E F Johnson Company 2425333 Benutzerhandbuch
10-9
Secure Communication (Encryption)
10.4.3 Key Management Facility
The Key Management Facility (KMF) provides key management and OTAR functions to
applicable radios within the radio system. One of the main tasks of the KMF is to maintain
a data base of encryption information contained in each radio. This information may
include the following:
applicable radios within the radio system. One of the main tasks of the KMF is to maintain
a data base of encryption information contained in each radio. This information may
include the following:
• TEKs (main Traffic Encryption Keys)
• KEKs (Key Encryption Keys) used to encrypt keys within OTAR messages
• Keysets (groups of TEKs or KEKs)
• Individual and group Radio Set Identifiers (RSIs)
The KMF performs OTAR functions by exchanging Key Management Messages (KMMs)
with the radios. Both the KMF and radio can originate messages. Some functions
performed by the KMF are as follows:
with the radios. Both the KMF and radio can originate messages. Some functions
performed by the KMF are as follows:
• Loading new keys
• Modifying keys
• Initiating active keyset switch overs
• Modifying keyset names
• Deleting keys
• Deleting all keys (zeroize) when a radio may be lost or compromised
• Determining if a radio is on the air and reading key information
• Changing individual and group RSIs
• Manage Subscriber Groups (groups of radios using the same keys).
10.4.4 Message Number Period (MNP)
One of the parameters that is programmed in a radio using OTAR is Message Number
Period (MNP). This parameter is used to minimize the possibility of someone sending
messages to “spoof” the system or radio. The MNP is used as follows.
Period (MNP). This parameter is used to minimize the possibility of someone sending
messages to “spoof” the system or radio. The MNP is used as follows.
Every message sent out has a message number. The message number increments by one
with each message sent. The MNP is the maximum difference allowed between messages.
For example, if the MNP is set to 1000 and the last message number received by the radio
is older by more than 1000 from the current message number, the current message is
ignored, and a message number resynchronization process will be automatically
attempted. If the MNP is set to 65535, message numbers are ignored.
with each message sent. The MNP is the maximum difference allowed between messages.
For example, if the MNP is set to 1000 and the last message number received by the radio
is older by more than 1000 from the current message number, the current message is
ignored, and a message number resynchronization process will be automatically
attempted. If the MNP is set to 65535, message numbers are ignored.