E F Johnson Company 2425372 Manuel D’Utilisation
Draft
December 2006
5300 ES Series Mobile Radio Operating Manual -13
Key Loader - Any type of device used to load encryption keys into a radio. With OTAR,
this device must be used to provide the initial key loading of a subscriber unit so that it
contains the basic keys needed for OTAR by the KMF. If OTAR is not utilized, is always
used to load encryption keys. All keys stored in the key loader are themselves encrypted.
EFJohnson offers a PDA-based keyloader.
this device must be used to provide the initial key loading of a subscriber unit so that it
contains the basic keys needed for OTAR by the KMF. If OTAR is not utilized, is always
used to load encryption keys. All keys stored in the key loader are themselves encrypted.
EFJohnson offers a PDA-based keyloader.
Logical Link ID (LLID) - An ID transmitted with a data message to identify the
destination of the message.
destination of the message.
Message Number Period (MNP) - The maximum difference between message numbers
that can occur before a message is declared invalid (see Section 11.4.5).
that can occur before a message is declared invalid (see Section 11.4.5).
Over-The-Air-Rekeying (OTAR) - The process of sending new encryption keys over the
air using an RF interface.
air using an RF interface.
Red - Refers to information that is not encrypted. The opposite is “Black”.
Rekey - The process of preparing, sending, and loading encryption keys into a subscriber
unit for current or future use. This may be done over-the-air (OTAR) or by directly
connecting a keyloader to the subscriber unit.
unit for current or future use. This may be done over-the-air (OTAR) or by directly
connecting a keyloader to the subscriber unit.
Radio Set Identifier (RSI) - Subscriber units are programmed with one or more Radio
Set Identifier (RSI) numbers that identify the unit for OTAR purposes. The RSI can be
unique to a individual subscriber unit or unique to a group of subscriber units. An
individual (unit) RSI is always assigned and one or more group RSIs may be assigned.
The individual RSI is typically programmed when the subscriber unit is initially brought
into service. The KMF is also identified by an RSI (KMFRSI) to use as the destination of
any KMMs a subscriber unit originates. The KMMs (Key Management Messages)
generated by the KMF (Key Management Facility) are addressed to a specific RSI.
Set Identifier (RSI) numbers that identify the unit for OTAR purposes. The RSI can be
unique to a individual subscriber unit or unique to a group of subscriber units. An
individual (unit) RSI is always assigned and one or more group RSIs may be assigned.
The individual RSI is typically programmed when the subscriber unit is initially brought
into service. The KMF is also identified by an RSI (KMFRSI) to use as the destination of
any KMMs a subscriber unit originates. The KMMs (Key Management Messages)
generated by the KMF (Key Management Facility) are addressed to a specific RSI.
Storage Location Number (SLN) - A link to a specific key (TEK or KEK) in the active
keyset. The SLN specifies both a crypto group and a key within the keysets in that crypto
group (the first four bits of the SLN are the crypto group ID). SLNs and CKRs are
equivalent terms (see Section 11.2).
keyset. The SLN specifies both a crypto group and a key within the keysets in that crypto
group (the first four bits of the SLN are the crypto group ID). SLNs and CKRs are
equivalent terms (see Section 11.2).
Traffic Encryption Key (TEK) - A key used to encrypt voice or data. The other type of
key is the Key Encryption Key (KEK) which is used to encrypt keys contained in Key
Management Messages. TEKs can be either the AES or DES type.
key is the Key Encryption Key (KEK) which is used to encrypt keys contained in Key
Management Messages. TEKs can be either the AES or DES type.
Unique Key Encryption Key (UKEK) - A KEK unique to a particular subscriber unit.
Refer to “KEK” for more information. These keys can be either the AES or DES type.
Refer to “KEK” for more information. These keys can be either the AES or DES type.
Zeroize - The process of deleting all keys from a compromised subscriber unit to disable
it. To make the unit functional again, the keys must be reloaded by a keyloader.
it. To make the unit functional again, the keys must be reloaded by a keyloader.