Aeroflex 2050T SERIES Specifikace stáhnout pdf (Strana 20)

at MAC and MLE layers. For information on the SYSINFO and

SYNC parameters that can be changed, refer to the 2968 Phase

3.2 manual issue 10, chapter 3 pages 6 to 16; chapter 4 pages 2

to 3; chapter 11 pages 1 to 4.

Section 8 Q&A: Testing mobiles with encryption and

authentication

QQ88..11::

Can I test TETRA mobiles that use encryption and / or

authentication?

AA88..11::

Yes. The IFR 2968 does not test the encryption or authen-

tication aspects, but the mobile functional aspects and RF per-

formance can be tested without using encryption or authentica-

tion. Refer to A8.4 and A8.8 below for further information.

QQ88..22::

Does the IFR 2968 test Air Interface Encryption (AIE) or

End to End encryption (E2E)?

AA88..22::

The IFR 2968 does not support either form of encryption.

The IFR 2968 conforms to TIPv3 Part 1 (Core Services) which

does not support either form of encryption.

QQ88..33::

Will the IFR 2968 support encryption in a future upgrade?

AA88..33::

IFR currently has no plans to support encryption in the IFR

2968. The architecture of the IFR 2968 Radio Test Set does not

provide for a secure embodiment of the security keys and algo-

rithms. Implementing encryption algorithms and security keys

within the Test Set would be an unacceptable breach of the

requirement of the SFPG (Security and Fraud Prevention Group)

to keep these secure. IFR would not be in a position to undertake

the necessary security measures associated with handling the

encryption keys and algorithms.

QQ88..44::

How can I test a TETRA mobile that uses encryption?

AA88..44::

TETRA mobiles are only able to use encryption if both the

mobile and the network (or test set) support encryption, and if the

network (or test set) permits its use. TETRA mobiles that are not

able to use encryption attempt operation in clear. The system

information generated by the IFR 2968 indicates to the mobile

that the IFR 2968 does not support encryption and allows the

mobile to operate in clear. Mobiles may be configured to display

warning icons or generate warning beeps to the user when oper-

ating in clear, but this does not prevent them from being tested in

the normal manner.

Encryption (or the lack of it) has no effect on the measurement of

the RF performance, which is the primary purpose of the IFR

2968. The functional tests, and the obtaining of information from

the mobile, can all be performed in clear, thus the only untested

functionality is the additional signalling related to cipher keys and

encryption. In any case, the security keys necessary for using

encryption may be removed from a mobile for security reasons

before it is sent to a third party for test and repair.

QQ88..55::

The IFR 2968 has a setting for "AIR INTERFACE ENCRYP-

TION" - what is this for?

AA88..55::

The menu "SYSTEM SET-UP: SYSTEM PARAMETERS: BASE

SERVICES" allows the user to set the values of the "Base Station

Services" parameters. These are 12 binary flags which indicate to

a TETRA mobile which services are provided by the base station.

One of these is for Air Interface Encryption and it can be set to

"AVAILABLE" even though the IFR 2968 does not support Air

Interface Encryption. Some users wish to have full control of all of

these flags even though the IFR 2968 does not support all of the

services. For normal mobile testing the Base Services flags should

remain set to their factory default values, which indicate the serv-

ices which the IFR 2968 does provide. N.B. these flags are simply

information broadcast to the mobile under test; changing their val-

ues does not alter the functionality of the test set.

QQ88..66::

Can I check that the mobile attempts to perform an

encrypted registration by setting the Base Services "Air Interface

Encryption" flag to "Available"?

AA88..66::

No. The 2968 does not support encryption. It is not possi-

ble for the MS to register or set up a call to the 2968 in encrypt-

ed mode. The control channel information generated by the 2968

makes it clear to the MS that it does not support encryption (sys-

tem code is "no security functions"). If the BS Services AI encryp-

tion field is set to "Available", the MS will look for, but not find, the

cipher key information which it requires in order to use encryp-

tion. Depending on the MS, it may perform a registration in clear,

or it may reject the test set as being unsuitable and indicate that

there is No Service.

For normal MS testing this flag should always be set to "Not

Available".

QQ88..77::

Does the IFR 2968 test Authentication or Mutual

Authentication?

AA88..77::

The IFR 2968 does not test either type of authentication.

QQ88..88::

How can I test a TETRA mobile that uses authentication?

AA88..88::

Normal authentication is initiated by the TETRA network.

The network sends a challenge to the mobile and checks the

response returned by the mobile. The mobile should respond if

challenged, but it should not be upset if it is not sent a challenge

(as is the case with the IFR 2968). The IFR 2968 system informa-

tion indicates that authentication is not supported, hence a TETRA

mobile should not expect to be authenticated by the 2968.

Authentication (or the lack of it) has no effect on the measurement

of the RF performance, which is the primary purpose of the IFR

2968. The functional tests, and the obtaining of information from

the mobile, can all be performed without authentication, thus the

only untested functionality is the additional signalling related to

authentication challenge and response. In any case, the authenti-

cation keys may be removed from a mobile for security reasons

before it is sent to a third party for test and repair.

QQ88..99::

Will the IFR 2968 support authentication in a future

upgrade?

AA88..99::

IFR currently has no plans to support authentication in the

IFR 2968. The architecture of the IFR 2968 Radio Test Set does

not provide for a secure embodiment of the security keys and

algorithms. Implementing authentication algorithms and security

keys within the Test Set would be an unacceptable breach of the

requirement of the SFPG (Security and Fraud Prevention Group)

to keep these secure. IFR would not be in a position to undertake

1 2 ... 15 16 17 18 19 20 21 22 23 24

Komentáře k této Příručce

Žádné komentáře

Aeroflex 2050T SERIES Specifikace Strana 20

Komentáře k této Příručce