OTAR

Over-The-Air Rekeying (P25)

Security
Introduced in Rel-14
A security procedure for remotely updating encryption keys in Project 25 (P25) digital two-way radio systems. It allows system administrators to change cryptographic keys across a fleet of radios without physical contact, essential for maintaining secure communications in public safety and government networks.

Description

Over-The-Air Rekeying (OTAR) is a standardized security protocol defined within 3GPP specifications for Project 25 (P25) Phase II systems. P25 is a suite of standards for digital radio communications used extensively by public safety, federal, and state agencies in North America and elsewhere. OTAR specifically manages the process of remotely updating the encryption keys stored in P25 subscriber units (radios). Its primary function is to replace existing traffic encryption keys (TEKs) or key encryption keys (KEKs) with new ones, a process critical for periodic key rotation and emergency key revocation.

The OTAR architecture centers on a Key Management Facility (KMF) or Key Management Controller (KMC), which is the central authority responsible for key generation, storage, and distribution. The P25 infrastructure, including base stations (RFSS) and the core network, serves as the transport medium. The KMF sends rekeying messages via the P25 control channel or traffic channels. These messages are securely packaged; a new TEK is typically encrypted under a current, securely stored KEK known to both the KMF and the target subscriber unit. The protocol includes mechanisms for addressing individual radios (by their unique ID) or entire talkgroups, enabling both individual and bulk rekeying operations.

The OTAR process involves several steps: initiation by the KMF, secure transmission of the encrypted new key, reception and decryption by the subscriber unit, storage of the new key in its secure memory, and finally, an acknowledgment sent back to the KMF. This acknowledgment loop is vital for operational assurance, confirming that the intended device successfully updated its keying material. OTAR operates in conjunction with P25's over-the-air key management infrastructure, which may also handle initial key loading. By leveraging the existing radio network, OTAR eliminates the need for logistical operations to physically collect or touch each radio, providing a scalable and rapid response capability for security management in wide-area deployments.

Purpose & Motivation

OTAR was developed to overcome the severe logistical and security limitations inherent in manual key management for large-scale, geographically dispersed P25 networks. Before OTAR, changing encryption keys required technicians to physically connect to each radio with a key loader deviceā€”a process that could take weeks or months for a large agency, during which time communications were vulnerable if a key was compromised. This static key management model was incompatible with the dynamic threat environment and operational needs of modern public safety organizations.

The creation of OTAR was motivated by the requirement for cryptographic agility and operational security in mission-critical land mobile radio (LMR) systems. It solves the problem of maintaining secure communications over long periods by enabling regular, policy-driven key changes without service disruption. OTAR is essential for implementing security best practices like limiting the cryptographic lifetime of a key. Furthermore, it provides an immediate response tool for incident management; if a radio is lost or stolen, its keys can be remotely erased or invalidated, and new keys can be pushed to the rest of the fleet instantly, preventing unauthorized access to the communication system. This capability is a cornerstone of trusted, secure P25 networks for first responders.

Key Features

  • Remote updating of Traffic Encryption Keys (TEKs) and Key Encryption Keys (KEKs) for P25 radios
  • Supports unicast (individual radio) and multicast (talkgroup) rekeying operations
  • Uses existing P25 control or traffic channels for key delivery, requiring no separate data network
  • Employs a key hierarchy where new keys are encrypted under previously established secure keys
  • Includes mandatory acknowledgment from the subscriber unit to the KMF for delivery confirmation
  • Enables both scheduled periodic rekeying and immediate emergency key revocation procedures

Evolution Across Releases

Rel-14 Initial

Initially standardized in 3GPP Release 14, OTAR for P25 was defined to provide a comprehensive over-the-air rekeying mechanism. The specifications detailed the protocol architecture, message sequences between the Key Management Facility and P25 subscriber units, and the security procedures for protecting key material during transmission, establishing the foundation for remote key lifecycle management in P25 Phase II networks.

TS 23.283TS 23.782TS 23.783TS 24.883

Defining Specifications

SpecificationTitle
TS 23.283 3GPP TS 23.283
TS 23.782 3GPP TS 23.782
TS 23.783 3GPP TS 23.783
TS 24.883 3GPP TS 24.883