The TIA-102 suite of documents describes the interfaces associated with a system for public safety land mobile radio communications. These systems include subscriber units, base stations and other fixed equipment. The term Subscriber Unit (SU) includes portable radios for handheld operation and mobile radios for vehicular operation. The base stations are used for geographically fixed installations. Other fixed equipment is used for wide area operation and console operator positions. Computer equipment may be used to interface between each of these equipment items. A Common Air Interface (CAI), defined in [4], allows these SUs to send and receive digital information over a radio channel.

Many of the parts of a public safety Land Mobile Radio (LMR) communications system use encryption to protect the information which is sent through the system. The encryption algorithms require keys in order to protect the confidentiality of this information. The process by which these encryption keys are generated, stored, protected, transferred, loaded, used and destroyed is known as key management. These keys shall be protected from inadvertent disclosure and require updating or replacement in order to maintain system security. Key distribution is often accomplished manually. However, the most convenient way to distribute keys is to electronically send the keys from a key management facility to the destination equipment. This involves sending keys over the CAI and this procedure is referred to as Over-The-Air-Rekeying (OTAR). OTAR is a method of encrypting and sending the encryption keys and other related key management messages through the CAI in such a way that they are protected from inadvertent disclosure and, in some cases, unauthorized modification.

This document defines the Over-The-Air-Rekeying protocol, messages and procedures designed to promote interoperability between various pieces of compliant radio equipment, regardless of manufacturer.

The scope of this document is to address methods of OTAR and associated over the air key management functions in a multi-key system. The primary objective of this document is to enable subscriber units and systems which conform to this document to be interoperable to the extent that keys can be passed via the CAI between communicating units and encrypted communications can result. It is a further objective that conformance to this document shall enable the interoperability of subscriber units and systems provided by different vendors, and operated by different agencies. This enables effective and reliable intra-agency and inter-agency encrypted communications over the air. This is in conformance to the Statement of Requirements.

Reference [5] defines a set of Algorithm ID values for encryption algorithm interoperability such that encrypted messages, either voice or data, can be encrypted and decrypted consistently between endpoints. Interoperability is obtained by using the standardized encryption algorithms identified by those Algorithm IDs. Conversely, the use of non-standardized or proprietary Algorithm IDs shall not be deemed as interoperable. Therefore, the use of the OTAR protocol to exchange keys for non-standardized or proprietary Algorithm IDs shall preclude compliance with this document for those messages carrying non-standardized or proprietary Algorithm IDs.

Figure 1 shows system elements which may include key management functions (such as, portable or mobile radios, RF system gateways, RF system controllers and consoles) that should be compatible with the core OTAR functions. OTAR functions include the encryption of keys to maintain their confidentiality and integrity during transmission. Encryption of keys while in storage and during transit helps maintain overall system security and confidentiality. Integrity of keys is required to prevent unauthorized insertion, deletion, or modification of keys.

Keys are managed by a Key Manager function which is included in a Key Management Facility (KMF). This KMF system element maintains a link through a system's infrastructure to an Um air interface as defined in the General System Model. The KMF performs most of its functions through the exchange of Key Management Messages (KMMs) with other system elements. Figure 1 shows a typical (example) placement of the KMF. The KMF functionality may also reside in other system elements, such as, the console or a network management controller. The protocols for these interfaces are not defined and are beyond the scope of this document. Multiple KMFs may exist within one RF sub-system concurrently.

The Phase 2 TDMA standard defines a new air interface reference point designated as Um2. This interface conveys encrypted voice messages encrypted with the same algorithms and keys as the Um interface. The initial version of Um2 does not define packet data transmissions, so the OTAR functions are to be conveyed through the Um interface to subscriber units.