INTRODUCTION TO TETRA SECURITY - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

INTRODUCTION TO TETRA SECURITY

Description:

TWC 2004 Vienna. 1. INTRODUCTION TO TETRA SECURITY. Brian Murgatroyd. TWC 2004 Vienna ... Group Key encryption key(GEK) used to protection TEKs during OTAR. ... – PowerPoint PPT presentation

Number of Views:99
Avg rating:3.0/5.0
Slides: 26
Provided by: auth203
Category:

less

Transcript and Presenter's Notes

Title: INTRODUCTION TO TETRA SECURITY


1
INTRODUCTION TO TETRA SECURITY
Brian Murgatroyd
2
Agenda
  • Why security is important in TETRA systems
  • Overview of TETRA security features
  • Authentication
  • Air interface encryption
  • Key Management
  • Terminal Disabling
  • End to End Encryption

3
Security Threats
  • What are the main threats to your system?
  • Confidentiality?
  • Availability?
  • Integrity?

4
Message Related Threats
  • interception
  • by hostile government agencies Confidentiality
  • eavesdropping
  • by hackers, criminals, terrorists
  • masquerading
  • pretending to be legitimate user
  • manipulation of data. Integrity
  • changing messages
  • Replay
  • recording messages and replaying them later

5
User Related Threats
  • traffic analysis Confidentiality
  • getting intelligence from patterns of the
    traffic-frequency- message lengths-message types
  • observability of user behaviour. examining
    where the traffic is observed - times of
    day-number of users

6
System Related Threats
  • denial of service Availability
  • preventing the system working by attempting to
    use up capacity
  • jamming Availability
  • Using RF energy to swamp receiver sites
  • unauthorized use of resources Integrity
  • Illicit use of telephony, interrogation of secure
    databases

7
Communications Security
  • Security is not just encryption!
  • Terminal Authentication
  • User logon/Authentication
  • Stolen Terminal Disabling
  • Key Management with minimum overhead
  • All the network must be secure, particularly with
    a managed system

8
TETRA Air Interface security functions
  • Authentication
  • TETRA has strong mutual authentication requiring
    knowledge of unique secret key
  • Encryption
  • Dynamic key encryption (class 3)
  • Static key encryption (class2)
  • Terminal Disabling
  • Secure temporary or permanent disable
  • Over the Air Re-keying (OTAR)
  • for managing large populations without user
    overhead
  • Aliasing/User logon
  • To allow association of user to terminal

9
Authentication
  • Used to ensure that terminal is genuine and
    allowed on network.
  • Mutual authentication ensures that in addition to
    verifying the terminal, the SwMI can be trusted.
  • Authentication requires both SwMI and terminal
    have proof of secret key.
  • Successful authentication permits further
    security related functions to be downloaded.

10
User authentication (aliasing)
  • Second layer of security
  • Ensures the user is associated with terminal
  • User logon to network aliasing server
  • log on with Radio User Identity and PIN
  • Very limited functionality allowed prior to log
    on
  • Log on/off not associated with terminal
    registration
  • Could be used as access control for applications
    as well as to the Radio system

11
Authentication
  • Strong mutual authentication used for proving the
    user/terminal is who he claims to be.
  • Only allows legitimate terminals on the network
  • Only allows the genuine network to be used by
    terminals
  • Uses Challenge- Response mechanism based on a
    unique secret key K stored in the terminal and in
    the Authentication Centre (AuC)
  • All MSs must be properly authenticated prior to
    being granted access to the network
  • One of the outputs is the Derived Cipher Key used
    for Air Interface Encryption

12
TETRA Authentication mapping to network elements
Generate RS
Authentication Centre (AuC)
K known only to AuC and MS
K
RS
TA11
KS
K
RS
Generate RAND1
KS (Session key) RS (Random seed)
TA11
KS
RAND1
RS, RAND1
KS
RAND1
RES1
TA12
DCK
EBTS
TA12
XRES1
DCK1
Compare RES1 and XRES1
RES1
DCK1
13
Encryption Process
Traffic Key (X)CK
Key Stream Generator (TEAx)
CN LA CC
Combining algorithm (TB5)
Key Stream Segments
Initialisation Vector (IV)
A
B
C
D
E
F
G
H
q
c
I
y
4
M
v

Q
t
Clear data in
Encrypted data out
14
Air Interface traffic keys
  • Four traffic keys are used in class 3 systems-
  • Derived cipher Key (DCK)
  • derived from authentication process used for
    protecting uplink, one to one calls
  • Common Cipher Key(CCK)
  • protects downlink group calls and ITSI on initial
    registration
  • Group Cipher Key(GCK)
  • Provides crypto separation, combined with CCK
  • Static Cipher Key(SCK)
  • Used for protecting DMO and TMO fallback mode

15
DMO Security
Implicit Authentication Static Cipher keys No
disabling
16
TMO SCK OTAR scheme
TETRA Infrastructure
Key Management Centre
  • DMO SCKs must be distributed when terminals are
    operating in TMO.
  • In normal circumstances, terminals should return
    to TMO coverage within a key lifetime
  • A typical DMO SCK lifetime may be between 2 weeks
    and 6 months

17
Group OTAR
  • OTAR to individuals is inefficient if same keys
    going to many terminals
  • Need to download to groups rather than individual
    terminals to save system capacity
  • Requirement for many different sets of keys in
    large multi-user network-GCKs and DMO SCKs
  • Ensure that the right terminal gets the right keys

18
Key Overlap scheme used for DMO SCKs
Transmit
Past
Present
Future
Receive
  • The scheme uses Past, Present and Future versions
    of an SCK.
  • System Rules
  • Terminals may only transmit on their Present
    version of the key.
  • Terminals may receive on any of the three
    versions of the key.
  • This scheme allows a one key period overlap.

19
Disabling of terminals
  • Vital to ensure the reduction of risk of threats
    to system by stolen and lost terminals
  • Relies on the integrity of the users to report
    losses quickly and accurately.
  • May be achieved by removing subscription and/or
    disabling terminal
  • Disabling may be either temporary or permanent
  • Permanent disabling removes all keys including
    (k)
  • Temporary disabling removes all traffic keys but
    allows ambience listening

20
End to end encryption
  • Protects messages across an untrusted
    infrastructure
  • Provides enhanced confidentiality
  • Voice and SDS services
  • IP data services (soon)

Network
MS
MS
Air interface security between MS and network
End-to-end security between MSs
21
Features of End to End Encryption
  • Only protects the user payload (confidentiality
    protection)
  • Needs an additional synchronization vector
  • Requires a transparent network - no
    transcoding-All the bits encrypted at the
    transmitting end must be decrypted at the
    receiver
  • Will not work outside the TETRA domain
  • Key Management in User Domain
  • No need to trust network provider
  • frequent transmission of synchronization vector
    needed to ensure good late entry capability but
    as frame stealing is used this may impact
    slightly on voice quality.

22
End to end keys
  • Traffic encryption key(TEK). Three editions used
    in terminal to give key overlap.
  • Group Key encryption key(GEK) used to protection
    TEKs during OTAR.
  • Unique KEK(long life) used to protect GEKs during
    OTAR.
  • Signalling Encryption Keys (SEK) used optionally
    for control traffic

23
E2e Key Management
Key Management System, GEK (y)
TEKGEK(y)
GEK(y)UKEK (x)
TerminalUKEK (x), GEK (y)
24
Benefits of end to end encryption with Air
Interface encryption
  • Air interface (AI) encryption alone and end to
    end encryption alone both have their limitations
  • For most users AI security measures are
    completely adequate
  • Where either the network is untrusted, or the
    data is extremely sensitive then end to end
    encryption may be used in addition
  • Brings the benefit of encrypting addresses and
    signalling as well as user data across the Air
    Interface and confidentiality right across the
    network

25
Conclusions
  • Security functions built in from the start!
  • User friendly and transparent key management.
  • Air interface encryption protects, control
    traffic, IDs as well as voice and user traffic.
  • Key management comes without user overhead
    because of OTAR.
Write a Comment
User Comments (0)
About PowerShow.com