james.wilson Posted June 26, 2013 Share Posted June 26, 2013 I would guess if it is doing that it would collapse often. The data use just setting the vpn back up must be expensive. how do we know it uses vpn from the transmitter? securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount. Link to comment Share on other sites More sharing options...
cybergibbons Posted June 26, 2013 Author Share Posted June 26, 2013 We don't know... On this page it says "end to end encryption": http://www.csldual.com/Products/Worldsim/ Then on this document: http://www.csldual.com/products/additionalmanuals/dualCom%20gradeshift%C2%AE%20range%20elements.pdf It says it uses AES-256 on an IPSEC VPN. Just can't see how you maintain that on GPRS without a lot of really unwanted overhead. Also not seeing any key material in their firmware image. Are there any CSL Dualcom people on here? Just be interested to find out. I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
james.wilson Posted June 26, 2013 Share Posted June 26, 2013 There are dualcom people on here. Do you have a copy of EN50136 which is the standard for comms units. It may not need to be encrypted at the device end, I don't know those regs that well. securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount. Link to comment Share on other sites More sharing options...
cybergibbons Posted June 26, 2013 Author Share Posted June 26, 2013 No, only got part 7 which is "packet switched networks", I don't think GPRS is covered under that? Not sure. Possibly the least readable of all of the standards anyway. Maybe Mr Mealing might know if GPRS needs to be encrypted end to end? I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
Joe Harris Posted June 26, 2013 Share Posted June 26, 2013 It's good to see you actively looking at the various ATS now CG. Note with CSL Dualcom GPRS/PSTN/IP units, they have two different main board designs. One sold outside of the UK and one within. Link to comment Share on other sites More sharing options...
AdrianMealing Posted June 26, 2013 Share Posted June 26, 2013 No, only got part 7 which is "packet switched networks", I don't think GPRS is covered under that? Not sure. Possibly the least readable of all of the standards anyway. Maybe Mr Mealing might know if GPRS needs to be encrypted end to end? Not my area of expertise, however there is a document floating around CLC/FprTS50136-9 Requirements for common protocol for alarm transmission systems using the Internet Protocol. This is i think voluntary at the moment, but does detail requirements for encryption at both ends, t65his is still going through Europe at te moment and i am not sure on the state of the voting, whether positive or negative. So the short answer at the moment i would guess is there is no requirement. amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
cybergibbons Posted June 26, 2013 Author Share Posted June 26, 2013 Thanks for the input. The EN50131 is really quite a clear standard. EN50136 is really heavy going in comparison, it might be my lack of familiarity with all the terminology. A quick correct to the above - my conversion from Intel HEX to binary was incorrect, and looking at it, there is a chunk of very high entropy which would indicate some kind of key material. Anyway, lots of stuff to get on with/ I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
AdrianMealing Posted June 26, 2013 Share Posted June 26, 2013 Just to update,the only published standards for ATS we are using n the UK are these BS EN 50136-1-1:1998+A2:2008, Alarm systems – Alarm transmission systems and equipment – Part 1-1: General requirements for alarm transmission systems BS EN 50136-1-2:1998, Alarm systems – Alarm transmission systems and equipment – Part 1-2: Requirements for systems using dedicated alarm paths BS EN 50136-1-3:1998, Alarm systems – Alarm transmission systems and equipment – Part 1-3: Requirements for systems with digital communicators using the public switched telephone network BS EN 50136-1-4:1998, Alarm systems – Alarm transmission systems and equipment – Part 1-4: Requirements for systems with voice communicators using the public switched telephone network BS EN 50136-1-5:2008, Alarm systems – Alarm transmission systems and equipment – Part 1.5: Requirements for Packet Switched Network PSN amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
cybergibbons Posted June 26, 2013 Author Share Posted June 26, 2013 The bit I have is "Part 1-7 Requirements for protocol used in the IP based systems" but it's a draft of the new standards... I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
james.wilson Posted June 26, 2013 Share Posted June 26, 2013 Looks like it depends on the ats level. Im unsure what ATS level the unit you have claims. But And the bit from 50136 I read that as ATS 3 and up need some form of encryption etc securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.