Warren Systems have designed a TETRA end to end encryption add-on data solution which will provide enhanced security on packet data and SDS messages up to SECRET level.
This is being marketed by TETROL Systems Ltd.
The system called LARES provides multi-bearer capability allowing applications to send secure authenticated messages to servers and to other terminals via the best bearer.
Please contact Brian Murgatroyd firstname.lastname@example.org
LARES provides cost effective, efficient and ultra-secure data communications across TETRA systems to central applications or to other terminals.
LARES runs as a software application on mobile data terminals connected to data-capable TETRA radios. It compresses and encrypts messages which are sent to a gateway co-located with the central data applications where they are decrypted, uncompressed and sent to the application server.
v Works with IP packet data and SDS / SDS-TL messages
v Central gateway connected to server providing authentication, key management and routing to end applications
v Central gateway routes authenticated messages to/from multiple data applications from registered terminals
v Terminal to terminal data encryption via the gateway or directly
v Automatic Key management with no user management overhead
v Hardware security module for high degree of security assurance
v Optional username and password server
v Lossless compression/decompression of user data (for text based data)
v Video and image compression (if applicable)
v Event logging
v Disabling-stuns and kills mobile data terminals securely
v Completely user friendly
v Simple configuration/registration process
v Gateway system can send/receive messages to and from multiple applications
v No manual key updating required
v A unique traffic encryption key generated safely and securely every session
v Efficient key management and authentication specifically designed for narrow band systems
v Every message is authenticated and protected against man in middle attacks
v Scalable system
v Use of data compression ensures minimum bandwidth used
v Secure database and information source access
v Video and image encryption
v Secure Electronic forms transmission
v Secure Mobilizing
v Encrypted Vehicle location
v Encrypted test messaging
Password and username system
Some existing data applications have additional access security requirements requiring the use of the entry of usernames and passwords before service can be connected. In other cases the LARES system will provide these facilities. The use of a password server can be set in the configuration for each service.
Encrypted location services application option
This option will provide an application that will deliver end to end encrypted location information. It will efficiently encrypt SDS based location using the newly specified TETRA LiP protocols. The overhead associated with the SFPG recommendation of end- to-end encryption of SDS is normally 18 bytes, however by using proprietary additions to the standard this has been reduced to 7 bytes. LiP messages are normally only 10 bytes in length so this represents a huge efficiency saving. The system will extract the GPS information from the TETRA terminal if fitted or can take an external GPS receiver input.
PEI server option
This option allows LARES to be used with multiple applications. It controls up to eight applications connected to a mobile data terminal. These applications can either be SDS or packet data formatted. LARES will keep track of priorities and destination addresses.
Multi-bearer support is becoming vitally important in public safety applications where some applications require more bandwidth than that available over the TETRA network. LARES will send end-to-end encrypted data via the most appropriate bearer depending on availability, security rules, user configuration and it own selection algorithms.
Inbuilt text and document transmission application
LARES has the option to provide an inbuilt application that sends and receives free text or documents (end to end encrypted) between terminals or from terminals to a central application.
Secure remote configuration
Optionally the LARES application can be securely remotely configured. e.g. made to send messages to a different destination, switch on and off applications, set up groups, etc.
Remote terminal logging
The terminal logs may be sent securely to the server. This can form the basis of an electronic audit regime for monitoring the status of sensitive data terminals.
APCO 25 and other digital radio versions
A LARES variant which will operate over APCO 25 networks may be ordered. Variants that will work over other digital radio systems that support data transmission will be offered if required.