Study On End-to-End Encryption And Key Management Mechanisms Of Digital Trunking System

With the rapid development of economics and accelerated urbanization process, the requirement to efficiently handle emergency incidents is ever increasing, however, most digital trunking systems over the country are isolated from others, far from connecting with each other to form a universal network, so digital trunking network has broad development prospects. Since the transmission medium includes electromagnetic waves in the open air, mobile communication system faces more complex security threats, and the users make more stringent requirements for digital trunking system because of its specific uses. Digital trunking system needs to provide reliable mechanisms to protect users'information against potential attacks. End-to-end encryption is the perfect mean to provide secure delivery of information. The sender and receiver share a common key, and after the sender encrypts the information, the cipher text will not be decrypted on the transmission link until it arrives at the right receiver. As long as the key is not disclosed, end-to-end encryption is the most secure manner to transmit confidential information. End-to-end encryption in digital trunking system is much more complicated as the most used service is group communication between multiple users, and the mobilization of terminals increases the difficulty because terminals probably move out of the network coverage and could not get the encryption key updated in time.In this paper, the end-to-end encryption and key management mechanism of digital trunking system are studies; in addition, the end-to-end encryption key management system in offline mode that can generate, distribute and update all kinds of keys are implemented. The main work includes:1. Active attacks and passive attacks on system infrastructure and users are analyzed, and the importance of end-to-end encryption in digital trunking system is pointed out; basic principles of end-to-end data and voice encryption are studied respectively, as well as synchronization mechanism.2. The requirements in every phase of end-to-end key management is studied; existing group key management schemes are classified, and typical schemes of every category and their features are introduced; the critical techniques used in the end-to-end encryption key management scheme in digital trunking system are studied.3. According to the specifications of TETRA end-to-end encryption recommendation, the processing procedures of the key management center that works in offline mode are detailed designed, including management of mobile stations, addition and removal of associations, generation of OOB files and etc. Based on these procedures as well as the design of the architecture and modules of the system, the key management center is implemented, then its functions and features are introduced, and finally the OOB files generated by the key management center are verified by simulating terminals.