SECURE COMMUNICATION (ENCRYPTION)
56
and 1-16 when the SLN mode is selected (see
Figure 11-1).
PID or SLN key management modes can be
programmed on the Global programming screen. More
information on these modes follows.
PID Mode -
The PID mode can be used only when
keys are loaded using the Motorola KVL 3000
keyloader. When this mode is selected, keys are loaded
directly into a PID of 0-15 that corresponds to the PID
programmed for each channel (if applicable). A Keys
Table is not programmed with this mode.
SLN Mode -
The SLN mode must be selected is either
OTAR (Over-The-Air-Rekeying) or the EFJohnson
System Management Assistant (PDA keyloader) is
used. It can also be used if OTAR is not used. With
this mode, keys are loaded into a SLN (Storage Loca-
tion Number), typically from 0-4095. A Keys Table
must then be programmed to link channel PIDs to a
specific SLN.
The use of this type of indirect linking allows keysets
and key IDs to be changed via OTAR while keeping
the mapping from the channel or talk group the same.
For example, as shown in Figure 11-1, PID 4 selects
SLN 24 which selects key slot 24 in both keysets. This
slot contains Key ID 69 in Keyset 1 and Key ID 91 in
Keyset 2. Only one keyset is active at a time.
11.2.4 MAINTAINING KEYS IN MEMORY
The radio may need to be connected to a constant
power source to preserve the encryption keys in
memory. The programming of the Infinite Key Reten-
tion parameter determines if keys are permanently
stored in memory or erased soon after power is
removed. This parameter is available in 5100 models
with firmware 1.11.0/2.0/3.0 or later.
When Infinite Key Retention is enabled, keys are
stored in memory and are not lost when power is
removed. If it is disabled, they are maintained only
until the storage capacitance discharges. With 5100
portable models, storage capacitors maintain the
supply voltage (and encryption keys) for approxi-
mately 30 seconds without power applied. Therefore,
when changing the battery, make sure to reattach
another within 30 seconds.
With 5300 mobile models, the keys are main-
tained for approximately 8 hours with this feature
disabled. However, a tamper switch causes immediate
key erasure when the radio cover over the logic board
is removed.
11.2.5 ENCRYPTION KEY SELECT
NOTE: This feature is available on conventional
channels only.
When multiple encryption keys are programmed
(see preceding information), the
KY SEL
option
switch can be programmed to allow selection of
another key for the current channel. This feature
changes the PID (hardware location) of the key, and
the change is permanent (cycling power or selecting a
different channel does not reselect the original key).
Therefore, to switch back to the original key, it must
be manually reselected. Proceed as follows to select a
key:
1. Press the
KY SEL
option switch and HWKEY x is
displayed. The “x” indicates the current key PID
selection.
2. Rotate the Select switch to display the desired key
and then press the Select switch to select it. Press the
KY SEL
option switch again to return the display to
normal operation.
11.2.6 ENCRYPTION KEY ERASE
A
KY CLR
option switch can be programmed
that allows the user to permanently erase all stored
keys. If OTAR TEK and KEK keys are stored, all keys
of both types are erased. This function can be used to
ensure that unauthorized encrypted calls can no longer
be placed or received by a radio.
11.3 CLEAR/SECURE STRAPPING
11.3.1 TRANSMIT MODE OPTIONS
The following transmit options are available
when encryption is selected:
Clear -
All calls are in the clear mode unless
responding to a secure call. If the response is then
made within the delay time (see Section 4.11.4), it
occurs in the secure mode.