ImageVerifierCode 换一换
格式:PDF , 页数:177 ,大小:867.75KB ,
资源ID:737361      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-737361.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TS 100 392-7-2006 Terrestrial Trunked Radio (TETRA) Voice Plus Data (V+D) Part 7 Security《陆地集群无线电(TETRA) 语音加数据(V+D) 第7部分 安全性(版本2 4 1)》.pdf)为本站会员(bowdiet140)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TS 100 392-7-2006 Terrestrial Trunked Radio (TETRA) Voice Plus Data (V+D) Part 7 Security《陆地集群无线电(TETRA) 语音加数据(V+D) 第7部分 安全性(版本2 4 1)》.pdf

1、 ETSI TS 100 392-7 V2.4.1 (2006-10)Technical Specification Terrestrial Trunked Radio (TETRA);Voice plus Data (V+D);Part 7: SecurityETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 2 Reference RTS/TETRA-06177 Keywords security, TETRA, V+D ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel

2、.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made

3、available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept

4、on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you fi

5、nd errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproductio

6、n in all media. European Telecommunications Standards Institute 2006. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.

7、3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 3 Contents Intellectual Property Rights9 Foreword.9 Introduction 9 1 Scope 10 1.1 Security classes 10 1.2 Document layout 11 2 References 11 3 Def

8、initions and abbreviations.12 3.1 Definitions12 3.2 Abbreviations .14 4 Air Interface authentication and key management mechanisms 15 4.1 Air interface authentication mechanisms .15 4.1.1 Overview 15 4.1.2 Authentication of an MS.16 4.1.3 Authentication of the infrastructure 17 4.1.4 Mutual authenti

9、cation of MS and infrastructure .17 4.1.5 The authentication key19 4.1.6 Equipment authentication .19 4.2 Air Interface key management mechanisms.20 4.2.1 The DCK.20 4.2.2 The GCK.21 4.2.3 The CCK.22 4.2.4 The SCK .23 4.2.4.1 SCK association for DMO use24 4.2.4.1.1 DMO SCK subset grouping.24 4.2.5 T

10、he GSKO 26 4.2.5.1 SCK distribution to groups with OTAR27 4.2.5.2 GCK distribution to groups with OTAR .27 4.2.5.3 Rules for MS response to group key distribution27 4.2.6 Encrypted Short Identity (ESI) mechanism 28 4.2.7 Encryption Cipher Key .28 4.2.8 Summary of AI key management mechanisms.29 4.3

11、Service description and primitives .30 4.3.1 Authentication primitives .30 4.3.2 SCK transfer primitives 31 4.3.3 GCK transfer primitives32 4.3.4 GSKO transfer primitives .33 4.4 Authentication protocol33 4.4.1 Authentication state transitions.33 4.4.2 Authentication protocol sequences and operation

12、s .36 4.4.2.1 MSCs for authentication .37 4.4.2.2 MSCs for authentication Type-3 element .43 4.4.2.3 Control of authentication timer T354 at MS .46 4.5 OTAR protocols .47 4.5.1 CCK delivery - protocol functions47 4.5.1.1 SwMI-initiated CCK provision .47 4.5.1.2 MS-initiated CCK provision with U-OTAR

13、 CCK demand.48 4.5.1.3 MS-initiated CCK provision with announced cell reselection 49 4.5.2 OTAR protocol functions - SCK 50 4.5.2.1 MS requests provision of SCK(s)51 4.5.2.2 SwMI provides SCK(s) to individual MS .52 4.5.2.3 SwMI provides SCK(s) to group of MSs 54 4.5.2.4 SwMI rejects provision of SC

14、K 56 ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 4 4.5.3 OTAR protocol functions - GCK56 4.5.3.1 MS requests provision of GCK .56 4.5.3.2 SwMI provides GCK to an individual MS59 4.5.3.3 SwMI provides GCK to a group of MSs.61 4.5.3.4 SwMI rejects provision of GCK62 4.5.4 Cipher key association to group a

15、ddress.63 4.5.4.1 SCK association for DMO 64 4.5.4.2 GCK association .67 4.5.5 Notification of key change over the air.69 4.5.5.1 Change of DCK.71 4.5.5.2 Change of CCK.71 4.5.5.3 Change of GCK.71 4.5.5.4 Change of SCK for TMO71 4.5.5.5 Change of SCK for DMO .72 4.5.5.6 Synchronization of Cipher Key

16、 Change72 4.5.6 Security class change 72 4.5.6.1 Change of security class to security class 1 73 4.5.6.2 Change of security class to security class 2 73 4.5.6.3 Change of security class to security class 3 73 4.5.6.4 Change of security class to security class 3 with GCK .74 4.5.7 Notification of key

17、 in use74 4.5.8 Notification of GCK Activation/Deactivation 74 4.5.9 Deletion of SCK, GCK and GSKO.74 4.5.10 Air Interface Key Status Enquiry76 4.5.11 Crypto management group78 4.5.12 OTAR retry mechanism79 5 Enable and disable mechanism.79 5.1 General relationships79 5.2 Enable/disable state transi

18、tions.80 5.3 Mechanisms81 5.3.1 Disable of MS equipment .82 5.3.2 Disable of an subscription.82 5.3.3 Disable of subscription and equipment.82 5.3.4 Enable an MS equipment82 5.3.5 Enable an MS subscription .82 5.3.6 Enable an MS equipment and subscription.82 5.4 Enable/disable protocol 83 5.4.1 Gene

19、ral case83 5.4.2 Status of cipher key material.84 5.4.2.1 Permanently disabled state84 5.4.2.2 Temporarily disabled state 84 5.4.3 Specific protocol exchanges .84 5.4.3.1 Disabling an MS with mutual authentication 84 5.4.3.2 Enabling an MS with mutual authentication .85 5.4.3.3 Enabling an MS with n

20、on-mutual authentication86 5.4.3.4 Disabling an MS with non-mutual authentication.88 5.4.4 Enabling an MS without authentication89 5.4.5 Disabling an MS without authentication.90 5.4.6 Rejection of enable or disable command 90 5.4.7 MM service primitives91 5.4.7.1 TNMM-DISABLING primitive91 5.4.7.2

21、TNMM-ENABLING primitive.92 6 Air Interface (AI) encryption .92 6.1 General principles.92 6.2 Security class93 6.2.0 Notification of security class 94 6.2.0.1 Security Class of Neighbouring Cells .94 6.2.0.2 Identification of MS security capabilities .95 6.2.1 Constraints on LA arising from cell clas

22、s.95 6.3 Key Stream Generator (KSG) 95 ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 5 6.3.1 KSG numbering and selection 95 6.3.2 Interface parameters96 6.3.2.1 Initial Value (IV).96 6.3.2.2 Cipher Key 96 6.4 Encryption mechanism.97 6.4.1 Allocation of KSS to logical channels 97 6.4.2 Allocation of KSS to

23、 logical channels with PDU association 98 6.4.3 Synchronization of data calls where data is multi-slot interleaved.99 6.4.4 Recovery of stolen frames from interleaved data .100 6.5 Use of cipher keys 100 6.5.1 Identification of encryption state of downlink MAC PDUs .101 6.5.1.1 Class 1 cells.101 6.5

24、.1.2 Class 2 cells.102 6.5.1.3 Class 3 cells.102 6.5.2 Identification of encryption state of uplink MAC PDUs 102 6.6 Mobility procedures .103 6.6.1 General requirements103 6.6.1.1 Additional requirements for class 3 systems.103 6.6.2 Protocol description103 6.6.2.1 Negotiation of cipher parameters 1

25、03 6.6.2.1.1 Class 1 cells .104 6.6.2.1.2 Class 2 cells .104 6.6.2.1.3 Class 3 cells .104 6.6.2.2 Initial and undeclared cell re-selection104 6.6.2.3 Unannounced cell re-selection 105 6.6.2.4 Announced cell re-selection type-3.106 6.6.2.5 Announced cell re-selection type-2.106 6.6.2.6 Announced cell

26、 re-selection type-1.106 6.6.2.7 Key forwarding .106 6.7 Encryption control108 6.7.1 Data to be encrypted .108 6.7.1.1 Downlink control channel requirements .108 6.7.1.2 Encryption of MAC header elements108 6.7.1.3 Traffic channel encryption control108 6.7.1.4 Handling of PDUs that do not conform to

27、 negotiated ciphering mode .109 6.7.2 Service description and primitives109 6.7.2.1 Mobility Management (MM) 110 6.7.2.2 Mobile Link Entity (MLE)110 6.7.2.3 Layer 2 112 6.7.3 Protocol functions.112 6.7.3.1 MM .112 6.7.3.2 MLE 112 6.7.3.3 LLC .112 6.7.3.4 MAC .113 6.7.4 PDUs for cipher negotiation .1

28、13 Annex A (normative): PDU and element definitions.114 A.1 Authentication PDUs114 A.1.1 D- AUTHENTICATION demand114 A.1.2 D-AUTHENTICATION reject.114 A.1.3 D-AUTHENTICATION response115 A.1.4 D-AUTHENTICATION result.115 A.1.5 U-AUTHENTICATION demand.115 A.1.6 U-AUTHENTICATION reject.116 A.1.7 U-AUTH

29、ENTICATION response116 A.1.8 U-AUTHENTICATION result.117 A.2 OTAR PDUs 117 A.2.1 D-OTAR CCK Provide 117 A.2.2 U-OTAR CCK Demand .117 A.2.3 U-OTAR CCK Result 118 A.2.4 D-OTAR GCK Provide118 ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 6 A.2.5 U-OTAR GCK Demand.119 A.2.6 U-OTAR GCK Result 120 A.2.6a D-OTAR

30、 GCK Reject 120 A.2.7 D-OTAR SCK Provide.121 A.2.8 U-OTAR SCK Demand122 A.2.9 U-OTAR SCK Result.122 A.2.9a D-OTAR SCK Reject.123 A.2.10 D-OTAR GSKO Provide123 A.2.11 U-OTAR GSKO Demand 124 A.2.12 U-OTAR GSKO Result124 A.2.12a D-OTAR GSKO Reject124 A.3 PDUs for key association to GTSI .125 A.3.1 D-OT

31、AR KEY ASSOCIATE demand .125 A.3.2 U-OTAR KEY ASSOCIATE status.126 A.4 PDUs to synchronize key or security class change 126 A.4.1 D-CK CHANGE demand.126 A.4.2 U-CK CHANGE result.127 A.4a PDUs to delete air interface keys in MS 128 A.4a.1 D-OTAR KEY DELETE demand 128 A.4a.2 U-OTAR KEY DELETE result12

32、9 A.4b PDUs to obtain Air Interface Key Status .130 A.4b.1 D-OTAR KEY STATUS demand 130 A.4b.2 U-OTAR KEY STATUS response.131 A.5 Other security domain PDUs132 A.5.1 U-TEI PROVIDE .132 A.5.2 U-OTAR PREPARE 133 A.5.3 D-OTAR NEWCELL.133 A.5.4 D-OTAR CMG GTSI PROVIDE.133 A.5.5 U-OTAR CMG GTSI RESULT.13

33、4 A.6 PDUs for Enable and Disable.134 A.6.1 D-DISABLE.134 A.6.2 D-ENABLE135 A.6.3 U-DISABLE STATUS.135 A.7 MM PDU type 3 information elements coding 136 A.7.1 Authentication downlink 136 A.7.2 Authentication uplink.136 A.8 PDU Information elements coding.137 A.8.1 Acknowledgement flag.137 A.8.2 Addr

34、ess extension.137 A.8.3 Authentication challenge137 A.8.4 Authentication reject reason.137 A.8.5 Authentication result 138 A.8.6 Authentication sub-type .138 A.8.7 CCK identifier 138 A.8.8 CCK information138 A.8.9 CCK Location area information .139 A.8.10 CCK request flag139 A.8.11 Change of securit

35、y class .139 A.8.12 Cipher parameters.139 A.8.13 CK provision flag .140 A.8.14 CK provisioning information .140 A.8.15 CK request flag.140 A.8.16 Class Change flag.141 A.8.17 DCK forwarding result.141 A.8.18 Disabling type 141 A.8.19 Enable/Disable result141 A.8.20 Encryption mode 142 ETSI ETSI TS 1

36、00 392-7 V2.4.1 (2006-10) 7 A.8.20.1 Class 1 cells 142 A.8.20.2 Class 2 cells 142 A.8.20.3 Class 3 cells 142 A.8.21 Equipment disable 142 A.8.22 Equipment enable.143 A.8.23 Equipment status 143 A.8.23a Explicit response 143 A.8.24 Frame number 143 A.8.25 Future key flag .143 A.8.26 GCK data144 A.8.2

37、7 GCK key and identifier 144 A.8.28 GCK Number (GCKN) 144 A.8.28a GCK Provision result .144 A.8.28b GCK rejected145 A.8.29 GCK select number 145 A.8.29a GCK Supported145 A.8.30 GCK Version Number (GCK-VN).145 A.8.31 Group association.146 A.8.32 GSKO Version Number (GSKO-VN)146 A.8.33 GSSI .146 A.8.3

38、4 Hyperframe number .146 A.8.35 Intent/confirm.146 A.8.36 Void147 A.8.37 Key association status 147 A.8.38 Key association type.147 A.8.39 Key change type .147 A.8.39a Key delete type.148 A.8.39b Key status type .148 A.8.40 Key type flag 148 A.8.41 KSG-number 149 A.8.42 Location area 149 A.8.43 Loca

39、tion area bit mask .149 A.8.44 Location area selector.149 A.8.45 Location area list 149 A.8.46 Location area range 150 A.8.46a Max response timer value.150 A.8.47 Mobile country code.150 A.8.48 Mobile network code150 A.8.49 Multiframe number.150 A.8.50 Mutual authentication flag150 A.8.51 Network ti

40、me150 A.8.52 Number of GCKs changed .151 A.8.52a Number of GCKs deleted .151 A.8.52b Number of GCK status .151 A.8.52c Number of GCKs provided 151 A.8.52d Number of GCKs rejected152 A.8.52e Number of GCKs requested by GCKN 152 A.8.52f Number of GCKs requested by GSSI.152 A.8.53 Number of groups.153

41、A.8.53a Number of GSKO status.153 A.8.54 Number of location areas .153 A.8.55 Number of SCKs changed153 A.8.55a Number of SCKs deleted154 A.8.56 Number of SCKs provided .154 A.8.56a Number of SCKs rejected.154 A.8.57 Number of SCKs requested155 A.8.57a Number of SCK status155 A.8.57b OTAR reject rea

42、son155 A.8.57c OTAR retry interval .156 A.8.58 OTAR sub-type 156 A.8.59 PDU type157 A.8.60 Proprietary157 ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 8 A.8.61 Provision result.157 A.8.62 Random challenge 157 A.8.63 Random seed 158 A.8.64 Random seed for OTAR.158 A.8.65 Void158 A.8.66 Response value.158

43、A.8.67 SCK data 158 A.8.68 SCK information 159 A.8.69 SCK key and identifier .159 A.8.70 SCK Number (SCKN)159 A.8.71 SCK number and result 160 A.8.72 SCK provision flag.160 A.8.72a Void160 A.8.72b SCK rejected 160 A.8.73 SCK select number.160 A.8.73a SCK subset grouping type161 A.8.73b SCK subset nu

44、mber161 A.8.74 SCK use161 A.8.75 SCK version number 162 A.8.76 Sealed Key (Sealed CCK, Sealed SCK, Sealed GCK, Sealed GSKO).162 A.8.77 Security information element .162 A.8.78 Session key.163 A.8.79 Slot Number .163 A.8.80 SSI163 A.8.81 Subscription disable .163 A.8.82 Subscription enable 163 A.8.83

45、 Subscription status163 A.8.84 TEI164 A.8.85 TEI request flag164 A.8.85a Timeshare cell and AI encryption information.164 A.8.86 Time type165 A.8.87 Type 3 element identifier .165 Annex B (normative): Boundary conditions for the cryptographic algorithms and procedures166 B.1 Dimensioning of the cryp

46、tographic parameters .171 B.2 Summary of the cryptographic processes.172 Annex C (normative): Timers174 C.1 T354, authorization protocol timer.174 C.2 T371, Delay timer for group addressed delivery of SCK and GCK.174 C.3 T372, Key forwarding timer.174 Annex D (informative): Bibliography.175 Annex E

47、(informative): Change request history176 History 177 ETSI ETSI TS 100 392-7 V2.4.1 (2006-10) 9 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly availabl

48、e for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (

49、http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Terrestrial Trunked Radio (TETRA). The present document is part 7of a multi-part deliverable covering the Voice plus Data (V+D), as identified below

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1