The key deletion takes up to 30 seconds. During the period, the battery must not be removed. Removing the
battery during that period may lead to radio malfunction.
Encryption and/or Authentication keys are deleted. The radio enters Temporary Disable state and must be manually
restored by the service provider.
Secure DMO
The Secure Direct Mode Operation (DMO) feature guarantees key ciphered transmission in the DMO.
When DM-SCKs are provided by OTAR, you are informed in case the radio does not contain the complete set of
SDMO keys. Whenever the radio enters DMO and the radio does not possess past and present DM-SCKs for all
provisioned KAG and/or it has not yet successfully received SCK Subset Grouping Type, SCK Subset Number and
SCK-VN information from the SwMI, then the radio:
• plays a special reject tone.
• prompts a message indicating OTAR incomplete.
The radio provides SDMO status information to the user via the MMI DMOSCK Validity submenu inside the
Security menu (present only when configured in the codeplug):
• DMO SCK is Valid — DMO SCK OTAR is disabled and all DM-SCKs are provided using the KVL.
• DMO SCK is Valid — DMO SCK OTAR is enabled and the radio knows the current SCK information and has
all the corresponding past and present DM-SCKs.
• DMO SCK is Invalid in all other cases.
The radio supports system management of SDMO keys. The radio using system managed SDMO requires the
structure of DM-SCKs used for SDMO, the current active SCK Subset Number, and Version Number information to
coordinate key schedules. The radio considers the last received variant of this information PDU as the most accurate
indication of SDMO key configuration.
DMO SCK can only be used if Enhanced Security feature is purchased.
End-to-End Encryption
The TETRA standard supports air encryption. The radio creates the PDU (Protocol Data Unit) and the PDU is
encrypted before transmission. The base station receives this PDU and must decrypt it, to know what to do with it and
where to send it. Thus, if a PDU contains voice information, the voice part of the message has been decrypted and is
now unprotected, until it is transmitted out to the caller.
Figure 5: Voice and Data End to End Encryption
Data Services
TETRA System
Boundary
Voice Codec
PEI
End-to-End Encryption
Short Data Service Type 4
Standard TETRA Air Interface Encryption
and Key Management
End-to-End Key Management
44 | Services and Features
Send Feedback | |
To Next Page
Loading...
