1、 ETSI TS 101 053-3 V2.1.1 (2016-02) Rules for the management of the TETRA standard encryption algorithms; Part 3: TEA3 TECHNICAL SPECIFICATION ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)2 Reference RTS/TCCE-06189 Keywords algorithm, security, TETRA ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Ce
2、dex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document
3、may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in
4、 print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status
5、of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be r
6、eproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restri
7、ction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of i
8、ts Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)3 Contents Intellectual Property Rights 4g3Foreword . 4g3Modal verbs terminology 4g31 Scope 5g32 References 5g32.1 Normative re
9、ferences . 5g32.2 Informative references 6g33 Abbreviations . 6g34 TEA3 management structure 7g35 Distribution procedures 8g35.1 Distribution of parts 1, 2 and 3 of the TEA3 specification by the TEA3 Custodian 8 g35.2 Distribution of TEA3 specification part 3 by the TEA3 Custodian 9g36 Approval crit
10、eria and restrictions . 9g37 The TEA3 Custodian 10g37.1 Responsibilities 10g37.2 Appointment . 10g3Annex A (informative): Items delivered to approved recipient of TEA3 12g3Annex B (normative): Confidentiality and Restricted Usage Undertaking for TEA3 . 13g3History 16g3ETSI ETSI TS 101 053-3 V2.1.1 (
11、2016-02)4 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectua
12、l Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including I
13、PR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been
14、 produced by ETSI Technical Committee TETRA and Critical Communications Evolution (TCCE). The present document is part 3 of a multi-part deliverable covering the rules for the management of the TETRA standard encryption algorithms, as identified below: Part 1: “TEA1“; Part 2: “TEA2“; Part 3: “TEA3“;
15、 Part 4: “TEA4“. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“
16、 and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)5 1 Scope The purpose of the present document is to specify the rules for the management of the TETRA standard encryption algorithm TEA3. This algorithm is intended for ai
17、r interface encryption in TETRA products. The specification for TEA3 consists of the following three parts: Part 1: Algorithm specification; Part 2: Design conformance test data; Part 3: Algorithm input/output test data. The procedures described in the present document apply to Parts 1 and 2 of the
18、specifications. Parts 1 and 2 are confidential for each of the algorithms. Part 3 of each of the specifications is not confidential and can be obtained directly from the TEA3 Custodian (see clause 5.2). There are no restrictions on the distribution of this part of the specifications. The management
19、structure is defined in clause 4. This structure is defined in terms of the principals involved in the management of TEA3 (ETSI, ETSI Technical Committee TCCE, TEA3 Custodian and approved recipients) together with the relationships and interactions between them. The procedures for delivering TEA3 to
20、 approved recipients are defined in clause 5. This clause is supplemented by annex A which specifies the items which are to be delivered. Clause 6 is concerned with the criteria for approving an organization for receipt of TEA3 and with the responsibilities of an approved recipient. This clause is s
21、upplemented by annex B which contains a Confidentiality and Restricted Usage Undertaking to be signed by each approved recipient. Clause 7 is concerned with the appointment and responsibilities of the TEA3 Custodian. 2 References 2.1 Normative references References are either specific (identified by
22、 date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicl
23、y available in the expected location might be found at https:/docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of
24、the present document. Not applicable. ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)6 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-speci
25、fic references, the latest version of the reference document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the appl
26、ication of the present document but they assist the user with regard to a particular subject area. i.1 ETSI EN 300 392-7: “Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security“. i.2 ETSI EN 300 396-6: “Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Secu
27、rity“. 3 Abbreviations For the purposes of the present document, the following abbreviations apply: CRUU Confidentiality and Restricted Usage Undertaking TC Technical Committee TCCE TETRA and Critical Communications Evolution TEA3 TETRA Encryption Algorithm No. 3 TETRA Terrestrial Trunked RAdio ETSI
28、 ETSI TS 101 053-3 V2.1.1 (2016-02)7 4 TEA3 management structure The management structure is depicted in figure 1. Key: a = Agreement between TEA3 Custodian and ETSI b = Status reports and recommendations c = Setting of approval criteria d = Requested details of the TEA3 register 1 = Request for TEA
29、3 2 = Check of request against approval criteria 3 and 4 = Exchange of Confidentiality and Restricted Usage Undertaking 5 = Dispatch of TEA3 specification 6 = Update the TEA3 register 7 = Document filing 8 = Technical advice Figure 1: TEA3 management structure Figure 1 shows the three principals inv
30、olved in the management of TEA3 and the relationships and interactions between them. ETSI is the owner of TEA3. The ETSI Secretariat together with ETSI TC TCCE sets the approval criteria for receipt of the algorithm (see clause 6). The TEA3 Custodian is the interface between ETSI and the approved re
31、cipients of TEA3. The Custodian shall be the ETSI Secretariat unless it is decided by ETSI Secretariat and/or ETSI TC TCCE to (temporarily) delegate this task to a third party on the basis of an agreement between the latter and the ETSI Secretariat. The TEA3 Custodians duties are detailed in clause
32、7. They include distributing TEA3 to approved recipients, as detailed in clause 5, providing limited technical advice to approved recipients and providing algorithm status reports to ETSI TC TCCE. Approved recipient of TEA3 TEA3 Custodian ETSI, ETSI TC TCCE Approval Criteria TEA3 register TEA3 file
33、1 3 8 5 4 a b 2 c d 6 7 ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)8 5 Distribution procedures 5.1 Distribution of parts 1, 2 and 3 of the TEA3 specification by the TEA3 Custodian This clause describes the procedure for the distribution of parts 1, 2 and 3 of the TEA3 specification (see clause 1) when r
34、equested together. See clause 5.2 for the procedure for the distribution of part 3 as a separate item. The TEA3 Custodian is responsible for determining whether an applicant meets the criteria to receive the TEA3 specification. The TEA3 Custodian is responsible for signing TEA3 Confidentiality and R
35、estricted Usage Undertakings with qualified applicants who require access to the TEA3 specification. The TEA3 Custodian is responsible for sending copies of the TEA3 specification to qualified applicants. The following procedure for distributing TEA3 specifications is defined with reference to figur
36、e 1. 1) The TEA3 Custodian receives a written request for N copies of the TEA3 specification parts 1, 2 and 3 (see notes 1 and 2). 2) The TEA3 Custodian determines whether the requesting organization meets the approval criteria (see clause 6). 3) If the request is not approved, the TEA3 Custodian in
37、forms the requesting organization that its request has not been approved. 4) If the request is approved, the TEA3 Custodian dispatches 2 copies of the corresponding Confidentiality and Restricted Usage Undertaking (as given in annex B) for signature by the approved recipient (see notes 2 and 6) toge
38、ther with a copy of the present document (Rules for the management of the TETRA standard encryption algorithm TEA3). 5) Both copies of the Confidentiality and Restricted Usage Undertaking (CRUU) have to be signed by the approved recipient (see notes 5 and 7) and returned to the TEA3 Custodian, toget
39、her with the payment of any applicable charges. 6) The TEA3 Custodian sends up to N (see note 3) numbered copies of the TEA3 specification parts 1, 2 and 3 to the approved recipient, together with one countersigned copy of the returned Confidentiality and Restricted Usage Undertaking (CRUU) and a co
40、vering letter (see notes 4 and 6). 7) The TEA3 Custodian updates the TEA3 Register by recording the name and address of the recipient, the numbers of the copies of the TEA3 specification delivered and the date of delivery. If the original request is not approved, the TEA3 Custodian records the name
41、and address of the requesting organization and the reason for rejecting the request in the TEA3 Register (see also note 8). 8) The TEA3 Custodian countersigns and files the second returned copy of the Confidentiality and Restricted Usage Undertaking (CRUU) in the TEA3 File together with a copy of th
42、e covering letter sent to the approved recipient. 9) The TEA3 Custodian may provide very limited technical advice with respect to answering questions concerning the TEA3 specification. 10) If there is a change in the contact details of the signatory or name or ownership of the organization, the orga
43、nization shall inform the TEA3 Custodian. 11) All copies of the TEA3 specification shall be returned to the TEA3 Custodian when they are no longer required by the organization that received them (see note 8). NOTE 1: Requests for the TEA3 specification may be made directly to the TEA3 Custodian or t
44、hrough ETSI. NOTE 2: The Confidentiality and Restricted Usage Undertaking (CRUU) specifies the number of copies requested. NOTE 3: The covering letter specifies the numbers of the copies delivered. ETSI ETSI TS 101 053-3 V2.1.1 (2016-02)9 NOTE 4: If the request is approved, the TEA3 Custodian sends
45、all items listed in annex A. Requests for part of the package of items are rejected. NOTE 5: An organization may request the specification on behalf of a second organization to which it is subcontracting work which requires the specification. In this case, the first organization is responsible for r
46、eturning a Confidentiality and Restricted Usage Undertaking (CRUU) signed by the second organization. NOTE 6: Under normal circumstances the TEA3 Custodian is expected to respond within 25 working days, excluding the delay of the procedures with the Customs Services. NOTE 7: The approved recipient i
47、s represented by its authorized officers. NOTE 8: If a TEA3 specification is returned to the TEA3 Custodian (for example the recipient may decide not to make use of the information), then the TEA3 Custodian destroys the specification and enters a note to this effect in the TEA3 Register. 5.2 Distrib
48、ution of TEA3 specification part 3 by the TEA3 Custodian The following procedure is defined for distributing only part 3 of the TEA3 specification: 1) The TEA3 Custodian receives a written request for one single copy of part 3 of the TEA3 specification. 2) The TEA3 Custodian sends one copy of part 3
49、 of the TEA3 specification to the applicant. 6 Approval criteria and restrictions The approval criteria are set by the ETSI Secretariat together with ETSI TC TCCE and maintained by the TEA3 Custodian. The TEA3 Custodian may recommend changes to these criteria. In order for an organization to be considered an approved recipient of the TEA3 specification it has to satisfy at least one of the following criteria: C1 The organization is a bona fide designer or manufacturer of TETRA subscriber or fixed network equipment, where the algorithm requested is included in the systems