CSL Dualcom, a prominent maker of safety systems in England, is disputing declares from [Cybergibbons] that their CS2300-R design is riddled with holes. The specific gadget in concern is a communications link that sits in between an alarm system as well as their tracking facility. Its task is to enable the two systems to talk to every other by means of internet, POT lines or cell towers. Needless to say, it has some heavy safety features developed in to stop tampering. It appears, however, that the safety is not extremely secure. [Cybergibbons] methodically poked as well as prodded the bits as well as bytes of the CS2300-R up until it provided up its secrets. It turns out that the encryption it utilizes is just a few infant steps beyond a fundamental Caesar Cipher.
A Caesar Cipher just shifts data by a numeric value. The value is the cipher key. For example, the code IBDLBEBZ is encrypted with a Caesar Cipher. It doesn’t take extremely much to see that a shift of “1” would expose HACKADAY. This…is not security, as well as is equivalent to a TSA lock, if that. The CS2300-R takes the Caesar Cipher as well as modifies it to ensure that the cipher crucial modifications as you step down the data string. [Cybergibbons] was able to figure out exactly how the crucial changed, which revealed, as he put it – ‘the secrets to the kingdom’.
There’s a great deal a lot more to the story. Be sure to read his in-depth report (pdf) as well as let us understand what you believe in the comments below.
We pointed out that CSL Dualcom is disputing the findings. Their action can be checked out here.