Terrestrial Trunked Radio (TETRA) - Direct Mode Operation (DMO) - Part 6: Security

The present document defines the Terrestrial Trunked Radio system (TETRA) Direct Mode of operation. It specifies the
basic Air Interface (AI), the interworking between Direct Mode Groups via Repeaters and interworking with the
TETRA Trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode and the intrinsic
services that are supported in addition to the basic bearer and teleservices.
The present document describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for
confidentiality of control signalling and user speech and data at the AI. It also provided some implicit authentication as
a member of a group by knowledge of a shared secret encryption key.
The use of AI encryption gives both confidentiality protection against eavesdropping, and some implicit authentication.

Prizemni snopovni radio (TETRA) - Neposredni način zveze (DMO) - 6. del: Varnost

Ta dokument opredeljuje neposredni način zveze sistema prizemnega snopovnega radia (TETRA). Določa osnovni radijski vmesnik (AI), medsebojno delovanje skupin neposrednega načina zveze prek ponavljalnikov in medsebojno delovanje s sistemom prizemnega snopovnega radia prek prehodov. Poleg osnovnih nosilnih in telekomunikacijskih storitev določa tudi varnostne vidike neposrednega načina zveze prizemnega snopovnega radia in storitve, ki jih ta podpira.
V tem dokumentu so opisani varnostni mehanizmi neposrednega načina zveze prizemnega snopovnega radia. Zagotavlja mehanizme za zaupnost nadzora in signalizacije ter uporabnikovega govora in podatkov, posredovanih prek radijskega vmesnika. Prav tako je zagotovil potrditev pristnosti kot član skupine s poznavanjem skupnega zaupnega šifrirnega ključa.
Uporaba šifriranja radijskega vmesnika zagotavlja tako varovanje zaupnosti v primeru prisluškovanja kot implicitno preverjanje pristnosti.

General Information

Status
Published
Public Enquiry End Date
29-Jun-2016
Publication Date
28-Nov-2016
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
07-Nov-2016
Due Date
12-Jan-2017
Completion Date
29-Nov-2016

Buy Standard

Standard
EN 300 396-6 V1.6.1:2017
English language
48 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ETSI EN 300 396-6 V1.6.1 (2016-11) - Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Security
English language
48 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ETSI EN 300 396-6 V1.6.0 (2016-04) - Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Security
English language
48 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Terrestrial Trunked Radio (TETRA) - Direct Mode Operation (DMO) - Part 6: Security33.070.10Prizemni snopovni radio (TETRA)Terrestrial Trunked Radio (TETRA)ICS:Ta slovenski standard je istoveten z:ETSI EN 300 396-6 V1.6.1 (2016-11)SIST EN 300 396-6 V1.6.1:2017en01-januar-2017SIST EN 300 396-6 V1.6.1:2017SLOVENSKI
STANDARD



SIST EN 300 396-6 V1.6.1:2017



ETSI EN 300 396-6 V1.6.1 (2016-11) Terrestrial Trunked Radio (TETRA); Direct Mode Operation (DMO); Part 6: Security
EUROPEAN STANDARD SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 2
Reference REN/TCCE-06191 Keywords air interface, data, DMO, security, security mode, speech, TETRA ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE
Tel.: +33 4 92 94 42 00
Fax: +33 4 93 65 47 16
Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88
Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2016. All rights reserved.
DECTTM, PLUGTESTSTM, UMTSTM and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association. SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 3 Contents Intellectual Property Rights . 6 Foreword . 6 Modal verbs terminology . 6 1 Scope . 7 2 References . 7 2.1 Normative references . 7 2.2 Informative references . 8 3 Definitions and abbreviations . 8 3.1 Definitions . 8 3.2 Abbreviations . 9 4 DMO security class . 10 4.1 General . 10 4.2 DM-2-A . 11 4.3 DM-2-B . 11 4.4 DM-2-C . 11 5 DMO call procedures . 12 5.1 General . 12 5.1.1 Security profile . 12 5.1.1.0 General . 12 5.1.1.1 Indication of security parameters . 12 5.2 Security class on call setup . 13 5.2.1 General . 13 5.2.2 Normal behaviour . 13 5.2.3 Exceptional behaviour . 13 5.2.3.0 General . 13 5.2.3.1 Call-setup with presence check . 13 5.2.3.2 Call-setup without presence check . 13 5.2.3.3 Behaviour post call-setup . 14 5.3 Security class on call follow-on . 14 5.3.1 General . 14 5.3.2 Normal behaviour . 14 5.3.3 Exceptional behaviour . 14 6 Air interface authentication and key management mechanisms . 15 6.1 Authentication . 15 6.2 Repeater mode operation . 15 6.3 Gateway mode operation . 15 6.4 Air Interface (AI) key management mechanisms . 17 6.4.0 General . 17 6.4.1 Key grouping . 17 6.4.2 Identification of cipher keys in signalling . 20 7 Enable and disable mechanism . 20 8 Air Interface (AI) encryption . 20 8.1 General principles. 20 8.2 Encryption mechanism . 21 8.2.0 General . 21 8.2.1 Allocation of KSS to logical channels . 21 8.3 Application of KSS to specific PDUs. 22 8.3.0 General . 22 8.3.1 Class DM-1 . 22 8.3.2 Class DM-2A . 22 8.3.2.0 General . 22 8.3.2.1 DMAC-SYNC PDU encryption . 22 SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 4 8.3.2.2 DMAC-DATA PDU encryption . 23 8.3.2.3 DMAC-FRAG PDU encryption . 23 8.3.2.4 DMAC-END PDU encryption . 23 8.3.2.5 DMAC-U-SIGNAL PDU encryption . 24 8.3.2.6 Traffic channel encryption . 24 8.3.3 Class DM-2B . 24 8.3.3.0 General . 24 8.3.3.1 DMAC-SYNC PDU encryption . 25 8.3.3.2 DMAC-DATA PDU encryption . 25 8.3.3.3 DMAC-FRAG PDU encryption . 25 8.3.3.4 DMAC-END PDU encryption . 26 8.3.3.5 DMAC-U-SIGNAL PDU encryption . 26 8.3.3.6 Traffic channel encryption . 26 8.3.4 Class DM-2C . 26 8.3.4.0 General . 26 8.3.4.1 DMAC-SYNC PDU encryption . 27 8.3.4.2 DMAC-DATA PDU encryption . 28 8.3.4.3 DMAC-FRAG PDU encryption . 28 8.3.4.4 DMAC-END PDU encryption . 28 8.3.4.5 DMAC-U-SIGNAL PDU encryption . 28 8.3.4.6 Traffic channel encryption . 29 8.4 Encryption of identities in repeater and gateway presence signal . 29 9 Encryption synchronization . 31 9.1 General . 31 9.1.0 Introduction. 31 9.1.1 Algorithm to establish frame number to increment TVP . 32 9.1.1.1 Master DM-MS operation . 32 9.1.1.2 Slave DM-MS operation . 32 9.2 TVP used for reception of normal bursts . 33 9.3 Synchronization of calls through a repeater . 33 9.3.0 General . 33 9.3.1 Algorithm to establish frame number to increment TVP . 34 9.3.1.1 Master DM-MS operation . 34 9.3.1.2 Slave DM-MS operation . 34 9.4 Synchronization of calls through a gateway . 34 9.5 Synchronization of data calls where data is multi-slot interleaved . 35 9.5.0 General . 35 9.5.1 Recovery of stolen frames from interleaved data . 36 Annex A (normative): Key Stream Generator (KSG) boundary conditions . 37 A.0 General . 37 A.1 Overview . 37 A.2 Use . 38 A.3 Interfaces to the algorithm . 38 A.3.0 General . 38 A.3.1 ECK . 38 A.3.1.0 General . 38 A.3.1.1 Use of ECK in class DM-2-A and DM-2-B . 39 A.3.1.2 Use of ECK in class DM-2-C . 39 A.3.2 Keystream. 39 A.3.3 Time Variant Parameter (TVP) . 39 Annex B (normative): Boundary conditions for cryptographic algorithm TB6 . 40 Annex C (informative): Encryption control in DM-MS . 41 C.0 Introduction . 41 C.1 General . 41 SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 5 C.2 Service description and primitives . 41 C.2.0 General . 41 C.2.1 DMCC-ENCRYPT primitive . 42 C.2.2 DMC-ENCRYPTION primitive . 44 C.3 Protocol functions . 45 Annex D (informative): Bibliography . 46 Annex E (informative): Change request history . 47 History . 48
SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 6 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https://ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This European Standard (EN) has been produced by ETSI Technical Committee TETRA and Critical Communications Evolution (TCCE). The present document is part 6 of a multi-part deliverable covering Direct Mode Operation, as identified below: Part 1: "General network design"; Part 2: "Radio aspects"; Part 3: "Mobile Station to Mobile Station (MS-MS) Air Interface (AI) protocol"; Part 4: "Type 1 repeater air interface"; Part 5: "Gateway air interface"; Part 6: "Security"; Part 7: "Type 2 repeater air interface"; Part 8: "Protocol Implementation Conformance Statement (PICS) proforma specification"; Part 10: "Managed Direct Mode Operation (M-DMO)". NOTE: Parts 7, 8 and 10 of this multi-part deliverable are of "historical" status and will not be updated according to this version of the standard.
National transposition dates Date of adoption of this EN: 1 July 2016 Date of latest announcement of this EN (doa): 31 October 2016 Date of latest publication of new National Standard or endorsement of this EN (dop/e):
30 April 2017 Date of withdrawal of any conflicting National Standard (dow): 30 April 2017
Modal verbs terminology In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). "must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation. SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 7 1 Scope The present document defines the Terrestrial Trunked Radio system (TETRA) Direct Mode of operation. It specifies the basic Air Interface (AI), the interworking between Direct Mode Groups via Repeaters and interworking with the TETRA Trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode and the intrinsic services that are supported in addition to the basic bearer and teleservices. The present document describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for confidentiality of control signalling and user speech and data at the AI. It also provided some implicit authentication as a member of a group by knowledge of a shared secret encryption key. The use of AI encryption gives both confidentiality protection against eavesdropping, and some implicit authentication.
2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https://docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. [1] ETSI EN 300 392-2: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 2: Air Interface (AI)". [2] ISO 7498-2: "Information processing systems -- Open Systems Interconnection -- Basic Reference Model -- Part 2: Security Architecture". [3] ETSI EN 300 396-2: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 2: Radio aspects". [4] ETSI EN 300 392-7: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security". [5] ETSI EN 300 396-3: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 3: Mobile Station to Mobile Station (MS-MS) Air Interface (AI) protocol". [6] ETSI TS 100 392-15: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 15: TETRA frequency bands, duplex spacings and channel numbering". [7] ETSI EN 302 109: "Terrestrial Trunked Radio (TETRA); Security; Synchronization mechanism for end-to-end encryption". [8] ETSI EN 300 396-5: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 5: Gateway air interface". [9] ETSI EN 300 396-4: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct Mode Operation (DMO); Part 4: Type 1 repeater air interface". [10] ETSI TS 101 053-1: "Rules for the management of the TETRA standard encryption algorithms; Part 1: TEA1". SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 8 [11] ETSI TS 101 053-2: "Security Algorithms Group of Experts (SAGE); Rules for the management of the TETRA standard encryption algorithms; Part 2: TEA2". [12] ETSI TS 101 053-3: "Rules for the management of the TETRA standard encryption algorithms; Part 3: TEA3". [13] ETSI TS 101 053-4: "Rules for the management of the TETRA standard encryption algorithms; Part 4: TEA4". [14] ETSI TS 101 052: "Rules for the management of the TETRA standard authentication and key management algorithm set TAA1". 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. Not applicable. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: air interface encryption state: status of encryption in a call (on or off) call transaction: all of the functions associated with a complete unidirectional transmission of information during a call NOTE: A call is made up of one or more call transactions. In a simplex call these call transactions are sequential. See ETSI EN 300 396-3 [5]. carrier number: integer, N, used in TETRA to represent the frequency of the RF carrier
NOTE: See ETSI TS 100 392-15 [6]. cipher key: value that is used to determine the transformation of plain text to cipher text in a cryptographic algorithm cipher text: data produced through the use of encipherment NOTE: The semantic content of the resulting data is not available (ISO 7498-2 [2]). decipherment: reversal of a corresponding reversible encipherment
NOTE: See ISO 7498-2 [2]. Direct Mode Operation (DMO): mode of simplex operation where mobile subscriber radio units may communicate using radio frequencies which may be monitored by, but which are outside the control of, the TETRA TMO network NOTE: DM operation is performed without intervention of any base station. See ETSI EN 300 396-3 [5]. DMO-net: number of DMO MSs communicating together and using common cryptographic parameters SIST EN 300 396-6 V1.6.1:2017



ETSI ETSI EN 300 396-6 V1.6.1 (2016-11) 9 encipherment: cryptographic transformation of data to produce cipher text NOTE: See ISO 7498-2 [2]. encryption cipher key: cipher key used as input to the KSG, derived from an address specific cipher key and randomly varied per channel using algorithm TB6 end-to-end encryption: encryption within or at the source end system, with the corresponding decryption occurring only within or at the destination end system explicit authentication: transaction initiated and completed specifically to demonstrate knowledge of a shared secret where the secret is not revealed implicit authentication: authenticity demonstrated by proof of knowledge of a shared secret where that demonstration is a by-product of another function key stream: pseudo random stream of symbols that is generated by a KSG for encipherment and decipherment Key Stream Generator (KSG): cryptographic algorithm which produces a stream of binary digits which can be used for encipherment and decipherment NOTE: The initial state of the KSG is determined by the initialization value.
Key Stream Segment (KSS): key stream of arbitrary length plain text: unencry
...

ETSI EN 300 396-6 V1.6.1 (2016-11)






EUROPEAN STANDARD
Terrestrial Trunked Radio (TETRA);
Direct Mode Operation (DMO);
Part 6: Security

---------------------- Page: 1 ----------------------
2 ETSI EN 300 396-6 V1.6.1 (2016-11)



Reference
REN/TCCE-06191
Keywords
air interface, data, DMO, security, security mode,
speech, TETRA
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI EN 300 396-6 V1.6.1 (2016-11)
Contents
Intellectual Property Rights . 6
Foreword . 6
Modal verbs terminology . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definitions and abbreviations . 8
3.1 Definitions . 8
3.2 Abbreviations . 9
4 DMO security class . 10
4.1 General . 10
4.2 DM-2-A . 11
4.3 DM-2-B . 11
4.4 DM-2-C . 11
5 DMO call procedures . 12
5.1 General . 12
5.1.1 Security profile . 12
5.1.1.0 General . 12
5.1.1.1 Indication of security parameters . 12
5.2 Security class on call setup . 13
5.2.1 General . 13
5.2.2 Normal behaviour . 13
5.2.3 Exceptional behaviour . 13
5.2.3.0 General . 13
5.2.3.1 Call-setup with presence check . 13
5.2.3.2 Call-setup without presence check . 13
5.2.3.3 Behaviour post call-setup . 14
5.3 Security class on call follow-on . 14
5.3.1 General . 14
5.3.2 Normal behaviour . 14
5.3.3 Exceptional behaviour . 14
6 Air interface authentication and key management mechanisms . 15
6.1 Authentication . 15
6.2 Repeater mode operation . 15
6.3 Gateway mode operation . 15
6.4 Air Interface (AI) key management mechanisms . 17
6.4.0 General . 17
6.4.1 Key grouping . 17
6.4.2 Identification of cipher keys in signalling . 20
7 Enable and disable mechanism . 20
8 Air Interface (AI) encryption . 20
8.1 General principles. 20
8.2 Encryption mechanism . 21
8.2.0 General . 21
8.2.1 Allocation of KSS to logical channels . 21
8.3 Application of KSS to specific PDUs. 22
8.3.0 General . 22
8.3.1 Class DM-1 . 22
8.3.2 Class DM-2A . 22
8.3.2.0 General . 22
8.3.2.1 DMAC-SYNC PDU encryption . 22
ETSI

---------------------- Page: 3 ----------------------
4 ETSI EN 300 396-6 V1.6.1 (2016-11)
8.3.2.2 DMAC-DATA PDU encryption . 23
8.3.2.3 DMAC-FRAG PDU encryption . 23
8.3.2.4 DMAC-END PDU encryption . 23
8.3.2.5 DMAC-U-SIGNAL PDU encryption . 24
8.3.2.6 Traffic channel encryption . 24
8.3.3 Class DM-2B . 24
8.3.3.0 General . 24
8.3.3.1 DMAC-SYNC PDU encryption . 25
8.3.3.2 DMAC-DATA PDU encryption . 25
8.3.3.3 DMAC-FRAG PDU encryption . 25
8.3.3.4 DMAC-END PDU encryption . 26
8.3.3.5 DMAC-U-SIGNAL PDU encryption . 26
8.3.3.6 Traffic channel encryption . 26
8.3.4 Class DM-2C . 26
8.3.4.0 General . 26
8.3.4.1 DMAC-SYNC PDU encryption . 27
8.3.4.2 DMAC-DATA PDU encryption . 28
8.3.4.3 DMAC-FRAG PDU encryption . 28
8.3.4.4 DMAC-END PDU encryption . 28
8.3.4.5 DMAC-U-SIGNAL PDU encryption . 28
8.3.4.6 Traffic channel encryption . 29
8.4 Encryption of identities in repeater and gateway presence signal . 29
9 Encryption synchronization . 31
9.1 General . 31
9.1.0 Introduction. 31
9.1.1 Algorithm to establish frame number to increment TVP . 32
9.1.1.1 Master DM-MS operation . 32
9.1.1.2 Slave DM-MS operation . 32
9.2 TVP used for reception of normal bursts . 33
9.3 Synchronization of calls through a repeater . 33
9.3.0 General . 33
9.3.1 Algorithm to establish frame number to increment TVP . 34
9.3.1.1 Master DM-MS operation . 34
9.3.1.2 Slave DM-MS operation . 34
9.4 Synchronization of calls through a gateway . 34
9.5 Synchronization of data calls where data is multi-slot interleaved . 35
9.5.0 General . 35
9.5.1 Recovery of stolen frames from interleaved data . 36
Annex A (normative): Key Stream Generator (KSG) boundary conditions . 37
A.0 General . 37
A.1 Overview . 37
A.2 Use . 38
A.3 Interfaces to the algorithm . 38
A.3.0 General . 38
A.3.1 ECK . 38
A.3.1.0 General . 38
A.3.1.1 Use of ECK in class DM-2-A and DM-2-B . 39
A.3.1.2 Use of ECK in class DM-2-C . 39
A.3.2 Keystream. 39
A.3.3 Time Variant Parameter (TVP) . 39
Annex B (normative): Boundary conditions for cryptographic algorithm TB6 . 40
Annex C (informative): Encryption control in DM-MS . 41
C.0 Introduction . 41
C.1 General . 41
ETSI

---------------------- Page: 4 ----------------------
5 ETSI EN 300 396-6 V1.6.1 (2016-11)
C.2 Service description and primitives . 41
C.2.0 General . 41
C.2.1 DMCC-ENCRYPT primitive . 42
C.2.2 DMC-ENCRYPTION primitive . 44
C.3 Protocol functions . 45
Annex D (informative): Bibliography . 46
Annex E (informative): Change request history . 47
History . 48

ETSI

---------------------- Page: 5 ----------------------
6 ETSI EN 300 396-6 V1.6.1 (2016-11)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This European Standard (EN) has been produced by ETSI Technical Committee TETRA and Critical Communications
Evolution (TCCE).
The present document is part 6 of a multi-part deliverable covering Direct Mode Operation, as identified below:
Part 1: "General network design";
Part 2: "Radio aspects";
Part 3: "Mobile Station to Mobile Station (MS-MS) Air Interface (AI) protocol";
Part 4: "Type 1 repeater air interface";
Part 5: "Gateway air interface";
Part 6: "Security";
Part 7: "Type 2 repeater air interface";
Part 8: "Protocol Implementation Conformance Statement (PICS) proforma specification";
Part 10: "Managed Direct Mode Operation (M-DMO)".
NOTE: Parts 7, 8 and 10 of this multi-part deliverable are of "historical" status and will not be updated according
to this version of the standard.

National transposition dates
Date of adoption of this EN: 1 July 2016
Date of latest announcement of this EN (doa): 31 October 2016
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 30 April 2017
Date of withdrawal of any conflicting National Standard (dow): 30 April 2017

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
ETSI

---------------------- Page: 6 ----------------------
7 ETSI EN 300 396-6 V1.6.1 (2016-11)
1 Scope
The present document defines the Terrestrial Trunked Radio system (TETRA) Direct Mode of operation. It specifies the
basic Air Interface (AI), the interworking between Direct Mode Groups via Repeaters and interworking with the
TETRA Trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode and the intrinsic
services that are supported in addition to the basic bearer and teleservices.
The present document describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for
confidentiality of control signalling and user speech and data at the AI. It also provided some implicit authentication as
a member of a group by knowledge of a shared secret encryption key.
The use of AI encryption gives both confidentiality protection against eavesdropping, and some implicit authentication.
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference/.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI EN 300 392-2: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 2: Air
Interface (AI)".
[2] ISO 7498-2: "Information processing systems -- Open Systems Interconnection -- Basic Reference
Model -- Part 2: Security Architecture".
[3] ETSI EN 300 396-2: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 2: Radio aspects".
[4] ETSI EN 300 392-7: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D);
Part 7: Security".
[5] ETSI EN 300 396-3: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 3: Mobile Station to Mobile Station (MS-MS) Air Interface (AI)
protocol".
[6] ETSI TS 100 392-15: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D);
Part 15: TETRA frequency bands, duplex spacings and channel numbering".
[7] ETSI EN 302 109: "Terrestrial Trunked Radio (TETRA); Security; Synchronization mechanism
for end-to-end encryption".
[8] ETSI EN 300 396-5: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 5: Gateway air interface".
[9] ETSI EN 300 396-4: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 4: Type 1 repeater air interface".
[10] ETSI TS 101 053-1: "Rules for the management of the TETRA standard encryption algorithms;
Part 1: TEA1".
ETSI

---------------------- Page: 7 ----------------------
8 ETSI EN 300 396-6 V1.6.1 (2016-11)
[11] ETSI TS 101 053-2: "Security Algorithms Group of Experts (SAGE); Rules for the management
of the TETRA standard encryption algorithms; Part 2: TEA2".
[12] ETSI TS 101 053-3: "Rules for the management of the TETRA standard encryption algorithms;
Part 3: TEA3".
[13] ETSI TS 101 053-4: "Rules for the management of the TETRA standard encryption algorithms;
Part 4: TEA4".
[14] ETSI TS 101 052: "Rules for the management of the TETRA standard authentication and key
management algorithm set TAA1".
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
Not applicable.
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
air interface encryption state: status of encryption in a call (on or off)
call transaction: all of the functions associated with a complete unidirectional transmission of information during a call
NOTE: A call is made up of one or more call transactions. In a simplex call these call transactions are sequential.
See ETSI EN 300 396-3 [5].
carrier number: integer, N, used in TETRA to represent the frequency of the RF carrier
NOTE: See ETSI TS 100 392-15 [6].
cipher key: value that is used to determine the transformation of plain text to cipher text in a cryptographic algorithm
cipher text: data produced through the use of encipherment
NOTE: The semantic content of the resulting data is not available (ISO 7498-2 [2]).
decipherment: reversal of a corresponding reversible encipherment
NOTE: See ISO 7498-2 [2].
Direct Mode Operation (DMO): mode of simplex operation where mobile subscriber radio units may communicate
using radio frequencies which may be monitored by, but which are outside the control of, the TETRA TMO network
NOTE: DM operation is performed without intervention of any base station. See ETSI EN 300 396-3 [5].
DMO-net: number of DMO MSs communicating together and using common cryptographic parameters
ETSI

---------------------- Page: 8 ----------------------
9 ETSI EN 300 396-6 V1.6.1 (2016-11)
encipherment: cryptographic transformation of data to produce cipher text
NOTE: See ISO 7498-2 [2].
encryption cipher key: cipher key used as input to the KSG, derived from an address specific cipher key and randomly
varied per channel using algorithm TB6
end-to-end encryption: encryption within or at the source end system, with the corresponding decryption occurring
only within or at the destination end system
explicit authentication: transaction initiated and completed specifically to demonstrate knowledge of a shared secret
where the secret is not revealed
implicit authentication: authenticity demonstrated by proof of knowledge of a shared secret where that demonstration
is a by-product of another function
key stream: pseudo random stream of symbols that is generated by a KSG for encipherment and decipherment
Key Stream Generator (KSG): cryptographic algorithm which produces a stream of binary digits which can be used
for encipherment and decipherment
NOTE: The initial state of the KSG is determined by the initialization value.
Key Stream
...

Draft ETSI EN 300 396-6 V1.6.0 (2016-04)






EUROPEAN STANDARD
Terrestrial Trunked Radio (TETRA);
Direct Mode Operation (DMO);
Part 6: Security

---------------------- Page: 1 ----------------------
2 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)



Reference
REN/TCCE-06191
Keywords
air interface, data, DMO, security, security mode,
speech, TETRA
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the
print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2016.
All rights reserved.

TM TM TM
DECT , PLUGTESTS , UMTS and the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members.
TM
3GPP and LTE™ are Trade Marks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
Contents
Intellectual Property Rights . 6
Foreword . 6
Modal verbs terminology . 6
1 Scope . 7
2 References . 7
2.1 Normative references . 7
2.2 Informative references . 8
3 Definitions and abbreviations . 8
3.1 Definitions . 8
3.2 Abbreviations . 9
4 DMO security class . 10
4.1 General . 10
4.2 DM-2-A . 11
4.3 DM-2-B . 11
4.4 DM-2-C . 11
5 DMO call procedures . 12
5.1 General . 12
5.1.1 Security profile . 12
5.1.1.0 General . 12
5.1.1.1 Indication of security parameters . 12
5.2 Security class on call setup . 13
5.2.1 General . 13
5.2.2 Normal behaviour . 13
5.2.3 Exceptional behaviour . 13
5.2.3.0 General . 13
5.2.3.1 Call-setup with presence check . 13
5.2.3.2 Call-setup without presence check . 13
5.2.3.3 Behaviour post call-setup . 13
5.3 Security class on call follow-on . 14
5.3.1 General . 14
5.3.2 Normal behaviour . 14
5.3.3 Exceptional behaviour . 14
6 Air interface authentication and key management mechanisms . 15
6.1 Authentication . 15
6.2 Repeater mode operation . 15
6.3 Gateway mode operation . 15
6.4 Air Interface (AI) key management mechanisms . 17
6.4.0 General . 17
6.4.1 Key grouping . 17
6.4.2 Identification of cipher keys in signalling . 20
7 Enable and disable mechanism . 20
8 Air Interface (AI) encryption . 20
8.1 General principles. 20
8.2 Encryption mechanism . 21
8.2.0 General . 21
8.2.1 Allocation of KSS to logical channels . 21
8.3 Application of KSS to specific PDUs. 22
8.3.0 General . 22
8.3.1 Class DM-1 . 22
8.3.2 Class DM-2A . 22
8.3.2.0 General . 22
8.3.2.1 DMAC-SYNC PDU encryption . 22
ETSI

---------------------- Page: 3 ----------------------
4 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
8.3.2.2 DMAC-DATA PDU encryption . 23
8.3.2.3 DMAC-FRAG PDU encryption . 23
8.3.2.4 DMAC-END PDU encryption . 23
8.3.2.5 DMAC-U-SIGNAL PDU encryption . 24
8.3.2.6 Traffic channel encryption . 24
8.3.3 Class DM-2B . 24
8.3.3.0 General . 24
8.3.3.1 DMAC-SYNC PDU encryption . 25
8.3.3.2 DMAC-DATA PDU encryption . 25
8.3.3.3 DMAC-FRAG PDU encryption . 25
8.3.3.4 DMAC-END PDU encryption . 26
8.3.3.5 DMAC-U-SIGNAL PDU encryption . 26
8.3.3.6 Traffic channel encryption . 26
8.3.4 Class DM-2C . 26
8.3.4.0 General . 26
8.3.4.1 DMAC-SYNC PDU encryption . 27
8.3.4.2 DMAC-DATA PDU encryption . 28
8.3.4.3 DMAC-FRAG PDU encryption . 28
8.3.4.4 DMAC-END PDU encryption . 28
8.3.4.5 DMAC-U-SIGNAL PDU encryption . 28
8.3.4.6 Traffic channel encryption . 28
8.4 Encryption of identities in repeater and gateway presence signal . 29
9 Encryption synchronization . 31
9.1 General . 31
9.1.0 Introduction. 31
9.1.1 Algorithm to establish frame number to increment TVP . 32
9.1.1.1 Master DM-MS operation . 32
9.1.1.2 Slave DM-MS operation . 32
9.2 TVP used for reception of normal bursts . 32
9.3 Synchronization of calls through a repeater . 33
9.3.0 General . 33
9.3.1 Algorithm to establish frame number to increment TVP . 34
9.3.1.1 Master DM-MS operation . 34
9.3.1.2 Slave DM-MS operation . 34
9.4 Synchronization of calls through a gateway . 34
9.5 Synchronization of data calls where data is multi-slot interleaved . 35
9.5.0 General . 35
9.5.1 Recovery of stolen frames from interleaved data . 36
Annex A (normative): Key Stream Generator (KSG) boundary conditions . 37
A.0 General . 37
A.1 Overview . 37
A.2 Use . 38
A.3 Interfaces to the algorithm . 38
A.3.0 General . 38
A.3.1 ECK . 38
A.3.1.0 General . 38
A.3.1.1 Use of ECK in class DM-2-A and DM-2-B . 38
A.3.1.2 Use of ECK in class DM-2-C . 39
A.3.2 Keystream. 39
A.3.3 Time Variant Parameter (TVP) . 39
Annex B (normative): Boundary conditions for cryptographic algorithm TB6 . 40
Annex C (informative): Encryption control in DM-MS . 41
C.0 Introduction . 41
C.1 General . 41
ETSI

---------------------- Page: 4 ----------------------
5 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
C.2 Service description and primitives . 41
C.2.0 General . 41
C.2.1 DMCC-ENCRYPT primitive . 42
C.2.2 DMC-ENCRYPTION primitive . 43
C.3 Protocol functions . 45
Annex D (informative): Bibliography . 46
Annex E (informative): Change request history . 47
History . 48

ETSI

---------------------- Page: 5 ----------------------
6 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Foreword
This draft European Standard (EN) has been produced by ETSI Technical Committee TETRA and Critical
Communications Evolution (TCCE), and is now submitted for the combined Public Enquiry and Vote phase of the
ETSI standards EN Approval Procedure.
The present document is part 6 of a multi-part deliverable covering Direct Mode Operation, as identified below:
Part 1: "General network design";
Part 2: "Radio aspects";
Part 3: "Mobile Station to Mobile Station (MS-MS) Air Interface (AI) protocol";
Part 4: "Type 1 repeater air interface";
Part 5: "Gateway air interface";
Part 6: "Security";
Part 7: "Type 2 repeater air interface";
Part 8: "Protocol Implementation Conformance Statement (PICS) proforma specification";
Part 10: "Managed Direct Mode Operation (M-DMO)".
NOTE: Parts 7, 8 and 10 of this multi-part deliverable are of "historical" status and will not be updated according
to this version of the standard.

Proposed national transposition dates
Date of latest announcement of this EN (doa): 3 months after ETSI publication
Date of latest publication of new National Standard
or endorsement of this EN (dop/e): 6 months after doa
Date of withdrawal of any conflicting National Standard (dow): 6 months after doa

Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
ETSI

---------------------- Page: 6 ----------------------
7 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
1 Scope
The present document defines the Terrestrial Trunked Radio system (TETRA) Direct Mode of operation. It specifies the
basic Air Interface (AI), the interworking between Direct Mode Groups via Repeaters and interworking with the
TETRA Trunked system via Gateways. It also specifies the security aspects in TETRA Direct Mode and the intrinsic
services that are supported in addition to the basic bearer and teleservices.
The present document describes the security mechanisms in TETRA Direct Mode. It provides mechanisms for
confidentiality of control signalling and user speech and data at the AI. It also provided some implicit authentication as
a member of a group by knowledge of a shared secret encryption key.
The use of AI encryption gives both confidentiality protection against eavesdropping, and some implicit authentication.
2 References
2.1 Normative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
Referenced documents which are not found to be publicly available in the expected location might be found at
https://docbox.etsi.org/Reference/.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are necessary for the application of the present document.
[1] ETSI EN 300 392-2: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 2: Air
Interface (AI)".
[2] ISO 7498-2: "Information processing systems -- Open Systems Interconnection -- Basic Reference
Model -- Part 2: Security Architecture".
[3] ETSI EN 300 396-2: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 2: Radio aspects".
[4] ETSI EN 300 392-7: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D);
Part 7: Security".
[5] ETSI EN 300 396-3: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 3: Mobile Station to Mobile Station (MS-MS) Air Interface (AI)
protocol".
[6] ETSI TS 100 392-15: "Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D);
Part 15: TETRA frequency bands, duplex spacings and channel numbering".
[7] ETSI EN 302 109: "Terrestrial Trunked Radio (TETRA); Security; Synchronization mechanism
for end-to-end encryption".
[8] ETSI EN 300 396-5: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 5: Gateway air interface".
[9] ETSI EN 300 396-4: "Terrestrial Trunked Radio (TETRA); Technical requirements for Direct
Mode Operation (DMO); Part 4: Type 1 repeater air interface".
[10] ETSI TS 101 053-1: "Rules for the management of the TETRA standard encryption algorithms;
Part 1: TEA1".
[11] ETSI TS 101 053-2: "Security Algorithms Group of Experts (SAGE); Rules for the management
of the TETRA standard encryption algorithms; Part 2: TEA2".
ETSI

---------------------- Page: 7 ----------------------
8 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
[12] ETSI TS 101 053-3: "Rules for the management of the TETRA standard encryption algorithms;
Part 3: TEA3".
[13] ETSI TS 101 053-4: "Rules for the management of the TETRA standard encryption algorithms;
Part 4: TEA4".
[14] ETSI TS 101 052: "Rules for the management of the TETRA standard authentication and key
management algorithm set TAA1".
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
reference document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long term validity.
The following referenced documents are not necessary for the application of the present document but they assist the
user with regard to a particular subject area.
Not applicable.
3 Definitions and abbreviations
3.1 Definitions
For the purposes of the present document, the following terms and definitions apply:
air interface encryption state: status of encryption in a call (on or off)
call transaction: all of the functions associated with a complete unidirectional transmission of information during a call
NOTE: A call is made up of one or more call transactions. In a simplex call these call transactions are sequential.
See ETSI EN 300 396-3 [5].
carrier number: integer, N, used in TETRA to represent the frequency of the RF carrier
NOTE: See ETSI TS 100 392-15 [6].
cipher key: value that is used to determine the transformation of plain text to cipher text in a cryptographic algorithm
cipher text: data produced through the use of encipherment
NOTE: The semantic content of the resulting data is not available (ISO 7498-2 [2]).
decipherment: reversal of a corresponding reversible encipherment
NOTE: See ISO 7498-2 [2].
Direct Mode Operation (DMO): mode of simplex operation where mobile subscriber radio units may communicate
using radio frequencies which may be monitored by, but which are outside the control of, the TETRA TMO network
NOTE: DM operation is performed without intervention of any base station. See ETSI EN 300 396-3 [5].
DMO-net: number of DMO MSs communicating together and using common cryptographic parameters
encipherment: cryptographic transformation of data to produce cipher text
NOTE: See ISO 7498-2 [2].
encryption cipher key: cipher key used as input to the KSG, derived from an address specific cipher key and randomly
varied per channel using algorithm TB6
ETSI

---------------------- Page: 8 ----------------------
9 Draft ETSI EN 300 396-6 V1.6.0 (2016-04)
end-to-end encryption: encryption within or at the source end system, with the corresponding decryption occurring
only within or at the destination end system
explicit authentication: transaction initiated and completed specifically to demonstrate knowledge of a shared secret
where the secret is not revealed
implicit authentication: authenticity demonstrated by proof of knowledge of a shared secret where that demonstration
is a by-product of another function
key stream: pseudo random stream of symbols that is generated by a KSG for encipherment and decipherment
Key Stream Generator (KSG): cryptographic algorithm which produces a stream of b
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.