Presentation is loading. Please wait.

Presentation is loading. Please wait.

TWC 2003 Copenhagen1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd.

Published byCathleen Patterson Modified over 9 years ago

Similar presentations

Presentation on theme: "TWC 2003 Copenhagen1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd."— Presentation transcript:

1 TWC 2003 Copenhagen1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd

2 TWC 2003 Copenhagen2 Agenda Why security is important in TETRA systems Overview of TETRA security features Authentication Air interface encryption Key Management Terminal Disabling End to End Encryption

3 TWC 2003 Copenhagen3 Security Threats What are the main threats to your system? Confidentiality? Availability? Integrity?

4 TWC 2003 Copenhagen4 Message Related Threats interception Confidentiality –by hostile government agencies eavesdropping –by hackers, criminals, terrorists masquerading –pretending to be legitimate user manipulation of data.Integrity –changing messages Replay –recording messages and replaying them later

5 TWC 2003 Copenhagen5 User Related Threats traffic analysis Confidentiality –getting intelligence from patterns of the traffic-frequency- message lengths-message types observability of user behaviour. Confidentiality –examining where the traffic is observed - times of day-number of users

6 TWC 2003 Copenhagen6 System Related Threats denial of serviceAvailability –preventing the system working by attempting to use up capacity jamming Availability –Using RF energy to swamp receiver sites unauthorized use of resourcesIntegrity –Illicit use of telephony, interrogation of secure databases

7 TWC 2003 Copenhagen7 TETRA Air Interface security functions Authentication TETRA has strong mutual authentication requiring knowledge of secret key Encryption –Dynamic key encryption (class 3) Static key encryption (class2) Terminal Disabling Secure temporary or permanent disable Over the Air Re-keying (OTAR) for managing large populations without user overhead Aliasing/User logon To allow association of user to terminal

8 TWC 2003 Copenhagen8 User authentication (aliasing) Second layer of security Ensures the user is associated with terminal User logon to network aliasing server log on with Radio User Identity and PIN Very limited functionality allowed prior to log on Log on/off not associated with terminal registration Could be used as access control for applications as well as to the Radio system

9 TWC 2003 Copenhagen9 Security Classes ClassAuthentication EncryptionOther 1OptionalNone- 2OptionalStaticESI 3MandatoryDynamicESI

10 TWC 2003 Copenhagen10 Authentication Used to ensure that terminal is genuine and allowed on network. Mutual authentication ensures that in addition to verifying the terminal, the SwMI can be trusted. Authentication requires both SwMI and terminal have proof of secret key. Successful authentication permits further security related functions to be downloaded.

11 TWC 2003 Copenhagen11 Authentication process MobileBase station Authentication Centre K Random Seed (RS) RS KS Rand Expected Result K RS Rand Result TA11 TA12 TA11 KS ( Session key ) Same?

12 TWC 2003 Copenhagen12 Deriving DCK from mutual authentication DCK2 DCK1 DCK Infrastructure-MS authentication MS-Infrastructure authentication TB4

13 TWC 2003 Copenhagen13 Encryption Process Clear data in Encrypted data out Key Stream Generator (TEA[x]) Modulo 2 addition (XOR) Initialisation Vector (IV) ABCDEFGH y4Mv#Qt q c Traffic Key Key Stream Segments Combining algorithm (TB5) I CN LA CC

14 TWC 2003 Copenhagen14 Air Interface traffic keys Four traffic keys are used in class 3 systems:- Derived cipher Key (DCK) –derived from authentication process used for protecting uplink, one to one calls Common Cipher Key(CCK) –protects downlink group calls and ITSI on initial registration Group Cipher Key(GCK) –Provides crypto separation, combined with CCK Static Cipher Key(SCK ) –Used for protecting DMO and TMO fallback mode

15 TWC 2003 Copenhagen15 DMO Security Implicit Authentication Static Cipher keys No disabling

16 TWC 2003 Copenhagen16 TMO SCK OTAR scheme DMO SCKs must be distributed when terminals are operating in TMO. In normal circumstances, terminals should return to TMO coverage within a key lifetime A typical DMO SCK lifetime may be between 2 weeks and 6 months Key Management Centre TETRA Infrastructure

17 TWC 2003 Copenhagen17 Key Overlap scheme used for DMO SCKs The scheme uses Past, Present and Future versions of an SCK. System Rules –Terminals may only transmit on their Present version of the key. –Terminals may receive on any of the three versions of the key. This scheme allows a one key period overlap. PastPresentFuture Receive Transmit

18 TWC 2003 Copenhagen18 Disabling of terminals Vital to ensure the reduction of risk of threats to system by stolen and lost terminals Relies on the integrity of the users to report losses quickly and accurately. May be achieved by removing subscription and/or disabling terminal Disabling may be either temporary or permanent Permanent disabling removes all keys including (k) Temporary disabling removes all traffic keys but allows ambience listening

19 TWC 2003 Copenhagen19 End to end encryption End-to-end security between MS’s NetworkMS Air interface security between MS and network MS Protects messages across an untrusted infrastructure Provides enhanced confidentiality Voice and SDS services IP data services (soon)

20 TWC 2003 Copenhagen20 End to end encryption features Additional synchronization carried in stolen half frames Standard algorithms available or national solutions Key Management in User Domain

21 TWC 2003 Copenhagen21 Limitations of End to End Encryption Only protects the user payload (confidentiality protection) Requires a transparent network - no transcoding-All the bits encrypted at the transmitting end must be decrypted at the receiver Will not work outside the TETRA domain frequent transmission of synchronization vector needs to ensure good late entry capability but as frame stealing is used this may impact slightly on voice quality.

22 TWC 2003 Copenhagen22 End to end keys Traffic encryption key(TEK). Three editions used in terminal to give key overlap. Group Key encryption key(GEK) used to protection TEKs during OTAR. Unique KEK(long life) used to protect GEKs during OTAR. Signalling Encryption Keys (SEK) used optionally for control traffic

23 TWC 2003 Copenhagen23 Benefits of end to end encryption with Air Interface encryption Air interface (AI) encryption alone and end to end encryption alone both have their limitations For most users AI security measures are completely adequate Where either the network is untrusted, or the data is extremely sensitive then end to end encryption may be used in addition Brings the benefit of encrypting addresses and signalling as well as user data across the Air Interface and confidentiality right across the network

24 TWC 2003 Copenhagen24 Conclusions Security functions built in from the start! User friendly and transparent key management. Air interface encryption protects control traffic, IDs as well as voice and user traffic. Key management comes without user overhead because of OTAR.

Download ppt "TWC 2003 Copenhagen1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd."

Similar presentations

An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption By Arpan Pal Wireless Group Center of Excellence for Embedded Systems.

An Alternative Approach for Enhancing Security of WMANs using Physical Layer Encryption By Arpan Pal Wireless Group Center of Excellence for Embedded Systems.
Secure Mobile IP Communication

Secure Mobile IP Communication
SCSC 455 Computer Security

SCSC 455 Computer Security
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Brian Murgatroyd UK Home Office

Brian Murgatroyd UK Home Office
TETRA - Direct Mode Operation

TETRA - Direct Mode Operation
GSM Security and Encryption

GSM Security and Encryption
Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.

Su Youn Lee, Su Mi Lee and Dong Hoon Lee Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
TETRA Inter System Interface (ISI)

TETRA Inter System Interface (ISI)
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security Encryption and Management

Security Encryption and Management
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
TWC 2005 Frankfurt 1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd UK Police IT Organization.

TWC 2005 Frankfurt 1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd UK Police IT Organization.

Similar presentations

Ads by Google