Browse Prior Art Database

Method to Optimize and Ensure Non-Destructive Crypto Period in a Trunking ASTRO25 Link Layer Encryption System

IP.com Disclosure Number: IPCOM000238930D
Original Publication Date: 2014-Sep-25
Included in the Prior Art Database: 2014-Sep-25
Document File: 3 page(s) / 133K

Publishing Venue

Motorola

Related People

Sowa, Hans: INVENTOR [+2]

Abstract

A Link Layer Encryption (LLE) system uses a Common Link Layer Encryption Key (CLEK) to provide confidentiality for control channel and voice channel traffic. The CLEK is changed on a periodic basis. If too many radios don’t have the future CLEK when it becomes active numerous requests on control channel will disrupt the system. Several criteria can be used to determine if any particular RF site will become overloaded if the CLEK changes. These include the number of radios at the RF site without the future CLEK, number of radios status is unknown, current traffic load on the RF site and the number of radios missing the CLEK at adjacent RF sites. The RF site keeps track of which radios don’t have the CLEK that will be changed from rekeys of the CLEK, authentication responses and location updates. An Authentication Center (AuC) queries the RF sites and determines if the change to the new CLEK should proceed as scheduled.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Method to Optimize and Ensure Non-Destructive Crypto Period in a Trunking ASTRO25 Link Layer Encryption System

By Hans Sowa, Mark Zollner

Motorola Solutions, Inc.

 

 

 

 

 

ABSTRACT

A Link Layer Encryption (LLE) system uses a Common Link Layer Encryption Key (CLEK) to provide confidentiality for control channel and voice channel traffic.  The CLEK is changed on a periodic basis.  If too many radios don’t have the future CLEK when it becomes active numerous requests on control channel will disrupt the system. 

Several criteria can be used to determine if any particular RF site will become overloaded if the CLEK changes.  These include the number of radios at the RF site without the future CLEK, number of radios status is unknown, current traffic load on the RF site and the number of radios missing the CLEK at adjacent RF sites. 

The RF site keeps track of which radios don’t have the CLEK that will be changed from rekeys of the CLEK, authentication responses and location updates.  An Authentication Center (AuC) queries the RF sites and determines if the change to the new CLEK should proceed as scheduled.  

 

 

 

 

PROBLEM

Delivery of a CLEK is done on the control channel to each radio separately encrypted with their Link Layer Key Encryption Key (LKEK) within a crypto period. When the current CLEK is active the system will rekey the radios with the future CLEK. When the future CLEK becomes active all radios missing the future CLEK will request it immediately on the control channel using a Link Key Request. If many radios are missing this key they will overload the inbound and outbound control channel and disrupt the operations of the system. If many radios not on the system currently do not have the newly active key, they can overload the control channel when they next register and authenticate. It is unlikely that 100% of the radios will have the future key before it comes active.

Just knowing how many radios in the system are missing the future CLEK is inadequate since several of the radios missing the future CLEK may be at the same RF site.

Waiting a very long time before changing to the future key will reduce the odds of ever overloading the control channel since more time will be given to rekey them. However, this gives cryptanalysts more time to break the CLEK and gives adversaries more time to remove a CLEK out of a stolen radio. So an optimized for the system crypto period is desirable.

 

SOLUTION

The RF sites will keep track of which radios need the future key by looking at the Authentication Responses and Location Registration Request indicating that the radio has LLE enabled and does not have the future key. If the RF site sees the radio has been rekeyed it will remove it from tracking. Before changing to the future key the Authentication Center (AuC) will ask each RF site how many radios need the future key. The RF site will respond with how many radios are missing the future key, the number of radios for which the information is not availa...