ETSI EN 300 392-7 V2.1.1 (2001-02)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Prizemni snopovni radio (TETRA) – Govor in podatki (V+D) – 7. del: VarnostTerrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security33.070.10Prizemni snopovni radio (TETRA)Terrestrial Trunked Radio (TETRA)ICS:Ta slovenski standard je istoveten z:EN 300 392-7 Version 2.1.1SIST EN 300 392-7 V2.1.1:2003en01-december-2003SIST EN 300 392-7 V2.1.1:2003SLOVENSKI
STANDARD



SIST EN 300 392-7 V2.1.1:2003



ETSIEN300392-7V2.1.1(2001-02)EuropeanStandard(Telecommunicationsseries)TerrestrialTrunkedRadio(TETRA);VoiceplusData(V+D);Part7:SecuritySIST EN 300 392-7 V2.1.1:2003



ETSIETSIEN300392-7V2.1.1(2001-02)2ReferenceREN/TETRA-06001-7KeywordsTETRA,V+D,SecurityETSI650RoutedesLuciolesF-06921SophiaAntipolisCedex-FRANCETel.:+33492944200Fax:+33493654716SiretN°34862356200017-NAF742CAssociationàbutnonlucratifenregistréeàlaSous-PréfecturedeGrasse(06)N°7803/88ImportantnoticeIndividualcopiesofthepresentdocumentcanbedownloadedfrom:http://www.etsi.orgThepresentdocumentmaybemadeavailableinmorethanoneelectronicversionorinprint.Inanycaseofexistingorperceiveddifferenceincontentsbetweensuchversions,thereferenceversionisthePortableDocumentFormat(PDF).Incaseofdispute,thereferenceshallbetheprintingonETSIprintersofthePDFversionkeptonaspecificnetworkdrivewithinETSISecretariat.Usersofthepresentdocumentshouldbeawarethatthedocumentmaybesubjecttorevisionorchangeofstatus.InformationonthecurrentstatusofthisandotherETSIdocumentsisavailableathttp://www.etsi.org/tb/status/Ifyoufinderrorsinthepresentdocument,sendyourcommentto:editor@etsi.frCopyrightNotificationNopartmaybereproducedexceptasauthorizedbywrittenpermission.Thecopyrightandtheforegoingrestrictionextendtoreproductioninallmedia.©EuropeanTelecommunicationsStandardsInstitute2001.Allrightsreserved.SIST EN 300 392-7 V2.1.1:2003



ETSIETSIEN300392-7V2.1.1(2001-02)3ContentsIntellectualPropertyRights.9Foreword.91Scope.101.1Securityclasses.101.2Documentlayout.102References.113Definitions,symbolsandabbreviations.123.1Definitions.123.2Abbreviations.144AirInterfaceauthenticationandkeymanagementmechanisms.164.1Airinterfaceauthenticationmechanisms.164.1.1Overview.164.1.2Authenticationofauser.164.1.3Authenticationoftheinfrastructure.174.1.4Mutualauthenticationofuserandinfrastructure.184.1.5Theauthenticationkey.204.1.5.1MakingKavailableinanMS.214.1.6Equipmentauthentication.214.2AirInterfacekeymanagementmechanisms.214.2.1TheDCK.224.2.2TheGCK.224.2.3TheCCK.234.2.4TheSCK.244.2.5TheGSKO.254.2.5.1SCKdistributiontogroupswithOTAR.264.2.5.2GCKdistributiontogroupswithOTAR.264.2.6EncryptedShortIdentity(ESI)mechanism.264.2.7EncryptionCipherKey.274.2.8SummaryofAIkeymanagementmechanisms.284.3Servicedescriptionandprimitives.294.3.1Authenticationprimitives.294.3.2SCKtransferprimitives.304.3.3GCKtransferprimitives.304.3.4GSKOtransferprimitives.314.4Authenticationprotocol.324.4.1Authenticationstatetransitions.324.4.1.1Descriptionofauthenticationstates.354.4.2Authenticationprotocolsequencesandoperations.354.4.2.1MSCsforauthentication.364.4.2.2MSCsforauthenticationType-3element.424.4.2.3ControlofauthenticationtimerT354atMS.464.5OTARProtocols.474.5.1CCKdelivery-protocolfunctions.474.5.1.1SwMI-initiatedCCKprovision.484.5.1.2MS-initiatedCCKprovisionwithU-OTARCCKDemand.494.5.1.3MS-initiatedCCKprovisionwithannouncedcellreselection.504.5.2OTARprotocolfunctions-SCK.504.5.2.1MSrequestsprovisionofSCK(s).514.5.2.2SwMIprovidesSCK(s)toindividualMS.524.5.2.3SwMIprovidesSCK(s)togroupofMSs.534.5.3OTARprotocolfunctions-GCK.544.5.3.1MSrequestsprovisionofGCK.554.5.3.2SwMIprovidesGCKtoanindividualMS.564.5.3.3SwMIprovidesGCKtoagroupofMSs.57SIST EN 300 392-7 V2.1.1:2003



ETSIETSIEN300392-7V2.1.1(2001-02)44.5.4Cipherkeyassociationtogroupaddress.594.5.4.1SCKassociationforDMO.594.5.4.2GCKassociation.604.5.5Notificationofkeychangeovertheair.614.5.5.1ChangeofDCK.634.5.5.2ChangeofCCK.634.5.5.3ChangeofGCK.634.5.5.4ChangeofSCKforTMO.634.5.5.5ChangeofSCKforDMO.634.5.5.6SynchronizationofCipherKeyChange.644.5.6Securityclasschange.644.5.6.1Changeofsecurityclasstosecurityclass1.644.5.6.2Changeofsecurityclasstosecurityclass2.644.5.6.3Changeofsecurityclasstosecurityclass3.655Enableanddisablemechanism.665.1Generalrelationships.665.2Enable/disablestatetransitions.665.3Mechanisms.675.3.1DisableofMSequipment.685.3.2DisableofMSsubscription.685.3.3DisableanMSsubscriptionandequipment.685.3.4EnableanMSequipment.685.3.5EnableanMSsubscription.685.3.6EnableanMSequipmentandsubscription.685.4Enable/disableprotocol.695.4.1Generalcase.695.4.2Statusofcipherkeymaterial.695.4.3Specificprotocolexchanges.695.4.3.1DisablinganMSwithauthentication.705.4.3.2EnablinganMSwithauthentication.715.4.4EnablinganMSwithoutauthentication.725.4.5DisablinganMSwithoutauthentication.735.4.6Rejectionofenableordisablecommand.735.4.7MMserviceprimitives.745.4.7.1TNMM-DISABLINGprimitive.745.4.7.2TNMM-ENABLINGprimitive.756AirInterface(AI)encryption.766.1Generalprinciples.766.2Securityclass.776.2.1ConstraintsonLAarisingfromcellclass.786.3KeyStreamGenerator(KSG).786.3.1KSGnumberingandselection.796.3.2Interfaceparameters.796.3.2.1InitialValue(IV).796.3.2.2CipherKey.806.4Encryptionmechanism.806.4.1AllocationofKSStologicalchannels.816.4.2AllocationofKSStologicalchannelswithPDUassociation.816.4.3Synchronizationofdatacallswheredataismulti-slotinterleaved.836.4.4Recoveryofstolenframesfrominterleaveddata.836.5Useofcipherkeys.846.5.1IdentificationofencryptionstateofdownlinkMACPDUs.856.5.1.1Class1cells.856.5.1.2Class2cells.856.5.1.3Class3cells.856.5.2IdentificationofencryptionstateofuplinkMACPDUs.866.6Mobilityprocedures.866.6.1Generalrequirements.866.6.1.1Additionalrequirementsforclass3systems.866.6.2Protocoldescription.86SIST EN 300 392-7 V2.1.1:2003



ETSIETSIEN300392-7V2.1.1(2001-02)56.6.2.1Negotiationofcipherparameters.876.6.2.1.1Class1cells.876.6.2.1.2Class2cells.876.6.2.1.3Class3cells.876.6.2.2Initialandundeclaredcellre-selection.876.6.2.3Unannouncedcellre-selection.896.6.2.4Announcedcellre-selectiontype-3.896.6.2.5Announcedcellre-selectiontype-2.896.6.2.6Announcedcellre-selectiontype-1.906.6.2.7Keyforwarding.906.7Encryptioncontrol.926.7.1Datatobeencrypted.926.7.1.1Downlinkcontrolchannelrequirements.926.7.1.2EncryptionofMACheaderelements.926.7.1.3Trafficchannelencryptioncontrol.926.7.2Servicedescriptionandprimitives.936.7.2.1MobilityManagement(MM).946.7.2.2MobileLinkEntity(MLE).946.7.2.3Layer2.966.7.3Protocolfunctions.966.7.3.1MM.966.7.3.2MLE.966.7.3.3LLC.966.7.3.4MAC.966.7.4PDUsforciphernegotiation.977End-to-endencryption.977.1Introduction.977.2Voiceencryptionanddecryptionmechanism.987.2.1Protectionagainstreplay.997.3Dataencryptionmechanism.997.4Exchangeofinformationbetweenencryptionunits.997.4.1Synchronizationofencryptionunits.997.4.2Encryptedinformationbetweenencryptionunits.1007.4.3Transmission.1017.4.4Reception.1037.4.5Stolenframeformat.1037.5Locationofsecuritycomponentsinthefunctionalarchitecture.1047.6End-to-endKeyManagement.106AnnexA(normative):PDUandelementdefinitions.107A.1AuthenticationPDUs.107A.1.1D-AUTHENTICATIONDEMAND.107A.1.2D-AUTHENTICATIONREJECT.107A.1.3D-AUTHENTICATIONRESPONSE.108A.1.4D-AUTHENTICATIONRESULT.108A.1.5U-AUTHENTICATIONDEMAND.108A.1.6U-AUTHENTICATIONREJECT.109A.1.7U-AUTHENTICATIONRESPONSE.109A.1.8U-AUTHENTICATIONRESULT.110A.2OTARPDUs.110A.2.1D-OTARCCKProvide.110A.2.2U-OTARCCKDemand.110A.2.3U-OTARCCKResult.111A.2.4D-OTARGCKProvide.111A.2.5U-OTARGCKDemand.112A.2.6U-OTARGCKResult.112A.2.7D-OTARSCKProvide.113A.2.8U-OTARSCKDemand.113A.2.9U-OTARSCKResult.114A.2.10D-OTARGSKOProvide.114SIST EN 300 392-7 V2.1.1:2003



ETSIETSIEN300392-7V2.1.1(2001-02)6A.2.11U-OTARGSKODemand.114A.2.12U-OTARGSKOResult.115A.3PDUsforkeyassociationtoGTSI.115A.3.1D-OTARKEYASSOCIATEDEMAND.115A.3.2U-OTARKEYASSOCIATESTATUS.116A.4PDUstosynchronisekeyorsecurityclasschange.116A.4.1D-CKCHANGEDEMAND.116A.4.2U-CKCHANGERESULT.117A.5OthersecuritydomainPDUs.118A.5.1U-TEIPROVIDE.118A.5.2U-OTARPREPARE.118A.5.3D-OTARNEWCELL.119A.6PDUsforEnableandDisable.119A.6.1D-DISABLE.119A.6.2D-ENABLE.120A.6.3U-DISABLESTATUS.120A.7MMPDUtype3informationelementscoding.121A.7.1Authenticationdownlink.121A.7.2Authenticationuplink.121A.8PDUInformationelementscoding.122A.8.1Acknowledgementflag.122A.8.2Addressextension.122A.8.3Authenticationchallenge.
...