 97
6.6.2.7.5 CCM and DLC sequence numbers . 97
6.6.2.7.6 Initialization Vector for multicast channels . 97
6.6.2.7.7 Security provisions regarding the key . 98
6.6.2.8 CCM encryption for service channels . 98
6.6.2.8.0 General . 98
6.6.2.8.1 Initialization Vector for service channels . 99
7 Use of security features . 99
7.1 Background . 99
7.2 Key management options . 100
7.2.1 Overview of security parameters relevant for key management . 100
7.2.2 Generation of authentication keys . 101
7.2.3 Initial distribution and installation of keys . 101
7.2.4 Use of keys within the fixed network . 102
7.2.4.0 Use of keys within the fixed network: general . 102
7.2.4.1 Use of keys within the fixed network: diagrams for authentication type 1 scenarios . 104
7.2.4.2 Use of keys within the fixed network: diagrams for authentication type 2 scenarios . 107
7.3 Confidentiality service with a Cordless Radio Fixed Part (CRFP). 109
7.3.1 General . 109
7.3.2 CRFP initialization of PT cipher key . 109
Annex A (informative): Security threats analysis . 110
A.1 Introduction . 110
A.2 Threat A - Impersonating a subscriber identity . 111
A.3 Threat B - Illegal use of a handset (PP) . 111
A.4 Threat C - Illegal use of a base station (FP) . 111
A.5 Threat D - Impersonation of a base station (FP) . 111
ETSI
7 Draft ETSI EN 300 175-7 V2.5.7 (2015-03)
A.6 Threat E - Illegally obtaining user data and user related signalling information . 112
A.7 Conclusions and comments . 113
Annex B (informative): Security features and operating environments . 114
B.1 Introduction . 114
B.2 Definitions . 114
B.3 Enrolment options . 114
Annex C (informative): Reasons for not adopting public key techniques . 116
Annex D (informative): Overview of security features . 117
D.1 Introduction . 117
D.2 Authentication of a PT . 117
D.3 Authentication of an FT . 117
D.4 Mutual authentication of a PT and an FT . 118
D.4.0 General . 118
D.4.1 Direct method . 118
D.4.2 Indirect method 1. 118
D.4.3 Indirect method 2. 118
D.5 Data confidentiality . 118
D.5.0 General . 118
D.5.1 Cipher key derivation as part of authentication . 118
D.5.2 Static cipher key . 119
D.6 User authentication . 119
D.7 Key management in case of roaming . 119
D.7.1 Introduction . 119
D.7.2 Use of actual authentication key K . 119
D.7.3 Use of session keys. 119
D.7.4 Use of precalculated sets . 119
Annex E (informative): Limitations of DECT security . 120
E.1 Introduction . 120
E.2 Protocol reflection attacks . 120
E.3 Static cipher key and short Initial Vector (IV) . 120
E.4 General considerations regarding key management . 121
E.5 Use of a predictable challenge in FT authentication . 121
Annex F (informative): Security features related to target networks . 122
F.1 Introduction . 122
F.1.0 General . 122
F.1.1 Notation and DECT reference model . 122
F.1.2 Significance of security features and intended usage within DECT. 122
F.1.3 Mechanism/algorithm and process requirements . 123
F.2 PSTN reference configurations . 123
F.2.1 Domestic telephone .
...


EUROPEAN STANDARD
Digital Enhanced Cordless Telecommunications (DECT);
Common Interface (CI);
Part 7: Security features
2 ETSI EN 300 175-7 V2.6.1 (2015-07)

Reference
REN/DECT-000304-7
Keywords
authentication, DECT, IMT-2000, mobility, radio,
security, TDD, TDMA
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2015.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 ETSI EN 300 175-7 V2.6.1 (2015-07)
Contents
Intellectual Property Rights . 10
Foreword . 10
Modal verbs terminology . 10
Introduction . 11
1 Scope . 15
2 References . 15
2.1 Normative references . 15
2.2 Informative references . 16
3 Definitions and abbreviations . 17
3.1 Definitions . 17
3.2 Abbreviations . 17
4 Security architecture . 19
4.1 Background . 19
4.2 Security services . 20
4.2.1 Authentication of a PT . 20
4.2.2 Authentication of an FT . 20
4.2.3 Mutual authentication . 20
4.2.4 Data confidentiality. 20
4.2.5 User authentication . 20
4.3 Security mechanisms . 20
4.3.0 General . 20
4.3.1 Authentication of a PT (type 1 procedure) . 21
4.3.2 Authentication of an FT (type 1 procedure) . 22
4.3.3 Mutual authentication . 23
4.3.4 Data confidentiality. 24
4.3.4.0 General . 24
4.3.4.1 Derived Cipher Key (DCK) . 24
4.3.4.2 Static Cipher Key (SCK) . 24
4.3.4.3 Default Cipher Key (DefCK) . 24
4.3.5 User authentication . 25
4.3.6 Authentication of a PT (type 2 procedure) . 25
4.3.7 Authentication of a FT (type 2 procedure) . 28
4.4 Cryptographic parameters and keys . 30
4.4.1 Overview . 30
4.4.2 Cryptographic parameters . 30
4.4.2.0 Description of parameters . 30
4.4.2.1 Provisions related to the generation of random numbers . 33
4.4.3 Cryptographic keys . 33
4.4.3.0 General . 33
4.4.3.1 Authentication key K . 33
4.4.3.2 Authentication session keys KS and KS' . 34
4.4.3.3 Cipher key CK . 34
4.5 Security processes . 35
4.5.1 Overview . 35
4.5.2 Derivation of authentication key, K . 35
4.5.2.0 General . 35
4.5.2.1 K is derived from UAK . 35
4.5.2.2 K is derived from AC . 36
4.5.2.3 K is derived from UAK and UPI . 36
4.5.3 Authentication processes . 36
4.5.3.0 General . 36
4.5.3.1 Processes for the derivation of KS and KS' . 36
4.5.3.2 Processes for the derivation of DCK, RES1 and RES2 . 37
4.5.4 Key stream generation . 37
ETSI
4 ETSI EN 300 175-7 V2.6.1 (2015-07)
4.5.5 CCM Authenticated Encryption . 38
4.6 Combinations of security services . 38
4.6.0 Service combinations and related considerations . 38
4.6.1 Combinations of security algorithms . 39
4.6.1.0 General . 39
4.6.1.1 Limitations related to capering algorithms . 39
5 Algorithms for security processes . 39
5.1 Background . 39
5.1.0 General . 39
5.1.1 A algorithm . 40
5.1.1.0 A algorithm, general. 40
5.1.1.1 A algorithm, DSAA based (A-DSAA) . 40
5.1.1.2 A algorithm, DSAA2 based (A-DSAA2) . 40
5.1.1.3 A algorithm, proprietary . 41
5.2 Derivation of session authentication key(s) . 41
5.2.1 A11 process . 41
5.2.2 A21 process . 42
5.3 Authentication and cipher key generation processes . 42
5.3.1 A12 process . 42
5.3.2 A22 process . 43
5.4 CCM algorithm . 44
6 Integration of security . 44
6.1 Background . 44
6.2 Association of keys and identities . 44
6.2.1 Authentication key . 44
6.2.1.0 General . 44
6.2.1.1 K is derived from UAK . 44
6.2.1.2 K derived from AC. 45
6.2.1.3 K derived from UAK and UPI . 45
6.2.2 Cipher keys . 45
6.2.3 Cipher keys for CCM . 46
6.2.3.0 General . 46
6.2.3.1 Single use of the keys for CCM . 46
6.2.3.2 Cipher keys for CCM encryption of C/L multicast channels . 47
6.3 NWK layer procedures . 47
6.3.1 Background . 47
6.3.2 Authentication exchanges . 48
6.3.3 Authentication procedures . 49
6.3.3.1 Authentication of a PT type 1 procedure . 49
6.3.3.2 Authentication of an FT type 1 procedure . 49
6.3.3.3 Authentication of a PT type 2 procedure . 50
6.3.3.4 Authentication of an FT type 2 procedure . 50
6.3.4 Transfer of Cipher Key, CK. 51
6.3.5 Re-Keying . 51
6.3.6 Encryption with Default Cipher Key . 51
6.3.7 Transfer of Cipher Key CK for CCM . 51
6.3.7.0 General . 51
6.3.7.1 Transfer by Virtual Call setup CC procedure . 51
6.3.7.2 Transfer using MM procedures for CCM re-keying and sequence reset . 52
6.3.8 Transfer of Cipher Keys for CCM encryption of multicast channels . 52
6.3.8.1 General . 52
6.3.8.2 Multicast encryption parameter assignation procedure, FT initiated . 52
6.3.8.2.0 General . 52
6.3.8.2.1 Transport of the security parameters . 53
6.3.8.2.2 <> coding . 53
6.3.8.3 Multicast encryption parameter retrieval procedure, PT initiated . 53
6.3.8.3.0 General . 53
6.3.8.3.1 Transport of the security parameters . 54
6.3.8.3.2 <> coding . 54
6.3.8.4 Error cases . 54
ETSI
5 ETSI EN 300 175-7 V2.6.1 (2015-07)
6.3.8.4.1 FT initiated parameter assignation procedure - PT reject . 54
6.3.8.4.2 PT initiated parameter retrieval procedure - FT reject . 54
6.3.8.4.3 Coding of the {MM-INFO-REJECT} in the error cases . 54
6.4 MAC layer procedures . 55
6.4.1 Background . 55
6.4.2 MAC layer field structure . 55
6.4.3 Data to be encrypted . 56
6.4.4 Encryption process . 57
6.4.5 Initialization and synchronization of the encryption process . 60
6.4.5.0 General . 60
6.4.5.1 Construction of CK . 60
6.4.5.2 The Initialization Vector (IV) . 60
6.4.5.3 Generation of two Key Stream segments . 60
6.4.6 Encryption mode control . 61
6.4.6.1 Background . 61
6.4.6.2 MAC layer messages. 61
6.4.6.3 Procedures for switching to encrypt mode . 61
6.4.6.4 Procedures for switching to clear mode . 66
6.4.6.5 Procedures for re-keying . 67
6.4.7 Handover of the encryption process . 68
6.4.7.0 General . 68
6.4.7.1 Bearer handover, uninterrupted ciphering . 69
6.4.7.2 Connection handover, uninterrupted ciphering . 69
6.4.7.3 External handover - handover with ciphering . 69
6.4.8 Modifications for half and long slot specifications (2-level modulation) . 70
6.4.8.1 Background . 70
6.4.8.2 MAC layer field structure . 70
6.4.8.3 Data to be encrypted. 70
6.4.8.4 Encryption process . 71
6.4.8.5 Initialization and synchronization of the encryption process . 71
6.4.8.6 Encryption mode control . 71
6.4.8.7 Handover of the encryption process . 71
6.4.9 Modifications for double slot specifications (2-level modulation) . 71
6.4.9.1 Background . 71
6.4.9.2 MAC layer field structure . 72
6.4.9.3 Data to be encrypted. 72
6.4.9.4 Encryption process . 73
6.4.9.5 Initialization and synchronization of the encryption process . 74
6.4.9.6 Encryption mode control . 74
6.4.9.7 Handover of the encryption process . 74
6.4.10 Modifications for multi-bearer specifications . 74
6.4.11 Modifications for 4-level, 8-level, 16-level and 64-level modulation formats . 74
6.4.11.1 Background . 74
6.4.11.2 MAC layer field structure . 75
6.4.11.3 Data to be encrypted. 75
6.4.11.4 Encryption process . 75
6.4.11.4.0 General . 75
6.4.11.4.1 Encryption process for the A-field and for the unprotected format . 75
6.4.11.4.2 Encryption process for the single subfield protected format . 77
6.4.11.4.3 Encryption process for the multi-subfield protected format . 78
6.4.11.4.4 Encryption process for the constant-size-subfield protected format . 80
6.4.11.4.5 Encryption process for the encoded protected format (MAC service I ) . 80
PX
6.4.11.5 Initialization and synchronization of the encryption process . 82
6.4.11.6 Encryption mode control . 82
6.4.11.7 Handover of the encryption process . 82
6.4.12 Procedures for CCM re-keying and sequence reset . 82
6.5 Security attributes . 82
6.5.1 Background . 82
6.5.2 Authentication protocols . 83
6.5.2.0 General . 83
6.5.2.1 Authentication of a PT type 1 procedure . 83
6.5.2.2 Authentication of an FT type 1 procedure . 84
ETSI
6 ETSI EN 300 175-7 V2.6.1 (2015-07)
6.5.2.3 Authentication of a PT type 2 procedure . 85
6.5.2.4 Authentication of an FT type 2 procedure . 86
6.5.3 Confidentiality protocols . 87
6.5.4 Access-rights protocols . 89
6.5.5 Key numbering and storage . 89
6.5.5.0 General . 89
6.5.5.1 Authentication keys . 89
6.5.5.2 Cipher keys . 90
6.5.6 Key allocation . 91
6.5.6.1 Introduction . 91
6.5.6.2 UAK allocation (DSAA algorithm) . 91
6.5.6.3 UAK allocation (DSAA2 algorithm) . 92
6.6 DLC layer procedures . 93
6.6.1 Background . 93
6.6.2 CCM Authenticated Encryption . 93
6.6.2.0 CCM overview . 93
6.6.2.1 CCM operation . 93
6.6.2.2 Key management . 94
6.6.2.3 CCM Initialization Vector . 94
6.6.2.3.0 CCM Initialization Vector: overview . 94
6.6.2.3.1 CCM Initialization Vector: first byte . 95
6.6.2.3.2 CCM Initialization Vector: bytes 8-11 . 95
6.6.2.3.3 CCM Initialization Vector: bytes 12. 95
6.6.2.4 CCM Sequence Number . 95
6.6.2.5 CCM Start and Stop . 96
6.6.2.6 CCM Sequence resetting and re-keying . 96
6.6.2.7 CCM encryption for multicast channels . 96
6.6.2.7.0 General . 96
6.6.2.7.1 Applicable types of multicast channels and identifiers . 96
6.6.2.7.2 Process for encryption of multicast channels . 96
6.6.2.7.3 DLC service for encrypted multicast channels . 96
6.6.2.7.4 Encryption key for multicast channels . 97
6.6.2.7.5 CCM and DLC sequence numbers . 97
6.6.2.7.6 Initialization Vector for multicast channels . 97
6.6.2.7.7 Security provisions regarding the key . 98
6.6.2.8 CCM encryption for service channels . 98
6.6.2.8.0 General . 98
6.6.2.8.1 Initialization Vector for service channels . 99
7 Use of security features . 99
7.1 Background . 99
7.2 Key management options . 100
7.2.1 Overview of security parameters relevant for key management . 100
7.2.2 Generation of authentication keys . 101
7.2.3 Initial distribution and installation of keys . 101
7.2.4 Use of keys within the fixed network . 102
7.2.4.0 Use of keys within the fixed network: general . 102
7.2.4.1 Use of keys within the fixed network: diagrams for authentication type 1 scenarios . 104
7.2.4.2 Use of keys within the fixed network: diagrams for authentication type 2 scenarios . 107
7.3 Confidentiality service with a Cordless Radio Fixed Part (CRFP). 109
7.3.1 General . 109
7.3.2 CRFP initialization of PT cipher key . 109
Annex A (informative): Security threats analysis . 110
A.1 Introduction . 110
A.2 Threat A - Impersonating a subscriber identity . 111
A.3 Threat B - Illegal use of a handset (PP) . 111
A.4 Threat C - Illegal use of a base station (FP) . 111
A.5 Threat D - Impersonation of a base station (FP) . 111
ETSI
7 ETSI EN 300 175-7 V2.6.1 (2015-07)
A.6 Threat E - Illegally obtaining user data and user related signalling information . 112
A.7 Conclusions and comments . 113
Annex B (informative): Security features and operating environments . 114
B.1 Introduction . 114
B.2 Definitions . 114
B.3 Enrolment options . 114
Annex C (informative): Reasons for not adopting public key techniques . 116
Annex D (informative): Overview of security features . 117
D.1 Introduction . 117
D.2 Authentication of a PT . 117
D.3 Authentication of an FT . 117
D.4 Mutual authentication of a PT and an FT . 118
D.4.0 General . 118
D.4.1 Direct method . 118
D.4.2 Indirect method 1. 118
D.4.3 Indirect method 2. 118
D.5 Data confidentiality . 118
D.5.0 General . 118
D.5.1 Cipher key derivation as part of authentication . 118
D.5.2 Static cipher key . 119
D.6 User authentication . 119
D.7 Key management in case of roaming . 119
D.7.1 Introduction . 119
D.7.2 Use of actual authentication key K . 119
D.7.3 Use of session keys. 119
D.7.4 Use of precalculated sets . 119
Annex E (informative): Limitations of DECT security . 120
E.1 Introduction . 120
E.2 Protocol reflection attacks . 120
E.3 Static cipher key and short Initial Vector (IV) . 120
E.4 General considerations regarding key management . 121
E.5 Use of a predictable challenge in FT authentication . 121
Annex F (informative): Security features related to target networks . 122
F.1 Introduction . 122
F.1.0 General . 122
F.1.1 Notation and DECT reference model . 122
F.1.2 Significance of security features and intended usage within DECT. 122
F.1.3 Mechanism/algorithm and process requirements . 123
F.2 PSTN reference configurations . 123
F.2.1 Domestic telephone .
...


2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features33.070.30'(&7Digital Enhanced Cordless Telecommunications (DECT)ICS:Ta slovenski standard je istoveten z:EN 300 175-7 V2.6.1SIST EN 300 175-7 V2.6.1:2015en,fr,de01-november-2015SIST EN 300 175-7 V2.6.1:2015SLOVENSKI
STANDARD
EUROPEAN STANDARD SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 2
Reference REN/DECT-000304-7 Keywords authentication, DECT, IMT-2000, mobility, radio, security, TDD, TDMA ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00
Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88
Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http://portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2015. All rights reserved.
DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association. SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 3 Contents Intellectual Property Rights . 10 Foreword . 10 Modal verbs terminology . 10 Introduction . 11 1 Scope . 15 2 References . 15 2.1 Normative references . 15 2.2 Informative references . 16 3 Definitions and abbreviations . 17 3.1 Definitions . 17 3.2 Abbreviations . 17 4 Security architecture . 19 4.1 Background . 19 4.2 Security services . 20 4.2.1 Authentication of a PT . 20 4.2.2 Authentication of an FT . 20 4.2.3 Mutual authentication . 20 4.2.4 Data confidentiality. 20 4.2.5 User authentication . 20 4.3 Security mechanisms . 20 4.3.0 General . 20 4.3.1 Authentication of a PT (type 1 procedure) . 21 4.3.2 Authentication of an FT (type 1 procedure) . 22 4.3.3 Mutual authentication . 23 4.3.4 Data confidentiality. 24 4.3.4.0 General . 24 4.3.4.1 Derived Cipher Key (DCK) . 24 4.3.4.2 Static Cipher Key (SCK) . 24 4.3.4.3 Default Cipher Key (DefCK) . 24 4.3.5 User authentication . 25 4.3.6 Authentication of a PT (type 2 procedure) . 25 4.3.7 Authentication of a FT (type 2 procedure) . 28 4.4 Cryptographic parameters and keys . 30 4.4.1 Overview . 30 4.4.2 Cryptographic parameters . 30 4.4.2.0 Description of parameters . 30 4.4.2.1 Provisions related to the generation of random numbers . 33 4.4.3 Cryptographic keys . 33 4.4.3.0 General . 33 4.4.3.1 Authentication key K . 33 4.4.3.2 Authentication session keys KS and KS' . 34 4.4.3.3 Cipher key CK . 34 4.5 Security processes . 35 4.5.1 Overview . 35 4.5.2 Derivation of authentication key, K . 35 4.5.2.0 General . 35 4.5.2.1 K is derived from UAK . 35 4.5.2.2 K is derived from AC . 36 4.5.2.3 K is derived from UAK and UPI . 36 4.5.3 Authentication processes . 36 4.5.3.0 General . 36 4.5.3.1 Processes for the derivation of KS and KS' . 36 4.5.3.2 Processes for the derivation of DCK, RES1 and RES2 . 37 4.5.4 Key stream generation . 37 SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 4 4.5.5 CCM Authenticated Encryption . 38 4.6 Combinations of security services . 38 4.6.0 Service combinations and related considerations . 38 4.6.1 Combinations of security algorithms . 39 4.6.1.0 General . 39 4.6.1.1 Limitations related to capering algorithms . 39 5 Algorithms for security processes . 39 5.1 Background . 39 5.1.0 General . 39 5.1.1 A algorithm . 40 5.1.1.0 A algorithm, general. 40 5.1.1.1 A algorithm, DSAA based (A-DSAA) . 40 5.1.1.2 A algorithm, DSAA2 based (A-DSAA2) . 40 5.1.1.3 A algorithm, proprietary . 41 5.2 Derivation of session authentication key(s) . 41 5.2.1 A11 process . 41 5.2.2 A21 process . 42 5.3 Authentication and cipher key generation processes . 42 5.3.1 A12 process . 42 5.3.2 A22 process . 43 5.4 CCM algorithm . 44 6 Integration of security . 44 6.1 Background . 44 6.2 Association of keys and identities . 44 6.2.1 Authentication key . 44 6.2.1.0 General . 44 6.2.1.1 K is derived from UAK . 44 6.2.1.2 K derived from AC. 45 6.2.1.3 K derived from UAK and UPI . 45 6.2.2 Cipher keys . 45 6.2.3 Cipher keys for CCM . 46 6.2.3.0 General . 46 6.2.3.1 Single use of the keys for CCM . 46 6.2.3.2 Cipher keys for CCM encryption of C/L multicast channels . 47 6.3 NWK layer procedures . 47 6.3.1 Background . 47 6.3.2 Authentication exchanges . 48 6.3.3 Authentication procedures . 49 6.3.3.1 Authentication of a PT type 1 procedure . 49 6.3.3.2 Authentication of an FT type 1 procedure . 49 6.3.3.3 Authentication of a PT type 2 procedure . 50 6.3.3.4 Authentication of an FT type 2 procedure . 50 6.3.4 Transfer of Cipher Key, CK. 51 6.3.5 Re-Keying . 51 6.3.6 Encryption with Default Cipher Key . 51 6.3.7 Transfer of Cipher Key CK for CCM . 51 6.3.7.0 General . 51 6.3.7.1 Transfer by Virtual Call setup CC procedure . 51 6.3.7.2 Transfer using MM procedures for CCM re-keying and sequence reset . 52 6.3.8 Transfer of Cipher Keys for CCM encryption of multicast channels . 52 6.3.8.1 General . 52 6.3.8.2 Multicast encryption parameter assignation procedure, FT initiated . 52 6.3.8.2.0 General . 52 6.3.8.2.1 Transport of the security parameters . 53 6.3.8.2.2 <> coding . 53 6.3.8.3 Multicast encryption parameter retrieval procedure, PT initiated . 53 6.3.8.3.0 General . 53 6.3.8.3.1 Transport of the security parameters . 54 6.3.8.3.2 <> coding . 54 6.3.8.4 Error cases . 54 SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 5 6.3.8.4.1 FT initiated parameter assignation procedure - PT reject . 54 6.3.8.4.2 PT initiated parameter retrieval procedure - FT reject . 54 6.3.8.4.3 Coding of the {MM-INFO-REJECT} in the error cases . 54 6.4 MAC layer procedures . 55 6.4.1 Background . 55 6.4.2 MAC layer field structure . 55 6.4.3 Data to be encrypted . 56 6.4.4 Encryption process . 57 6.4.5 Initialization and synchronization of the encryption process . 60 6.4.5.0 General . 60 6.4.5.1 Construction of CK . 60 6.4.5.2 The Initialization Vector (IV) . 60 6.4.5.3 Generation of two Key Stream segments . 60 6.4.6 Encryption mode control . 61 6.4.6.1 Background . 61 6.4.6.2 MAC layer messages. 61 6.4.6.3 Procedures for switching to encrypt mode . 61 6.4.6.4 Procedures for switching to clear mode . 66 6.4.6.5 Procedures for re-keying . 67 6.4.7 Handover of the encryption process . 68 6.4.7.0 General . 68 6.4.7.1 Bearer handover, uninterrupted ciphering . 69 6.4.7.2 Connection handover, uninterrupted ciphering . 69 6.4.7.3 External handover - handover with ciphering . 69 6.4.8 Modifications for half and long slot specifications (2-level modulation) . 70 6.4.8.1 Background . 70 6.4.8.2 MAC layer field structure . 70 6.4.8.3 Data to be encrypted. 70 6.4.8.4 Encryption process . 71 6.4.8.5 Initialization and synchronization of the encryption process . 71 6.4.8.6 Encryption mode control . 71 6.4.8.7 Handover of the encryption process . 71 6.4.9 Modifications for double slot specifications (2-level modulation) . 71 6.4.9.1 Background . 71 6.4.9.2 MAC layer field structure . 72 6.4.9.3 Data to be encrypted. 72 6.4.9.4 Encryption process . 73 6.4.9.5 Initialization and synchronization of the encryption process . 74 6.4.9.6 Encryption mode control . 74 6.4.9.7 Handover of the encryption process . 74 6.4.10 Modifications for multi-bearer specifications . 74 6.4.11 Modifications for 4-level, 8-level, 16-level and 64-level modulation formats . 74 6.4.11.1 Background . 74 6.4.11.2 MAC layer field structure . 75 6.4.11.3 Data to be encrypted. 75 6.4.11.4 Encryption process . 75 6.4.11.4.0 General . 75 6.4.11.4.1 Encryption process for the A-field and for the unprotected format . 75 6.4.11.4.2 Encryption process for the single subfield protected format . 77 6.4.11.4.3 Encryption process for the multi-subfield protected format . 78 6.4.11.4.4 Encryption process for the constant-size-subfield protected format . 80 6.4.11.4.5 Encryption process for the encoded protected format (MAC service IPX) . 80 6.4.11.5 Initialization and synchronization of the encryption process . 82 6.4.11.6 Encryption mode control . 82 6.4.11.7 Handover of the encryption process . 82 6.4.12 Procedures for CCM re-keying and sequence reset . 82 6.5 Security attributes . 82 6.5.1 Background . 82 6.5.2 Authentication protocols . 83 6.5.2.0 General . 83 6.5.2.1 Authentication of a PT type 1 procedure . 83 6.5.2.2 Authentication of an FT type 1 procedure . 84 SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 6 6.5.2.3 Authentication of a PT type 2 procedure . 85 6.5.2.4 Authentication of an FT type 2 procedure . 86 6.5.3 Confidentiality protocols . 87 6.5.4 Access-rights protocols . 89 6.5.5 Key numbering and storage . 89 6.5.5.0 General . 89 6.5.5.1 Authentication keys . 89 6.5.5.2 Cipher keys . 90 6.5.6 Key allocation . 91 6.5.6.1 Introduction . 91 6.5.6.2 UAK allocation (DSAA algorithm) . 91 6.5.6.3 UAK allocation (DSAA2 algorithm) . 92 6.6 DLC layer procedures . 93 6.6.1 Background . 93 6.6.2 CCM Authenticated Encryption . 93 6.6.2.0 CCM overview . 93 6.6.2.1 CCM operation . 93 6.6.2.2 Key management . 94 6.6.2.3 CCM Initialization Vector . 94 6.6.2.3.0 CCM Initialization Vector: overview . 94 6.6.2.3.1 CCM Initialization Vector: first byte . 95 6.6.2.3.2 CCM Initialization Vector: bytes 8-11 . 95 6.6.2.3.3 CCM Initialization Vector: bytes 12. 95 6.6.2.4 CCM Sequence Number . 95 6.6.2.5 CCM Start and Stop . 96 6.6.2.6 CCM Sequence resetting and re-keying . 96 6.6.2.7 CCM encryption for multicast channels . 96 6.6.2.7.0 General . 96 6.6.2.7.1 Applicable types of multicast channels and identifiers . 96 6.6.2.7.2 Process for encryption of multicast channels . 96 6.6.2.7.3 DLC service for encrypted multicast channels . 96 6.6.2.7.4 Encryption key for multicast channels . 97 6.6.2.7.5 CCM and DLC sequence numbers . 97 6.6.2.7.6 Initialization Vector for multicast channels . 97 6.6.2.7.7 Security provisions regarding the key . 98 6.6.2.8 CCM encryption for service channels . 98 6.6.2.8.0 General . 98 6.6.2.8.1 Initialization Vector for service channels . 99 7 Use of security features . 99 7.1 Background . 99 7.2 Key management options . 100 7.2.1 Overview of security parameters relevant for key management . 100 7.2.2 Generation of authentication keys . 101 7.2.3 Initial distribution and installation of keys . 101 7.2.4 Use of keys within the fixed network . 102 7.2.4.0 Use of keys within the fixed network: general . 102 7.2.4.1 Use of keys within the fixed network: diagrams for authentication type 1 scenarios . 104 7.2.4.2 Use of keys within the fixed network: diagrams for authentication type 2 scenarios . 107 7.3 Confidentiality service with a Cordless Radio Fixed Part (CRFP). 109 7.3.1 General . 109 7.3.2 CRFP initialization of PT cipher key . 109 Annex A (informative): Security threats analysis . 110 A.1 Introduction . 110 A.2 Threat A - Impersonating a subscriber identity . 111 A.3 Threat B - Illegal use of a handset (PP) . 111 A.4 Threat C - Illegal use of a base station (FP) . 111 A.5 Threat D - Impersonation of a base station (FP) . 111 SIST EN 300 175-7 V2.6.1:2015

ETSI ETSI EN 300 175-7 V2.6.1 (2015-07) 7 A.6 Threat E - Illegally obtaining user data and user related signalling information . 112 A.7 Conclusions and comments . 113 Annex B (informative): Security features and operating environments . 114 B.1 Introduction . 114 B.2 Definitions . 114 B.3 Enrolment options . 114 Annex C (informative): Reasons for not adopting public key techniques . 116 Annex D (informative): Overview of security features . 117 D.1 Introduction . 117 D.2 Authentication of a PT . 117 D.3 Authentication of an FT . 117 D.4 Mutual authentication of a PT and an FT . 118 D.4.0 General . 118 D.4.1 Direct method . 118 D.4.2 Indirect method 1. 118 D.4.3 Indirect method 2. 118 D.5 Data confidentiality . 118 D.5.0 General . 118 D.5.1 Cipher key derivation as part of authentication . 118 D.5.2 Static cipher key . 119 D.6 User authentication . 119 D.7 Key management in case of roaming . 119 D.7.1 Introduction . 119 D.7.2 Use of actual authentication key K . 119 D.7.3 Use of session keys. 119 D.7.4 Use of precalculated sets . 119 Annex E (informative): Limitations of DECT security . 120 E.1 Introduction . 120 E.2 Protocol reflection attacks . 120 E.3 Static cipher key and short Initial Vector (IV) . 120 E.4 General considerations regarding key management . 121 E.5 Use of a predictable challenge in FT authentication . 121 Annex F (informative): Security features related to target networks . 122 F.1 Introduction . 122 F.1.0 General . 122 F.1.1 Notation and DECT reference model . 122 F.1.2 Significance of security features and intended usage within DECT. 122 F.1.3 Mechanism/algorithm and process requirements . 123 F.2 PSTN reference configurations . 123 F.2.1 Domestic telephone . 123 F
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

Frequently Asked Questions

SIST EN 300 175-7 V2.6.1:2015 is a standard published by the Slovenian Institute for Standardization (SIST). Its full title is "Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features". This standard covers: The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications (DECT) Common Interface (CI). The present document specifies the security architecture, the types of cryptographic algorithms required, the way in which they are to be used, and the requirements for integrating the security features provided by the architecture into the DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and local network configurations. The security architecture is defined in terms of the security services which are to be supported at the CI, the mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which are associated with these mechanisms. The security processes specified in the present document are each based on one of three cryptographic algorithms: • an authentication algorithm; • a key stream generator for MAC layer encryption; and • a key stream generator plus a Message Authentication Code generator for CCM authenticated encryption. The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed algorithm is specified in the present document. Integration of the security features is specified in terms of the protocol elements and processes required at the Network (NWK) and Medium Access Control (MAC) layers of the CI. The relationship between the security features and various network elements is described in terms of where the security processes and management functions may be provided. The present document does not address implementation issues. For instance, no attempt is made to specify whether the DSAA or DSAA2 should be implemented in the PP at manufacture, or whether the DSAA, DSAA2 or a proprietary authentication algorithm should be implemented in a detachable module. Similarly, the present document does not specify whether the DSC or DSC2 should be implemented in hardware in all PPs at manufacture, or whether special PPs should be manufactured with the DSC, DSC2 or proprietary ciphers built into them. The security architecture supports all these options, although the use of proprietary algorithms may limit roaming and the concurrent use of PPs in different environments. Within the standard authentication algorithms, DSAA2, DSC2 and CCM are stronger than DSAA and DSC and provide superior protection. DSAA2 and DSC2 are based on AES [10] and were created in 2011. CCM is also based on AES [10] and was added to the standard in 2012. The present document includes New Generation DECT, a further development of the DECT standard introducing wideband speech, improved data services, new slot types and other technical enhancements. The present document also includes DECT Ultra Low Energy (ULE), a low rate data technology based on DECT intended for M2M applications with ultra low power consumption.

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications (DECT) Common Interface (CI). The present document specifies the security architecture, the types of cryptographic algorithms required, the way in which they are to be used, and the requirements for integrating the security features provided by the architecture into the DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and local network configurations. The security architecture is defined in terms of the security services which are to be supported at the CI, the mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which are associated with these mechanisms. The security processes specified in the present document are each based on one of three cryptographic algorithms: • an authentication algorithm; • a key stream generator for MAC layer encryption; and • a key stream generator plus a Message Authentication Code generator for CCM authenticated encryption. The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed algorithm is specified in the present document. Integration of the security features is specified in terms of the protocol elements and processes required at the Network (NWK) and Medium Access Control (MAC) layers of the CI. The relationship between the security features and various network elements is described in terms of where the security processes and management functions may be provided. The present document does not address implementation issues. For instance, no attempt is made to specify whether the DSAA or DSAA2 should be implemented in the PP at manufacture, or whether the DSAA, DSAA2 or a proprietary authentication algorithm should be implemented in a detachable module. Similarly, the present document does not specify whether the DSC or DSC2 should be implemented in hardware in all PPs at manufacture, or whether special PPs should be manufactured with the DSC, DSC2 or proprietary ciphers built into them. The security architecture supports all these options, although the use of proprietary algorithms may limit roaming and the concurrent use of PPs in different environments. Within the standard authentication algorithms, DSAA2, DSC2 and CCM are stronger than DSAA and DSC and provide superior protection. DSAA2 and DSC2 are based on AES [10] and were created in 2011. CCM is also based on AES [10] and was added to the standard in 2012. The present document includes New Generation DECT, a further development of the DECT standard introducing wideband speech, improved data services, new slot types and other technical enhancements. The present document also includes DECT Ultra Low Energy (ULE), a low rate data technology based on DECT intended for M2M applications with ultra low power consumption.

SIST EN 300 175-7 V2.6.1:2015 is classified under the following ICS (International Classification for Standards) categories: 33.070.30 - Digital Enhanced Cordless Telecommunications (DECT). The ICS classification helps identify the subject area and facilitates finding related standards.

You can purchase SIST EN 300 175-7 V2.6.1:2015 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of SIST standards.

This May Also Interest You

SIST
SIST EN 301 406-2 V3.1.1:2023(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Harmonised Standard for access to radio spectrum - Part 2: DECT-2020 NR
ETSI EN 301 406-2 V3.1.1 (2023-08)

The present document specifies technical characteristics and methods of measurements for equipment employing
DECT-2020 NR (New Radio) as specified in by the multi-part technical specification ETSI TS 103 636, see [i.12] for
an overview.
National regulation can allow additional frequency bands. The limits and test procedures included in the present
document are applicable for DECT-2020 NR use in frequency ranges below 6 GHz.
NOTE: The relationship between the present document and essential requirements of article 3.2 of Directive
2014/53/EU [i.2] is given in annex A.

  • Standard
    76 pages
    English language
    sale 15% off
  • Standard
    76 pages
    English language
    sale 15% off
  • Standard
    76 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 301 406-1 V3.1.1:2023(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Harmonised Standard for access to radio spectrum - Part 1: DECT, DECT Evolution and DECT ULE
ETSI EN 301 406-1 V3.1.1 (2022-10)

The present document specifies technical characteristics and methods of measurements for equipment implementing the
Digital Enhanced Cordless Telecommunications (DECT) common interface, as specified in the multi-part technical
specification ETSI EN 300 175 including the variants DECT Evolution and DECT ULE (see ETSI EN 300 175-1 [i.3]
for an overview).
The present document applies to the following equipment types:
a) Fixed Part (FP);
b) Portable Part (PP);
c) Cordless Terminal Adapter (CTA);
d) Wireless Relay Station (WRS) (FP and PP combined);
e) Hybrid Part (HyP) (a PP with capability to act as a FP to provide PP to PP communication).
These radio equipment types are capable of operating in all or any part of the frequency bands given in table 1.
The DECT service frequency band for transmitting and receiving for all elements is 1 880 MHz to 1 900 MHz.
Details of the DECT Common Interface may be found in ETSI EN 300 175-1 [i.3], ETSI EN 300 175 parts 2 [1] to
3 [2], ETSI EN 300 175-4 [i.4], ETSI EN 300 175 parts 5 [3] to 6 [4], and ETSI EN 300 175 parts 7 [i.5] to 8 [i.6].
Further details of the DECT system may be found in the ETSI TR 101 178 [i.1].
DECT ULE implements, in addition to the DECT Common Interface, the multi-part ETSI TS 102 939 (see ETSI TS 102 939-1 [i.7] and ETSI TS 102 939-2 [i.8]).
The present document contains requirements to demonstrate that radio equipment both effectively uses and supports the
efficient use of radio spectrum in order to avoid harmful interference.
NOTE: The relationship between the present document and essential requirements of article 3.2 of Directive 2014/53/EU [i.10] is given in annex A.

  • Standard
    107 pages
    English language
    sale 15% off
  • Standard
    106 pages
    English language
    sale 15% off
  • Standard
    106 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 176-1 V2.4.1:2023(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Test specification - Part 1: Radio
ETSI EN 300 176-1 V2.4.1 (2022-11)

The present document specifies tests applicable to all Digital Enhanced Cordless Telecommunications (DECT)
equipment accessing the DECT frequency band 1 880 MHz to 1 900 MHz and including provisions for testing other or
extended frequency bands as described in ETSI EN 300 175-1 [i.11] and ETSI EN 300 175-2 [1]. Part 2 of the present
multi-part deliverable [i.15] specifies tests applicable to DECT speech and audio transmission using a collection of
speech codecs, including Recommendation ITU-T G.726 [i.7] ADPCM codec, Recommendation ITU-T G.722 [i.8]
"7 kHz codec", "MPEG-4 codec" [i.10], LC3plus [i.24] and others.
The aims of the present document are to ensure:
• efficient use of frequency spectrum;
• no harm done to any connected network and its services;
• no harm done to other radio networks and services;
• no harm done to other DECT equipment or its services;
• interworking of terminal equipment via the public network.
The tests of ETSI EN 300 176 are split into two parts:
• the present document (part 1) covers testing of radio frequency parameters, security elements and those DECT
protocols that facilitate the radio frequency tests and efficient use of frequency spectrum;
• part 2 [i.15] describes testing of speech and audio requirements between network interface and DECT PT, or
between a DECT CI air interface and alternatively a DECT PT or FT. Part 2 is not applicable to terminal
equipment specially designed for the disabled (e.g. with amplification of received speech as an aid for the
hard-of-hearing).
DECT terminal equipment consists of the following elements:
a) Fixed Part (FP);
b) Portable Part (PP);
c) Cordless Terminal Adapter (CTA);
d) Wireless Relay Station (WRS) (FP and PP combined);
e) Hybrid Part (HyP) (a PP with capability to act as a FP to provide PP to PP communication).
Details of the DECT Common Interface may be found in ETSI EN 300 175-1 [i.11], ETSI EN 300 175 parts 2 to 3 [1]
to [2], ETSI EN 300 175-4 [i.12], ETSI EN 300 175 parts 5 to 6 [3] to [4], and ETSI EN 300 175 parts 7 to 8 [i.13] to
[i.14]. Further details of the DECT system may be found in the ETSI Technical Report ETSI TR 101 178 [i.1].
Information about ULE may be found in the ETSI Technical Specifications ETSI TS 102 939-1 [i.20] and ETSI
TS 102 939-2 [i.21].

  • Standard
    136 pages
    English language
    sale 15% off
  • Standard
    135 pages
    English language
    sale 15% off
  • Standard
    135 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 176-2 V2.4.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Test specification - Part 2: Audio and speech
ETSI EN 300 176-2 V2.4.1 (2022-05)

The present document specifies the tests applicable to all Digital Enhanced Cordless Telecommunications (DECT)
equipment accessing any DECT frequency band (including applicable IMT-2000 frequency bands) and the tests
applicable to DECT speech and audio transmission using any of the codecs and any of the audio specifications
described in ETSI EN 300 175-8 [8].
The aims of the present document are to ensure:
• efficient use of frequency spectrum;
• no harm done to any connected network and its services;
• no harm done to other radio networks and services;
• no harm done to other DECT equipment or its services;
• interworking of terminal equipment via any public telecommunications network, including the ISDN/PSTN
network and the Internet,
through testing those provisions of ETSI EN 300 175-1 [1] to ETSI EN 300 175-8 [8] which are relevant to these aims.
The tests of ETSI EN 300 176 are split into two parts:
• part 1 [9] covers testing of radio frequency parameters, security elements and those DECT protocols that
facilitate the radio frequency tests and efficient use of frequency spectrum;
• part 2 (the present document) describes testing of speech and audio requirements between network interface
and DECT PT, or between a DECT CI air interface and alternatively a DECT PT or FT.
The present document is not applicable to terminal equipment specially designed for the disabled (e.g. with
amplification of received speech as an aid for the hard of hearing).
DECT terminal equipment consists of the following elements:
a) Fixed Part (FP);
b) Portable Part (PP);
c) Cordless Terminal Adapter (CTA);
d) Wireless Relay Stations (WRS) (FP and PP combined).
The present document is structured to allow tests of either:
a) the FP and PP together; or
b) the FP and PP as separate items.
Where the DECT FP is connected to a PSTN, and there are any peculiarities in the requirements for voice telephony,
these will be accommodated within the FP.

  • Standard
    346 pages
    English language
    sale 15% off
  • Standard
    345 pages
    English language
    sale 15% off
  • Standard
    345 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-3 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 3: Medium Access Control (MAC) layer
ETSI EN 300 175-3 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the Medium Access Control (MAC) layer. The MAC layer is part 3 of the DECT
Common Interface standard and layer 2a of the DECT protocol stack.
It specifies three groups of MAC services:
• the broadcast message control service;
• the connectionless message control service; and
• the multi-bearer control service.
It also specifies the logical channels that are used by the above mentioned services, and how they are multiplexed and
mapped into the Service Data Units (SDUs) that are exchanged with the Physical Layer (PHL).

  • Standard
    373 pages
    English language
    sale 15% off
  • Standard
    373 pages
    English language
    sale 15% off
  • Standard
    373 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-2 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 2: Physical Layer (PHL)
ETSI EN 300 175-2 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the physical channel arrangements. DECT physical channels are radio communication
paths between two radio end points. A radio end point is either part of the fixed infrastructure, a privately owned Fixed
Part (FP), typically a base station, or a Portable Part (PP), typically a handset. The assignment of one or more particular
physical channels to a call is the task of higher layers.
The Physical Layer (PHL) interfaces with the Medium Access Control (MAC) layer, and with the Lower Layer
Management Entity (LLME). On the other side of the PHL is the radio transmission medium which has to be shared
extensively with other DECT users and a wide variety of other radio services. The tasks of the PHL can be grouped into
five categories:
a) to modulate and demodulate radio carriers with a bit stream of a defined rate to create a radio frequency
channel;
b) to acquire and maintain bit and slot synchronization between transmitters and receivers;
c) to transmit or receive a defined number of bits at a requested time and on a particular frequency;
d) to add and remove the synchronization field and the Z-field used for rear end collision detection;
e) to observe the radio environment to report signal strengths.
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements.

  • Standard
    68 pages
    English language
    sale 15% off
  • Standard
    68 pages
    English language
    sale 15% off
  • Standard
    68 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-8 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 8: Speech and audio coding and transmission
ETSI EN 300 175-8 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
This part of the DECT CI specifies the speech and audio coding and transmission requirements.
In order to ensure satisfactory interworking of different portable and fixed units, it is necessary to specify the
transmission performance of the analog information over the digital link. This requires not only use of a common
speech algorithm, but also standardization of frequency responses, reference speech levels (or loudness) at the air
interface and various other parameters.
The present document applies to DECT equipment which includes all the necessary functions to provide real-time
two-way speech conversation and stereo audio transmission. Several speech services are defined in the present
document, including conventional 3,1 kHz telephony, wideband 7 kHz voice transmission, super-wideband 14 kHz and
fullband 20 kHz service. DECT Fixed part providing such services may be connected to the public circuit switched
(PSTN/ISDN) network, to private networks or to the Voice over Internet Protocol (VoIP) network.
Tethered fixed point local loop applications are not required to comply with the requirements of the present document.
For the DECT systems which connect to the Public Switched Telephone Network (PSTN) via an analog interface, the
additional requirements, which are implemented in the FP, have as much as possible been aligned with ETSI
TBR 038 [29].
A summary of the control and the use of the DECT echo control functions, to guide on need for options to
manufacturers and installers, is found in annex A.
Information concerning test methods can be found in ETSI EN 300 176-1 [9] and ETSI EN 300 176-2 [10] (previously
covered by ETSI TBR 010 [i.5]). The test methods take into account that DECT is a digital system.
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements.
In addition, the present document includes DECT Evolution, providing SWB and FB speech and audio capabilities and
a new speech coding algorithm for NB and WB allowing to increase the audio quality of the NB and WB speech service
and improve bandwidth efficiency.
The latest update for DECT Evolution includes the support of ultra-band, high resolution, low-latency speech and audio
coding, and additional PP types supported with LC3plus coding. An application profile using these new PP types can be
found in ETSI TS 103 706 [i.28].

  • Standard
    237 pages
    English language
    sale 15% off
  • Standard
    236 pages
    English language
    sale 15% off
  • Standard
    236 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-5 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 5: Network (NWK) layer
ETSI EN 300 175-5 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the Network (NWK) layer. The NWK layer is part 5 of the ETSI EN 300 175 and
layer 3 of the DECT protocol stack.
The present document only specifies the C-plane (control plane) of the DECT NWK layer. It contains no specification
for the U-plane (user plane) because the U-plane is null for all services at the DECT NWK layer.
The C-plane contains all of the internal signalling information, and the NWK layer protocols are grouped into the
following families of procedures:
• Call Control (CC);
• Supplementary Services (SS);
• Connection Oriented Message Service (COMS);
• ConnectionLess Message Service (CLMS);
• Mobility Management (MM);
• Link Control Entity (LCE).
The present document uses the layered model principles and terminology as described in Recommendation ITU-T
X.200 [i.3] and Recommendation ITU-T X.210 [i.4].
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements. The present document also
includes super-wideband and fullband speech and audio services.

  • Standard
    377 pages
    English language
    sale 15% off
  • Standard
    377 pages
    English language
    sale 15% off
  • Standard
    377 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-4 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 4: Data Link Control (DLC) layer
ETSI EN 300 175-4 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the Data Link Control (DLC) layer. The DLC layer is part 4 of the DECT CI standard
and layer 2b of the DECT protocol stack.
Two planes of operation are specified for this DLC (sub)layer. These planes are called the Control plane (C-plane) and
the User plane (U-plane).
The C-plane is mostly concerned with the DECT signalling aspects. It provides a reliable point-to-point service that
uses a link access protocol to offer error protected transmission of Network (NWK) layer messages. The C-plane also
provides a separate point-to-multipoint (broadcast) service (Lb).
The U-plane is only concerned with end-to-end user information. This plane contains most of the application dependent
procedures of DECT. Several alternative services (both circuit-mode and packet-mode) are defined as a family of
independent entities. Each service provides one or more point-to-point U-plane data links, where the detailed
characteristics of those links are determined by the particular needs of each service. The defined services cover a wide
range of performance, from "unprotected with low delay" for speech applications to "highly protected with variable
delay", for local area network applications.
NOTE: The performance of the DLC services need not be tight to any particular application. For example the
"unprotected with low delay" service could also be used for data applications, e.g. if some data protection
is provided outside the DECT protocol.
The present document uses the layered model principles and terminology as described in Recommendations ITU-T
X.200 [14] and X.210 [15].
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements.

  • Standard
    182 pages
    English language
    sale 15% off
  • Standard
    182 pages
    English language
    sale 15% off
  • Standard
    182 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 300 175-7 V2.9.1:2022(Main)
Digital Enhanced Cordless Telecommunications (DECT) - Common Interface (CI) - Part 7: Security features
ETSI EN 300 175-7 V2.9.1 (2022-03)

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications
(DECT) Common Interface (CI).
The present document specifies the security architecture, the types of cryptographic algorithms required, the way in
which they are to be used, and the requirements for integrating the security features provided by the architecture into the
DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and
local network configurations.
The security architecture is defined in terms of the security services which are to be supported at the CI, the
mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which
are associated with these mechanisms.
The security processes specified in the present document are each based on one of three cryptographic algorithms:
• an authentication algorithm;
• a key stream generator for MAC layer encryption; and
• a key stream generator plus a Message Authentication Code generator for CCM authenticated encryption.
The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate
proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed
algorithm is specified in the present document.
Integration of the security features is specified in terms of the protocol elements and processes required at the Network
(NWK) and Medium Access Control (MAC) layers of the CI.
The relationship between the security features and various network elements is described in terms of where the security
processes and management functions may be provided.
The present document does not address implementation issues. For instance, no attempt is made to specify whether the
DSAA or DSAA2 should be implemented in the PP at manufacture, or whether the DSAA, DSAA2 or a proprietary
authentication algorithm should be implemented in a detachable module. Similarly, the present document does not
specify whether the DSC or DSC2 should be implemented in hardware in all PPs at manufacture, or whether special
PPs should be manufactured with the DSC, DSC2 or proprietary ciphers built into them. The security architecture
supports all these options, although the use of proprietary algorithms may limit roaming and the concurrent use of PPs
in different environments.
Within the standard authentication algorithms, DSAA2, DSC2 and CCM are stronger than DSAA and DSC and provide
superior protection. DSAA2 and DSC2 are based on AES [10] and were created in 2011. CCM is also based on
AES [10] and was added to the standard in 2012.
The present document includes New Generation DECT, a further development of the DECT standard introducing
wideband speech, improved data services, new slot types and other technical enhancements.
The present document also includes DECT Ultra Low Energy (ULE), a low rate data technology based on DECT
intended for M2M applications with ultra low power consumption.

  • Standard
    179 pages
    English language
    sale 15% off
  • Standard
    179 pages
    English language
    sale 15% off
  • Standard
    179 pages
    English language
    sale 10% off
    e-Library read for
    1 day