ETSI EN 300 392-7 V3.4.1 (2017-01)
Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security
Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security
REN/TETRA-06184
Prizemni snopovni radio (TETRA) - Govor in podatki (V+D) - 7. del: Varnost
Ta dokument opredeljuje prizemni snopovni radijski sistem (TETRA), ki podpira govor in podatke (V+D). Določa radijski vmesnik, medsebojno delovanje med prizemnimi snopovnimi radijskimi sistemi in drugimi sistemi prek prehodov, vmesnik terminalske opreme na mobilni postaji, povezavo linijskih postaj z infrastrukturo, varnostne vidike prizemnih snopovnih radijskih omrežij, storitve upravljanja, ki so razpoložljive operaterju, cilje učinkovitosti ter dopolnilne storitve, ki so na voljo poleg osnovnih in telekomunikacijskih storitev.
Ta del opisuje varnostne mehanizme govora in podatkov v okviru prizemnega snopovnega radia. Zagotavlja mehanizme za zaupnost krmilne signalizacije ter govora in podatkov uporabnika prek radijskega vmesnika, mehanizme za preverjanje pristnosti in ključne mehanizme za upravljanje radijskega vmesnika in medsistemskega vmesnika (ISI).
Točka 4 opisuje mehanizme za preverjanje pristnosti in ključne mehanizme za upravljanje za radijski vmesnik prizemnega snopovnega radia. Naslednji storitvi preverjanja pristnosti za radijski vmesnik sta na podlagi analize groženj določeni v standardu ETSI ETR 086-3 [i.3]:
• preverjanje pristnosti mobilne postaje (MS) z infrastrukturo prizemnega snopovnega radia;
• preverjanje pristnosti infrastrukture prizemnega snopovnega radia z mobilno postajo.
Točka 5 opisuje mehanizme in protokole za omogočanje in onemogočanje opreme mobilnih postaj in naročnine uporabnika.
Prizemni snopovni radio lahko omogoča možnost šifriranja radijskega vmesnika. Točka 6, kadar se uporablja,
opisuje mehanizme zaupnosti s šifriranjem radijskega vmesnika, govor v vodovnem načinu, podatke v vodovnem načinu, paketne podatke in informacije o nadzoru. Točka 6 opisuje mehanizme šifriranja in postopke mobilnosti. Vključuje tudi podroben opis protokola za nadzor šifriranja prek radijskega vmesnika.
Ta dokument ne obravnava podrobne obravnave napak protokola ali mehanizmov protokola, kadar prizemni snopovni radio deluje v degradiranem načinu. Ta vprašanja so specifična za posamezno izvedbo in zato ne spadajo na področje prizadevanj za standardizacijo prizemnega snopovnega radia.
Podroben opis centra za preverjanje pristnosti ne spada na področje uporabe tega dokumenta.
General Information
Overview
ETSI EN 300 392-7 V3.4.1 (2017-01) specifies the security framework for Terrestrial Trunked Radio (TETRA) Voice plus Data (V+D) systems. It defines security objectives and mechanisms for protecting control signalling, user speech and data across the air interface and for key management and authentication across the air interface and the Inter‑System Interface (ISI). The standard complements other TETRA V+D parts by focusing specifically on authentication, key management, encryption and enable/disable controls for mobile stations (MS) and subscriptions.
Key topics and technical requirements
- Air interface authentication: Defines authentication services including authentication of an MS by the infrastructure, authentication of the infrastructure by an MS, and mutual authentication (see Clause 4). These mechanisms are based on threat analysis referenced in ETSI ETR 086-3.
- Key management primitives: Specifies key types and management flows used on the air interface and via OTAR (Over‑The‑Air Rekeying), including keys referenced in the standard (DCK, GCK, CCK, SCK, GSKO) and procedures for secure distribution and notification.
- Encryption/confidentiality: Clause 6 covers optional air interface encryption for circuit-mode speech, circuit-mode data, packet data and control information, including cipher control and mobility procedures.
- OTAR protocols and crypto management: Detailed OTAR functions for delivering cipher keys, group key management, synchronization of cipher key changes, retries, and group/individual provisioning.
- Enable/disable controls: Clause 5 defines protocols to enable/disable mobile station equipment and subscriber services (equipment lock, subscription disablement).
- Scope boundaries: The standard does not prescribe detailed handling of protocol errors in degraded modes and does not provide the full internal description of the Authentication Centre-these are implementation-specific.
Practical applications and users
This standard is essential for:
- Network operators and system integrators deploying or operating TETRA V+D networks who need to implement secure authentication and key lifecycle management.
- Equipment manufacturers (MS, base stations, gateways) designing compliant radio equipment and implementing air-interface security functions.
- Public safety and critical communications agencies requiring proven confidentiality and authentication mechanisms for voice and data.
- Security architects and auditors validating TETRA deployments for regulatory compliance and interoperability. Practical use cases include secure mission‑critical voice, encrypted data transport, inter‑system gateway authentication across ISI, and centralized over‑the‑air key updates.
Related standards
- ETSI ETR 086-3 (referenced for authentication basis)
- Other parts of the EN 300 392 series covering TETRA air interface, signalling and subsystem interfaces
ETSI EN 300 392-7 V3.4.1 (2017-01) is a technical reference for implementing robust TETRA V+D security-covering authentication, key management, OTAR, encryption and operational controls needed by vendors, operators and public-safety users.
Standards Content (Sample)
Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
EUROPEAN STANDARD
Terrestrial Trunked Radio (TETRA);
Voice plus Data (V+D);
Part 7: Security
2 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
Reference
REN/TETRA-06184
Keywords
security, TETRA, V+D
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2016.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
Contents
Intellectual Property Rights . 11
Foreword . 11
Modal verbs terminology . 12
1 Scope . 13
2 References . 13
2.1 Normative references . 13
2.2 Informative references . 14
3 Definitions and abbreviations . 15
3.1 Definitions . 15
3.2 Abbreviations . 18
4 Air Interface authentication and key management mechanisms . 20
4.a General . 20
4.0 Security classes . 20
4.1 Air interface authentication mechanisms . 21
4.1.1 Overview . 21
4.1.1a Authentication and key management algorithms . 21
4.1.2 Authentication of an MS . 21
4.1.3 Authentication of the infrastructure . 22
4.1.4 Mutual authentication of MS and infrastructure . 23
4.1.5 The authentication key . 25
4.1.6 Equipment authentication . 26
4.1.6a Request for information related to an MS . 26
4.1.7 Authentication of an MS when migrated . 26
4.1.8 Authentication of the home SwMI when migrated . 27
4.1.9 Mutual Authentication of MS and infrastructure when migrated . 28
4.2 Air Interface key management mechanisms . 29
4.2.0 General . 29
4.2.1 The DCK . 29
4.2.2 The GCK . 30
4.2.2.0 General . 30
4.2.2.1 Session key modifier GCK0 . 31
4.2.3 The CCK . 32
4.2.4 The SCK . 33
4.2.4.0 General . 33
4.2.4.1 SCK association for DMO use . 35
4.2.4.1.0 General . 35
4.2.4.1.1 DMO SCK subset grouping . 35
4.2.5 The GSKO . 37
4.2.5.0 General . 37
4.2.5.1 SCK distribution to groups with OTAR . 38
4.2.5.2 GCK distribution to groups with OTAR . 38
4.2.5.3 Rules for MS response to group key distribution . 38
4.2.6 Encrypted Short Identity (ESI) mechanism . 39
4.2.7 Encryption Cipher Key . 39
4.2.8 Summary of AI key management mechanisms . 40
4.3 Service description and primitives . 42
4.3.1 Authentication primitives . 42
4.3.2 SCK transfer primitives . 42
4.3.3 GCK transfer primitives . 43
4.3.4 GSKO transfer primitives . 44
4.4 Authentication protocol . 45
4.4.1 Authentication state transitions . 45
4.4.2 Authentication protocol sequences and operations . 48
4.4.2.0 General . 48
4.4.2.1 MSCs for authentication . 49
ETSI
4 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
4.4.2.2 MSCs for authentication and security type-3 elements . 55
4.4.2.3 Control of authentication timer T354 at MS . 58
4.4a Information request protocol . 59
4.5 OTAR protocols . 62
4.5.1 CCK delivery - protocol functions . 62
4.5.1.0 General . 62
4.5.1.1 SwMI-initiated CCK provision . 63
4.5.1.2 MS-initiated CCK provision with U-OTAR CCK demand. 64
4.5.1.3 MS-initiated CCK provision with announced cell reselection . 64
4.5.2 OTAR protocol functions - SCK . 65
4.5.2.0 General . 65
4.5.2.1 MS requests provision of SCK(s) . 66
4.5.2.2 SwMI provides SCK(s) to individual MS . 67
4.5.2.3 SwMI provides SCK(s) to group of MSs . 68
4.5.2.4 SwMI rejects provision of SCK . 70
4.5.3 OTAR protocol functions - GCK . 71
4.5.3.0 General . 71
4.5.3.1 MS requests provision of GCK . 71
4.5.3.2 SwMI provides GCK to an individual MS . 73
4.5.3.3 SwMI provides GCK to a group of MSs . 74
4.5.3.4 SwMI rejects provision of GCK . 76
4.5.4 Cipher key association to group address . 77
4.5.4.0 General . 77
4.5.4.1 SCK association for DMO . 78
4.5.4.2 GCK association . 81
4.5.5 Notification of key change over the air . 83
4.5.5.0 General . 83
4.5.5.1 Change of DCK . 84
4.5.5.2 Change of CCK . 85
4.5.5.3 Change of GCK . 85
4.5.5.4 Change of SCK for TMO . 85
4.5.5.5 Change of SCK for DMO . 85
4.5.5.6 Synchronization of Cipher Key Change . 86
4.5.6 Security class change . 86
4.5.6.0 General . 86
4.5.6.1 Change of security class to security class 1 . 87
4.5.6.2 Change of security class to security class 2 . 87
4.5.6.3 Change of security class to security class 3 . 87
4.5.6.4 Change of security class to security class 3 with GCK . 87
4.5.7 Notification of key in use . 88
4.5.8 Notification of GCK Activation/Deactivation . 88
4.5.9 Deletion of SCK, GCK and GSKO . 88
4.5.10 Air Interface Key Status Enquiry . 90
4.5.11 Crypto management group . 92
4.5.12 OTAR retry mechanism . 93
4.5.13 OTAR protocol functions - GSKO . 94
4.5.13.0 General . 94
4.5.13.1 MS requests provision of GSKO . 94
4.5.13.2 SwMI provides GSKO to an MS . 95
4.5.13.3 SwMI rejects provision of GSKO . 95
4.5.14 OTAR protocol functions - interaction and queuing . 95
4.5.15 KSOv for OTAR operations in visited SwMI . 96
4.5.16 Transfer of AI cipher keys across the ISI . 99
5 Enable and disable mechanism . 99
5.0 General . 99
5.1 General relationships . 100
5.2 Enable/disable state transitions . 100
5.3 Mechanisms . 101
5.3.0 General . 101
5.3.1 Disable of MS equipment . 102
5.3.2 Disable of an subscription . 102
ETSI
5 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
5.3.3 Disable of subscription and equipment . 102
5.3.4 Enable an MS equipment . 102
5.3.5 Enable an MS subscription . 102
5.3.6 Enable an MS equipment and subscription . 102
5.4 Enable/disable protocol . 103
5.4.1 General case . 103
5.4.2 Status of cipher key material. 104
5.4.2.1 Permanently disabled state . 104
5.4.2.2 Temporarily disabled state . 104
5.4.3 Specific protocol exchanges . 105
5.4.3.0 General . 105
5.4.3.1 Disabling an MS with mutual authentication . 105
5.4.3.2 Enabling an MS with mutual authentication . 106
5.4.3.3 Enabling an MS with non-mutual authentication . 107
5.4.3.4 Disabling an MS with non-mutual authentication . 109
5.4.4 Enabling an MS without authentication . 109
5.4.5 Disabling an MS without authentication . 110
5.4.6 Rejection of enable or disable command . 110
5.4.6a Expiry of Enable/Disable protocol timer . 111
5.4.7 MM service primitives . 111
5.4.7.0 General . 111
5.4.7.1 TNMM-DISABLING primitive . 111
5.4.7.2 TNMM-ENABLING primitive . 112
6 Air Interface (AI) encryption . 112
6.1 General principles. 112
6.2 Security class . 113
6.2.a General . 113
6.2.0 Notification of security class . 114
6.2.0.0 General . 114
6.2.0.1 Security Class of Neighbouring Cells . 115
6.2.0.2 Identification of MS security capabilities . 115
6.2.1 Constraints on LA arising from cell class . 115
6.3 Key Stream Generator (KSG) . 115
6.3.0 General . 115
6.3.1 KSG numbering and selection . 116
6.3.2 Interface parameters . 116
6.3.2.1 Initial Value (IV) . 116
6.3.2.2 Cipher Key . 117
6.4 Encryption mechanism . 117
6.4.0 General . 117
6.4.1 Allocation of KSS to logical channels . 117
6.4.2 Allocation of KSS to logical channels with PDU association . 119
6.4.2.1 General . 119
6.4.2.2 KSS allocation on phase modulation channels . 120
6.4.2.3 KSS allocation on QAM channels . 121
6.4.2.3.0 General . 121
6.4.2.3.1 Fixed mapping . 121
6.4.2.3.2 Offset mapping . 122
6.4.3 Synchronization of data calls where data is multi-slot interleaved . 123
6.4.4 Recovery of stolen frames from interleaved data . 124
6.5 Use of cipher keys . 125
6.5.0 General . 125
6.5.1 Identification of encryption state of downlink MAC PDUs . 126
6.5.1.0 General . 126
6.5.1.1 Class 1 cells . 126
6.5.1.2 Class 2 cells . 127
6.5.1.3 Class 3 cells . 127
6.5.2 Identification of encryption state of uplink MAC PDUs . 127
6.6 Mobility procedures . 128
6.6.1 General requirements . 128
6.6.1.0 Common requirements . 128
ETSI
6 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
6.6.1.1 Additional requirements for class 3 systems . 128
6.6.2 Protocol description . 128
6.6.2.0 General . 128
6.6.2.1 Negotiation of ciphering parameters . 128
6.6.2.1.0 General . 128
6.6.2.1.1 Class 1 cells . 129
6.6.2.1.2 Class 2 cells . 129
6.6.2.1.3 Class 3 cells . 129
6.6.2.2 Initial and undeclared cell re-selection . 129
6.6.2.3 Unannounced cell re-selection . 130
6.6.2.4 Announced cell re-selection type-3 . 131
6.6.2.5 Announced cell re-selection type-2 . 131
6.6.2.6 Announced cell re-selection type-1 . 131
6.6.2.7 Key forwarding . 131
6.6.3 Shared channels . 132
6.7 Encryption control . 133
6.7.0 General . 133
6.7.1 Data to be encrypted . 133
6.7.1.1 Downlink control channel requirements . 133
6.7.1.2 Encryption of MAC header elements . 133
6.7.1.3 Traffic channel encryption control . 133
6.7.1.4 Handling of PDUs that do not conform to negotiated ciphering mode . 134
6.7.2 Service description and primitives . 134
6.7.2.0 General . 134
6.7.2.1 Mobility Management (MM) . 135
6.7.2.2 Mobile Link Entity (MLE) . 136
6.7.2.3 Layer 2 . 138
6.7.3 Protocol functions . 138
6.7.3.0 General . 138
6.7.3.1 MM . 138
6.7.3.2 MLE . 138
6.7.3.3 LLC . 138
6.7.3.4 MAC . 139
6.7.4 PDUs for cipher negotiation . 139
Annex A (normative): PDU and element definitions . 140
A.0 General . 140
A.1 Authentication PDUs . 140
A.1.1 D-AUTHENTICATION demand . 140
A.1.2 D-AUTHENTICATION reject . 140
A.1.3 D-AUTHENTICATION response . 141
A.1.4 D-AUTHENTICATION result . 141
A.1.5 U-AUTHENTICATION demand . 141
A.1.6 U-AUTHENTICATION reject . 142
A.1.7 U-AUTHENTICATION response . 142
A.1.8 U-AUTHENTICATION result . 143
A.2 OTAR PDUs . 143
A.2.1 D-OTAR CCK Provide . 143
A.2.2 U-OTAR CCK Demand . 143
A.2.3 U-OTAR CCK Result . 144
A.2.4 D-OTAR GCK Provide . 144
A.2.5 U-OTAR GCK Demand . 145
A.2.6 U-OTAR GCK Result . 146
A.2.6a D-OTAR GCK Reject . 146
A.2.7 D-OTAR SCK Provide . 147
A.2.8 U-OTAR SCK Demand . 148
A.2.9 U-OTAR SCK Result . 148
A.2.9a D-OTAR SCK Reject . 149
A.2.10 D-OTAR GSKO Provide . 149
A.2.11 U-OTAR GSKO Demand . 150
ETSI
7 Draft ETSI EN 300 392-7 V3.4.0 (2016-04)
A.2.12 U-OTAR GSKO Result . 150
A.2.12a D-OTAR GSKO Reject . 150
A.3 PDUs for key association to GTSI . 151
A.3.1 D-OTAR KEY ASSOCIATE demand . 151
A.3.2 U-OTAR KEY ASSOCIATE status . 152
A.4 PDUs to synchronize key or security class change . 152
A.4.1 D-CK CHANGE demand . 152
A.4.2 U-CK CHANGE result . 153
A.4.2a U-OTAR KEY DELETE result . 154
A.4.2b U-OTAR KEY STATUS response . 155
A.4.3 D-DM-SCK ACTIVATE DEMAND . 156
A.4.4 U-DM-SCK ACTIVATE RESULT . 157
A.4a PDUs to delete air interface keys in MS . 158
A.4a.1 D-OTAR KEY DELETE demand . 158
A.4a.2 U-OTAR KEY DELETE result . 158
A.4b PDUs to obtain Air Interface Key Status . 159
A.4b.1 D-OTAR KEY STATUS demand . 159
A.4b.2 U-OTAR KEY STATUS response . 160
A.5 Other security domain PDUs . 161
A.5.1 U-TEI PROVIDE . 161
A.5.2 U-OTAR PREPARE . 162
A.5.3 D-OTAR NEWCELL . 162
A.5.4 D-OTAR CMG GTSI PROVIDE . 162
A.5.5 U-OTAR CMG GTSI RESULT . 163
A.5.6 U-INFORMATION PROVIDE . 163
A.6 PDUs for Enable and Disable . 165
A.6.1 D-DISABLE . 165
A.6.2 D-ENABLE . 165
A.6.3 U-DISABLE STATUS . 166
A.7 MM PDU type 3 information elements coding . 166
A.7.0 General . 166
A.7.1 Authentication downlink . 166
A.7.2 Authentication uplink . 167
A.7.3 Security downlink.
...
Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
EUROPEAN STANDARD
Terrestrial Trunked Radio (TETRA);
Voice plus Data (V+D);
Part 7: Security
2 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
Reference
REN/TETRA-06184
Keywords
security, TETRA, V+D
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2016.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
Contents
Intellectual Property Rights . 11
Foreword . 11
Modal verbs terminology . 12
1 Scope . 13
2 References . 13
2.1 Normative references . 13
2.2 Informative references . 14
3 Definitions and abbreviations . 15
3.1 Definitions . 15
3.2 Abbreviations . 18
4 Air Interface authentication and key management mechanisms . 20
4.a General . 20
4.0 Security classes . 20
4.1 Air interface authentication mechanisms . 21
4.1.1 Overview . 21
4.1.1a Authentication and key management algorithms . 21
4.1.2 Authentication of an MS . 21
4.1.3 Authentication of the infrastructure . 22
4.1.4 Mutual authentication of MS and infrastructure . 23
4.1.5 The authentication key . 25
4.1.6 Equipment authentication . 26
4.1.6a Request for information related to an MS . 26
4.1.7 Authentication of an MS when migrated . 26
4.1.8 Authentication of the home SwMI when migrated . 27
4.1.9 Mutual Authentication of MS and infrastructure when migrated . 28
4.2 Air Interface key management mechanisms . 29
4.2.0 General . 29
4.2.1 The DCK . 29
4.2.2 The GCK . 30
4.2.2.0 General . 30
4.2.2.1 Session key modifier GCK0 . 31
4.2.3 The CCK . 32
4.2.4 The SCK . 33
4.2.4.0 General . 33
4.2.4.1 SCK association for DMO use . 35
4.2.4.1.0 General . 35
4.2.4.1.1 DMO SCK subset grouping . 35
4.2.5 The GSKO . 37
4.2.5.0 General . 37
4.2.5.1 SCK distribution to groups with OTAR . 38
4.2.5.2 GCK distribution to groups with OTAR . 38
4.2.5.3 Rules for MS response to group key distribution . 39
4.2.6 Encrypted Short Identity (ESI) mechanism . 39
4.2.7 Encryption Cipher Key . 40
4.2.8 Summary of AI key management mechanisms . 40
4.3 Service description and primitives . 42
4.3.1 Authentication primitives . 42
4.3.2 SCK transfer primitives . 42
4.3.3 GCK transfer primitives . 43
4.3.4 GSKO transfer primitives . 44
4.4 Authentication protocol . 45
4.4.1 Authentication state transitions . 45
4.4.2 Authentication protocol sequences and operations . 48
4.4.2.0 General . 48
4.4.2.1 MSCs for authentication . 49
ETSI
4 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
4.4.2.2 MSCs for authentication and security type-3 elements . 55
4.4.2.3 Control of authentication timer T354 at MS . 58
4.4a Information request protocol . 59
4.5 OTAR protocols . 62
4.5.1 CCK delivery - protocol functions . 62
4.5.1.0 General . 62
4.5.1.1 SwMI-initiated CCK provision . 63
4.5.1.2 MS-initiated CCK provision with U-OTAR CCK demand. 65
4.5.1.3 MS-initiated CCK provision with announced cell reselection . 65
4.5.2 OTAR protocol functions - SCK . 66
4.5.2.0 General . 66
4.5.2.1 MS requests provision of SCK(s) . 67
4.5.2.2 SwMI provides SCK(s) to individual MS . 68
4.5.2.3 SwMI provides SCK(s) to group of MSs . 70
4.5.2.4 SwMI rejects provision of SCK . 71
4.5.3 OTAR protocol functions - GCK . 72
4.5.3.0 General . 72
4.5.3.1 MS requests provision of GCK . 72
4.5.3.2 SwMI provides GCK to an individual MS . 74
4.5.3.3 SwMI provides GCK to a group of MSs . 75
4.5.3.4 SwMI rejects provision of GCK . 77
4.5.4 Cipher key association to group address . 78
4.5.4.0 General . 78
4.5.4.1 SCK association for DMO . 79
4.5.4.2 GCK association . 82
4.5.5 Notification of key change over the air . 84
4.5.5.0 General . 84
4.5.5.1 Change of DCK . 85
4.5.5.2 Change of CCK . 86
4.5.5.3 Change of GCK . 86
4.5.5.4 Change of SCK for TMO . 86
4.5.5.5 Change of SCK for DMO . 86
4.5.5.6 Synchronization of Cipher Key Change . 87
4.5.6 Security class change . 87
4.5.6.0 General . 87
4.5.6.1 Change of security class to security class 1 . 88
4.5.6.2 Change of security class to security class 2 . 88
4.5.6.3 Change of security class to security class 3 . 88
4.5.6.4 Change of security class to security class 3 with GCK . 88
4.5.7 Notification of key in use . 89
4.5.8 Notification of GCK Activation/Deactivation . 89
4.5.9 Deletion of SCK, GCK and GSKO . 89
4.5.10 Air Interface Key Status Enquiry . 91
4.5.11 Crypto management group . 93
4.5.12 OTAR retry mechanism . 94
4.5.13 OTAR protocol functions - GSKO . 95
4.5.13.0 General . 95
4.5.13.1 MS requests provision of GSKO . 95
4.5.13.2 SwMI provides GSKO to an MS . 96
4.5.13.3 SwMI rejects provision of GSKO . 96
4.5.14 OTAR protocol functions - interaction and queuing . 96
4.5.15 KSOv for OTAR operations in visited SwMI . 97
4.5.16 Transfer of AI cipher keys across the ISI . 100
5 Enable and disable mechanism . 100
5.0 General . 100
5.1 General relationships . 101
5.2 Enable/disable state transitions . 101
5.3 Mechanisms . 102
5.3.0 General . 102
5.3.1 Disable of MS equipment . 103
5.3.2 Disable of an subscription . 103
ETSI
5 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
5.3.3 Disable of subscription and equipment . 103
5.3.4 Enable an MS equipment . 103
5.3.5 Enable an MS subscription . 103
5.3.6 Enable an MS equipment and subscription . 103
5.4 Enable/disable protocol . 104
5.4.1 General case . 104
5.4.2 Status of cipher key material. 105
5.4.2.1 Permanently disabled state . 105
5.4.2.2 Temporarily disabled state . 105
5.4.3 Specific protocol exchanges . 106
5.4.3.0 General . 106
5.4.3.1 Disabling an MS with mutual authentication . 106
5.4.3.2 Enabling an MS with mutual authentication . 107
5.4.3.3 Enabling an MS with non-mutual authentication . 108
5.4.3.4 Disabling an MS with non-mutual authentication . 110
5.4.4 Enabling an MS without authentication . 111
5.4.5 Disabling an MS without authentication . 111
5.4.6 Rejection of enable or disable command . 111
5.4.6a Expiry of Enable/Disable protocol timer . 112
5.4.7 MM service primitives . 113
5.4.7.0 General . 113
5.4.7.1 TNMM-DISABLING primitive . 113
5.4.7.2 TNMM-ENABLING primitive . 113
6 Air Interface (AI) encryption . 113
6.1 General principles. 113
6.2 Security class . 114
6.2.a General . 114
6.2.0 Notification of security class . 115
6.2.0.0 General . 115
6.2.0.1 Security Class of Neighbouring Cells . 116
6.2.0.2 Identification of MS security capabilities . 116
6.2.1 Constraints on LA arising from cell class . 116
6.3 Key Stream Generator (KSG) . 116
6.3.0 General . 116
6.3.1 KSG numbering and selection . 117
6.3.2 Interface parameters . 117
6.3.2.1 Initial Value (IV) . 117
6.3.2.2 Cipher Key . 118
6.4 Encryption mechanism . 118
6.4.0 General . 118
6.4.1 Allocation of KSS to logical channels . 118
6.4.2 Allocation of KSS to logical channels with PDU association . 120
6.4.2.1 General . 120
6.4.2.2 KSS allocation on phase modulation channels . 121
6.4.2.3 KSS allocation on QAM channels . 122
6.4.2.3.0 General . 122
6.4.2.3.1 Fixed mapping . 122
6.4.2.3.2 Offset mapping . 123
6.4.3 Synchronization of data calls where data is multi-slot interleaved . 124
6.4.4 Recovery of stolen frames from interleaved data . 125
6.5 Use of cipher keys . 126
6.5.0 General . 126
6.5.1 Identification of encryption state of downlink MAC PDUs . 127
6.5.1.0 General . 127
6.5.1.1 Class 1 cells . 127
6.5.1.2 Class 2 cells . 128
6.5.1.3 Class 3 cells . 128
6.5.2 Identification of encryption state of uplink MAC PDUs . 128
6.6 Mobility procedures . 129
6.6.1 General requirements . 129
6.6.1.0 Common requirements . 129
ETSI
6 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
6.6.1.1 Additional requirements for class 3 systems . 129
6.6.2 Protocol description . 129
6.6.2.0 General . 129
6.6.2.1 Negotiation of ciphering parameters . 129
6.6.2.1.0 General . 129
6.6.2.1.1 Class 1 cells . 130
6.6.2.1.2 Class 2 cells . 130
6.6.2.1.3 Class 3 cells . 130
6.6.2.2 Initial and undeclared cell re-selection . 130
6.6.2.3 Unannounced cell re-selection . 131
6.6.2.4 Announced cell re-selection type-3 . 132
6.6.2.5 Announced cell re-selection type-2 . 132
6.6.2.6 Announced cell re-selection type-1 . 132
6.6.2.7 Key forwarding . 132
6.6.3 Shared channels . 133
6.7 Encryption control . 134
6.7.0 General . 134
6.7.1 Data to be encrypted . 134
6.7.1.1 Downlink control channel requirements . 134
6.7.1.2 Encryption of MAC header elements . 134
6.7.1.3 Traffic channel encryption control . 134
6.7.1.4 Handling of PDUs that do not conform to negotiated ciphering mode . 135
6.7.2 Service description and primitives . 135
6.7.2.0 General . 135
6.7.2.1 Mobility Management (MM) . 136
6.7.2.2 Mobile Link Entity (MLE) . 137
6.7.2.3 Layer 2 . 139
6.7.3 Protocol functions . 139
6.7.3.0 General . 139
6.7.3.1 MM . 139
6.7.3.2 MLE . 139
6.7.3.3 LLC . 139
6.7.3.4 MAC . 140
6.7.4 PDUs for cipher negotiation . 140
Annex A (normative): PDU and element definitions . 141
A.0 General . 141
A.1 Authentication PDUs . 141
A.1.1 D-AUTHENTICATION demand . 141
A.1.2 D-AUTHENTICATION reject . 141
A.1.3 D-AUTHENTICATION response . 142
A.1.4 D-AUTHENTICATION result . 142
A.1.5 U-AUTHENTICATION demand . 142
A.1.6 U-AUTHENTICATION reject . 143
A.1.7 U-AUTHENTICATION response . 143
A.1.8 U-AUTHENTICATION result . 144
A.2 OTAR PDUs . 144
A.2.1 D-OTAR CCK Provide . 144
A.2.2 U-OTAR CCK Demand . 144
A.2.3 U-OTAR CCK Result . 145
A.2.4 D-OTAR GCK Provide . 145
A.2.5 U-OTAR GCK Demand . 146
A.2.6 U-OTAR GCK Result . 147
A.2.6a D-OTAR GCK Reject . 147
A.2.7 D-OTAR SCK Provide . 148
A.2.8 U-OTAR SCK Demand . 149
A.2.9 U-OTAR SCK Result . 149
A.2.9a D-OTAR SCK Reject . 150
A.2.10 D-OTAR GSKO Provide . 150
A.2.11 U-OTAR GSKO Demand . 151
ETSI
7 Final draft ETSI EN 300 392-7 V3.4.1 (2016-10)
A.2.12 U-OTAR GSKO Result . 151
A.2.12a D-OTAR GSKO Reject . 151
A.3 PDUs for key association to GTSI . 152
A.3.1 D-OTAR KEY ASSOCIATE demand . 152
A.3.2 U-OTAR KEY ASSOCIATE status . 153
A.4 PDUs to synchronize key or security class change . 153
A.4.1 D-CK CHANGE demand . 153
A.4.2 U-CK CHANGE result . 154
A.4.2a U-OTAR KEY DELETE result . 155
A.4.2b U-OTAR KEY STATUS response . 156
A.4.3 D-DM-SCK ACTIVATE DEMAND . 157
A.4.4 U-DM-SCK ACTIVATE RESULT . 158
A.4a PDUs to delete air interface keys in MS . 159
A.4a.1 D-OTAR KEY DELETE demand . 159
A.4a.2 U-OTAR KEY DELETE result . 159
A.4b PDUs to obtain Air Interface Key Status . 160
A.4b.1 D-OTAR KEY STATUS demand . 160
A.4b.2 U-OTAR KEY STATUS response . 161
A.5 Other security domain PDUs . 162
A.5.1 U-TEI PROVIDE . 162
A.5.2 U-OTAR PREPARE . 163
A.5.3 D-OTAR NEWCELL . 163
A.5.4 D-OTAR CMG GTSI PROVIDE . 163
A.5.5 U-OTAR CMG GTSI RESULT . 164
A.5.6 U-INFORMATION PROVIDE . 164
A.6 PDUs for Enable and Disable . 166
A.6.1 D-DISABLE . 166
A.6.2 D-ENABLE . 166
A.6.3 U-DISABLE STATUS . 167
A.7 MM PDU type 3 information elements coding . 167
A.7.0 General . 167
A.7.1 Authentication downlink . 167
A.7.2 Authentication uplink . 168
A.7.3 Security downlink.
...
EUROPEAN STANDARD
Terrestrial Trunked Radio (TETRA);
Voice plus Data (V+D);
Part 7: Security
2 ETSI EN 300 392-7 V3.4.1 (2017-01)
Reference
REN/TETRA-06184
Keywords
security, TETRA, V+D
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88
Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2017.
All rights reserved.
TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
3 ETSI EN 300 392-7 V3.4.1 (2017-01)
Contents
Intellectual Property Rights . 11
Foreword . 11
Modal verbs terminology . 12
1 Scope . 13
2 References . 13
2.1 Normative references . 13
2.2 Informative references . 14
3 Definitions and abbreviations . 15
3.1 Definitions . 15
3.2 Abbreviations . 18
4 Air Interface authentication and key management mechanisms . 20
4.a General . 20
4.0 Security classes . 20
4.1 Air interface authentication mechanisms . 21
4.1.1 Overview . 21
4.1.1a Authentication and key management algorithms . 21
4.1.2 Authentication of an MS . 21
4.1.3 Authentication of the infrastructure . 22
4.1.4 Mutual authentication of MS and infrastructure . 23
4.1.5 The authentication key . 25
4.1.6 Equipment authentication . 25
4.1.6a Request for information related to an MS . 26
4.1.7 Authentication of an MS when migrated . 26
4.1.8 Authentication of the home SwMI when migrated . 27
4.1.9 Mutual Authentication of MS and infrastructure when migrated . 28
4.2 Air Interface key management mechanisms . 29
4.2.0 General . 29
4.2.1 The DCK . 29
4.2.2 The GCK . 30
4.2.2.0 General . 30
4.2.2.1 Session key modifier GCK0 . 31
4.2.3 The CCK . 32
4.2.4 The SCK . 33
4.2.4.0 General . 33
4.2.4.1 SCK association for DMO use . 35
4.2.4.1.0 General . 35
4.2.4.1.1 DMO SCK subset grouping . 35
4.2.5 The GSKO . 37
4.2.5.0 General . 37
4.2.5.1 SCK distribution to groups with OTAR . 38
4.2.5.2 GCK distribution to groups with OTAR . 38
4.2.5.3 Rules for MS response to group key distribution . 39
4.2.6 Encrypted Short Identity (ESI) mechanism . 39
4.2.7 Encryption Cipher Key . 40
4.2.8 Summary of AI key management mechanisms . 40
4.3 Service description and primitives . 42
4.3.1 Authentication primitives . 42
4.3.2 SCK transfer primitives . 42
4.3.3 GCK transfer primitives . 43
4.3.4 GSKO transfer primitives . 44
4.4 Authentication protocol . 45
4.4.1 Authentication state transitions . 45
4.4.2 Authentication protocol sequences and operations . 48
4.4.2.0 General . 48
4.4.2.1 MSCs for authentication . 49
ETSI
4 ETSI EN 300 392-7 V3.4.1 (2017-01)
4.4.2.2 MSCs for authentication and security type-3 elements . 55
4.4.2.3 Control of authentication timer T354 at MS . 58
4.4a Information request protocol . 59
4.5 OTAR protocols . 62
4.5.1 CCK delivery - protocol functions . 62
4.5.1.0 General . 62
4.5.1.1 SwMI-initiated CCK provision . 63
4.5.1.2 MS-initiated CCK provision with U-OTAR CCK demand. 65
4.5.1.3 MS-initiated CCK provision with announced cell reselection . 65
4.5.2 OTAR protocol functions - SCK . 66
4.5.2.0 General . 66
4.5.2.1 MS requests provision of SCK(s) . 67
4.5.2.2 SwMI provides SCK(s) to individual MS . 68
4.5.2.3 SwMI provides SCK(s) to group of MSs . 70
4.5.2.4 SwMI rejects provision of SCK . 71
4.5.3 OTAR protocol functions - GCK . 72
4.5.3.0 General . 72
4.5.3.1 MS requests provision of GCK . 72
4.5.3.2 SwMI provides GCK to an individual MS . 74
4.5.3.3 SwMI provides GCK to a group of MSs . 75
4.5.3.4 SwMI rejects provision of GCK . 77
4.5.4 Cipher key association to group address . 78
4.5.4.0 General . 78
4.5.4.1 SCK association for DMO . 79
4.5.4.2 GCK association . 82
4.5.5 Notification of key change over the air . 84
4.5.5.0 General . 84
4.5.5.1 Change of DCK . 85
4.5.5.2 Change of CCK . 86
4.5.5.3 Change of GCK . 86
4.5.5.4 Change of SCK for TMO . 86
4.5.5.5 Change of SCK for DMO . 86
4.5.5.6 Synchronization of Cipher Key Change . 87
4.5.6 Security class change . 87
4.5.6.0 General . 87
4.5.6.1 Change of security class to security class 1 . 88
4.5.6.2 Change of security class to security class 2 . 88
4.5.6.3 Change of security class to security class 3 . 88
4.5.6.4 Change of security class to security class 3 with GCK . 88
4.5.7 Notification of key in use . 89
4.5.8 Notification of GCK Activation/Deactivation . 89
4.5.9 Deletion of SCK, GCK and GSKO . 89
4.5.10 Air Interface Key Status Enquiry . 91
4.5.11 Crypto management group . 93
4.5.12 OTAR retry mechanism . 94
4.5.13 OTAR protocol functions - GSKO . 94
4.5.13.0 General . 94
4.5.13.1 MS requests provision of GSKO . 95
4.5.13.2 SwMI provides GSKO to an MS . 95
4.5.13.3 SwMI rejects provision of GSKO . 96
4.5.14 OTAR protocol functions - interaction and queuing . 96
4.5.15 KSOv for OTAR operations in visited SwMI . 96
4.5.16 Transfer of AI cipher keys across the ISI . 100
5 Enable and disable mechanism . 100
5.0 General . 100
5.1 General relationships . 101
5.2 Enable/disable state transitions . 101
5.3 Mechanisms . 102
5.3.0 General . 102
5.3.1 Disable of MS equipment . 103
5.3.2 Disable of an subscription . 103
ETSI
5 ETSI EN 300 392-7 V3.4.1 (2017-01)
5.3.3 Disable of subscription and equipment . 103
5.3.4 Enable an MS equipment . 103
5.3.5 Enable an MS subscription . 103
5.3.6 Enable an MS equipment and subscription . 103
5.4 Enable/disable protocol . 104
5.4.1 General case . 104
5.4.2 Status of cipher key material. 105
5.4.2.1 Permanently disabled state . 105
5.4.2.2 Temporarily disabled state . 105
5.4.3 Specific protocol exchanges . 106
5.4.3.0 General . 106
5.4.3.1 Disabling an MS with mutual authentication . 106
5.4.3.2 Enabling an MS with mutual authentication . 107
5.4.3.3 Enabling an MS with non-mutual authentication . 108
5.4.3.4 Disabling an MS with non-mutual authentication . 110
5.4.4 Enabling an MS without authentication . 111
5.4.5 Disabling an MS without authentication . 111
5.4.6 Rejection of enable or disable command . 111
5.4.6a Expiry of Enable/Disable protocol timer . 112
5.4.7 MM service primitives . 112
5.4.7.0 General . 112
5.4.7.1 TNMM-DISABLING primitive . 113
5.4.7.2 TNMM-ENABLING primitive . 113
6 Air Interface (AI) encryption . 113
6.1 General principles. 113
6.2 Security class . 114
6.2.a General . 114
6.2.0 Notification of security class . 115
6.2.0.0 General . 115
6.2.0.1 Security Class of Neighbouring Cells . 116
6.2.0.2 Identification of MS security capabilities . 116
6.2.1 Constraints on LA arising from cell class . 116
6.3 Key Stream Generator (KSG) . 116
6.3.0 General . 116
6.3.1 KSG numbering and selection . 117
6.3.2 Interface parameters . 117
6.3.2.1 Initial Value (IV) . 117
6.3.2.2 Cipher Key . 118
6.4 Encryption mechanism . 118
6.4.0 General . 118
6.4.1 Allocation of KSS to logical channels . 118
6.4.2 Allocation of KSS to logical channels with PDU association . 120
6.4.2.1 General . 120
6.4.2.2 KSS allocation on phase modulation channels . 121
6.4.2.3 KSS allocation on QAM channels . 122
6.4.2.3.0 General . 122
6.4.2.3.1 Fixed mapping . 122
6.4.2.3.2 Offset mapping . 123
6.4.3 Synchronization of data calls where data is multi-slot interleaved . 124
6.4.4 Recovery of stolen frames from interleaved data . 125
6.5 Use of cipher keys . 126
6.5.0 General . 126
6.5.1 Identification of encryption state of downlink MAC PDUs . 127
6.5.1.0 General . 127
6.5.1.1 Class 1 cells . 127
6.5.1.2 Class 2 cells . 128
6.5.1.3 Class 3 cells . 128
6.5.2 Identification of encryption state of uplink MAC PDUs . 128
6.6 Mobility procedures . 129
6.6.1 General requirements . 129
6.6.1.0 Common requirements . 129
ETSI
6 ETSI EN 300 392-7 V3.4.1 (2017-01)
6.6.1.1 Additional requirements for class 3 systems . 129
6.6.2 Protocol description . 129
6.6.2.0 General . 129
6.6.2.1 Negotiation of ciphering parameters . 129
6.6.2.1.0 General . 129
6.6.2.1.1 Class 1 cells . 130
6.6.2.1.2 Class 2 cells . 130
6.6.2.1.3 Class 3 cells . 130
6.6.2.2 Initial and undeclared cell re-selection . 130
6.6.2.3 Unannounced cell re-selection . 131
6.6.2.4 Announced cell re-selection type-3 . 132
6.6.2.5 Announced cell re-selection type-2 . 132
6.6.2.6 Announced cell re-selection type-1 . 132
6.6.2.7 Key forwarding . 132
6.6.3 Shared channels . 133
6.7 Encryption control . 134
6.7.0 General . 134
6.7.1 Data to be encrypted . 134
6.7.1.1 Downlink control channel requirements . 134
6.7.1.2 Encryption of MAC header elements . 134
6.7.1.3 Traffic channel encryption control . 134
6.7.1.4 Handling of PDUs that do not conform to negotiated ciphering mode . 135
6.7.2 Service description and primitives . 135
6.7.2.0 General . 135
6.7.2.1 Mobility Management (MM) . 136
6.7.2.2 Mobile Link Entity (MLE) . 137
6.7.2.3 Layer 2 . 139
6.7.3 Protocol functions . 139
6.7.3.0 General . 139
6.7.3.1 MM . 139
6.7.3.2 MLE . 139
6.7.3.3 LLC . 139
6.7.3.4 MAC . 140
6.7.4 PDUs for cipher negotiation . 140
Annex A (normative): PDU and element definitions . 141
A.0 General . 141
A.1 Authentication PDUs . 141
A.1.1 D-AUTHENTICATION demand . 141
A.1.2 D-AUTHENTICATION reject . 141
A.1.3 D-AUTHENTICATION response . 142
A.1.4 D-AUTHENTICATION result . 142
A.1.5 U-AUTHENTICATION demand . 142
A.1.6 U-AUTHENTICATION reject . 143
A.1.7 U-AUTHENTICATION response . 143
A.1.8 U-AUTHENTICATION result . 144
A.2 OTAR PDUs . 144
A.2.1 D-OTAR CCK Provide . 144
A.2.2 U-OTAR CCK Demand . 144
A.2.3 U-OTAR CCK Result . 145
A.2.4 D-OTAR GCK Provide . 145
A.2.5 U-OTAR GCK Demand . 146
A.2.6 U-OTAR GCK Result . 147
A.2.6a D-OTAR GCK Reject . 147
A.2.7 D-OTAR SCK Provide . 148
A.2.8 U-OTAR SCK Demand . 149
A.2.9 U-OTAR SCK Result . 149
A.2.9a D-OTAR SCK Reject . 150
A.2.10 D-OTAR GSKO Provide . 150
A.2.11 U-OTAR GSKO Demand . 151
ETSI
7 ETSI EN 300 392-7 V3.4.1 (2017-01)
A.2.12 U-OTAR GSKO Result . 151
A.2.12a D-OTAR GSKO Reject . 151
A.3 PDUs for key association to GTSI . 152
A.3.1 D-OTAR KEY ASSOCIATE demand . 152
A.3.2 U-OTAR KEY ASSOCIATE status . 153
A.4 PDUs to synchronize key or security class change . 153
A.4.1 D-CK CHANGE demand . 153
A.4.2 U-CK CHANGE result . 154
A.4.2a U-OTAR KEY DELETE result . 155
A.4.2b U-OTAR KEY STATUS response . 156
A.4.3 D-DM-SCK ACTIVATE DEMAND . 157
A.4.4 U-DM-SCK ACTIVATE RESULT . 158
A.4a PDUs to delete air interface keys in MS . 159
A.4a.1 D-OTAR KEY DELETE demand . 159
A.4a.2 U-OTAR KEY DELETE result . 159
A.4b PDUs to obtain Air Interface Key Status . 160
A.4b.1 D-OTAR KEY STATUS demand . 160
A.4b.2 U-OTAR KEY STATUS response . 161
A.5 Other security domain PDUs . 162
A.5.1 U-TEI PROVIDE . 162
A.5.2 U-OTAR PREPARE . 163
A.5.3 D-OTAR NEWCELL . 163
A.5.4 D-OTAR CMG GTSI PROVIDE . 163
A.5.5 U-OTAR CMG GTSI RESULT . 164
A.5.6 U-INFORMATION PROVIDE . 164
A.6 PDUs for Enable and Disable . 166
A.6.1 D-DISABLE . 166
A.6.2 D-ENABLE . 166
A.6.3 U-DISABLE STATUS . 167
A.7 MM PDU type 3 information elements coding . 167
A.7.0 General . 167
A.7.1 Authentication downlink . 167
A.7.2 Authentication uplink . 168
A.7.3 Security downlink.
...
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Prizemni snopovni radio (TETRA) - Govor in podatki (V+D) - 7. del: VarnostTerrestrial Trunked Radio (TETRA) - Voice plus Data (V+D) - Part 7: Security33.070.10Prizemni snopovni radio (TETRA)Terrestrial Trunked Radio (TETRA)ICS:Ta slovenski standard je istoveten z:ETSI EN 300 392-7 V3.4.1 (2017-01)SIST EN 300 392-7 V3.4.1:2017en01-marec-2017SIST EN 300 392-7 V3.4.1:2017SLOVENSKI
STANDARD
EUROPEAN STANDARD SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 2
Reference REN/TETRA-06184 Keywords security, TETRA, V+D ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00
Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88
Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2017. All rights reserved.
DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association. SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 3 Contents Intellectual Property Rights . 11 Foreword . 11 Modal verbs terminology . 12 1 Scope . 13 2 References . 13 2.1 Normative references . 13 2.2 Informative references . 14 3 Definitions and abbreviations . 15 3.1 Definitions . 15 3.2 Abbreviations . 18 4 Air Interface authentication and key management mechanisms . 20 4.a General . 20 4.0 Security classes . 20 4.1 Air interface authentication mechanisms . 21 4.1.1 Overview . 21 4.1.1a Authentication and key management algorithms . 21 4.1.2 Authentication of an MS . 21 4.1.3 Authentication of the infrastructure . 22 4.1.4 Mutual authentication of MS and infrastructure . 23 4.1.5 The authentication key . 25 4.1.6 Equipment authentication . 25 4.1.6a Request for information related to an MS . 26 4.1.7 Authentication of an MS when migrated . 26 4.1.8 Authentication of the home SwMI when migrated . 27 4.1.9 Mutual Authentication of MS and infrastructure when migrated . 28 4.2 Air Interface key management mechanisms . 29 4.2.0 General . 29 4.2.1 The DCK . 29 4.2.2 The GCK . 30 4.2.2.0 General . 30 4.2.2.1 Session key modifier GCK0 . 31 4.2.3 The CCK . 32 4.2.4 The SCK . 33 4.2.4.0 General . 33 4.2.4.1 SCK association for DMO use . 35 4.2.4.1.0 General . 35 4.2.4.1.1 DMO SCK subset grouping . 35 4.2.5 The GSKO . 37 4.2.5.0 General . 37 4.2.5.1 SCK distribution to groups with OTAR . 38 4.2.5.2 GCK distribution to groups with OTAR . 38 4.2.5.3 Rules for MS response to group key distribution . 39 4.2.6 Encrypted Short Identity (ESI) mechanism . 39 4.2.7 Encryption Cipher Key . 40 4.2.8 Summary of AI key management mechanisms . 40 4.3 Service description and primitives . 42 4.3.1 Authentication primitives . 42 4.3.2 SCK transfer primitives . 42 4.3.3 GCK transfer primitives . 43 4.3.4 GSKO transfer primitives . 44 4.4 Authentication protocol . 45 4.4.1 Authentication state transitions . 45 4.4.2 Authentication protocol sequences and operations . 48 4.4.2.0 General . 48 4.4.2.1 MSCs for authentication . 49 SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 4 4.4.2.2 MSCs for authentication and security type-3 elements . 55 4.4.2.3 Control of authentication timer T354 at MS . 58 4.4a Information request protocol . 59 4.5 OTAR protocols . 62 4.5.1 CCK delivery - protocol functions . 62 4.5.1.0 General . 62 4.5.1.1 SwMI-initiated CCK provision . 63 4.5.1.2 MS-initiated CCK provision with U-OTAR CCK demand. 65 4.5.1.3 MS-initiated CCK provision with announced cell reselection . 65 4.5.2 OTAR protocol functions - SCK . 66 4.5.2.0 General . 66 4.5.2.1 MS requests provision of SCK(s) . 67 4.5.2.2 SwMI provides SCK(s) to individual MS . 68 4.5.2.3 SwMI provides SCK(s) to group of MSs . 70 4.5.2.4 SwMI rejects provision of SCK . 71 4.5.3 OTAR protocol functions - GCK . 72 4.5.3.0 General . 72 4.5.3.1 MS requests provision of GCK . 72 4.5.3.2 SwMI provides GCK to an individual MS . 74 4.5.3.3 SwMI provides GCK to a group of MSs . 75 4.5.3.4 SwMI rejects provision of GCK . 77 4.5.4 Cipher key association to group address . 78 4.5.4.0 General . 78 4.5.4.1 SCK association for DMO . 79 4.5.4.2 GCK association . 82 4.5.5 Notification of key change over the air . 84 4.5.5.0 General . 84 4.5.5.1 Change of DCK . 85 4.5.5.2 Change of CCK . 86 4.5.5.3 Change of GCK . 86 4.5.5.4 Change of SCK for TMO . 86 4.5.5.5 Change of SCK for DMO . 86 4.5.5.6 Synchronization of Cipher Key Change . 87 4.5.6 Security class change . 87 4.5.6.0 General . 87 4.5.6.1 Change of security class to security class 1 . 88 4.5.6.2 Change of security class to security class 2 . 88 4.5.6.3 Change of security class to security class 3 . 88 4.5.6.4 Change of security class to security class 3 with GCK . 88 4.5.7 Notification of key in use . 89 4.5.8 Notification of GCK Activation/Deactivation . 89 4.5.9 Deletion of SCK, GCK and GSKO . 89 4.5.10 Air Interface Key Status Enquiry . 91 4.5.11 Crypto management group . 93 4.5.12 OTAR retry mechanism . 94 4.5.13 OTAR protocol functions - GSKO . 94 4.5.13.0 General . 94 4.5.13.1 MS requests provision of GSKO . 95 4.5.13.2 SwMI provides GSKO to an MS . 95 4.5.13.3 SwMI rejects provision of GSKO . 96 4.5.14 OTAR protocol functions - interaction and queuing . 96 4.5.15 KSOv for OTAR operations in visited SwMI . 96 4.5.16 Transfer of AI cipher keys across the ISI . 100 5 Enable and disable mechanism . 100 5.0 General . 100 5.1 General relationships . 101 5.2 Enable/disable state transitions . 101 5.3 Mechanisms . 102 5.3.0 General . 102 5.3.1 Disable of MS equipment . 103 5.3.2 Disable of an subscription . 103 SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 5 5.3.3 Disable of subscription and equipment . 103 5.3.4 Enable an MS equipment . 103 5.3.5 Enable an MS subscription . 103 5.3.6 Enable an MS equipment and subscription . 103 5.4 Enable/disable protocol . 104 5.4.1 General case . 104 5.4.2 Status of cipher key material. 105 5.4.2.1 Permanently disabled state . 105 5.4.2.2 Temporarily disabled state . 105 5.4.3 Specific protocol exchanges . 106 5.4.3.0 General . 106 5.4.3.1 Disabling an MS with mutual authentication . 106 5.4.3.2 Enabling an MS with mutual authentication . 107 5.4.3.3 Enabling an MS with non-mutual authentication . 108 5.4.3.4 Disabling an MS with non-mutual authentication . 110 5.4.4 Enabling an MS without authentication . 111 5.4.5 Disabling an MS without authentication . 111 5.4.6 Rejection of enable or disable command . 111 5.4.6a Expiry of Enable/Disable protocol timer . 112 5.4.7 MM service primitives . 112 5.4.7.0 General . 112 5.4.7.1 TNMM-DISABLING primitive . 113 5.4.7.2 TNMM-ENABLING primitive . 113 6 Air Interface (AI) encryption . 113 6.1 General principles. 113 6.2 Security class . 114 6.2.a General . 114 6.2.0 Notification of security class . 115 6.2.0.0 General . 115 6.2.0.1 Security Class of Neighbouring Cells . 116 6.2.0.2 Identification of MS security capabilities . 116 6.2.1 Constraints on LA arising from cell class . 116 6.3 Key Stream Generator (KSG) . 116 6.3.0 General . 116 6.3.1 KSG numbering and selection . 117 6.3.2 Interface parameters . 117 6.3.2.1 Initial Value (IV) . 117 6.3.2.2 Cipher Key . 118 6.4 Encryption mechanism . 118 6.4.0 General . 118 6.4.1 Allocation of KSS to logical channels . 118 6.4.2 Allocation of KSS to logical channels with PDU association . 120 6.4.2.1 General . 120 6.4.2.2 KSS allocation on phase modulation channels . 121 6.4.2.3 KSS allocation on QAM channels . 122 6.4.2.3.0 General . 122 6.4.2.3.1 Fixed mapping . 122 6.4.2.3.2 Offset mapping . 123 6.4.3 Synchronization of data calls where data is multi-slot interleaved . 124 6.4.4 Recovery of stolen frames from interleaved data . 125 6.5 Use of cipher keys . 126 6.5.0 General . 126 6.5.1 Identification of encryption state of downlink MAC PDUs . 127 6.5.1.0 General . 127 6.5.1.1 Class 1 cells . 127 6.5.1.2 Class 2 cells . 128 6.5.1.3 Class 3 cells . 128 6.5.2 Identification of encryption state of uplink MAC PDUs . 128 6.6 Mobility procedures . 129 6.6.1 General requirements . 129 6.6.1.0 Common requirements . 129 SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 6 6.6.1.1 Additional requirements for class 3 systems . 129 6.6.2 Protocol description . 129 6.6.2.0 General . 129 6.6.2.1 Negotiation of ciphering parameters . 129 6.6.2.1.0 General . 129 6.6.2.1.1 Class 1 cells . 130 6.6.2.1.2 Class 2 cells . 130 6.6.2.1.3 Class 3 cells . 130 6.6.2.2 Initial and undeclared cell re-selection . 130 6.6.2.3 Unannounced cell re-selection . 131 6.6.2.4 Announced cell re-selection type-3 . 132 6.6.2.5 Announced cell re-selection type-2 . 132 6.6.2.6 Announced cell re-selection type-1 . 132 6.6.2.7 Key forwarding . 132 6.6.3 Shared channels . 133 6.7 Encryption control . 134 6.7.0 General . 134 6.7.1 Data to be encrypted . 134 6.7.1.1 Downlink control channel requirements . 134 6.7.1.2 Encryption of MAC header elements . 134 6.7.1.3 Traffic channel encryption control . 134 6.7.1.4 Handling of PDUs that do not conform to negotiated ciphering mode . 135 6.7.2 Service description and primitives . 135 6.7.2.0 General . 135 6.7.2.1 Mobility Management (MM) . 136 6.7.2.2 Mobile Link Entity (MLE) . 137 6.7.2.3 Layer 2 . 139 6.7.3 Protocol functions . 139 6.7.3.0 General . 139 6.7.3.1 MM . 139 6.7.3.2 MLE . 139 6.7.3.3 LLC . 139 6.7.3.4 MAC . 140 6.7.4 PDUs for cipher negotiation . 140 Annex A (normative): PDU and element definitions . 141 A.0 General . 141 A.1 Authentication PDUs . 141 A.1.1 D-AUTHENTICATION demand . 141 A.1.2 D-AUTHENTICATION reject . 141 A.1.3 D-AUTHENTICATION response . 142 A.1.4 D-AUTHENTICATION result . 142 A.1.5 U-AUTHENTICATION demand . 142 A.1.6 U-AUTHENTICATION reject . 143 A.1.7 U-AUTHENTICATION response . 143 A.1.8 U-AUTHENTICATION result . 144 A.2 OTAR PDUs . 144 A.2.1 D-OTAR CCK Provide . 144 A.2.2 U-OTAR CCK Demand . 144 A.2.3 U-OTAR CCK Result . 145 A.2.4 D-OTAR GCK Provide . 145 A.2.5 U-OTAR GCK Demand . 146 A.2.6 U-OTAR GCK Result . 147 A.2.6a D-OTAR GCK Reject . 147 A.2.7 D-OTAR SCK Provide . 148 A.2.8 U-OTAR SCK Demand . 149 A.2.9 U-OTAR SCK Result . 149 A.2.9a D-OTAR SCK Reject . 150 A.2.10 D-OTAR GSKO Provide . 150 A.2.11 U-OTAR GSKO Demand . 151 SIST EN 300 392-7 V3.4.1:2017
ETSI ETSI EN 300 392-7 V3.4.1 (2017-01) 7 A.2.12 U-OTAR GSKO Result . 151 A.2.12a D-OTAR GSKO Reject . 151 A.3 PDUs for key association to GTSI . 152 A.3.1 D-OTAR KEY ASSOCIATE demand . 152 A.3.2 U-OTAR KEY ASSOCIATE status . 153 A.4 PDUs to synchronize key or security class change . 153 A.4.1 D-CK CHANGE demand . 153 A.4.2 U-CK CHANGE result . 154 A.4.2a U-OTAR KEY DELETE result . 155 A.4.2b U-OTAR KEY STATUS response . 156 A.4.3 D-DM-SCK ACTIVATE DEMAND . 157 A.4.4 U-DM-SCK ACTIVATE RESULT . 158 A.4a PDUs to delete air interface keys in MS . 159 A.4a.1 D-OTAR KEY DELETE demand . 159 A.4a.2 U-OTAR KEY DELETE result . 159 A.4b PDUs to obtain Air Interface Key Status . 160 A.4b.1 D-OTAR KEY STATUS demand . 160 A.4b.2 U-OTAR KEY STATUS response . 161 A.5 Other security domain PDUs . 162 A.5.1 U-TEI PROVIDE . 162 A.5.2 U-OTAR PREPARE . 163 A.5.3 D-OTAR NEWCELL . 163 A.5.4 D-OTAR CMG GTSI PROVIDE . 163 A.5.5 U-OTAR CMG GTSI RESULT . 164 A.5.6 U-INFORMATION PROVIDE . 164 A.6 PDUs for Enable and Disable . 166 A.6.1 D-DISABLE . 166 A.6.2 D-ENABLE . 166 A.6.3 U-DISABLE STATUS . 167 A.7 MM PDU type 3 information elements coding . 167 A.7.0 General . 167 A.7.1 Authentication downlink . 167 A.7.2 Authentication uplink . 168 A.7.3 Security downlink.
...
Frequently Asked Questions
ETSI EN 300 392-7 V3.4.1 (2017-01) is a standard published by the European Telecommunications Standards Institute (ETSI). Its full title is "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security". This standard covers: REN/TETRA-06184
REN/TETRA-06184
You can purchase ETSI EN 300 392-7 V3.4.1 (2017-01) directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of ETSI standards.
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.
Loading comments...