Encryption Mmi; Aie Key Storage; Deleting User Keys; Secure Dmo - Motorola MTP850 S Product Information Manual

A Class 2 or Class 3 radio moves to a cell that supports an SCK/CCK/GCK that the radio possesses, applies AIE to
the registration PDU. If no acknowledgment is received, the radio sends the registration in clear.

Encryption MMI

A Class 2 or Class 3 radio that is involved in a clear call provides a visual and an audible indication informing that the
call is not encrypted (if enabled by the service provider).

AIE Key Storage

The radio stores all the keys, SCK/CCK/DCK/GCK, in a sealed manner in non-volatile memory of the radio.
However, they are not stored in the codeplug.
The radio supports loading of the SCK keys manually using the Key Variable Loader (KVL).
By using a special key combination, you can delete the cipher keys in the radio. Depending on configuration, you
may erase either all keys or only the short-term keys.

Deleting User Keys

Prerequisites: The user key deletion is enabled in the codeplug.
Procedure:
1 Verify that the radio is turned on.
2 Press the following key sequence: *, *, 0, 0, #, #.
Caution:
The key deletion takes up to 30 seconds. During the period, the battery must not be removed. Removing the
battery during that period may lead to radio malfunction.
Encryption and/or Authentication keys are deleted. The radio enters Temporary Disable state and must be manually
restored by the service provider.

Secure DMO

The Secure Direct Mode Operation (DMO) feature guarantees key ciphered transmission in the DMO.
When DM-SCKs are provided by OTAR, you are informed in case the radio does not contain the complete set of
SDMO keys. Whenever the radio enters DMO and the radio does not possess past and present DM-SCKs for all
provisioned KAG and/or it has not yet successfully received SCK Subset Grouping Type, SCK Subset Number and
SCK-VN information from the SwMI, then the radio:
• plays a special reject tone.
• prompts a message indicating OTAR incomplete.
The radio provides SDMO status information to the user via the MMI DMOSCK Validity submenu inside the
Security menu (present only when configured in the codeplug):
• DMO SCK is Valid — DMO SCK OTAR is disabled and all DM-SCKs are provided using the KVL.
• DMO SCK is Valid — DMO SCK OTAR is enabled and the radio knows the current SCK information and has
all the corresponding past and present DM-SCKs.
• DMO SCK is Invalid in all other cases.
The radio supports system management of SDMO keys. The radio using system managed SDMO requires the
structure of DM-SCKs used for SDMO, the current active SCK Subset Number, and Version Number information to
coordinate key schedules. The radio considers the last received variant of this information PDU as the most accurate
indication of SDMO key configuration.
DMO SCK can only be used if Enhanced Security feature is purchased.
Services and Features | 45
68015000878-G | | Send Feedback