TETRA Your Service

1
TETRA _at_ Your Service

• The Security Mechanisms Designed into TETRA
• Jeppe Jepsen
• Motorola

2
Examining how to ensure the security of TETRA for
Public Safety use

• Identifying the key security features of TETRA
  and how these can be applied for Public Safety
  use
• Pinpointing how encryption within TETRA can be
  most effective used for Public Safety
  applications
• Examining the role of user practices in ensuring
  security of TETRA systems

3
Why TetraSchengenPolice Corporation
4
European Telecommunications Standard Institute

• TETRA is the only European interoperability
  standard for the digital trunked professional
  market place.

5
User Requirements

• TETRA was developed to address the unique
  integrated requirements of PMR and PAMR
• Group and Broadcast Calls
• Emergency Calls
• Fast Access (lt300 ms call set-up)
• Direct Mode Operation (DMO)
• Dispatch Operation
• National Agency Encryption
• Concurrent Voice Data
• Integrated Telephony
• Scalable Infrastructure

6
Key security features of TETRA

• Security ?
• Payload delivery security
• Protection against traffic analysis, observance
  of user behavior
• Protection against masquerading, replay,
  manipulation of data
• What about denial of service, jamming,
  unauthorized use of resources
• Authentication
• Air Interface Encryption (AIE)
• End to end Encryption

7
Authentication

• Explicit Authentication
• Authentication proves the user is who he claims
  to be
• Terminals can also authenticate the network
• Explicit proof for modifying groups, Stun/Kill
  etc.
• Based on a secret key K stored in the terminal
  and in the Authentication Centre (AuC)
• One of the outputs is the Derived Cipher Key used
  for Air Interface Encryption
• Implicit Authentication
• Implicit authentication also possible by shared
  knowledge of a secret encryption key.

8
Authentication
Authentication Centre (AuC)
Session keys
Switch 1
Switch 2
Challenge and response from Switch
MS Authentication

• Authentication provides proof identity of all
  radios attempting use of the network.
• A session key system from a central
  authentication centre allows key storage
• Secret key need never be exposed
• Authentication process derives air interface key
  (TETRA standard)

9
Tetra Authentication mapping to network elements
Generate RS
Authentication Centre (AuC)
K known only to AuC and MS
K
RS
TA11
KS
K
RS
Generate RAND1
KS (Session key) RS (Random seed)
TA11
KS
RAND1
RS, RAND1
KS
RAND1
RES1
TA12
DCK
EBTS
TA12
XRES1
DCK1
Compare RES1 and XRES1
RES1
DCK1
DCK used as individual air interface encryption
key
Network can provide encrypted key transfer for
all key material, including session keys
10
Authentication Centre security

• Level of AuC security is essential to meet
  security approval
• Quantity of key material can raise protective
  marking level
• Requires additional protection over standard
  database techniques to achieve approval
• Good design of AuC can use hardware crypto with
  tamper proofing and active erase facility to
  protect keys

11
What is Air Interface Encryption (AIE)?

• First level encryption used to protect
  information over the Air Interface
• Typically software implementation
• AIE is System Wide
• 3 different Classes
• Class 1
• No Encryption, can include Authentication
• Class 2
• Static Cipher Key Encryption, can include
  Authentication
• Class 3
• Dynamic Cipher Key Encryption
• Requires Authentication

12
TETRA Air Interface Encryption

• Network fixed links are considered difficult to
  intercept.

Operational Information
13
Dimetra Air Interface Encryption

• Full Implementation of AIE
• Authentication
• Static Cipher Key
• Common Cipher Key
• Derived Cipher Key
• Group Cipher Key
• Modified Group Cipher Key
• TEA 1, 2, 3 and TEA 4 algorithms
• Authentication Centre
• High grade key storage
• Key Management
• Key Loader

14
Air Interface Encryption - the Keys
Clear audio
SCK, CCK and MGCK controlled by System Owner DCK
Generated through Authentication Process
15
The importance of Air Interface encryption

• Many threats other than eavesdropping
• traffic analysis, observance of user behaviour
• Strong authentication
• AI protects control channel messages as well as
  voice and data payloads
• encrypted registration protects ITSIs
• End to end encryption if used alone is much
  weaker (it only protects the payload)

16
What does Tetra provide within End-to-End
encryption

• End to end encryption uses more secure
  implementations
• End to end encryption uses larger keys
• End to end encryption uses longer synchronisation
  vectors

17
Standardised end to end in TETRA

• Many organisations want their own algorithm
• Confidence in strength
• Better control over distribution
• ETSI Project TETRA provides standardised support
  for end to end Encryption
• To give TETRA standard alternative to proprietary
  offerings and technologies
• TETRA MoU Security and fraud Protection Group
• Provides detailed recommendation on how to
  implement end to end encryption in TETRA   
• Provides sample implementation using IDEA
  Algorithm

18
Summary

• Message related threats
• interception, eavesdropping, masquerading,
  replay, manipulation of data
• User related threats
• traffic analysis, observability of user behaviour
• System related threats
• denial of service, jamming, unauthorized use of
  resources