Security Encryption and Management - PowerPoint PPT Presentation

Loading...

PPT – Security Encryption and Management PowerPoint presentation | free to view - id: 19ca94-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Security Encryption and Management

Description:

Chairman: TETRA Association Security and Fraud Prevention Group. 13th June 2006 ... AI encryption protects control channel messages as well as voice and data payloads ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 27
Provided by: Bri8308
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Security Encryption and Management


1
Security Encryption and Management
  • Brian Murgatroyd
  • Chairman
  • TETRA Association Security and Fraud Prevention
    Group

2
Agenda
  • Security threats
  • TETRA security features
  • Overall system security measures
  • Air interface security functions
  • End to end encryption
  • Interoperability and practical security measures

3
Security Threats
  • What are the main threats to your system?
  • Confidentiality?
  • Availability?
  • Integrity?

4
Message and User Related Threats
  • Message threats
  • Interception
  • Eavesdropping
  • Masquerading
  • Manipulation of data.
  • Replay
  • User related threats
  • traffic analysis
  • observability of user behaviour.

5
System Related Threats
  • ,
  • Denial of service
  • Jamming
  • Attacks via the IP network to switch off the
    functional boxes
  • Natural disasters-
  • fire, flood, earthquake

6
Overall TETRA Security
  • Several aspects to TETRA security
  • Technical security countermeasures
  • Secure Network Management and procedure
  • Lawful Interception
  • Standard algorithms

7
Network Security
  • IT security is vital in TETRA networks
  • Gateways are particularly vulnerable.
  • Operating staff need vetting
  • Firewalls required at access points to the network

8
TETRA security classes
  • Class Encryption OTAR Authentication
  • 1 No No Optional
  • 2 Static key Optional Optional
  • 3 Dynamic key Mandatory Mandatory

9
Authentication
  • Used to ensure that terminal is genuine and
    allowed on network.
  • Mutual authentication ensures that in addition to
    verifying the terminal, the SwMI can be trusted.
  • Authentication requires both SwMI and terminal
    have proof of secret key.
  • Successful authentication permits further
    security related functions to be downloaded.

10
Authentication
Generate RS
Authentication Centre (AuC)
K known only to AuC and MS
K
RS
TA11
KS
K
RS
Generate RAND1
KS (Session key) RS (Random seed)
TA11
KS
RAND1
RS, RAND1
KS
RAND1
RES1
TA12
DCK
Base station
TA12
XRES1
DCK1
Compare RES1 and XRES1
RES1
DCK1
11
Provisioning of authentication keys
  • Every terminal has a unique secret key (k) which
    has to be manually loaded to the terminal
    normally by the manufacturer
  • k associated with the TEI and sent to the network
    provider
  • Needs to be done securely and to the SFPG
    recommendation 01 file format
  • User organization provides the ISSI-TEI which it
    sends to the network provider
  • K-ISSI pairs in the authentication centre can be
    formed

12
Air interface encryption protection
13
Air interface encryption
  • As well as protecting voice, SDS and packet data
    transmissions
  • AI encryption protects control channel messages
    as well as voice and data payloads
  • encrypted registration protects identities and
    gives anonymity
  • Protection against replay attacks using an
    initialization vector derived form system timing
    (frame numbering)

14
Over The Air Re-keying (OTAR)
  • Populations of terminals tend to be large and the
    only practical way to change encryption keys is
    by OTAR
  • This is done securely by using a derived cipher
    key or a session key to wrap the downloaded key
  • The security functionality is transparent to the
    user as the network provider would normally be
    responsible for OTAR and management of AI keys

15
Air Interface traffic keys
  • Four traffic keys are used in class 3 systems-
  • Derived cipher Key (DCK)
  • derived from authentication process used for
    protecting uplink, one to one calls
  • Common Cipher Key(CCK)
  • protects downlink group calls and ITSI on initial
    registration
  • Group Cipher Key(GCK)
  • Provides crypto separation, combined with CCK
  • Static Cipher Key(SCK)
  • Used for protecting DMO and TMO fallback mode

16
Disabling of terminals
  • Vital to ensure the reduction of risk of threats
    to system by stolen and lost terminals
  • Relies on the integrity of the users to report
    losses quickly and accurately.
  • Disabling may be either temporary or permanent
  • Disabling stops the terminal working as a radio
    and
  • Permanent disabling removes all keys including
    (k)
  • Temporary disabling removes all traffic keys but
    allows ambience listening
  • The network or application must be able to
    remember disable commands to terminals that are
    not live on the network at the time of the
    original command being sent.

17
Standard air interface algorithms
  • TEA1 and TEA4
  • Generally exportable outside Europe. Designed
    for non public safety use
  • TEA2
  • Only for use in Europe for public safety and
    military organizations. Strictly export
    controlled
  • TEA3
  • For use by public safety and military
    organizations where TEA2 is not allowed. Strictly
    export controlled

18
Transfer of security parameters between networks
  • The authentication parameters (based on k) are
    very sensitive and should never be sent to a
    visited network
  • The way forward is to provide a set of parameters
    that will only be used in the visited network
  • WG6 are working on a revision to the standard to
    accommodate practical security functionality
    across an ISI

19
Evaluation of security mechanisms
  • How can a system be judged secure?
  • Evaluate threats and risks, independently if
    possible
  • Ensure correct implementation of security
  • Ensure mobile terminals have been evaluated
  • Use standard encryption algorithms
  • Regular audit and inspection

20
End to end encryption
  • Protects messages across an untrusted
    infrastructure
  • Provides enhanced confidentiality
  • Voice and SDS services
  • IP data services (soon)

Network
MS
MS
Air interface security between MS and network
End-to-end security between MSs
21
Benefits of end to end encryption in combination
with Air Interface encryption
  • Air interface (AI) encryption alone and end to
    end encryption alone both have their limitations
  • For most users AI security measures are
    completely adequate
  • Where either the network is untrusted, or the
    data is extremely sensitive then end to end
    encryption may be used in addition as a overlay.
  • Brings the benefit of encrypting addresses and
    signalling as well as user data across the Air
    Interface and confidentiality right across the
    network

22
Standard end to end encryption algorithms
  • There are no standard algorithms defined by
    SFPG but
  • IDEA was defined as a good candidate 64 bit block
    cipher algorithm for use with TETRA and test data
    and an example implementation was produced
  • AES128 (Rijndael) was defined as a good
    candidate 128 bit block cipher algorithm for use
    with TETRA and test data and an example
    implementation was produced
  • Both algorithms have proved popular with public
    safety organizations and give a good level of
    security assurance to sensitive data

23
Export control of crypto material
  • All cryptographic material and terminals capable
    of encryption are subject to export control
  • The authority has to be satisfied that the key
    length and algorithms used are allowed to be
    exported.
  • Guidance is given in the Wassenaar arrangement
    www.wassenaar.org but the export control
    authority must be approached in all cases

24
Lawful interception
  • In most countries public telecoms systems are
    subject to lawful interception by the security
    authorities
  • TETRA provides a standard interface to allow this
    functionality
  • Operators need to check with their security
    authorities whether their system needs to be
    equipped with this interface

25
Question
  • What would be the main reason for using end to
    end encryption for your users and is the
    additional expense worth the money and additional
    management bearing in mind the threats?

26
Conclusion
  • Security functions built in to TETRA from the
    start!
  • Air interface encryption protects, control
    traffic, IDs as well as voice and user traffic.
    End to end encryption gives higher level of
    assurance
  • Key management comes without user overhead
    because of OTAR.
About PowerShow.com