March 14, 2019
Alarm System Security 2.0
In 2016 my colleague, Matthias Deeg, and I have looked into the security of wireless alarm systems. At this time, the ABUS Secvest alarm system did not sign and/or encryption its packets, allowing an attacker to disarm it. Some time later they introduced rolling codes to their protocol. But as Thomas Detert found found out, they were still not secure.
The used algorithm for generating the next valid code is predictable, just by looking at the communication.
Read more