2-36 Services and Feature Description
6866537D87-F Chapter 2 - MTM800 Product Information Manual September 2008
11.3.3 Derived Cipher Key Encryption DCK, Common Cipher Keys CCK and Group Cipher Keys
GCK (Class 3)
Background:
DCK/CCK/GCK required to prevent over-exposure of key material.
Existing encryption systems use Static Cipher Keys (SCK), one key is used for all terminals and all
calls:
Key material is often exposed
SCK logistics of changing keys = reprogram all terminals & Base Stations
Feature description:
DCK is used for both uplink and downlink for private calls
DCK/CCK/GCK encryption provides DCK (Derived Cipher Key) for “uplink” (from terminal to EBTS)
communication and CCK (Common Cipher Key) or GCK (Group Cipher Key) for “downlink” (from
EBTS to terminals) group communication
Functionality:
The terminals supporting Dynamic Key Encryption identify themselves to the system as Class 3
terminals during registry and attempt to negotiate Class 3 encryption.
A Class 3 terminal supports group addressed signalling and group call traffic encryption using
Common Cipher Keys (CCK) as well as encryption of uplink and down link individually addressed
signalling messages and individual call traffic (private or phone) using its derived cipher key (DCK).
Additionally Class 3 supports dedicated group addressed signalling and dedicated group call traffic
encryption using Group Cipher Keys (GCK) to cryptographically isolate talk groups.
The DCK is derived from either the one way or mutual authentication process and the CCK is
received during registry. GCK is received through OTAR mechanism only.
The terminals support ‘Over the Air Rekeying’ (OTAR) of the CCK and GCK by the system.
A ‘Clear’ terminal is able set up calls to and receive calls from encrypted terminals. The system
informs the encrypted terminals that the call is with a Clear Terminal and they switch to clear
operation. Class 2 & 3 terminals can only do this if they are allowed to operate in a lower class.
To Next Page
Loading...
