1、 ETSI EN 300 396-6 V1.6.1 (2016-11) Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Security EUROPEAN STANDARD ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 2 Reference REN/TCCE-06191 Keywords air interface, data, DMO, security, security mode, speech, TETRA ETSI 650 Route des Lucio
2、les F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standar
3、ds-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents
4、between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Inf
5、ormation on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyrigh
6、t Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The cop
7、yright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI
8、registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 3 Contents Intellectual Property Rights 6g3Foreword . 6g3Modal verbs terminology 6g31 Scope 7g3
9、2 References 7g32.1 Normative references . 7g32.2 Informative references 8g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 9g34 DMO security class 10g34.1 General . 10g34.2 DM-2-A 11g34.3 DM-2-B 11g34.4 DM-2-C 11g35 DMO call procedures . 12g35.1 General . 12g35.1.1 Secur
10、ity profile . 12g35.1.1.0 General 12g35.1.1.1 Indication of security parameters 12g35.2 Security class on call setup . 13g35.2.1 General 13g35.2.2 Normal behaviour . 13g35.2.3 Exceptional behaviour 13g35.2.3.0 General 13g35.2.3.1 Call-setup with presence check . 13g35.2.3.2 Call-setup without presen
11、ce check 13g35.2.3.3 Behaviour post call-setup 14g35.3 Security class on call follow-on . 14g35.3.1 General 14g35.3.2 Normal behaviour . 14g35.3.3 Exceptional behaviour 14g36 Air interface authentication and key management mechanisms 15g36.1 Authentication 15g36.2 Repeater mode operation 15g36.3 Gat
12、eway mode operation 15g36.4 Air Interface (AI) key management mechanisms . 17g36.4.0 General 17g36.4.1 Key grouping 17g36.4.2 Identification of cipher keys in signalling . 20g37 Enable and disable mechanism . 20g38 Air Interface (AI) encryption . 20g38.1 General principles. 20g38.2 Encryption mechan
13、ism . 21g38.2.0 General 21g38.2.1 Allocation of KSS to logical channels 21g38.3 Application of KSS to specific PDUs. 22g38.3.0 General 22g38.3.1 Class DM-1 . 22g38.3.2 Class DM-2A 22g38.3.2.0 General 22g38.3.2.1 DMAC-SYNC PDU encryption 22g3ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 4 8.3.2.2 DMAC-DATA
14、 PDU encryption . 23g38.3.2.3 DMAC-FRAG PDU encryption 23g38.3.2.4 DMAC-END PDU encryption 23g38.3.2.5 DMAC-U-SIGNAL PDU encryption 24g38.3.2.6 Traffic channel encryption 24g38.3.3 Class DM-2B 24g38.3.3.0 General 24g38.3.3.1 DMAC-SYNC PDU encryption 25g38.3.3.2 DMAC-DATA PDU encryption . 25g38.3.3.3
15、 DMAC-FRAG PDU encryption 25g38.3.3.4 DMAC-END PDU encryption 26g38.3.3.5 DMAC-U-SIGNAL PDU encryption 26g38.3.3.6 Traffic channel encryption 26g38.3.4 Class DM-2C 26g38.3.4.0 General 26g38.3.4.1 DMAC-SYNC PDU encryption 27g38.3.4.2 DMAC-DATA PDU encryption . 28g38.3.4.3 DMAC-FRAG PDU encryption 28g
16、38.3.4.4 DMAC-END PDU encryption 28g38.3.4.5 DMAC-U-SIGNAL PDU encryption 28g38.3.4.6 Traffic channel encryption 29g38.4 Encryption of identities in repeater and gateway presence signal 29g39 Encryption synchronization 31g39.1 General . 31g39.1.0 Introduction. 31g39.1.1 Algorithm to establish frame
17、number to increment TVP 32g39.1.1.1 Master DM-MS operation . 32g39.1.1.2 Slave DM-MS operation . 32g39.2 TVP used for reception of normal bursts 33g39.3 Synchronization of calls through a repeater . 33g39.3.0 General 33g39.3.1 Algorithm to establish frame number to increment TVP 34g39.3.1.1 Master D
18、M-MS operation . 34g39.3.1.2 Slave DM-MS operation . 34g39.4 Synchronization of calls through a gateway . 34g39.5 Synchronization of data calls where data is multi-slot interleaved . 35g39.5.0 General 35g39.5.1 Recovery of stolen frames from interleaved data . 36g3Annex A (normative): Key Stream Gen
19、erator (KSG) boundary conditions 37g3A.0 General . 37g3A.1 Overview 37g3A.2 Use 38g3A.3 Interfaces to the algorithm 38g3A.3.0 General . 38g3A.3.1 ECK 38g3A.3.1.0 General 38g3A.3.1.1 Use of ECK in class DM-2-A and DM-2-B 39g3A.3.1.2 Use of ECK in class DM-2-C . 39g3A.3.2 Keystream. 39g3A.3.3 Time Var
20、iant Parameter (TVP) 39g3Annex B (normative): Boundary conditions for cryptographic algorithm TB6 40g3Annex C (informative): Encryption control in DM-MS 41g3C.0 Introduction 41g3C.1 General . 41g3ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 5 C.2 Service description and primitives . 41g3C.2.0 General . 4
21、1g3C.2.1 DMCC-ENCRYPT primitive . 42g3C.2.2 DMC-ENCRYPTION primitive . 44g3C.3 Protocol functions 45g3Annex D (informative): Bibliography . 46g3Annex E (informative): Change request history 47g3History 48g3ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 6 Intellectual Property Rights IPRs essential or poten
22、tially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential,
23、 IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be
24、 given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This European Standard (EN) has been produced by ETSI Technical Committee TETRA and Critical Communicati
25、ons Evolution (TCCE). The present document is part 6 of a multi-part deliverable covering Direct Mode Operation, as identified below: Part 1: “General network design“; Part 2: “Radio aspects“; Part 3: “Mobile Station to Mobile Station (MS-MS) Air Interface (AI) protocol“; Part 4: “Type 1 repeater ai
26、r interface“; Part 5: “Gateway air interface“; Part 6: “Security“; Part 7: “Type 2 repeater air interface“; Part 8: “Protocol Implementation Conformance Statement (PICS) proforma specification“; Part 10: “Managed Direct Mode Operation (M-DMO)“. NOTE: Parts 7, 8 and 10 of this multi-part deliverable
27、are of “historical“ status and will not be updated according to this version of the standard. National transposition dates Date of adoption of this EN: 1 July 2016 Date of latest announcement of this EN (doa): 31 October 2016 Date of latest publication of new National Standard or endorsement of this
28、 EN (dop/e): 30 April 2017 Date of withdrawal of any conflicting National Standard (dow): 30 April 2017 Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause
29、 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 7 1 Scope The present document defines the Terrestrial Trunked Radio system (TETRA)
30、 Direct Mode of operation. It specifies the basic Air Interface (AI), the interworking between Direct Mode Groups via Repeaters and interworking with the TETRA Trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode and the intrinsic services that are supported in ad
31、dition to the basic bearer and teleservices. The present document describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for confidentiality of control signalling and user speech and data at the AI. It also provided some implicit authentication as a member of a group by knowl
32、edge of a shared secret encryption key. The use of AI encryption gives both confidentiality protection against eavesdropping, and some implicit authentication. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version num
33、ber) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at h
34、ttps:/docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. 1 ETSI EN 300 392-2: “Terrestrial
35、Trunked Radio (TETRA); Voice plus Data (V+D); Part 2: Air Interface (AI)“. 2 ISO 7498-2: “Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture“. 3 ETSI EN 300 396-2: “Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
36、 Mode Operation (DMO); Part 2: Radio aspects“. 4 ETSI EN 300 392-7: “Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security“. 5 ETSI EN 300 396-3: “Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 3: Mobile Station to Mobile Station
37、(MS-MS) Air Interface (AI) protocol“. 6 ETSI TS 100 392-15: “Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 15: TETRA frequency bands, duplex spacings and channel numbering“. 7 ETSI EN 302 109: “Terrestrial Trunked Radio (TETRA); Security; Synchronization mechanism for end-to-end enc
38、ryption“. 8 ETSI EN 300 396-5: “Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 5: Gateway air interface“. 9 ETSI EN 300 396-4: “Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 4: Type 1 repeater air inte
39、rface“. 10 ETSI TS 101 053-1: “Rules for the management of the TETRA standard encryption algorithms; Part 1: TEA1“. ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 8 11 ETSI TS 101 053-2: “Security Algorithms Group of Experts (SAGE); Rules for the management of the TETRA standard encryption algorithms; Part
40、 2: TEA2“. 12 ETSI TS 101 053-3: “Rules for the management of the TETRA standard encryption algorithms; Part 3: TEA3“. 13 ETSI TS 101 053-4: “Rules for the management of the TETRA standard encryption algorithms; Part 4: TEA4“. 14 ETSI TS 101 052: “Rules for the management of the TETRA standard authe
41、ntication and key management algorithm set TAA1“. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest ve
42、rsion of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present docum
43、ent but they assist the user with regard to a particular subject area. Not applicable. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: air interface encryption state: status of encryption in a call (on or off) call
44、transaction: all of the functions associated with a complete unidirectional transmission of information during a call NOTE: A call is made up of one or more call transactions. In a simplex call these call transactions are sequential. See ETSI EN 300 396-3 5. carrier number: integer, N, used in TETRA
45、 to represent the frequency of the RF carrier NOTE: See ETSI TS 100 392-15 6. cipher key: value that is used to determine the transformation of plain text to cipher text in a cryptographic algorithm cipher text: data produced through the use of encipherment NOTE: The semantic content of the resultin
46、g data is not available (ISO 7498-2 2). decipherment: reversal of a corresponding reversible encipherment NOTE: See ISO 7498-2 2. Direct Mode Operation (DMO): mode of simplex operation where mobile subscriber radio units may communicate using radio frequencies which may be monitored by, but which ar
47、e outside the control of, the TETRA TMO network NOTE: DM operation is performed without intervention of any base station. See ETSI EN 300 396-3 5. DMO-net: number of DMO MSs communicating together and using common cryptographic parameters ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 9 encipherment: crypt
48、ographic transformation of data to produce cipher text NOTE: See ISO 7498-2 2. encryption cipher key: cipher key used as input to the KSG, derived from an address specific cipher key and randomly varied per channel using algorithm TB6 end-to-end encryption: encryption within or at the source end sys
49、tem, with the corresponding decryption occurring only within or at the destination end system explicit authentication: transaction initiated and completed specifically to demonstrate knowledge of a shared secret where the secret is not revealed implicit authentication: authenticity demonstrated by proof of knowledge of a shared secret where that demonstration is a by-product of another function key stream: pseudo random stream of symbols that is generated by a KSG for encipherment and decipherment Key Stream Generator (KSG): cryptogr
