ETSI TS 101 053-2-2014 Security Algorithms Group of Experts (SAGE) Rules for the management of the TETRA standard encryption algorithms Part 2 TEA2 (V2 3 1)《安全算法专家组 (SAGE) TETRA标准加.pdf

1、 ETSI TS 101 053-2 V2.3.1 (2014-04) Security Algorithms Group of Experts (SAGE); Rules for the management of the TETRA standard encryption algorithms; Part 2: TEA2 Technical Specification ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)2Reference RTS/TCCE-06186 Keywords algorithm, security, TETRA ETSI 650 Ro

2、ute des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.ets

3、i.org The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents betw

4、een such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Informa

5、tion on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part

6、 may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoi

7、ng restriction extend to reproduction in all media. European Telecommunications Standards Institute 2014. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the ben

8、efit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)3Contents Foreword . 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 7g33 Defin

9、itions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 7g34 TEA2 management structure 8g35 Use of TEA2 . 9g35.1 Primary and Secondary Users of TEA2 . 9g35.2 TEA2 States and Territories . 10g36 Licence types 11g36.1 Manufacturer Licence . 11g36.2 Installer/Repairer/Destruction Licence .

10、 11g36.3 Supplier Licence . 12g36.4 Primary User Licence . 12g36.5 Secondary User Licence . 12g36.6 End User Licence . 13g36.7 Destruction Licence 13g36.8 Exceptional . 14g37 Distribution procedures 14g37.1 Distribution of parts 1, 2 and 3 of the TEA2 specification by the TEA2 Custodian 14g37.2 Dist

11、ribution of part 3 of the TEA2 specification by the TEA2 Custodian . 15g38 Approval criteria and restrictions . 15g38.1 Approval Criteria 15g38.2 Revocation of TEA2 licences . 16g38.3 Appeal against Licence Revocation . 16g39 The TEA2 Custodian 17g39.1 Responsibilities 17g39.2 Appointment . 17g3Anne

12、x A (informative): Items delivered to approved recipient of TEA2 specifications 19g3Annex B (normative): Confidentiality and Restricted Usage Undertaking for Manufacturers of TEA2 20g3Annex C (normative): Confidentiality and Restricted Usage Undertaking for Installers, Repairers and Destruction of T

13、EA2 . 23g3Annex D (normative): Confidentiality and Restricted Usage Undertaking for Suppliers of Equipment or Services using TEA2 . 25g3Annex E (normative): Confidentiality and Restricted Usage Undertaking for Primary and Secondary Users of TEA2 . 27g3Annex F (normative): Confidentiality and Restric

14、ted Usage Undertaking for End Users of TEA2 . 30g3Annex G (normative): Confidentiality and Restricted Usage Undertaking for Destruction of TEA2 . 33g3ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)4Annex H (informative): TEA2 State and Territories list 35g3Annex I (informative): Bibliography . 36g3History 3

15、7g3ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)5Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found

16、 in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy

17、, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Techni

18、cal Specification (TS) has been produced by ETSI Technical Committee TETRA and Critical Communications Evolution (TCCE). The present document is part 2 of a multi-part deliverable covering Rules for the management of the TETRA standard encryption algorithms, as identified below: Part 1: “TEA1“; Part

19、 2: “TEA2“; Part 3: “TEA3“; Part 4: “TEA4“. ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)61 Scope The purpose of the present document is to specify the rules for the management of the TETRA standard encryption algorithm TEA2. This algorithm is intended for air interface encryption in TETRA products. The s

20、pecification for TEA2 consists of the following three parts: Part 1: Algorithm specification; Part 2: Design conformance test data; Part 3: Algorithm input/output test data. The procedures described in the present document apply to licensing organizations to manufacture, possess, install, repair, ho

21、ld, use and destroy equipment and components containing the TEA2 algorithm and to delivering parts 1, 2 and 3 of the TEA2 specifications. Parts 1 and 2 of the specification are confidential. Part 3 of the specification is not confidential and can be obtained directly from the TEA2 Custodian (see cla

22、use 7.2). There are no restrictions on the distribution of this part of the specification. The management structure is defined in clause 4. This structure is defined in terms of the principals involved in the management of TEA2 (ETSI, ETSI Technical Committee TETRA and Critical Communications Evolut

23、ion, TEA2 Custodian and approved recipients) together with the relationships and interactions between them. Clause 5 is concerned with the rules for the use of TEA2. This clause is supplemented by annex H, which provides an exemplary list of the states and territories in which a User may become an a

24、pproved recipient. Clause 6 describes the types of licence that may be requested. The procedures for delivering TEA2 specifications to approved recipients are defined in clause 7. This clause is supplemented by annex A, which specifies the items that are to be delivered. Clause 8 is concerned with t

25、he criteria for approving an organization for receipt of TEA2 deliverables and with the responsibilities of an approved recipient. This clause is supplemented by annexes B to G which contain the Confidentiality and Restricted Usage Undertakings to be signed by the TEA2 Custodian and approved recipie

26、nts of TEA2 specifications and/or equipment and components containing TEA2. Clause 9 is concerned with the appointment and responsibilities of the TEA2 Custodian. 2 References References are either specific (identified by date of publication and/or edition number or version number) or non-specific.

27、For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Re

28、ference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the present document. Not applicable. ETSI ETSI TS 101 05

29、3-2 V2.3.1 (2014-04)72.2 Informative references The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 ETSI EN 300 392-7: “Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7

30、: Security“. i.2 ETSI ETS 300 396-6: “Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Security“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: computer software carrier: physical storage me

31、dium capable of containing and transporting computer software or data, such as a ROM chip, CD ROM or disk, or flash memory or computer hard drive end user: organization that has been approved to use TEA2 by either the primary or secondary user or by the TEA2 custodian installer: organization that in

32、stalls hardware or software components containing the TETRA Standard Algorithm TEA2 into TETRA subscriber equipment, fixed network equipment or TETRA system simulators manufacturer: bona fide designer or manufacturer of TETRA subscriber or fixed network equipment where TETRA Standard Algorithm TEA2

33、is included in the systems; or a bona fide designer or manufacturer of components for TETRA subscriber or fixed network equipment where at least one of the components includes TEA2; or a bona fide designer or manufacturer of TETRA system simulators for approval testing of TETRA subscriber or fixed n

34、etwork equipment where the simulator includes TEA2 primary user: governmental organization for a TETRA network that is primarily used by public safety organizations in their own state or territory repairer: organization that repairs TETRA subscriber equipment, fixed network equipment, or system simu

35、lators that contain TEA2 secondary user: military organization in a state or territory where there is no primary user with approval to operate a TETRA network given by the governmental organization that is responsible for public safety supplier: supplier of TETRA subscriber or fixed network equipmen

36、t in which TEA2 is included or TETRA system simulators in which TEA2 is included, or a third party operator supplying TETRA services with TEA2 to a primary and/or secondary user TEA2 custodian: the interface between ETSI and recipients of TEA2 licences and specifications user: primary or secondary u

37、ser 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: CRUU Confidentiality and Restricted Usage Undertaking ETSI European Telecommunications Standards Institute MS Mobile Station SFPG Security and Fraud Prevention Group SwMI Switching and Management Infra

38、structure TEA2 TETRA standard Encryption Algorithm number 2 TETRA TErrestrial Trunked RAdioETSI ETSI TS 101 053-2 V2.3.1 (2014-04)84 TEA2 management structure The management structure is depicted in figure 1. Approved recipient of TEA2TEA2 CustodianETSI, ETSI TC TCCEApproval criteriaTEA2 register TE

39、A2 file1 432c56d78a bKey: a = Agreement between TEA2 Custodian and ETSI b = Status reports and recommendations c = Setting of approval criteria d = Requested details of the TEA2 register 1 = Request for TEA2 specification and/or licence 2 = Check of request against approval criteria 3 and 4 = Exchan

40、ge of Confidentiality and Restricted Usage Undertaking 5 = Dispatch of TEA2 specification (only if appropriate) 6 = Update the TEA2 register 7 = Document filing 8 = Technical advice (only if requested) Figure 1: TEA2 management structure Figure 1 shows the three principals involved in the management

41、 of TEA2 and the relationships and interactions between them: ETSI is the owner of the TEA2. ETSI Technical Committee TETRA and Critical Communications Evolution sets the approval criteria for receipt of the algorithm (see clause 8). The TEA2 Custodian is the interface between ETSI and the recipient

42、s of TEA2 licences and specifications. ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)9 The TEA2 Custodian is as identified in clause 9.2 of the present document. The TEA2 Custodians duties are detailed in clause 9. They include distributing signed TEA2 Confidentiality and Restricted Usage Undertakings (CRU

43、Us) and, if appropriate, specifications to approved recipients, as detailed in clauses 7 and 8, providing limited technical advice to approved recipients and providing algorithm status reports to ETSI Technical Committee TETRA and Critical Communications Evolution. NOTE: A CRUU signed by both the TE

44、A2 Custodian and applicant constitutes a licence to hold or use TETRA subscriber and fixed network equipment and components containing TEA2. The form of CRUU exchanged is summarized in figure 2. Figure 2: Summary of CRUU types maintained between TEA2 principals 5 Use of TEA2 5.1 Primary and Secondar

45、y Users of TEA2 A TEA2 Primary and Secondary User Licence is given to a governmental organization for a TETRA network that is primarily used by public safety organizations (see note 1) in their own state or territory. A TETRA network may consist of fixed base stations and SwMI, all located in the ho

46、me state or territory, and/or one or more base stations and SwMIs that may also be used outside the home state or territory if both base stations and SwMIs are controlled from the home state or territory. A governmental organization that obtains a TEA2 User Licence under these conditions is referred

47、 to as a primary user of TEA2. The Confidentiality and Restricted Usage Undertaking (CRUU) in annex E applies to primary and secondary users (see note 2). The TEA2 licence is required for the use of TEA2 in any element of the TETRA network including TETRA Subscriber equipment (TETRA Mobile Station (

48、MS) where air interface encryption as defined in EN 300 392-7 i.1 or ETS 300 396-6 i.2 is applied. NOTE 1: Public safety organizations are e.g. Police, Fire brigade, Customs and Excise, Ambulance and Emergency Medical Service, Coastguard. NOTE 2: There may be more than one primary user in any allowe

49、d state and the number of primary users is a national option. ETSI ETSI TS 101 053-2 V2.3.1 (2014-04)10It is to be decided by the primary user of TEA2, who has received a TEA2 User Licence from the TEA2 Custodian, which user organizations can use the above-mentioned network. This may be done on the basis of a sublicensing procedure that may also be needed for the procurement of mobile terminals or movable equipment by a user or user organization. An organization that obtains a TEA2 End User Licence under these conditions is referred to as an end user