Browse Prior Art Database

Method to Provision Symmetric Keys in an Astro Radio without a persistent real-time clock Disclosure Number: IPCOM000189385D
Original Publication Date: 2009-Nov-07
Included in the Prior Art Database: 2009-Nov-07

Publishing Venue


Related People

Thomas, Shanthi: INVENTOR [+3]


Please refer to attached document describing the disclosure.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 15% of the total text.

Provisioning Symmetric Keys in


Devices that Lack Persistent Time-of-Day

Shanthi Thomas, Anthony Metke, Erwin Himawan, Thomas Senese

Motorola Inc.

Advanced Technology, Standards & Common Engineering & Astro System Engineering


This paper provides a brief description of how symmetric key provisioning currently occurs in public safety radios and how it can be improved using public key certificates. The improved method raises a serious concern.  This concern arises due to some P25 radios not maintaining a persistent time of day. This paper identifies methods to mitigate this problem.

Current Method of Provisioning Symmetric Keys

The TIA engineering committee TR-8 has developed a set of standards for public safety know as Project 25 (P25), which allow a Key management Facility (KMF) to send “Over the Air Re-keying” (OTAR) Key Management Messages (KMMs) to a radio .  When a radio is out of range of the radio system, KMMs can be transferred to the radio via the SKL as the transport medium rather than the common air interface. 

The KMM sent from the KMF to the radio includes a message number for replay protection, and a Message Authentication Code (MAC) for authentication. Additionally, the KMM is encrypted, and the transported keys are key-wrapped encrypted. This scheme does not work if the radio does not pre-possess the symmetric keys needed for the MAC, KMM encryption and key wrapping. The scheme also does not work if the message number assigned by the KMF does not fall within the range of message numbers that the radio is willing to accept.

This scheme uses symmetric keys to load a new set of symmetric keys in to a radio. While symmetric keys do not have a requirement for trusted time., the solution opens up issues regarding symmetric key management and the need for manual provisioning of the initial set of symmetric keys, thereby reducing its effectiveness.

Provisioning Symmetric Keys using Public Key Certificates

Public Key Cryptography involves the use of a public-private key pair. The private key remains private and is known only to the owner of the key pair. The public key can be made public and is certified to belong to a particular user or device by means of a pubic key certificate issued by a trusted Certificate Authority that binds the subject of the certificate to the public key in the certificate. A message that is encrypted using a public key can be decrypted only by the private key corresponding to the key pair and is known only to the owner of the key pair.

Once the radios are provisioned with public key certificates for itself and has access to public key certificates of the KMF, the symmetric key provisioning scenario is greatly simplified. There is no need to manually install the initial set of symmetric keys generated by the KMF into the radio. Instead, the radio and the KM...