DANSK DS/ETSI EN 300 175-7 V2.9.1 PDF

The present document is one of the parts of the specification of the Digital Enhanced Cordless Telecommunications (DECT) Common Interface (CI). The present document specifies the security architecture, the types of cryptographic algorithms required, the way in which they are to be used, and the requirements for integrating the security features provided by the architecture into the DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and local network configurations. The security architecture is defined in terms of the security services which are to be supported at the CI, the mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which are associated with these mechanisms. The security processes specified in the present document are each based on one of three cryptographic algorithms: • an authentication algorithm; • a key stream generator for MAC layer encryption; and • a key stream generator plus a Message Authentication Code generator for CCM authenticated encryption. The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed algorithm is specified in the present document. Integration of the security features is specified in terms of the protocol elements and processes required at the Network (NWK) and Medium Access Control (MAC) layers of the CI. The relationship between the security features and various network elements is described in terms of where the security processes and management functions may be provided.