1 / 22

TETRA @ Your Service

TETRA @ Your Service. The Security mechanisms designed into TETRA – a refreshe r H ow do you ensure the so l ution is secure? “Jeppe” Jepsen Motorola. Threats to communication and the threats to security. Message related threats

uzuri
Download Presentation

TETRA @ Your Service

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TETRA @ Your Service The Security mechanisms designed into TETRA – a refresher How do you ensure the solution is secure? “Jeppe” Jepsen Motorola

  2. Threats to communication and the threats to security • Message related threats • interception, eavesdropping, masquerading, replay, manipulation of data • User related threats • traffic analysis, observability of user behaviour • System related threats • denial of service, jamming, unauthorized use of resources

  3. Why TetraSchengenPolice Corporation

  4. Key security features of TETRA • Authentication • Air Interface encryption • End to end Encryption

  5. Authentication Authentication Centre • Authentication provides proof identity of all radio’s attempting use of the network. • A session key system from a central authentication centre allows key storage • Secret key need never be exposed • Authentication process derives air interface key (TETRA standard) Session keys Switch 1 Switch 2 Challenge and response from Switch MS Authentication

  6. What is Air Interface Encryption? • First level encryption used to protect information over the Air Interface • Typically software implementation • AIE is System Wide • 3 different Classes • Class 1 • No Encryption, can include Authentication • Class 2 • Static Cipher Key Encryption, can include Authentication • Class 3 • Dynamic Cipher Key Encryption • Requires Authentication

  7. The air interface was considered vulnerable. • Air Interface encryption was designed to make the air interface as secure as the fixed line connection Fixed Links Air Interface Encryption Clear Air Interface! TETRA Air Interface Encryption • Network fixed links are considered difficult to intercept. Operational Information

  8. Dimetra Air Interface Encryption • Full Implementation of AIE • Authentication • Static Cipher Key • Common Cipher Key • Derived Cipher Key • Group Cipher Key • Modified Group Cipher Key • TEA 1, 2, 3 and TEA 4 algorithms • Authentication Centre • Key Management Centre • Key Loader for key distribution

  9. MS1 DCK1 A MS2 DCK2 Infrastructure Dispatcher 1 DCK3 MS3 C B MGCKB MGCKC SCK MS9 MS4 MS8 MS5 Group 1 SCK MS6 MS7 Air Interface Encryption - the Keys Clear audio SCK, CCK and MGCK controlled by System Owner DCK Generated through Authentication Process

  10. The importance of Air Interface encryption • Many threats other than eavesdropping • traffic analysis, observance of user behaviour • Strong authentication • AI protects control channel messages as well as voice and data payloads • encrypted registration protects ITSIs • End to end encryption if used alone is much weaker (it only protects the payload)

  11. Standardised end to end in TETRA • Many organisations want their own algorithm • Confidence in strength • Better control over distribution • ETSI Project TETRA provides standardised support for end to end Encryption • To give TETRA standard alternative to proprietary offerings and technologies • TETRA MoU – Security and fraud Protection Group • Provides detailed recommendation on how to implement end to end encryption in TETRA    • Provides sample implementation using IDEA and AES128

  12. Confidentiality Solutions – Air interface encryption • Should provide security equivalent to the fixed network • There are several issues of trust here • Do I trust that the AIE has been implemented properly • Do I trust the way that the network (or radio) stores keys • Do I trust the fixed network itself • A strong AIE implementation and an evaluated network can provide essential protection of information • An untested implementation and network may need reinforcing, for example with end to end encryption

  13. Processes for accreditation • HANDLING PROCESSES • Set Up Issues • Getting from the Organization Chart to planning secure communications • Getting the system setup properly • Introducing new units and new secure communications groups • Key Material Delivery Issues • Getting the right encryption keys into the right radio • Ensuring the security of key storage and distribution • Accomplishing fast, efficient periodic rekeying • Verifying readiness to communicate • Avoiding interruptions of service • Security Management Issues • Dealing with compromised or lost units • Integrating with key material distribution process • Audit control, event archival, and maintaining rekeying history • Controlling access to security management functions KEYLOAD PROCESS • Protect National Security • Key load in country of use • Key load by security cleared nationals • Remove keys from radios sent abroad for repair • Key Load encrypted • keys cannot be read while being programmed • Customer Friendly • Keys can be programmed “In Vehicle” (& away from secure area) • Accurate • Audit logs of key distribution • “In Country” Key Generation • Secure Storage • CONNECTION PROCESSES • Connected networks • Security levels • Assurance requirements • Barriers • Own operating procedures • Virus protection • PERSONNEL PROCESSES • Ensure personnel are adequately cleared and trained • Where do they live • Criminal records • Experience in secure environment • Signed relevant agreements • Procedures for security breaches • REPORTING PROCESSES • Stolen radio reporting • Radio disabling procedures • Radio key erasure procedures • Intrusion detection reporting and response • Attack detection and correlation …..and more.

  14. Assuring your security solution • Evaluation of solutions should be by a trusted independent body • Who? • Manufacturer? • Vested interest • Blindness to own weaknesses • End user • Do you have the skills?

  15. Assuring your security solution • Government • Closest to own requirements and solutions • Sets the rules as well as tests them • Can lead to changing requirements as threats change • Third party evaluation house • Need to ensure you can trust them • Proven capability, references, experience in the field • Can have more bandwidth than government • Typically evaluation of crypto solutions is undertaken by a government body, assurance of the rest of the network by a reputable company, but the accreditator has to be a member of the end user organisation • Who else can be allowed to accept the risks?

  16. And if you don’t have this capability? • Look for suppliers with track record and reputation • Look for validations of an equivalent solution elsewhere • Get some expert help on processes and procedures

  17. Finally….cost • Evaluation can be extremely expensive – how to get best value for money? • Stable requirements • Understanding the context • Strong implementations • It can be cheaper to spend more putting in a strong solution than the evaluation cost of a cheap solution! Proof for small lock Proof for large lock

  18. Does the government get good value? • How much do you value national security? • Do you understand the cost of security measures vs the cost of compromise? • Can you afford to risk doing nothing?

  19. EVALUATED Standard Essentials of a secure system • A strong standard • A good implementation • Experienced supplier • Trusted evaluation

  20. University Cryptanalysis Department Example accreditation issue • Your microwave link passes over a university with an MSc course in security Switch Site

  21. Security and Fraud Prevention Group – a TETRA MoU body • REC 02 – Framework for End to end Encryption and key Mangement • REC 03 – TETRA Threat Analysis • REC 04 – Implementation and use of TETRA Security Features

  22. Thank You ? www.tetramou.comwww.etsi.orgwww.motorola.com/tetraJeppe.Jepsen@Motorola.com

More Related