Over-the-air rekeying

Over-the-air rekeying (OTAR) refers to transmitting or updating encryption keys (rekeying) in secure information systems by conveying the keys via encrypted electronic communication channels ("over the air"). [1] It is also referred to as over-the-air transfer (OTAT), or over-the-air distribution (OTAD),[2] depending on the specific type, use, and transmission means of the key being changed. Although the acronym refers specifically to radio transmission, the technology is also employed via wire, cable, or optical fiber.

As a "paperless encryption key system" OTAR was originally adopted specifically in support of high speed data communications because previously known "paperless key" systems such as supported by Diffie-Hellman key exchange, [3] or Firefly key exchange technology [4] (as used in the now obsolete STU-III "scrambled" telephone)[5] were not capable of handling the high speed transmission volumes required by normal governmental/military communications traffic.[6] Now also adopted for civilian and commercial secure voice use, especially by emergency first responders, OTAR has become not only a security technology, but a preferred basis of communications security doctrine world-wide. The term "OTAR" is now basic to the lexicon of communications security.

History

OTAR was operationally introduced to the US Department of Defense via the Navy beginning in 1988. Lieutenant Commander David Winters, an American naval officer in London and code master during the final years of the Cold War,[7] was first to recognize the necessity and security potential of OTAR. In order to exploit the advantages of this technology, he conceived and initiated its first large scale practical application and deployment.[8]

Due to the efficiency and vast cost savings inherent to OTAR, Commander Winters' methods were quickly adopted and spread Navy-wide, following which Vice Admiral J.O Tuttle, Commander of the Navy Telecommunications Command,[9] the Navy "J6", shortly influenced the Joint Chiefs of Staff to bring all the other military services into compliance.[10] In due course, OTAR shortly became the NATO standard.

This coincided with the introduction of newer NSA cryptographic systems that use a 128-bit electronic key, such as the ANDVT, KY-58, KG-84A/C, and KY-75, capable of obtaining new or updated keys via the circuit they protect or other secure communications circuits. Adoption of OTAR reduces requirements both for the distribution of physical keying material and the physical process of loading cryptographic devices with key tapes.

Accordingly, OTAR eliminates the need for individual stations to be involved with physical key changeovers. Instead, electronically transmitted keys would normally come from a network control station (NCS). The OTAT feature permits a key to be extracted from an OTAT-capable cryptographic system using a fill device, such as the KYK-13 or KYX-15/KYX-15A and then loaded ("squirted") into another cryptographic system as needed. Alternatively, encryption systems may also be configured to automatically receive and update code keys with virtually no manual intervention, as is the case for GPS (Geo-Positioning System) navigation satellite signals.

Present and future

Now that OTAR applications have been adapted for civilian emergency service providers and other users requiring enhanced communications security, extensive parallel technology conversion and development have produced commercially viable systems that include end-to-end key generation, distribution, management, and control.[11][12][13][14][15][16][17] Network controllers can remotely, dependably, and securely change encryption keys for an entire network at their discretion. This simplifies and streamlines operations while virtually eliminating risk of compromise. In practical terms, this means users need not bring or return their units for manual updates, nor must technicians visit each user, station, or node to service their units in the field. Further, in the unlikely event that a unit, station, or node is stolen, mimicked, or otherwise compromised, a network controller may:

  • Remotely inhibit access of additional users, stations, or nodes to the network.
  • Remotely and securely enable network access to additional users, stations, or nodes.
  • Remotely "zeroize" or remove a user's, station's, or node's cryptographic key material.
  • Remotely and securely change or update a user’s, station's, or node's cryptographic keys.

Significance

Because introduction of this technology obviated previous requirements for risky, expensive, wide-spread, distribution of paper code keys, it thereby extinguished vulnerability to physical theft and loss as exploited by the infamous "Johnny Walker" spy ring.[18] Elimination of this vulnerability, although little appreciated at the time, was an innovation of inestimable impact. Placing this technology in perspective, OTAR comprised a transformation at the most basic foundations of communications security such that through the decades since introduction of OTAR, not a single new breach of US code systems has occurred. Introduction of OTAR technology into practical application precipitated NSA creation of the Electronic Key Management System (EKMS) which permanently altered the power balance in communications security and espionage. Recent declassification of the details relating to its introduction may be expected to now become the subject of more scholarly work.[19]

Vulnerabilities

Vulnerabilities due to accidental, unencrypted “In the clear” transmissions have been demonstrated with systems incorporating OTAR as implemented in Project 25 Digital Mobile Radio Communications Standards.

References

  1. NAG-16C/TSEC.U.S. Navy, Information Systems Technician Training Series
  2. http://www.gps.gov/multimedia/presentations/2015/04/partnership/tyley.pdf
  3. See Diffie–Hellman key exchange
  4. See Firefly (key exchange protocol)
  5. See STU-III
  6. [Creation of OTAR] "echoed some of the objectives of my own development of public key cryptography..." Letter from Whitfield Diffie, Turing Award Winner, to Vice Admiral Sean Buck, Superintendent, United States Naval Academy, Annapolis, MD, August 6th, 2020
  7. Also see STU-III and John Anthony Walker
  8. Navy Award Citations for Lieutenant Commander David D. Winters, dtd. 15 May 1992, 3 August 1992, and 26 August 1994,
  9. See Jerry O. Tuttle
  10. (U) American Cryptology During the Cold War (1945-1989), (U) Book IV, Cryptologic Rebirth, 1981-1999, by Thomas R. Johnson, Center For Cryptologic History, National Security Agency, pp 40-41.
  11. Sandy Clark; Travis Goodspeed; Perry Metzger; Zachary Wasserman; Kevin Xu; Matt Blaze (8–12 August 2011). Why (Special Agent) Johnny (Still) Can’t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System (PDF). 20th USENIX Security Symposium. USENIX Association.
  12. https://www.hsdl.org/?view&did=455597 Saving Lives and Property Through Improved Interoperability: Introduction to Encryption Key Management for Public Safety Radio Systems, October 2001, Public Safety Wireless Network Program
  13. https://www.ncjrs.gov/pdffiles1/nij/224791.pdf JAN. 09 U.S. Department of Justice, Office of Justice Programs, National Institute of Justice, TOWARD CRIMINAL JUSTICE SOLUTIONS, Over-the-Air (OTA) Communications, Improvements for Police Departments, JAN 09
  14. http://www.vsp.state.va.us/downloads/STARSContract/Appendix%2005%20-%2032%20-%20Encryption%20Info%202%20KMF.pdf Specification Sheet, KMF, Key Management Facility
  15. http://www.relmservice.com/manuals/bk/otar_setup.pdf OTAR CHECK LIST
  16. https://www.manualslib.com/manual/617020/E-F-Johnson-Company-5300-Series.html?page=64 E.F. Johnson Company 5300 SERIES Operating Manual: Otar (over-the-air Rekeying); Introduction; Encryption Key Types; Keysets
  17. http://cs.oswego.edu/~kbashfor/isc496/projects/p25/Kyle_Bashford_Project_25.pdf Project 25 (P25/APCO-25) Radio by Kyle Bashford (ISC 496 Fall 2014)
  18. See John Anthony Walker.
  19. OVER THE AIR REKEYING, A ROGUE SECURITY REVOLUTION, oral presentation by David Winters, Symposium for Cryptologic History, Applied Physics Laboratory, Johns Hopkins University, 19 October 2017, (referenced with permission of author).
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.