Research On The End-To-End Security Mechanism Of Digital Trunked Communication System

Compared with the public mobile communication system, some users of digital trunked communication systems, such as the government and the army, have higher demand of confidentiality, so the trunked communication system needs to support not only authentication, the air interface encryption, but also the end-to-end encryption. The end-to-end encryption ensures the message is encrypted when transmitted to prevent the message from being eavesdropped in the middle part of the transmission link, such as the transmission medium and the transmission network element, providing a high level of confidentiality protection for trunked communication systems’users.The security of end-to-end encryption communication involves the encryption mechanism, encryption algorithm and the security of encryption keys. With the openness of the algorithm, the security of end-to-end encryption mainly depends on the security of encryption keys. Due to the features of group communication and instant messaging of trunked communication systems, existing key management schemes are not suitable for trunked systems. So it is necessary to design specific group key management schemes for trunked systems. This paper focuses on the end-to-end encryption mechanism of trunked communication systems, and the main contents are as follows:1. Discuss the security threats and demands of digital trunked communication systems, analyze the security framework of end-to-end encryption, and mainly studied the implementation of end-to-end voice encryption, data encryption and the key management mechanism, and finally summarize the security demand of the end-to-end group key management.2. Analyze the existing group key management schemes, and according to the characteristics and requirements of the system, such as group communication and the large-scale number of users, design a centralized flat group key management scheme based on the TETRA system, including the key management strategies, key distribution methods and the key updating process, particularly design and develop the key distribution way of OTAK (Over The Air Re-Keying), achieving the automatic distribution of keys when the scale of the number of users is large.3. Put forward a new group key management scheme based on T-OFT, which uses the ternary tree and the one-way function for management and generation of keys. Compared with other schemes, the T-OFT has been greatly improved on the security of keys and lowered the cost of communication and storage.