thewraith2008
Member
- Joined
- Nov 22, 2016
- Messages
- 1,857
I found the follow quote in the standards in relation to the encryption of the SSI (element of the Layer 2 MAC) for encrypted PDUs.
The following would seem to indicate that the SSI is always encrypted for encrypted PDUs.
Latest version (v1.7.0.0) can be found here: Release post
The following would seem to indicate that the SSI is always encrypted for encrypted PDUs.
ETSI EN 300 392-7 V3.4.1 said:4.2.6 Encrypted Short Identity (ESI) mechanism
The ESI mechanism shall provide a means of protection of identities transmitted over the air interface. It operates in
addition to, or as a replacement for, the Alias Short Subscriber Identity (ASSI) mechanism described in ETSI
EN 300 392-1 [1], clause 7.
NOTE 1: In standard TETRA addressing no alias addresses are associated with a group address in the home system.
The ESI mechanism provides such an alias within a location area for all address types.
NOTE 2: The broadcast address as defined in ETSI EN 300 392-1 [1] is a reserved value of the group address so
ESI applies to it.
This clause describes a mechanism that allows the encryption of the SSI segment of addresses used by layer 2. The
event label and usage marker shall not be encrypted by this mechanism. USSI and SMI shall not be encrypted by this
mechanism. The mechanism is valid only for networks with air interface encryption applied. The mechanism shall be
integrated with the use of CCK within a location area in cells of security class 3, or with SCK for cells of security
class 2. Whenever encrypted signalling is used, the ESI shall be sent instead of the true identity. The mechanism uses
algorithm TA61 as shown in Figure 4.15.
xSSI are all short addresses valid for the MS (ISSI, GSSI, ASSI, V-ASSI, V-GSSI). The output xESI (IESI, GESI,
AESI, V-AESI, V-GESI) shall be a cryptographic address. Only MSs in a location area with the correct values of CCK
or SCK shall be able to identify messages addressed for their attention.
If the PDU is encrypted ESI shall be used in that PDU The use of signalling for AI encryption management is more
fully described in clause 6.5
Latest version (v1.7.0.0) can be found here: Release post