Encryption Key

[DeoVindice]

not familiar with KVL, is this:

1. Encrypted key for transport ? if so how is the encryption layer removed to get ingested in the radio for usage ?
2. Or maybe radio system work on asymmetric (public / private key) key making the radio toward base station only readable by the base and base toward radio readable by all radio ?
3. or a derivate of the Diffie-Hellman key exchange protocol instruction to actually get the derivate key over the air ?

KVL: Key Variable Loader. It's a physical device used to load encryption keys (usually TEK - Traffic Encryption Keys) into the radio's memory. In the case of OTAR, there is an additional KEK (Key Encryption Key) used to secure the over-the-air data packets which then contain the new TEKs.

 

[Pape]

KVL: Key Variable Loader. It's a physical device used to load encryption keys (usually TEK - Traffic Encryption Keys) into the radio's memory. In the case of OTAR, there is an additional KEK (Key Encryption Key) used to secure the over-the-air data packets which then contain the new TEKs.

What control is in place in the KVL to prevent un-authorize read of the key ?

 

[N4DES]

A tech programming a radio, doesn't need physical access to keys at all. They can be loaded into a KVL, then loaded into the radio with out the tech ever seeing the key.

Or the radio can initially be loaded with a UKEK (that only has that in it), authorized into a KMF (assuming there is one in service), and then keyloaded remotely. The technician will have no access to the key material at all.

 

[N4DES]

What control is in place in the KVL to prevent un-authorize read of the key ?

Once the key is created and saved into a KVL there is no way to show the key on the display's device. That would be a FIPS violation if it were possible.

 

[ogppc]

For a device to have FIPS certification it must be tamperproof, thus the "module" which has physical security hardware to prevent one from probing it and extracting the key. If an agency wishes to write down the key variable onto a notepad and hand it to someone to enter into a modified scanner, they are opening up a can of worms as far as the overall security of the network. With OTAR and even with KVL's, once entered, the key variable cannot be read out/ There are even provisions to create a randomized key variable without a human typing one in. So the concept of a software device to allow one to manually enter the key variable, while possible, is not a recommended practice. I don't know how Unication accomplishes this with their third party software, but hope it has been scrutinized for leaks.

FIPS certification is also able to be achieved in software. When I was implementing a MDC system for my city a specific software VPN was requested by DOJ to be used for CLETS and NCIC certification. The VPN portion was FIPS certified and accepted by both CA State and Federal DOJ.

 

[Pape]

Once the key is created and saved into a KVL there is no way to show the key on the display's device. That would be a FIPS violation if it were possible.

There no magic en encryption, at one time or a other you need to be in possession of the key. This key can take many forms but you need to have access to it or the only thing you have is a paperweight.

 

[kayn1n32008]

not familiar with KVL, is this:

1. Encrypted key for transport ? if so how is the encryption layer removed to get ingested in the radio for usage ?

KVL, Key Variable Loader. It's the device that loads the TEK(Traffic Encrytion Key)into the radio. It's done via a cable directly attached to it, usually through the mic port(mobile) or accessory port(portable)

1. Or maybe radio system work on asymmetric (public / private key) key making the radio toward base station only readable by the base and base toward radio readable by all radio ?

No. LMR encryption is symmetric. Same key is used in both directions. Generally, PS LMR is designed to be end to end encrypted. At no point between the console and subscribers, or between subscribers is the encrypted payload decrypted and transported in clear 'text'

1. or a derivate of the Diffie-Hellman key exchange protocol instruction to actually get the derivate key over the air?

The only time keys are sent over the air, is during OTAR(Over The Air Rekeying) and it uses a specific key called the UKEK(Universal Key Encryption Key)

On a properly managed system with proper encryption management, only the UKEK is loaded into a subscriber radio when doing its programming. It is then OTAR'd and TEK's are loaded via the KMF(Key Management Facility) on the network, over the air.

This ensures the risk of key material disclosure is minimized.

The ONLY time a radio should need to be touched again is if the radio is zeroized, intentionally if inhibited, the UCM/MACE I tampered with or unintentionally by the user ****ing around with their radio.

 

[kayn1n32008]

There no magic en encryption, at one time or a other you need to be in possession of the key. This key can take many forms but you need to have access to it or the only thing you have is a paperweight.

Not entirely true. Keys can be generated by a KVL or KMF and put into a radio with out a person ever actually seeing the key material as clear text. Proper random key creation is never done by a human. It needs to be done by a random number generator.

 

[kayn1n32008]

For contrast, over here public safety radio are handle by generic commercial entity and the tech do have the key.

I doubt they have the key, more likely they have a KVL with a UKEK to load into subscriber radios when commissioning them, then they are OTAR when first turned on. Assuming you are using a P25 trunking system.

 

[N4KVL]

FIPS certification is also able to be achieved in software. When I was implementing a MDC system for my city a specific software VPN was requested by DOJ to be used for CLETS and NCIC certification. The VPN portion was FIPS certified and accepted by both CA State and Federal DOJ.

FIPS certification is also able to be achieved in software. When I was implementing a MDC system for my city a specific software VPN was requested by DOJ to be used for CLETS and NCIC certification. The VPN portion was FIPS certified and accepted by both CA State and Federal DOJ.

But was the FIPS certification able to be achieved in software?

 

[N4DES]

There no magic en encryption, at one time or a other you need to be in possession of the key. This key can take many forms but you need to have access to it or the only thing you have is a paperweight.

I've been doing key management for over 3 decades and you can be fully secure and never have any form of the key and do everything remotely. That's how the Feds do it across the nation. As long as the radio has the UKEK and in range of the KMF it never has to be touched by a KVL ever again.

 

[Pape]

KVL, Key Variable Loader. It's the device that loads the TEK(Traffic Encrytion Key)into the radio. It's done via a cable directly attached to it, usually through the mic port(mobile) or accessory port(portable)

No. LMR encryption is symmetric. Same key is used in both directions. Generally, PS LMR is designed to be end to end encrypted. At no point between the console and subscribers, or between subscribers is the encrypted payload decrypted and transported in clear 'text'

The only time keys are sent over the air, is during OTAR(Over The Air Rekeying) and it uses a specific key called the UKEK(Universal Key Encryption Key)

On a properly managed system with proper encryption management, only the UKEK is loaded into a subscriber radio when doing its programming. It is then OTAR'd and TEK's are loaded via the KMF(Key Management Facility) on the network, over the air.

This ensures the risk of key material disclosure is minimized.

The ONLY time a radio should need to be touched again is if the radio is zeroized, intentionally if inhibited, the UCM/MACE I tampered with or unintentionally by the user ****ing around with their radio.

So the UKEK is the key required to open the OTAR key. I was expecting the Radio to start with a valid system key and be rekey on the old key and so on. So now curious, is the UKEK encrypted for transport ? if so how is the container open for installation ?

 

[kayn1n32008]

So the UKEK is the key required to open the OTAR key.

Just to be clear, OTAR(Over The Air Re-key) is an optional function of the network to re-key radios.

Any network operator, that takes comms security serious, will have a KMF, and require the subscribers that use encryption, to be capable of OTAR(It is a paid option for all subscriber manufacturers).

The KMF/Infrastructure encrypts the keys using the UKEK, that also resides in the KMF, before they are sent over the air.

When the radio receives the encrypted key data from the KMF, over the air, it is decrypted using the UKEK in the radio.

Neither the UKEK nor the new TEK's are ever sent as clear text over the air. The UKEK is also a unique key, different from all other keys. This ensures the TEK's are kept as secure as possible, minimizing the risk of disclosure in clear text.

I was expecting the Radio to start with a valid system key and be rekey on the old key and so on.

In L3Harris VIDA P25 trunk systems, the 'system key' is used for encrypted SAID talkgroup patches.

OTAR does not use the TEK for re-keying. It uses the UKEK. So as long as the UKEK is not changed, it IS the 'old' key.

To initially load TEK's into a radio via OTAR, you MUST have a UKEK loaded into the radio. To load a UKEK and keep it from being in clear text, you need to load it from a KVL, that is physically connected to the radio.

So now curious, is the UKEK encrypted for transport ? if so how is the container open for installation ?

The UKEK is loaded from a KVL into the radio via a physical cable connection. It is not sent over the air.

 

[kayn1n32008]

What control is in place in the KVL to prevent un-authorize read of the key ?

The KVL is designed to not let the key be read or displayed. Only the CKR/KID. Physical access control, an auditable access 'paper' trail, limiting the number of people that have access to the KVL to the absolute minimum and vetting of employees that do have access, are all a part of keeping the key material secure.

 

[RFI-EMI-GUY]

But was the FIPS certification able to be achieved in software?

If it were an end point (with key loaded) like a radio or console DIU it would certainly need the hardware certified against tampering. Network equipment would not require HW tamper proof.

 

[Pape]

Just to be clear, OTAR(Over The Air Re-key) is an optional function of the network to re-key radios.

Any network operator, that takes comms security serious, will have a KMF, and require the subscribers that use encryption, to be capable of OTAR(It is a paid option for all subscriber manufacturers).

The KMF/Infrastructure encrypts the keys using the UKEK, that also resides in the KMF, before they are sent over the air.

When the radio receives the encrypted key data from the KMF, over the air, it is decrypted using the UKEK in the radio.

Neither the UKEK nor the new TEK's are ever sent as clear text over the air. The UKEK is also a unique key, different from all other keys. This ensures the TEK's are kept as secure as possible, minimizing the risk of disclosure in clear text.

In L3Harris VIDA P25 trunk systems, the 'system key' is used for encrypted SAID talkgroup patches.

OTAR does not use the TEK for re-keying. It uses the UKEK. So as long as the UKEK is not changed, it IS the 'old' key.

To initially load TEK's into a radio via OTAR, you MUST have a UKEK loaded into the radio. To load a UKEK and keep it from being in clear text, you need to load it from a KVL, that is physically connected to the radio.

The UKEK is loaded from a KVL into the radio via a physical cable connection. It is not sent over the air.

So the UKEK is created from the KVL therefore I assume the UKEK is an encrypted version of the KVL ?
If it is the case how does the radio remove that encryption to be able to install the KVL so it can participate to the encrypted network ?

 

[MTL_Emergencies]

I understand that the UKEK is to decrypt the OTA message containing the TEK, but there must be someone who writes the TEK into the KMF to be sent out? Or the KMF can be programmed to generate random keys (without user intervention) and send them out OTA?

 

[kayn1n32008]

So the UKEK is created from the KVL therefore I assume the UKEK is an encrypted version of the KVL ?
If it is the case how does the radio remove that encryption to be able to install the KVL so it can participate to the encrypted network ?

The KVL is a Key Variable Loader. It is a physical hardware device with a human interface.


The KVL3000 is a much older KVL

The above is a newer, but still older KVL4000.

The above is Motorolas newest KVL the KVL5000.

The KVL is used to load the UKEK into the subscriber radio.

The KVL stores the key(s) and key loads subscriber radios.

 

[kayn1n32008]

I understand that the UKEK is to decrypt the OTA message containing the TEK, but there must be someone who writes the TEK into the KMF to be sent out? Or the KMF can be programmed to generate random keys (without user intervention) and send them out OTA?

While I imagine a KMF can be programmed to auto generate keys, it likely requires a person to tell it to generate keys.

It requires a person to tell it to send the keys to a subscriber. This is done by having a button set to OTAR, and it needs to be initiated by the subscriber user. A KMF will never randomly send keys to a subscriber.

The radio it is sending keys to MUST be provisioned to be able to ask the KMF to re-key it. It also MUST have the correct UKEK to be re-keyed.

 

[Pape]

While I imagine a KMF can be programmed to auto generate keys, it likely requires a person to tell it to generate keys.

It requires a person to tell it to send the keys to a subscriber. This is done by having a button set to OTAR, and it needs to be initiated by the subscriber user. A KMF will never randomly send keys to a subscriber.

The radio it is sending keys to MUST be provisioned to be able to ask the KMF to re-key it. It also MUST have the correct UKEK to be re-keyed.

Ya getting mix up in the acronym.
The questions is all about the inherent chicken and egg situation associated with private key distribution and storage. At some point the key need to be in the clear for use. There is a great deal of technique and work around in that. For instance the UKEK store the key. For security reasons I would encrypt the key for transport or the key can be extracted from the transport device by anyone gaining access to it. Ok so if the key is encrypted how is the radio access it for use ? Is the operators require to enter a code to unlock the key for operation? Or the key is simply decrypted when transfer from the UKEK to the radio? And if it the case how is the key unlock for transfer and by who ? The technician? The security guard with the technician?
As I mentioned crypto is a chicken and egg thing.