cybergibbons Posted May 1, 2013 Author Posted May 1, 2013 No, indeed, nothing is 100% secure. But SIA-HS is not 10% secure... I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
ccbrennan Posted May 1, 2013 Posted May 1, 2013 The SIA-HS protocol is insecure and should not be used. WebWay has never used this protocol. We are happy to discuss our encryption and substitution protection with interested parties and have been independently tested not only by the BRE/LPCB, but also customers own IT and external penetration test houses. This has enabled us to sell our systems into banks and retailers. As encryption is part of our software protocol we see no reason not to offer this level of protection to any connection. Encrypting at the signalling device The critical point about encryption is that you must encrypt at the signalling device before transmission of the alarm or poll. This requirement is laid down within EN standards. Encrypting at the device is the only way to ensure that your alarms and polls are not being transmitted in clear (unencrypted) at any stage over the network between the signalling device, the host platform and the ARC - even then you need to be careful. A short and non technical history of DES, Triple DES and AES. From day 1 (around 2004) we have used AES128 bit encryption. AES128 is the "Advanced Encryption Standard". We use the 128 bit version which means we have 2 to the power 128 keys (thats billions and billions and billions (and billions) of combinations). AES is a standard written and maintained by the National Institute of Standards and Technology and has been adopted world wide by governments for the transmission of top secret data. AES superceded DES and Triple DES Encryption (which was written in 1977). DES has hacked in 1999 by a computer in less than 2 and a half hours. Triple DES is considered generally secure, but can be theoretically hacked, hence the introduction of AES. Encryption "outside the device" When considering a secure signalling system or ATS provider ask them where the data is unencrypted and encrypted. If data is not encrypted within the signalling device then all alarms and polls will be sent over the GPRS service between the signalling device and the local cell (and further into the mobile providers network) unencrypted. Same goes for the transmission over PSTN to the exchange and potentially beyond. Intruders are far more likely to be positioned at the "local" interface to the premise and in a position to detect and read unencrypted data from the GSM/GPRS service or the PSTN line / ADSL.
james.wilson Posted May 1, 2013 Posted May 1, 2013 Encryption "outside the device" When considering a secure signalling system or ATS provider ask them where the data is unencrypted and encrypted. If data is not encrypted within the signalling device then all alarms and polls will be sent over the GPRS service between the signalling device and the local cell (and further into the mobile providers network) unencrypted. Same goes for the transmission over PSTN to the exchange and potentially beyond. Intruders are far more likely to be positioned at the "local" interface to the premise and in a position to detect and read unencrypted data from the GSM/GPRS service or the PSTN line / ADSL. How would we find this out though? securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount.
matthew.brough Posted May 1, 2013 Posted May 1, 2013 The SIA-HS protocol is insecure and should not be used. WebWay has never used this protocol. We are happy to discuss our encryption and substitution protection with interested parties and have been independently tested not only by the BRE/LPCB, but also customers own IT and external penetration test houses. This has enabled us to sell our systems into banks and retailers. As encryption is part of our software protocol we see no reason not to offer this level of protection to any connection. Encrypting at the signalling device The critical point about encryption is that you must encrypt at the signalling device before transmission of the alarm or poll. This requirement is laid down within EN standards. Encrypting at the device is the only way to ensure that your alarms and polls are not being transmitted in clear (unencrypted) at any stage over the network between the signalling device, the host platform and the ARC - even then you need to be careful. A short and non technical history of DES, Triple DES and AES. From day 1 (around 2004) we have used AES128 bit encryption. AES128 is the "Advanced Encryption Standard". We use the 128 bit version which means we have 2 to the power 128 keys (thats billions and billions and billions (and billions) of combinations). AES is a standard written and maintained by the National Institute of Standards and Technology and has been adopted world wide by governments for the transmission of top secret data. AES superceded DES and Triple DES Encryption (which was written in 1977). DES has hacked in 1999 by a computer in less than 2 and a half hours. Triple DES is considered generally secure, but can be theoretically hacked, hence the introduction of AES. Encryption "outside the device" When considering a secure signalling system or ATS provider ask them where the data is unencrypted and encrypted. If data is not encrypted within the signalling device then all alarms and polls will be sent over the GPRS service between the signalling device and the local cell (and further into the mobile providers network) unencrypted. Same goes for the transmission over PSTN to the exchange and potentially beyond. Intruders are far more likely to be positioned at the "local" interface to the premise and in a position to detect and read unencrypted data from the GSM/GPRS service or the PSTN line / ADSL. Thats worrying as both the BT Secure & and as the BT Secure is the same hardware as Dualcom Calibre / UDL use triple DES then hardly 'secure' as the name implies . . . www.securitywarehouse.co.uk/catalog/
ccbrennan Posted May 1, 2013 Posted May 1, 2013 ... I would also like to add that if your signalling device is dialling the digi receiver in the ARC as backup to GPRS (when GPRS fails) then this is delivered unencrypted and does not meet any of the standards. Sending the data over the PSTN to the digi receiver only means that the device is sending the channel from a particular site ID, but this is not hard to decipher. Obviously delivering direct to the digi rack means the data is not encrypted as the operator ultimately needs to "read the data". Whilst the AMS will translate the data, this is not "decryption".
matthew.brough Posted May 1, 2013 Posted May 1, 2013 ... I would also like to add that if your signalling device is dialling the digi receiver in the ARC as backup to GPRS (when GPRS fails) then this is delivered unencrypted and does not meet any of the standards. Sending the data over the PSTN to the digi receiver only means that the device is sending the channel from a particular site ID, but this is not hard to decipher. Obviously delivering direct to the digi rack means the data is not encrypted as the operator ultimately needs to "read the data". Whilst the AMS will translate the data, this is not "decryption". Unencrypted digis. Whatever next www.securitywarehouse.co.uk/catalog/
james.wilson Posted May 1, 2013 Posted May 1, 2013 digis can be defeated with a simple voice recorder. eg http://www.dhgate.com/p-ff808081331b1be801333eb1b90625d9.html?utm_source=GMC&utm_medium=Adwords&utm_campaign=onlineseller&utm_term=124958932&f=bm%7c124958932%7c103008-A/V%20Accessories%20%20%20Cables%7cGMC%7cAdwords%7c%7conlineseller%7cGB%7c103008007-Cassette%20Decks%7c&gclid=COunpYjZ9LYCFUfLtAod9C4AmQ securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount.
ccbrennan Posted May 1, 2013 Posted May 1, 2013 James - you need to ask the individual providers simply whether they encrypt at the device or not and to put this in writing. You need to ask specific products and specific questions. We can provide that and our test certificates from BRE/LPCB.
james.wilson Posted May 1, 2013 Posted May 1, 2013 I suppose various fans of various products can provide this info. Send it over to me and if anyone else can get it from their preffered we can compile a list. securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount.
matthew.brough Posted May 1, 2013 Posted May 1, 2013 I suppose various fans of various products can provide this info. Send it over to me and if anyone else can get it from their preffered we can compile a list. I thinks thats a good idea www.securitywarehouse.co.uk/catalog/
Recommended Posts
Archived
This topic is now archived and is closed to further replies.