Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Dubai04_5_TETRA_Security

advertisement 
TETRA @ Your Service
The Security mechanisms designed into
TETRA – a refresher
How do you ensure the solution is secure?
“Jeppe” Jepsen
Motorola
1
Threats to communication
and the threats to security
• Message related threats
– interception, eavesdropping, masquerading, replay,
manipulation of data
• User related threats
– traffic analysis, observability of user behaviour
• System related threats
– denial of service, jamming, unauthorized use of
resources
Why Tetra
Schengen
Police Corporation
Key security features of TETRA
• Authentication
• Air Interface encryption
• End to end Encryption
Authentication
Authentication Centre
Session keys
Switch 1
Switch 2
Challenge and
response from
Switch
MS
Authentication
• Authentication provides proof identity of all radio’s
attempting use of the network.
• A session key system from a central authentication
centre allows key storage
– Secret key need never be exposed
• Authentication process derives air interface key
(TETRA standard)
What is Air Interface Encryption?
• First level encryption used to protect information
over the Air Interface
– Typically software implementation
• AIE is System Wide
• 3 different Classes
– Class 1
No Encryption, can include Authentication
– Class 2
Static Cipher Key Encryption, can include Authentication
– Class 3
Dynamic Cipher Key Encryption
Requires Authentication
TETRA Air Interface Encryption
• Network fixed links are considered difficult to
intercept.
• The air interface was considered vulnerable.
• Air Interface encryption was designed to make the air
interface as secure as the fixed line connection
Operational
Information
Clear
Air
Interface!
Dimetra Air Interface Encryption
• Full Implementation of AIE
–
–
–
–
–
–
–
Authentication
Static Cipher Key
Common Cipher Key
Derived Cipher Key
Group Cipher Key
Modified Group Cipher Key
TEA 1, 2, 3 and TEA 4 algorithms
• Authentication Centre
• Key Management Centre
• Key Loader for key distribution
Air
Interface Encryption - the Keys
MS1
DCK1
MS2
MS3
DCK2
Clear audio
A
Infrastructure
DCK3
Dispatcher 1
C
SCK
MS8
MS9
B
MGCKB
MS4
MGCKC
MS5
Group 1
MS6
SCK
MS7
SCK, CCK and MGCK controlled by System
Owner
DCK Generated through Authentication
Process
The importance of Air Interface
encryption
• Many threats other than eavesdropping
– traffic analysis, observance of user behaviour
• Strong authentication
• AI protects control channel messages as
well as voice and data payloads
• encrypted registration protects ITSIs
• End to end encryption if used alone is
much weaker (it only protects the payload)
Standardised end to end in TETRA
• Many organisations want their own algorithm
– Confidence in strength
– Better control over distribution
• ETSI Project TETRA provides standardised
support for end to end Encryption
– To give TETRA standard alternative to proprietary offerings and
technologies
• TETRA MoU – Security and fraud Protection Group
– Provides detailed recommendation on how to implement end to end
encryption in TETRA
– Provides sample implementation using IDEA and AES128
Confidentiality Solutions –
Air interface encryption
• Should provide security equivalent to the
fixed network
• There are several issues of trust here
– Do I trust that the AIE has been implemented properly
– Do I trust the way that the network (or radio) stores keys
– Do I trust the fixed network itself
• A strong AIE implementation and an
evaluated network can provide essential
protection of information
• An untested implementation and network may
need reinforcing, for example with end to end
encryption
Processes for accreditation
HANDLING PROCESSES
KEYLOAD PROCESS
•
•
•
•
•
•
•
–
Protect National Security
–
–
–
Key load in country of use
Key load by security cleared nationals
Remove keys from radios sent abroad for repair
–
keys cannot be read while being programmed
–
Keys can be programmed “In Vehicle” (& away from
secure area)
Key Load encrypted
Accurate
•
Key Material Delivery Issues
–
–
–
–
–
•
Getting the right encryption keys into the right radio
Ensuring the security of key storage and distribution
Accomplishing fast, efficient periodic rekeying
Verifying readiness to communicate
Avoiding interruptions of service
Security Management Issues
–
–
–
–
Audit logs of key distribution
“In Country” Key Generation
Secure Storage
Dealing with compromised or lost units
Integrating with key material distribution process
Audit control, event archival, and maintaining rekeying history
Controlling access to security management functions
CONNECTION PROCESSES
•
Connected networks
–
–
–
–
–
REPORTING PROCESSES
•
•
•
•
•
Getting from the Organization Chart to planning secure
communications
Getting the system setup properly
Introducing new units and new secure communications groups
–
–
Customer Friendly
–
Set Up Issues
Stolen radio reporting
Radio disabling procedures
Radio key erasure procedures
Intrusion detection reporting and response
Attack detection and correlation
Security levels
Assurance requirements
Barriers
Own operating procedures
Virus protection
PERSONNEL PROCESSES
•
Ensure personnel are adequately cleared and trained
•
Where do they live
•
Criminal records
•
Experience in secure environment
•
Signed relevant agreements
•
Procedures for security breaches
…..and more.
Assuring your security
solution
• Evaluation of solutions should be by a
trusted independent body
• Who?
– Manufacturer?
Vested interest
Blindness to own weaknesses
– End user
Do you have the skills?
Assuring your security
solution
• Government
– Closest to own requirements and solutions
Sets the rules as well as tests them
Can lead to changing requirements as threats change
• Third party evaluation house
– Need to ensure you can trust them
– Proven capability, references, experience in the field
– Can have more bandwidth than government
• Typically evaluation of crypto solutions is undertaken
by a government body, assurance of the rest of the
network by a reputable company, but the accreditator
has to be a member of the end user organisation
– Who else can be allowed to accept the risks?
And if you don’t have this
capability?
• Look for suppliers with track record
and reputation
• Look for validations of an equivalent
solution elsewhere
• Get some expert help on processes
and procedures
Finally….cost
• Evaluation can be extremely expensive –
how to get best value for money?
– Stable requirements
– Understanding the context
– Strong implementations
• It can be cheaper to spend more putting in
a strong solution than the evaluation cost
of a cheap solution!
Proof for
small lock
Proof for
large lock
Does the government get good
value?
• How much do you value national
security?
• Do you understand the cost of
security
measures vs the cost of
compromise?
• Can you afford to risk doing nothing?
Essentials of a secure system
• A strong standard
• A good
implementation
• Experienced
supplier
• Trusted evaluation
Standard
Example accreditation issue
• Your microwave link passes over a
university with an MSc course in
security
University
Cryptanalysis
Department
Switch
Site
Security and Fraud Prevention
Group – a TETRA MoU body
• REC 02 – Framework for End to end
Encryption and key Mangement
• REC 03 – TETRA Threat Analysis
• REC 04 – Implementation and use of
TETRA Security Features
Thank You
?
www.tetramou.com
www.etsi.org
www.motorola.com/tetra
Jeppe.Jepsen@Motorola.com
Related documents
WLAN Information Security
WLAN Information Security
2_23
2_23
Topic 7 Using cryptography in mobile computing
Topic 7 Using cryptography in mobile computing
TETRA Security
TETRA Security
Chapter 11 HW
Chapter 11 HW
Data Encryption with SQL Server
Data Encryption with SQL Server
Chapter 6: Internet Protocol Security
Chapter 6: Internet Protocol Security
SafeNet Theatre Presentation
SafeNet Theatre Presentation
Secret Codes
Secret Codes
TEA1 - ETSI
TEA1 - ETSI
Job requirements
Job requirements
Download
advertisement