This Standard specifies technical specifications and requirements of police digital trunking communication system in such aspects as authentication, air interface security and end to end security etc.
This Standard is applicable to the construction and application of security encryption subsystem of police digital trunking communication system.
2 Normative References
The following documents for the application of this document are essential. For dated reference, only the edition cited applies. For undated reference, the latest edition of the normative document (including any amendments) applies.
GA/T 1056-2013 Police Digital Trunking Communication System - General Technical Specifications
GA/T 1057-2013 Police Digital Trunking Communication System - Technical Specifications for Physical Layer and Data Link Layer of Air Interface
GA/T 1058-2013 Police Digital Trunking Communication System - Technical Specifications for Call Control Layer of Air Interface
3 Terms, Definitions and Abbreviations
3.1 Terms and Definitions
For the purposes of this document, terms and definitions defined in GA/T 1056-2013, GA/T 1057-2013 and GA/T 1058-2013 as well as the following ones apply.
3.1.1
Authentication
The process to verify the identity legality of the communication participant.
3.1.2
Stun
The process to temporarily disable the mobile station via air interface signaling.
3.1.3
Revive
The process to lift the ban of the stun mobile station via air interface signaling
3.1.4
Kill
The process to permanently disable the mobile station via air interface signaling; the killed mobile station can't be lifted the ban via air interface signaling.
3.1.5
Authentication centre
The security entity responsible for authentication with mobile station.
3.1.6
Authentication key
The key used in the process of authentication.
3.1.7
Random challenge
The random number generated during the authentication of the authentication centre and the mobile station.
3.1.8
Sequence number
Information used to avoid replay or attack between the authentication centre and the mobile station in the process of authentication.
3.1.9
Stun/kill/revive token
The security acknowledgement code of the trunked station for stun/kill/revive operation of the mobile station.
3.1.10
Synchronization random challenge
The random number generated during the authentication sequence number synchronization operation of the authentication centre and the mobile station.
3.1.11
Synchronization token
The security acknowledgement code that the mobile station synchronizes the authentication sequence number to the authentication centre.
3.1.12
Authentication cryptographic algorithm
The cryptographic algorithm used by the authentication centre and the mobile station in the process of authentication.
3.1.13
Air interface security
A security mechanism for protection of the information transmitted via wireless channel between the mobile station and the trunked station, including air interface encryption and integrity protection.
3.1.14
Air interface cipher key
The keys used in the air interface security, including derived cipher key DCK, broadcast cipher key BCK, common cipher key CCK, group cipher key GCK and static cipher key SCK etc.
3.1.15
Air interface cryptographic algorithms
The cryptographic algorithm used by the base station and the mobile station in the process of air interface encryption.