The attack is unique in that this is the first to actually crack the DECT standard cipher itself, rather than rely on weaknesses in the implementation of the algorithm. Although the standard was originally intended to replace analogue wireless landline handsets, the technology has become widely deployed in POS systems in restaurants and cafés, as well as office communications.

The issue centres on a shortcoming in "pre-ciphering" in the DECT Standard Cipher , where random integers are generated. Because the algorithm discards only the first 40 or 80 bits during the encryption process, it's possible to infer the keys by eavesdropping on sufficient conversation, according to University of Virginia researcher Karsten Nohl.

Dr. Bjoern Rupp, CEO, GSMK CryptoPhone said: “I am familiar with this DECT attack, it's something that Nohl has been working on for some time. The issue is a similar one to that suffered by the GSM standard, but is more easily fixed at a local level, while GSM's insecurities remain an issue at an operator, network level.”

In an official statement, the DECT Forum said that it took the attack scenarios 'seriously' and continues to 'investigate their applicability'. Short-term security updates to the DECT standard will be ratified as early as spring 2010. The DECT Forum is also establishing a formal certification process to assure security best practices for DECT implementations, claimed the organisation.

Nohl, 28, and researchers Erik Tews of the Darmstadt University of Technology and Ralf-Philipp Weinmann of the University of Luxembourg used acid to dissolve away the epoxy on a DECT chip before using a microscope alongside information from filed patents to reverse-engineer the cipher.