Managing security on your MOTOTRBO network

MOTOTRBO second generation radios supports 3 levels of privacy (encryption): Basic; Enhanced and AES.

Basic Privacy only provides simple 16 bit scrambling and only offers very  basic protection against eavesdropping. There is only one key and this must be the same in all radios that need to be party to a specific call. Radios which dont have this key will hear garbled audio when another user transmits.

Enhanced Privacy uses the well known ARC algorithm - the key length is 40 bits. It is also possible for the radio to be programmed with multiple keys which can be selected by changing the channel. The key is write only so the key variable must be stored in a safe/secure location.

AES 256 bit provides the highest level of protection of all Motorola Professional and Commercial radios. The radio uses a symmetrical group key which this means that the same keys needs to be programmed in all radios that need to be party to a specific call.

Managing your keys is essential. This means (among other things) that the keys must be updated in the radios on a regular basis. For this, Radio Management and OTAP can be used.

It is also critical to ensure that lost or stolen radios (or radios in the wrong hands) are quickly identified and disabled. Radios which are not in use must be secured and not given to anyone who is not authorized to have this equipment.

Apart from key management and radio asset management, it is also essential to ensure that staff who are handing radio communications equipment can be trusted and are not batting for the other team.

It may also be possible for suitably equipped and authorized Application Partners to develop their own encryption algorithm, on the radio option board using their own chipset, if the level of security provided by AES256 is not enough, or another algorithm is preferred.

No comments:

Post a Comment

Spam comments will be removed and the poster reported to Google.