TETRA — a standard open to all.
Ovchinnikov Andrey Mikhailovich
TETRA — A STANDARD OPEN TO ALL
The activities of law enforcement agencies and public safety services today cannot be imagined without the use of mobile radio communication systems, among which trunking systems have recently become the most popular.
These systems allow the construction of branched departmental communication networks with a high level of services provided over large areas, while maintaining the ability to organize group connections of subscribers, which is the main mode of communication for law enforcement agencies.
Increased requirements of public safety services and law enforcement agencies for the efficiency, reliability and security of communications, the availability of special services force them to pay special attention to digital trunking radio communication systems, which have significant advantages over analog ones in the listed indicators.
A number of digital trunking communication standards were specially created for law enforcement agencies. These include:
- EDACS Aegis, developed by Ericsson in accordance with a closed proprietary protocol that takes into account the security requirements of a number of law enforcement agencies (document APS 16);
- APCO 25, developed by the Association of Officials of Public Safety Communications (mainly the USA);
- Tetrapol, created by the French company Matra Communication for the national gendarmerie;
- TETRA, developed by the European Telecommunications Standards Institute (ETSI) to meet the requirements of the Association of European Police.
According to many experts, the TETRA standard has the best prospects for conquering both the European and world markets for digital trunked radio communication systems. This opinion is based primarily on the status of this standard as “open”, which implies compatibility of equipment from different manufacturers. Access to TETRA specifications is free for all interested parties that have joined the association “Memorandum of Understanding and Assistance to the TETRA Standard” (MoU TETRA). The association unites developers, manufacturers, test laboratories and users from different countries.
According to the MoU TETRA organization, the TETRA standard is supported by many leading manufacturers of mobile radio communication equipment. By the end of 1998, 67 organizations from 19 countries, and not only European ones, had joined the MoU TETRA. The list of manufacturers of equipment of the standard is presented in Table 1.
Table 1.
| Manufacturer | Basic equipment | Subscriber radio equipment | Dispatcher consoles | Test equipment |
| Cleartone | · | |||
| DeTeWe | · | · | ||
| ETELM | · | |||
| GEC-Marconi | · | · | · | |
| ICOM | · | |||
| Kenwood | · | |||
| Marconi Instruments | · | · | ||
| Maxon | · | |||
| Motorola | · | · | · | |
| Nokia | · | · | · | |
| OTE | · | · | · | |
| Rohde & Schwarz | · | · | · | |
| Simoco | · | · | · | |
| Tait | · | · | · | |
| Teltronic | · | |||
| Uniden America | · | · |
The most well-known systems are those of Nokia (Nokia TETRA), Motorola (Dimetra), and OTE (ELETTRA). Today, real TETRA networks operate in the UK on the island of Jersey (police), in Norway (airport), in Finland (energy company), and there are projects to create large trunking radio networks in the UK, Norway, Denmark, and Hungary.
The largest project is the Finnish Ministry of the Interior, which in December 1997 signed a contract with Nokia to supply equipment for the creation of a special communications network for government agencies, the operator of which will be Telecom Finland. The deployment of the communications network is planned for 1999-2003. The network is designed to serve up to 60,000 subscribers. In addition to the police and rescue service, it will be used by the armed forces, border guards, health and social security departments, the Maritime Administration, the Road Administration, customs and state railways.
Based on the TETRA standard, Dolphin is deploying a national trunking radio network in Great Britain, intended for both public safety services and commercial use.
The TETRA standard radio interface assumes operation in a standard frequency grid with a step of 25 kHz.The required minimum duplex spacing of radio channels is 10 MHz. For TETRA standard systems, frequency ranges from 150 to 900 MHz can be used, but in reality in European countries, the ranges of 380-385/390-395 MHz are assigned to security services, and for commercial organizations, the ranges of 410-430/450-470 MHz and 870-876/915-921 MHz are provided.
Among the specified standards, TETRA is the only one that uses the method of multiple access with time division (TDMA) of communication channels (TDMA — Time Division Multiple Access). Up to 4 independent time (information) channels can be organized on one physical frequency, which allows for negotiations on a radio channel simultaneously with data transmission.
Messages are transmitted in multiframes lasting 1.02 s. A multiframe contains 18 frames, one of which is a control frame. A frame lasts 56.67 ms and contains 4 time slots. Each time slot transmits information from its own time channel. A time slot is 510 bits long, of which 432 are informational (2 blocks of 216 bits).
TETRA standard systems use relative phase modulation of the p /4 type — DQPSK (Differential Quadrature Phase Shift Keying). The modulation rate is 36 kbps.
The standard uses a codec with a CELP (Code Excited Linear Prediction) conversion algorithm to convert speech. The digital flow rate at the codec output is 4.8 kbps. Digital data from the speech codec output undergo block and convolutional coding, interleaving and encryption, after which information channels are formed. The throughput of one information channel is 7.2 kbps, and the digital information flow rate is 28.8 kbps. (The total symbol rate in the radio channel, due to additional service information and a control frame in a multiframe, corresponds to the modulation rate and is 36 kbps.)
The TETRA standard specification does not impose any restrictions on the communication network architecture. Due to the modular design principle, various configurations of communication networks with different geographic extents can be implemented. TETRA standard networks assume a distributed control and switching infrastructure that ensures fast call transmission and maintaining local system operability in the event of failure of its individual elements. To increase service areas, the TETRA standard provides for the possibility of using subscriber radio stations as repeaters.
A TETRA standard system can operate in the following modes:
- trunking communication;
- with an open channel;
- direct communication.
In the trunking communication modethe serviced area overlaps with the coverage areas of base transceiver stations. The TETRA standard allows building systems with both a dedicated frequency control channel and a distributed one. When a communication network operates with a dedicated control channel, transceiver stations provide subscribers with several frequency channels, one of which — the control channel — is specifically intended for exchanging service information. When a network operates with a distributed control channel, service information is transmitted either in a specially dedicated time channel (one of 4 channels organized on one frequency), or in a control frame of a multiframe (one of 18).
In open channel modea group of users has the ability to establish a point-to-point connection without any setup procedure. Any subscriber who joins the group can use this channel at any time. In open channel mode, radio stations operate in a two-frequency simplex.
In direct (direct) communicationbetween terminals, point-to-point and multipoint connections are established via radio channels not associated with the network control channel, without transmitting signals through base transceiver stations.
In TETRA standard systems, mobile stations can operate in the so-called “Dual Watch” mode, which ensures the reception of messages from subscribers operating in both trunking and direct communication modes.
The main functions of network services or network procedures are provided by standardized services TETRA. The set of network procedures used for a specific network is determined by the operator.
The main network procedures include registration of mobile subscribers and roaming (the procedure of assigning a subscriber to one or more base stations and ensuring the ability to move from zone to zone without losing communication), re-establishment of communication (ensuring the ability of the network to replace the base station used by the subscriber in the event of deterioration in communication conditions), subscriber authentication (establishing the authenticity of subscribers), subscriber disconnection/connection(the procedure for disconnecting (connecting) a subscriber from (to) a network on his initiative), disconnecting a subscriber by a network operator (the procedure for blocking the operation of a subscriber terminal by a network operator), data flow control (ensuring the ability of the network to switch to itself the data flow directed to a specific subscriber).
TETRA provides users with a number of additional services.
Along with the standard services for many trunking radio communication systems such as call forwarding, subscriber number identification, call holding, etc., the following services have been introduced into the standard specifically at the request of the Association of European Police (Schengen Group), which cooperates with the ETSI technical committee:
- call authorized by the dispatcher (a mode in which calls are received only with the dispatcher's approval);
- priority access (in case of network congestion, available resources are assigned in accordance with the priority scheme);
- priority call (assignment of calls in accordance with the priority scheme);
- selective listening (interception of an incoming call without affecting the work of other subscribers);
- remote listening (remote activation of a subscriber radio station for transmission in order to listen to the subscriber's situation);
- dynamic regrouping (dynamic creation, modification and deletion of user groups).
An important factor in the attractiveness of the TETRA standard for law enforcement agencies is the carefully developed system for ensuring communication security.
The TETRA standard provides two levels of security for transmitted information:
- a standard level using radio interface encryption (provides a level of information protection similar to the GSM cellular communication system);
- high level, using end-to-end encryption (from source to recipient).
The radio interface protection tools of the TETRA standard include mechanisms for subscriber and infrastructure authentication, ensuring traffic confidentiality through the flow of pseudonyms and specified encryption of information. Certain additional information protection is provided by the ability to switch information channels and control channels during a communication session.
A higher level of information security is a unique requirement for special user groups.
End-to-end encryption ensures the protection of speech and data at any point in the communication line between fixed and mobile subscribers. The TETRA standard only specifies the interface for end-to-end encryption, thereby ensuring the possibility of using original information security algorithms.
The main mechanisms for ensuring information security in the TETRA standard are:
- subscriber authentication;
- encryption of information;
- ensuring subscriber privacy.
subscriber authentication is usually understood as a mechanism for verifying the authenticity of a subscriber. Authentication procedures are used to prevent unauthorized use of communication system resources.
The TETRA standard uses a relatively new authentication concept that uses encryption.
The general principle of implementing authentication through encryption is that a password is included in the text of the transmitted message, which is a fixed or data-dependent code that is known to the sender and recipient, or that they can extract during the transmission process.
The recipient decrypts the message and, by comparison, obtains confirmation that the received data is indeed the data of the authorized sender.
To perform the authentication procedure, each subscriber receives a standard electronic subscriber authentication module (SIM card) for the duration of the communication system, which contains a storage device with an individual authentication key recorded in it and a controller that ensures the execution of the authentication algorithm.
With the help of the information stored in the SIM card, as a result of mutual data exchange between the mobile and base stations, a full authentication cycle is performed and the subscriber is allowed access to the network.
The generalized authentication procedure in the TETRA standard is illustrated in Fig. 1.
 |
|
Fig. 1. General scheme of authentication procedure |
The process of verifying the authenticity of a subscriber in a TETRA standard network is carried out as follows.
The base station sends a random number RAND to the mobile station. The mobile station performs an operation on this number, determined by the standard cryptographic transformation TA12 using the individual subscriber identification key K, and forms a response value RES. The mobile station sends this value to the base station. The base station compares the received value RES with the expected result XRES calculated by it using a similar transformation TA12. If these values match, the authentication procedure is completed, and the mobile station is allowed to transmit messages. Otherwise, the connection is interrupted, and the mobile station indicator shows an authentication procedure failure.
It is important to note that during the authentication process, along with the RES value, the so-called Derived Cipher Key DCK is formed based on the random number and the individual subscriber identification key, which can be used later when communicating in encrypted mode.
The described procedure can also be used for authentication of the network by the subscriber. Usually the procedure of authentication of the network by the subscriber is used when the subscriber registers in a certain zone of the communication network, although it can be called at any other time after registration. The combination of both procedures determines mutual authentication of the subscriber and the network.
The generalized authentication procedure described in the previous section has a drawback associated with the need to store individual authentication keys for all subscribers in the base station. If one of the base stations is compromised, a radio forger can gain access to the communication system.
To eliminate this drawback, TETRA standard systems use a hierarchical key system, in which some keys are protected by others. In this case, the authentication process is similar to that shown in Fig. 1, but instead of the authentication key K, the so-called session authentication key KS is used, which is calculated using a cryptographic algorithm from K and some random code RS. Distribution of session authentication keys to base stations is provided by the Authentication Center, which is reliably protected from potential radio disinformers.
The procedure for authenticating mobile subscribers using session keys is shown in Fig. 2.
 |
|
Fig. 2. Scheme of authentication procedure using session keys |
The random sequence generator, which is part of the authentication center, produces a random code RS. Using the RS value and the individual authentication key K, using the TA11 cryptographic algorithm, the authentication center generates and transmits to the base station the session key KS together with the RS code.
The base station generates a random number RAND1 and transmits RAND1 and RS to the mobile station. In the mobile station, the session key KS is initially calculated using the TA11 algorithm, and then the response value RES1 and the dedicated cipher key DCK1 are generated using the TA12 algorithm. The response RES1 is transmitted to the base station, where it is compared with the expected response value XRES1 calculated by the base station. If the received and expected responses match, the authentication procedure is completed, and the mobile station is able to transmit messages.
The subscriber authenticates the network in a similar manner. In this case, the session key KS? is generated using the certified TA21 algorithm, and the response RES2 (XRES2) and the dedicated cipher key DCK2 are calculated using the TA22 algorithm.
To ensure the secrecy of information transmitted over the radio channel, encryption is used. All confidential messages must be transmitted in encrypted mode. Encryption is activated only after the authentication procedure has been successfully completed.
Radio interface encryption is designed to protect speech and data, as well as signaling data.
The TETRA standard uses a stream encryption method, in which the generated pseudo-random key sequence is added bit by bit to the data stream. Knowing the key and the initial value of the pseudo-random sequence, the recipient of the information has the ability to generate the same sequence and decrypt the encoded message while maintaining synchronization between the transmitting and receiving sides.
Stream encryption has a certain advantage over other encryption methods, consisting in the absence of error propagation in a channel with interference, i.e. an error in receiving one bit of the encrypted text also gives only one erroneous bit of the decrypted text and does not lead to several errors.
The following encryption keys can be used to encrypt the radio interface.
- Dedicated Keys
-
- . The above-described dedicated keys (DCK) are used to establish point-to-point communications. Dedicated keys can only be used after successful authentication.
-
- Static keys (SCK — Static Cipher Key). They are one or more (up to 32) specified values that are loaded into the mobile station database, and these values are known to the network. They are used for limited protection of user information signaling signals in systems that operate without explicit authentication.
- Group keys (CCK — Common Cipher Key). They are used to encrypt information during a broadcast call. Group keys are generated in the network and distributed to mobile subscribers via radio channels after the authentication procedure.
Correct synchronization of the encryption key stream is ensured by the frame numbering mechanism and an additional internal counter. Since in TETRA the frame numbers are repeated approximately every 60 s, then during this time the key synchronization can be carried out by means of the frame number.
To extend this time interval, a 16-bit internal counter is used. Concatenation (coupling) of the frame number and the internal counter readings ensures effective synchronization of the key stream. The counter bit depth ensures an increase in the repetition period to 15 days.
For initial synchronization and its restoration, the current state of the counter is transmitted at certain intervals by base stations.
To prevent the determination (identification) of subscribers by intercepting messages transmitted over the radio channel, the TETRA standard uses temporary identification numbers of subscribers.
After the first contact (communication session) of the network with the user, the unique subscriber identification number can be replaced by a temporary one (pseudonym). With each new user registration, the pseudonym can be replaced by a new one. In addition, both the individual and group identification number can be protected by means of radio interface encryption.
Subscriber privacy is also maintained during the subscriber location correction procedure, i.e. when a subscriber moves from zone to zone, the mobile station and the base station exchange service messages containing temporary subscriber identification numbers. This ensures the privacy of number renaming and their ownership by specific subscribers.
The main disadvantage of the TETRA standard is usually the smaller radii of base station service areas compared to systems of other standards, which is associated with the use of temporary division of communication channels and lower power of subscriber radio stations. Hence, as a rule, it is concluded that TETRA systems will be ineffective with low traffic and large communication network areas. This is indeed a reasonable opinion. However, for systems with high communication intensity and a large number of subscribers operating in a limited area (which is typical, for example, for various law enforcement agencies in large cities), the TETRA standard has significant advantages over others. Combined with the advantages of an open standard, TETRA will undoubtedly find its application in many areas of activity.