1、TIA STANDARD Project 25 - Over-the-Air-Rekeying (OTAR) Operational Description TIA- 102 .AACB NOVEMBER 2002 TELECOMMUNICATIONS INDUSTRY ASSOCIATION Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without li
2、cense from IHS-,-,-NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaini
3、ng with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA fi-om manufacturing or selling products not conforming to such Standards and Publications. Neither shall the existenc
4、e of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liabi
5、lity to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility of the user of this Standard
6、 to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Standards Proposal No. 3-4910-URV-1, formulated under the cognizance of the TIA TR-8.3 Subcommittee on Encryption.) Published by OTELECOMMUNICATIONS INDUSTRY ASSOC
7、IATION 2002 Standards and Technology Department 2500 Wilson Boulevard Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION STANDARDS AND ENGINEERING PUBLICATIONS or call Global Engineering Documents, USA and Canada (1-800-854-7179) Internat
8、ional (303-397-7956) or search online at http:/www.tiaonline.org/standards/search-n-order.cfm All rights reserved Printed in U.S.A. Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,
9、-,-Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-NOTICE OF DISCLAIMER AND LIMITATION OF LIABILITY The document to which this Notice is affixed has been prepared by one or more
10、 Engineering Committees of the Telecommunications Industry Association (“TIA”). TIA is not the author of the document contents, but publishes and claims copyright to the document pursuant to licenses and permission granted by the authors of the contents. TIA Engineering Committees are expected to co
11、nduct their affairs in accordance with the TIA Engineering Manual (“Manual”), the current and predecessor versions of which are available at b i: /hvww. i8mnI i n od or US 5,146,497; US 5,185,795 At the time of publication, the above patent holder has agreed to license this intellectual property for
12、 Project 25 use only. iv Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-TIA-I 02.AACB 1 INTRODUCTION This document provides an operational description of OTAR. Its purpose is t
13、o describe, in relatively simple terms, the various complex over-the-air-rekeying messages and procedures. This document is meant to be used in conjunction with an OTAR protocol standard, and a basic familiarity with an OTAR protocol standard is helpful to interpret this operational description. Thi
14、s document was generated in response to Project 25 requirements for OTAR services; however, it is applicable to any land mobile communications system. The reader is advised that OTAR may use a data service and that relevant EIA/TIA Data documents should be consulted for any necessary protocols such
15、as data registration of data affiliation. 1.1 Scope Many of the parts of a land mobile radio communications system will use encryption to protect the information that is sent through the system. The encryption algorithms require keys in order to protect the confidentiality of this information. The p
16、rocess by which these encryption keys are generated, stored, protected, transferred, loaded, used and destroyed is known as key management. These keys must be protected from disclosure and require updating or replacement in order to maintain system security. This is often accomplished manually. Howe
17、ver, the most convenient way to do this is by electronically sending keys from a key management facility (KMF) to the destination equipment. This involves sending keys over the air and this procedure is referred to as Over-the-Air-Rekeying (OTAR). OTAR is a method of encrypting and sending the encry
18、ption keys and other related key management messages through an air interface in such a way that they are protected from disclosure, and, in some cases, unauthorized modification. This document describes the basic keying concepts for protected radios, including those fundamental key management conce
19、pts related to OTAR. OTAR is an application layer process. Peer processes exist in the key management facility (KMF) and at the mobile radios. The KMF is responsible for providing OTAR functions for the set of mobile radios within its jurisdiction. The document gives sample operational procedures fo
20、r the OTAR of radios in a protected system. The interaction between the KMF and mobile radios that is necessary to provide various key management services is described. The operational procedures delineated in this document include both a basic and an advanced set of procedures. No advanced public k
21、ey OTAR procedures have been defined for Data Encryption Standard applications, and are not discussed in this document. An OTAR protocol document for the particular encryption algorithm being used describes which messages require encryption, message authentication and replay protection. 1 Copyright
22、Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-TIA-I 02.AACB 1.2 Revision History Version Date 1 .o May 19,1995 1 .I July 19, 1995 1.2 August 11,1995 1.3 January 11,1996 1.4 March 11, 19
23、96 1.5 Decem ber 20,1996 1.6 March 30,2001 1.7 October 2,2001 1.8 June 17,2002 1.9 Novem ber 1,2002 1.3 References (known as P25.051995.1 .O) P25. ETG.(95)07.a P25.ETG.(95)07. b P25.950812.2.0 P25.950812.2.1 TSB102.AAACB S P-3-49 1 O SP-3-491 O-Update- October 2,2001 SP-3-4910-1 TIA/EIA 102.AACB Com
24、ments Initial version Revised after review Revised Table 4.2 title No modifications made PN-3677 Ballot Release Modifications as per PN-3677 Ballot Comments Final Modifications Preparation for ballot as a full standard - only editorial changes Update from October 2, 2001 meeting to reflect comment r
25、esolution except items 1 and 70. Update from June 11, 2002 meeting to reflect final resolutions for default ballot. Hello and No Service moved from Advanced to Basic Key Manageme nt operations. Re leased vers i on I 2 Dafa Encrypfion Sfandard, NIST, FIPS Publication 46-3. Over-The-Air-Rekeying (OTAR
26、) Protocol, TINEIA 102.AACA. 2 Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-TIA-I 02.AACB 1.4 Definitions Algorithm ID Black Channel An identifier for an encryption algorithm
27、. Refers to information that is encrypted .e., cipher text. “Red“ is the exact opposite. A Channel consists of the transmit frequency, receive frequency and associated radio parameters (scan mode, squelch, etc.). The channel may additionally include an algorithm ID and key ID to be used when the cha
28、nnel is in use. (Transmit and receive frequencies only applies to conven tio na1 systems .) Cryptographic Variable A parameter used in conjunction with a cryptographic algorithm that is used to perform a cryptographic transformation. “Key“ may be used for short. Crypto Group Cryptonet Cryptoperiod A
29、 grouping of one or more keysets consisting of the same type of keys. Only one keyset within a Crypto Group is active at any given time. Crypto Groups help facilitate key management when the MR contains multiple algorithms or when keysets have different crypto periods. A set of mobile radios, each o
30、f which holds a specific traffic encryption key in common. These units are capable of protected communications with each other using this common key. The time span during which an encryption key remains valid for use. Group Service A key management service that is provided to a Key Management Group.
31、 A parameter used in conjunction with a cryptographic algorithm that is used to perform a cryptographic transformation. Also called a cryptographic variable. Key Encryption Key A key only used to encrypt other keys, a KEK. Key ID The Key ID is an identifier for an encryption key. The combination of
32、a Key ID and an Algorithm ID will uniquely identify a key within the KMF or subscriber units. Key Management Facility A Key Management Facility is responsible for providing Over-The-Air-Rekeying and related key management services to the subscriber units. 3 Copyright Telecommunications Industry Asso
33、ciation Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-TIA-I 02.AACB KeyManagementGroup A Key Management group is two or more MRs that respond to the same Radio Set Identifier. The members of a Key Management Group have one or
34、 more keysets in common and are managed as a single subscriber by the KMF. Keyset Mobile Radio Operation Procedure Red Re key Response Kind(n) A keyset is a group of keys that will be used within a subscriber unit for the same algorithm and cryptoperiod. This allows the group of keys to be managed a
35、s a single entity (.e., they can be rekeyed, updated and deleted at the same time with a single command). Mobile Radio is a general term that applies to any type of mobile radio that is defined for specific Land Mobile Radio Standards. A set of key management procedures in succession. A Procedure is
36、 a commanding KMM and if applicable its responding KMM. A Procedure is never more than 2 KMMs. Refers to information that is unencrypted .e., plain text. “Black“ is the exact opposite. Rekey is the process of preparing, sending (if necessary) and loading of encryption keys into a unit for use in the
37、 current or future cryptoperiod. The process may be done over the air or by a direct physical connection to a key loader. The response kind field of a message determines the kind of response that the message is required to have. A message may have no response(l), a response after a delay(2) or an im
38、mediate response(3). Traffic Encryption Key A key used to encrypt voice or data traffic, a TEK. Update A cryptographic process that deterministically but irreversibly modifies a key. 4 Copyright Telecommunications Industry Association Provided by IHS under license with EIANot for ResaleNo reproducti
39、on or networking permitted without license from IHS-,-,-TIA-I 02.AACB 1.5 Abbreviations ACK ALGID CKEK CP cs css DES FIPS ID KEK KID KM KMF KMG KMM KSA LLI D MAC MN MR NAC OTAR PK P-TT RSI SLN TBD TEK TG TGI D TOD UKEK N-A Acknowledgment Algorithm ID Common Key Encryption Key Cryptoperiod Check Sum
40、Channel Selector Switch Data Encryption Standard Federal Information Processing Standards I den tifie r Key Encryption Key Key ID Key Management Key Management Facility Key Management Group Key Management Message Keyset Attributes Logical Link ID Message Authentication Code Message Num ber Mobile Ra
41、dio Negative -Acknowledgment Network Access Code Over-The-Air-Re key Public Key Push To Talk Radio Set Identifier Storage Location Number To Be Determined Traffic Encryption Key Talk Group Talk Group Identifier Time Of Day Unique Key Encryption Key 5 Copyright Telecommunications Industry Association
42、 Provided by IHS under license with EIANot for ResaleNo reproduction or networking permitted without license from IHS-,-,-TIA-I 02.AACB 2 KEY MANAGEMENT OVERVIEW 2.1 Introduction This section gives an overview of key management in protected radios. It describes the various types of keys that may be
43、used in such radios and explains for what purposes they are used. It also defines how these keys are managed to provide for protected communications among groups of users. 2.2 Encryption Algorithms There are two fundamental types of encryption algorithms that may be present in protected radios. The
44、first type is known as symmetric (or secret) key algorithms. The Data Encryption Standard (DES) Reference I is an example of a symmetric key algorithm. When using the DES algorithm, the same key that is used to encrypt plain text is used to decrypt the resultant cipher text. (Thus, the name symmetri
45、c key algorithm.) The symmetric keys value must be known only to the sender and intended recipients of a message in order for protected communications to exist. In Type 1 encryption applications, public key (PK) algorithms may be used for encryption for OTAR purposes only. Public key algorithms (or
46、asymmetric encryption algorithms) use different keys for the encryption and decryption operations. Usually, the key used to encrypt traffic for a particular user is public knowledge, and only the decryption key is kept secret. Knowledge or possession of the encryption key does not give the ability t
47、o decrypt traffic that has been encrypted by that public encryption key. Encryption systems that employ these types of algorithms are commonly known as public key systems. 2.3 Keys Types Regardless of algorithm type, two types of keys may be present in protected radios. All operational protected rad
48、ios will contain at least one traffic encryption key or TEK. A TEK is defined as a key used to encrypt voice or data traffic. A radio may hold more than one TEK depending on its application. The second type of key is a key encryption key or KEK. Radios that are capable of being OTARed must contain a
49、t least one KEK. A KEK is defined as a key only used to encrypt other keys. KEKs are typically used by the OTAR application layer process at the KMF to encrypt new TEKS (or other KEKs) for transmission over the air, during the process of OTARing remote units. The KEK used to decrypt/encrypt keys in the OTAR message is identified by the ALGID/KID in the decryption instructions field. 6 Copyright Telecommunications Industry
