1、 TIA-102.AACE-A April 2011 Project 25 Digital Land Mobile Radio Link Layer Authentication NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improv
2、ement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not con
3、forming to such Standards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institu
4、te (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulato
5、ry requirements. It is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. 3-0206-RV1-1, formulated under the cognizance of the TIA TR-8 Mobile and Personal
6、 Private Radio Standards, TR-8.3 Subcommittee on Encryption Subcommittee). Published by TELECOMMUNICATIONS INDUSTRY ASSOCIATION Standards and Technology Department 2500 Wilson Boulevard Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION S
7、TANDARDS AND ENGINEERING PUBLICATIONS or call IHS, USA and Canada (1-877-413-5187) International (303-397-2896) or search online at http:/www.tiaonline.org/standards/catalog/ All rights reserved Printed in U.S.A. NOTICE OF COPYRIGHT This document is copyrighted by the TIA. Reproduction of these docu
8、ments either in hard copy or soft copy (including posting on the web) is prohibited without copyright permission. For copyright permission to reproduce portions of this document, please contact the TIA Standards Department or go to the TIA website (www.tiaonline.org) for details on how to request pe
9、rmission. Details are located at: http:/www.tiaonline.org/standards/catalog/info.cfm#copyright or Telecommunications Industry Association Technology (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Docume
10、nt may be amended, modified or changed in the standards development or any editing process. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no sea
11、rch or investigation for IPR. When IPR consisting of patents and published pending patent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation
12、to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or no
13、n-discriminatory. TIA does not warrant or represent that procedures or practices suggested or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO
14、”) engaged in the formulation, development or publication of standards (whether designated as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disc
15、laims any duty or obligation to search or investigate the records of any other SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending p
16、atent applications shall apply; and (iii) Information as to claims of IPR in the records or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the content
17、s of the Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURAC
18、Y OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRA
19、NTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTNTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT O
20、R INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT,
21、 BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATION
22、S. TIA-102.AACE-A i Contents 1 Introduction . 1 1.1 Scope 1 1.2 Document Description . 1 1.3 Document Revision History . 2 1.4 Definitions 2 1.5 Abbreviations . 4 1.6 References 4 1.6.1 Normative References . 5 1.6.2 Informative References 5 1.7 Overview . 5 2 Authentication . 6 2.1 Challenge and Re
23、sponse Unit Authentication Block Diagram . 7 2.2 Challenge and Response Mutual Authentication Block Diagram . 8 3 Procedures and Operational Descriptions . 10 3.1 Example State Diagrams . 10 3.2 Authentication Rules 13 3.3 Mutual Authentication Rules 14 3.4 Standalone Authentication Message Sequence
24、 Charts (MSC) . 17 3.4.1 MSC for Challenge and Response Unit Authentication Passes . 17 3.4.2 MSC for Challenge and Response Authentication Fails . 18 3.4.3 MSC Mutual Challenge and Response Authentication Passes 19 3.4.4 MSC Mutual Challenge and Response Authentication of SU Fails 20 3.4.5 MSC Mutu
25、al Challenge and Response Authentication of RFSS Fails 21 3.5 Registration Message Sequences Charts (MSC) 22 3.5.1 MSC Unit Challenge and Response Unit Authentication Passes . 22 3.5.2 MSC Unit Challenge and Response Unit Authentication Fails . 23 3.5.3 MSC Mutual Challenge and Response Authenticati
26、on Passes 24 3.5.4 MSC Mutual Challenge and Response Authentication Fails 25 3.5.5 MSC Mutual Challenge and Response Authentication RFSS Fails . 26 3.5.6 MSC SU Authentication Demand . 27 4 Control Channel Messages . 29 5 Key Management and Provisioning . 30 5.1 Key Management 30 5.2 Provisioning (I
27、nformative) 31 6 Authentication Mechanism (AM) and AES crypto details 32 6.1 AM1 (K, RS, KS) 32 6.2 AM2 (KS, RAND1, RES1) . 33 6.3 AM3 (K, RS, KS) . 35 6.4 AM4 (KS, RAND2, RES2) . 36 6.5 Parameters and Sizes . 38 6.6 Example Data 39 TIA-102.AACE-A ii List of Figures Figure 2.1-1 Challenge and Respon
28、se Unit Authentication Block Diagram. 7 Figure 2.2-1 Challenge and Response Mutual Authentication Block Diagram 8 Figure 3.1-1 Example State Diagram for Authentication RFSS Focus 10 Figure 3.1-2 Example State Diagram for Authentication SU Focus . 12 Figure 3.4-1 MSC for Challenge and Response Authen
29、tication Passes . 17 Figure 3.4-2 MSC for Challenge and Response Authentication Fails . 18 Figure 3.4-3 MSC Mutual Challenge and Response Authentication Passes . 19 Figure 3.4-4 Mutual Challenge and Response Authentication of SU Fails 20 Figure 3.4-5 MSC Mutual Challenge and Response Authentication
30、RFSS Fails 21 Figure 3.5-1 MSC Challenge and Response Authentication Passes During Unit Registration . 22 Figure 3.5-2 MSC Challenge and Response Unit Authentication Fails During Unit Registration 23 Figure 3.5-3 MSC Mutual Challenge and Response Authentication During Unit Registration . 24 Figure 3
31、.5-4 MSC Mutual Challenge and Response Authentication During Unit Registration SU Fails . 25 Figure 3.5-5 MSC Mutual Challenge and Response Authentication During Unit Registration RFSS Fails 26 Figure 3.5-6 MSC Authentication SU Demand 27 Figure 5.2-1 Example Provisioning Information Flow 31 Figure
32、6.1-1 Expansion of RS from 80 bits to 128 bits 32 Figure 6.1-2 AM1 Block Diagram 33 Figure 6.2-1 Expansion of RAND from 40 bits to 128 bits . 33 Figure 6.2-2 Reduction of RES from 128 bits to 32 bits 34 Figure 6.2-3 AM2 Block Diagram 35 Figure 6.3-1 AM3 Block Diagram 36 Figure 6.4-1 AM4 Block Diagra
33、m 37 List of Tables Table 6.5-1 Parameter Sizes 38 TIA-102.AACE-A iii Foreword (This foreword is not part of this document.) This document has been submitted to APCO/NASTD/FED by the Telecommunications Industry Association (TIA), as provided for in a Memorandum of Understanding (MOU) dated December,
34、 1993. That MOU provides that APCO/NASTD/FED will devise a Common System Standard for digital public safety communications (the Standard), and that TIA shall provide technical assistance in the development of documentation for the Standard. This document has been developed by TR8.3 (Encryption) with
35、 inputs from the APCO Project 25 Interface Committee (APIC), the APIC Encryption Task Group, and TIA Industry members. This document is being published to provide technical information on the emerging digital techniques for Land Mobile Radio Service. TIA-102.AACE-A iv Patent Identification The reade
36、rs attention is called to the possibility that compliance with this document may require the use of one or more inventions covered by patent rights. By publication of this document no position is taken with respect to the validity of those claims or any patent rights in connection therewith. The pat
37、ent holders so far identified have, we believe, filed statements of willingness to grant licenses under those rights on reasonable and nondiscriminatory terms and conditions to applicants desiring to obtain such licenses. The following patent holders and patents have been identified in accordance wi
38、th the TIA intellectual property rights policy: No patents have been identified. TIA shall not be responsible for identifying patents for which licenses may be required by this document or for conducting inquiries into the legal validity or scope of those patents that are brought to its attention. T
39、IA-102.AACE-A 1 1 INTRODUCTION Authentication of subscriber units is a vital component of a general land mobile radio system. The purpose of this document is to define a Challenge and Response Authentication method for use on trunked radio systems. 1.1 Scope The authentication service described in t
40、his document is applicable to FDMA and TDMA trunking systems using an FDMA trunking control channel. Authentication is a supplementary service for trunked radio systems. This document describes two forms of authentication: unit authentication and mutual authentication. If unit authentication is impl
41、emented it shall be implemented as specified herein. If mutual authentication is implemented , it shall be implemented as specified herein. This document defines the full standard across the Uminterface. 1.2 Document Description This document describes Challenge and Response Authentication designed
42、to protect the family of Project 25 systems. Section 1 provides a general description, definitions and abbreviations. Section 2 provides high-level information about Challenge and Response Authentication. Section 3 provides procedures and operational descriptions. Section 4 provides a listing of con
43、trol channel messages Section 5 provides information on key management and provisioning. Section 6 provides algorithm details. TIA-102.AACE-A 2 1.3 Document Revision History Revision date Revision comments July 31, 2003 Initial version October 10, 2003 Revision 2, updated document to fill in missing
44、 sections. March 11, 2004 Revision 3, add ISSI and Intra-RFSS Key Management, added infrastructure failure to get RS KS rule, and added that K should be store in non-volatile memory. June 11, 2004 Revision 4, removed Pre-Defined Roaming. Moved ISSI, Intra-RFSS, and to Security Services Architecture
45、document. Moved Provisioning File Format to Security Services Provisioning document. Added that the interface between SU and Provisioning will be specified by the Key Fill standard. Added example state diagrams for authentication that also provides context for error cases. August 4, 2004 Revision 5,
46、 updated based on NCS and M/A-COM comments. September 16, 2004 Revision 6, updated based on September 13, 2004 Encryption Task Group meeting. January 31, 2005 Revision 7, added MSC for subscriber initiated authentication demand, modified message returned from the RFSS on authentication failure and f
47、ixed typographic errors. March 8, 2005 Revision 8, fixed typographic errors, corrected AM2 and AM4 sample data, segmented out informative references and removed Annex A Control Channel Messages. May 11, 2005 PN-3-0206, Ballot Version September 9, 2005 TIA 102.AACE, released for publication February
48、25, 2010 Proposed edits for Standalone authentication 1.4 Definitions Advanced Encryption Standard (AES) - A standardized cryptographic algorithm to replace the Data Encryption Standard (DES). AES has a 128 block size and AES-128 indicates that a 128 bit key is used with AES as described in referenc
49、e 2. Adversary FNE A FNE that is not a valid FNE. Adversary SU A SU that is not a valid SU. Authenticated SU A SU whose SUID has passed a challenge and response authentication. This SU has proven that it is the valid SU. Authentication The process to prove that a SU is valid. Authentication Facility (AF) A functional process within the FNE. It is being included in order to show the specialized functions that the FNE must implement in order to support authentication. Such functions include assignment of K to SUID, generation of KS and KS using RS to allow th
