E F Johnson Company 2425333 Benutzerhandbuch
10-10
Secure Communication (Encryption)
When determining this number, consider the likelihood of someone trying to spoof the
system by retransmitting recorded messages and then adjust the MNP accordingly. The
higher the risk, the smaller the MNP should be. A disadvantage of setting a low MNP is
that the chance of rejecting valid messages becomes higher. In addition, traffic level and
terrain contribute to lost messages and should also be considered when selecting this
number. If the message numbers become out-of-sync between the radio and the KMF, an
automatic resynchronization process will take place, which requires additional bandwidth.
Note that this process is not possible if the radio does not share a TEK with the KMF.
system by retransmitting recorded messages and then adjust the MNP accordingly. The
higher the risk, the smaller the MNP should be. A disadvantage of setting a low MNP is
that the chance of rejecting valid messages becomes higher. In addition, traffic level and
terrain contribute to lost messages and should also be considered when selecting this
number. If the message numbers become out-of-sync between the radio and the KMF, an
automatic resynchronization process will take place, which requires additional bandwidth.
Note that this process is not possible if the radio does not share a TEK with the KMF.
A setting of 1000 will block out very old messages but is unlikely to affect anything
intentionally sent out by the system (1000 messages sent to a single radio is not likely to
occur in a system in less than a year with normal usage).
intentionally sent out by the system (1000 messages sent to a single radio is not likely to
occur in a system in less than a year with normal usage).
10.4.5 Definitions
Algorithm - Refers to the specific encryption standard (DES or AES) that is used to
encrypt a message. Each standard uses different calculations to perform the encryption
(see Section 10.1).
encrypt a message. Each standard uses different calculations to perform the encryption
(see Section 10.1).
Algorithm ID (ALGID) - Identifies the algorithm (DES or AES) used to encrypt a
message. This ID and the Key ID are transmitted with each non-analog message to
uniquely identify the key being used.
message. This ID and the Key ID are transmitted with each non-analog message to
uniquely identify the key being used.
Black - Refers to information that is encrypted. The opposite is “Red” which refers to
unencrypted information.
unencrypted information.
Common Key Encryption Key (CKEK) - This is a KEK common to a group of
subscriber units which share the same encryption. These keys can be the DES or AES
type. The use of a common key allows the subscriber units to be rekeyed by the KMF
using one Key Management Message in some circumstances by addressing the KMM to a
group RSI. Refer to “KEK” for more information.
subscriber units which share the same encryption. These keys can be the DES or AES
type. The use of a common key allows the subscriber units to be rekeyed by the KMF
using one Key Management Message in some circumstances by addressing the KMM to a
group RSI. Refer to “KEK” for more information.
Common Key Reference (CKR) Group - Same as Storage Location Number (SLN).
Crypto Group - A group of up to 16 keysets containing the same type of keys (either TEK
or KEK). Although a crypto group can contain up to 16 keysets, only two are normally
used. Only one keyset in a crypto group is active at a time. EFJohnson radios currently
support only one crypto group: for TEKs, crypto group 0.
or KEK). Although a crypto group can contain up to 16 keysets, only two are normally
used. Only one keyset in a crypto group is active at a time. EFJohnson radios currently
support only one crypto group: for TEKs, crypto group 0.
Cryptographic Variable - The variable used by a cryptographic algorithm to encrypt a
message. Also called a “key”.
message. Also called a “key”.
Key - A variable used by a cryptographic algorithm to encrypt voice or data. Also called
“Cryptographic Variable”. Keys are identified by their Algorithm ID and Key ID values.
“Cryptographic Variable”. Keys are identified by their Algorithm ID and Key ID values.