March 14, 2019

Alarm System Security 2.0

In 2016 my college, Matthias Deeg, and I have looked into the security of wireless alarm systems. At this time, the ABUS Secvest alarm system did not sign and/or encryption its packets, allowing an attacker to disarm it. Some time later they introduced rolling codes to their protocol. But as Thomas Detert found found out, they were still not secure.

The used algorithm for generating the next valid code is predictable, just by looking at the communication. Thomas Detert and Matthias Deeg worked together to publish the new security issues. Furthermore, the attack was demonstrated in a TV report by “Voss & Team”, a German TV show for consumer protection.

© 2018 - Gerhard Klostermeier - Some rights reserved - Legal Notice