Motorola MTM800 - 11.4.1 E2 E Key Storage; 11.5 Terminal Disable;Enable; 11.6 Terminal Permanent Disable

To Next Page

To Previous Page

2-40 Services and Feature Description

6866537D87-F Chapter 2 - MTM800 Product Information Manual September 2008

• TMO Group Call (selected group, scanned group, announcement group, console patch

groups - if the console is capable to patch groups, priority monitor and emergency group call)

• DMO Group Call (direct, via DMO gateway, via DMO repeater)

• Private Call (half-duplex, full-duplex)

Note: Phone Calls and PABX Calls will be always clear and E2E related alert tones will not be play.

11.4.1 E2E Key Storage

The terminal stores the E2E keys:

Key encryption key (KEK) - This is the encryption key used to seal other encryption keys for

secure storage or transmission.

Traffic encryption key (TEK) - This is the encryption key used for the EtE.

The terminal supports loading of the encryption keys via the KVL/KMF solution.

11.5 Terminal Disable/Enable

Terminal disable is possible using TETRA Temporary Disable. The Dimetra IP system disables and

re-enables the terminal’s ’subscription’ (ITSI) and this is supported by the terminal.

Upon receipt of a D-DISABLE with ’Subscription Disable’, the correct SSI and MNI of the MS, the

terminal will be disabled and the terminal will remember this during power down.

Whilst disabled, the terminal continues to perform Mobility Management functions to facilitate

subsequent enabling of the terminal.

The terminal must receive the D - Enable message with its SSI and MNI before being restored to

normal service.

Benefits:

❏ Immediate disabling of the subscriber by the dispatcher via the air interface if the terminal is

compromised/stolen.

❏ Reversible, the terminal can be enabled again once found.

Note: If the encryption keys are erased, the MS puts itself in the disabled state. Permanent Disable

is not supported

11.6 Terminal Permanent Disable

Permanent disabling is intended to protect a network from attack from a compromised or faulty MS.

It can be used when the MS is known to have been compromised, or has been suspected of

compromise for a long time.

It is a one way function, there is no equivalent enable. The MS would need to be recovered and

reprogrammed before it could be used again.

When the MS is permanently disabled, it becomes inoperable:

❏ All its security key material, that is GCK, GSKO, DMO SCKs, Ks, DCK, CCK, TMO SCKs and

End-to-End key material are deleted.

❏ All its Codeplug is deleted.

❏ All its Software is deleted.

❏ All its MMI interfaces on the MS are disabled.

Other manuals for Motorola MTM800