ImageVerifierCode 换一换
格式:PDF , 页数:216 ,大小:1.39MB ,
资源ID:728459      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-728459.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI EN 300 392-7-2017 Terrestrial Trunked Radio (TETRA) Voice plus Data (V+D) Part 7 Security (V3 4 1)《陆地集群无线电(TETRA) 声音加数据(V+D) 第7部分 安全(V3 4 1)》.pdf)为本站会员(wealthynice100)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI EN 300 392-7-2017 Terrestrial Trunked Radio (TETRA) Voice plus Data (V+D) Part 7 Security (V3 4 1)《陆地集群无线电(TETRA) 声音加数据(V+D) 第7部分 安全(V3 4 1)》.pdf

1、 ETSI EN 300 392-7 V3.4.1 (2017-01) Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security EUROPEAN STANDARD ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 2 Reference REN/TETRA-06184 Keywords security, TETRA, V+D ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.:

2、 +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made availa

3、ble in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only p

4、revailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other

5、ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utili

6、zed in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to re

7、production in all media. European Telecommunications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of

8、the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 3 Contents Intellectual Property Rights 11g3Foreword . 11g3Modal verbs terminology 12g31 Scope 13g32 References 13g32.1 Normative references . 1

9、3g32.2 Informative references 14g33 Definitions and abbreviations . 15g33.1 Definitions 15g33.2 Abbreviations . 18g34 Air Interface authentication and key management mechanisms 20g34.a General . 20g34.0 Security classes 20g34.1 Air interface authentication mechanisms . 21g34.1.1 Overview 21g34.1.1a

10、Authentication and key management algorithms 21g34.1.2 Authentication of an MS . 21g34.1.3 Authentication of the infrastructure 22g34.1.4 Mutual authentication of MS and infrastructure . 23g34.1.5 The authentication key 25g34.1.6 Equipment authentication . 25g34.1.6a Request for information related

11、to an MS . 26g34.1.7 Authentication of an MS when migrated 26g34.1.8 Authentication of the home SwMI when migrated . 27g34.1.9 Mutual Authentication of MS and infrastructure when migrated . 28g34.2 Air Interface key management mechanisms . 29g34.2.0 General 29g34.2.1 The DCK . 29g34.2.2 The GCK . 30

12、g34.2.2.0 General 30g34.2.2.1 Session key modifier GCK0 31g34.2.3 The CCK . 32g34.2.4 The SCK . 33g34.2.4.0 General 33g34.2.4.1 SCK association for DMO use 35g34.2.4.1.0 General 35g34.2.4.1.1 DMO SCK subset grouping . 35g34.2.5 The GSKO 37g34.2.5.0 General 37g34.2.5.1 SCK distribution to groups with

13、 OTAR 38g34.2.5.2 GCK distribution to groups with OTAR . 38g34.2.5.3 Rules for MS response to group key distribution 39g34.2.6 Encrypted Short Identity (ESI) mechanism 39g34.2.7 Encryption Cipher Key . 40g34.2.8 Summary of AI key management mechanisms . 40g34.3 Service description and primitives . 4

14、2g34.3.1 Authentication primitives . 42g34.3.2 SCK transfer primitives 42g34.3.3 GCK transfer primitives 43g34.3.4 GSKO transfer primitives . 44g34.4 Authentication protocol 45g34.4.1 Authentication state transitions . 45g34.4.2 Authentication protocol sequences and operations . 48g34.4.2.0 General

15、48g34.4.2.1 MSCs for authentication . 49g3ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 4 4.4.2.2 MSCs for authentication and security type-3 elements . 55g34.4.2.3 Control of authentication timer T354 at MS . 58g34.4a Information request protocol 59g34.5 OTAR protocols . 62g34.5.1 CCK delivery - protocol

16、 functions 62g34.5.1.0 General 62g34.5.1.1 SwMI-initiated CCK provision . 63g34.5.1.2 MS-initiated CCK provision with U-OTAR CCK demand. 65g34.5.1.3 MS-initiated CCK provision with announced cell reselection 65g34.5.2 OTAR protocol functions - SCK 66g34.5.2.0 General 66g34.5.2.1 MS requests provisio

17、n of SCK(s) 67g34.5.2.2 SwMI provides SCK(s) to individual MS . 68g34.5.2.3 SwMI provides SCK(s) to group of MSs 70g34.5.2.4 SwMI rejects provision of SCK 71g34.5.3 OTAR protocol functions - GCK 72g34.5.3.0 General 72g34.5.3.1 MS requests provision of GCK . 72g34.5.3.2 SwMI provides GCK to an indivi

18、dual MS 74g34.5.3.3 SwMI provides GCK to a group of MSs . 75g34.5.3.4 SwMI rejects provision of GCK 77g34.5.4 Cipher key association to group address . 78g34.5.4.0 General 78g34.5.4.1 SCK association for DMO 79g34.5.4.2 GCK association . 82g34.5.5 Notification of key change over the air . 84g34.5.5.

19、0 General 84g34.5.5.1 Change of DCK . 85g34.5.5.2 Change of CCK . 86g34.5.5.3 Change of GCK . 86g34.5.5.4 Change of SCK for TMO 86g34.5.5.5 Change of SCK for DMO . 86g34.5.5.6 Synchronization of Cipher Key Change 87g34.5.6 Security class change 87g34.5.6.0 General 87g34.5.6.1 Change of security clas

20、s to security class 1 88g34.5.6.2 Change of security class to security class 2 88g34.5.6.3 Change of security class to security class 3 88g34.5.6.4 Change of security class to security class 3 with GCK . 88g34.5.7 Notification of key in use 89g34.5.8 Notification of GCK Activation/Deactivation 89g34

21、.5.9 Deletion of SCK, GCK and GSKO . 89g34.5.10 Air Interface Key Status Enquiry 91g34.5.11 Crypto management group 93g34.5.12 OTAR retry mechanism 94g34.5.13 OTAR protocol functions - GSKO . 94g34.5.13.0 General 94g34.5.13.1 MS requests provision of GSKO . 95g34.5.13.2 SwMI provides GSKO to an MS .

22、 95g34.5.13.3 SwMI rejects provision of GSKO . 96g34.5.14 OTAR protocol functions - interaction and queuing . 96g34.5.15 KSOv for OTAR operations in visited SwMI . 96g34.5.16 Transfer of AI cipher keys across the ISI . 100g35 Enable and disable mechanism . 100g35.0 General . 100g35.1 General relatio

23、nships 101g35.2 Enable/disable state transitions . 101g35.3 Mechanisms 102g35.3.0 General 102g35.3.1 Disable of MS equipment . 103g35.3.2 Disable of an subscription . 103g3ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 5 5.3.3 Disable of subscription and equipment . 103g35.3.4 Enable an MS equipment 103g35

24、.3.5 Enable an MS subscription . 103g35.3.6 Enable an MS equipment and subscription . 103g35.4 Enable/disable protocol 104g35.4.1 General case 104g35.4.2 Status of cipher key material. 105g35.4.2.1 Permanently disabled state 105g35.4.2.2 Temporarily disabled state 105g35.4.3 Specific protocol exchan

25、ges . 106g35.4.3.0 General 106g35.4.3.1 Disabling an MS with mutual authentication 106g35.4.3.2 Enabling an MS with mutual authentication . 107g35.4.3.3 Enabling an MS with non-mutual authentication 108g35.4.3.4 Disabling an MS with non-mutual authentication . 110g35.4.4 Enabling an MS without authe

26、ntication 111g35.4.5 Disabling an MS without authentication . 111g35.4.6 Rejection of enable or disable command 111g35.4.6a Expiry of Enable/Disable protocol timer 112g35.4.7 MM service primitives 112g35.4.7.0 General 112g35.4.7.1 TNMM-DISABLING primitive 113g35.4.7.2 TNMM-ENABLING primitive . 113g3

27、6 Air Interface (AI) encryption . 113g36.1 General principles. 113g36.2 Security class 114g36.2.a General 114g36.2.0 Notification of security class 115g36.2.0.0 General 115g36.2.0.1 Security Class of Neighbouring Cells . 116g36.2.0.2 Identification of MS security capabilities . 116g36.2.1 Constraint

28、s on LA arising from cell class . 116g36.3 Key Stream Generator (KSG) 116g36.3.0 General 116g36.3.1 KSG numbering and selection 117g36.3.2 Interface parameters 117g36.3.2.1 Initial Value (IV) . 117g36.3.2.2 Cipher Key 118g36.4 Encryption mechanism . 118g36.4.0 General 118g36.4.1 Allocation of KSS to

29、 logical channels 118g36.4.2 Allocation of KSS to logical channels with PDU association 120g36.4.2.1 General 120g36.4.2.2 KSS allocation on phase modulation channels 121g36.4.2.3 KSS allocation on QAM channels 122g36.4.2.3.0 General 122g36.4.2.3.1 Fixed mapping . 122g36.4.2.3.2 Offset mapping 123g36

30、.4.3 Synchronization of data calls where data is multi-slot interleaved . 124g36.4.4 Recovery of stolen frames from interleaved data . 125g36.5 Use of cipher keys 126g36.5.0 General 126g36.5.1 Identification of encryption state of downlink MAC PDUs . 127g36.5.1.0 General 127g36.5.1.1 Class 1 cells .

31、 127g36.5.1.2 Class 2 cells . 128g36.5.1.3 Class 3 cells . 128g36.5.2 Identification of encryption state of uplink MAC PDUs 128g36.6 Mobility procedures . 129g36.6.1 General requirements 129g36.6.1.0 Common requirements 129g3ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 6 6.6.1.1 Additional requirements f

32、or class 3 systems . 129g36.6.2 Protocol description 129g36.6.2.0 General 129g36.6.2.1 Negotiation of ciphering parameters . 129g36.6.2.1.0 General 129g36.6.2.1.1 Class 1 cells . 130g36.6.2.1.2 Class 2 cells . 130g36.6.2.1.3 Class 3 cells . 130g36.6.2.2 Initial and undeclared cell re-selection 130g3

33、6.6.2.3 Unannounced cell re-selection 131g36.6.2.4 Announced cell re-selection type-3 . 132g36.6.2.5 Announced cell re-selection type-2 . 132g36.6.2.6 Announced cell re-selection type-1 . 132g36.6.2.7 Key forwarding . 132g36.6.3 Shared channels 133g36.7 Encryption control 134g36.7.0 General 134g36.7

34、.1 Data to be encrypted . 134g36.7.1.1 Downlink control channel requirements . 134g36.7.1.2 Encryption of MAC header elements 134g36.7.1.3 Traffic channel encryption control 134g36.7.1.4 Handling of PDUs that do not conform to negotiated ciphering mode . 135g36.7.2 Service description and primitives

35、 135g36.7.2.0 General 135g36.7.2.1 Mobility Management (MM) 136g36.7.2.2 Mobile Link Entity (MLE) 137g36.7.2.3 Layer 2 139g36.7.3 Protocol functions . 139g36.7.3.0 General 139g36.7.3.1 MM . 139g36.7.3.2 MLE 139g36.7.3.3 LLC . 139g36.7.3.4 MAC . 140g36.7.4 PDUs for cipher negotiation . 140g3Annex A (

36、normative): PDU and element definitions 141g3A.0 General . 141g3A.1 Authentication PDUs 141g3A.1.1 D-AUTHENTICATION demand . 141g3A.1.2 D-AUTHENTICATION reject . 141g3A.1.3 D-AUTHENTICATION response 142g3A.1.4 D-AUTHENTICATION result . 142g3A.1.5 U-AUTHENTICATION demand . 142g3A.1.6 U-AUTHENTICATION

37、 reject . 143g3A.1.7 U-AUTHENTICATION response 143g3A.1.8 U-AUTHENTICATION result . 144g3A.2 OTAR PDUs 144g3A.2.1 D-OTAR CCK Provide 144g3A.2.2 U-OTAR CCK Demand . 144g3A.2.3 U-OTAR CCK Result 145g3A.2.4 D-OTAR GCK Provide 145g3A.2.5 U-OTAR GCK Demand . 146g3A.2.6 U-OTAR GCK Result 147g3A.2.6a D-OTA

38、R GCK Reject 147g3A.2.7 D-OTAR SCK Provide . 148g3A.2.8 U-OTAR SCK Demand 149g3A.2.9 U-OTAR SCK Result . 149g3A.2.9a D-OTAR SCK Reject . 150g3A.2.10 D-OTAR GSKO Provide 150g3A.2.11 U-OTAR GSKO Demand 151g3ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 7 A.2.12 U-OTAR GSKO Result 151g3A.2.12a D-OTAR GSKO Re

39、ject 151g3A.3 PDUs for key association to GTSI . 152g3A.3.1 D-OTAR KEY ASSOCIATE demand . 152g3A.3.2 U-OTAR KEY ASSOCIATE status . 153g3A.4 PDUs to synchronize key or security class change 153g3A.4.1 D-CK CHANGE demand . 153g3A.4.2 U-CK CHANGE result . 154g3A.4.2a U-OTAR KEY DELETE result 155g3A.4.2

40、b U-OTAR KEY STATUS response . 156g3A.4.3 D-DM-SCK ACTIVATE DEMAND . 157g3A.4.4 U-DM-SCK ACTIVATE RESULT . 158g3A.4a PDUs to delete air interface keys in MS 159g3A.4a.1 D-OTAR KEY DELETE demand 159g3A.4a.2 U-OTAR KEY DELETE result 159g3A.4b PDUs to obtain Air Interface Key Status . 160g3A.4b.1 D-OTA

41、R KEY STATUS demand 160g3A.4b.2 U-OTAR KEY STATUS response . 161g3A.5 Other security domain PDUs 162g3A.5.1 U-TEI PROVIDE . 162g3A.5.2 U-OTAR PREPARE 163g3A.5.3 D-OTAR NEWCELL . 163g3A.5.4 D-OTAR CMG GTSI PROVIDE . 163g3A.5.5 U-OTAR CMG GTSI RESULT . 164g3A.5.6 U-INFORMATION PROVIDE 164g3A.6 PDUs fo

42、r Enable and Disable . 166g3A.6.1 D-DISABLE . 166g3A.6.2 D-ENABLE 166g3A.6.3 U-DISABLE STATUS . 167g3A.7 MM PDU type 3 information elements coding 167g3A.7.0 General . 167g3A.7.1 Authentication downlink 167g3A.7.2 Authentication uplink . 168g3A.7.3 Security downlink. 168g3A.8 PDU Information element

43、s coding . 169g3A.8.0 General . 169g3A.8.1 Acknowledgement flag . 169g3A.8.1a Additional information present . 169g3A.8.2 Address extension. 169g3A.8.2a AI algorithm information present . 169g3A.8.2b AI algorithm information request flag 170g3A.8.3 Authentication challenge 170g3A.8.4 Authentication

44、reject reason . 170g3A.8.5 Authentication result 170g3A.8.6 Authentication sub-type . 170g3A.8.7 CCK identifier 171g3A.8.8 CCK information 171g3A.8.9 CCK Location area information . 171g3A.8.10 CCK request flag 172g3A.8.11 Change of security class . 172g3A.8.12 Ciphering parameters . 172g3A.8.13 CK

45、provision flag . 173g3A.8.14 CK provisioning information . 173g3A.8.15 CK request flag . 173g3A.8.16 Class Change flag . 173g3A.8.17 DCK forwarding result . 173g3A.8.18 Disabling type 174g3ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 8 A.8.19 Enable/Disable result 174g3A.8.20 Encryption mode 174g3A.8.20.

46、1 Class 1 cells 174g3A.8.20.2 Class 2 cells 175g3A.8.20.3 Class 3 cells 175g3A.8.21 Equipment disable 175g3A.8.22 Equipment enable . 175g3A.8.23 Equipment status 175g3A.8.23a Explicit response 176g3A.8.24 Frame number 176g3A.8.24a Future information present . 176g3A.8.25 Future key flag . 176g3A.8.2

47、6 GCK data 177g3A.8.27 GCK key and identifier 177g3A.8.28 GCK Number (GCKN) 177g3A.8.28a GCK Provision result . 177g3A.8.28b GCK rejected 178g3A.8.29 GCK select number 178g3A.8.29a GCK Supported 178g3A.8.30 GCK Version Number (GCK-VN) . 178g3A.8.31 Group association . 179g3A.8.31a Group Identity Sec

48、urity Related Information . 179g3A.8.32 GSKO Version Number (GSKO-VN) 179g3A.8.33 GSSI . 179g3A.8.33a HW SW version request flag 180g3A.8.33b HW version number present . 180g3A.8.34 Hyperframe number . 180g3A.8.35 Intent/confirm . 180g3A.8.36 Void 180g3A.8.37 Key association status 180g3A.8.38 Key a

49、ssociation type . 181g3A.8.39 Key change type . 181g3A.8.39a Key delete type . 181g3A.8.39b Key status type . 181g3A.8.39c Key delete extension 182g3A.8.40 Key type flag 182g3A.8.41 KSG-number 182g3A.8.42 Location area 182g3A.8.43 Location area bit mask . 183g3A.8.44 Location area selector . 183g3A.8.45 Location area list 183g3A.8.46 Location area range 183g3A.8.46a Max response timer value . 183g3A.8.47 Mobile country code . 184g3A.8.48 Mobile network code 184g3A.8.48a Model number information present 184g3A.8.48b Model number request flag . 184g3A.8.49 Multiframe number. 184g

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1