Operating Manual
10-8 5100 ES Models II/III Portable Radio Operating Manual March 2008
Secure Communication (Encryption)
While the active keyset is usually selected by the Key Management Facility, it can also be
selected by the radio user if the KY CHG option switch is programmed. In this fashion,
two keysets can be used even if OTAR is not being used. Note that the radio must be in
SLN mode (see Section 10.2.2) to make use of keysets.
KEKs are always placed in Keyset 255, and are always considered to be active. The valid
SLN range for Keyset 255 is 61440 through 65535. While KEKs can reside in any SLN
within this range, traditionally UKEKs will reside in SLN 61440 and/or 61442, and
CKEKs, if present, will reside in 61441 and/or 61443. The EFJohnson KMF uses SLN
61440 for DES UKEKs and 61442 for AES UKEKs.”
A diagram of a keyset is shown in Figure 10.2. Some information may be optional as
shown.
Figure 10.2 Keyset Diagram
If the Erase Previous Keyset on OTAR Changeover field is selected, the keys in the
original keyset are erased when the OTAR Changeover command or the Keyset option
switch are used to select the other keyset. If this not selected, the keys in the original
keyset are not erased when this occurs. Please note that this only erases keys on an OTAR
changeover: It does not erase keys on a manual keyset changeover from either the menu or
function button.
10.4.3 Key Management Facility
The Key Management Facility (KMF) provides key management and OTAR functions to
applicable radios within the radio system. One of the main tasks of the KMF is to maintain
a data base of encryption information contained in each radio. This information may
include the following:
• TEKs (main Traffic Encryption Keys)
• KEKs (Key Encryption Keys) used to encrypt keys within OTAR messages
• Keysets (groups of TEKs or KEKs)
• Individual and group Radio Set Identifiers (RSIs)
16-Bit Keyset ID
Keyset Name (Opt)
SLN 1
SLN 2
SLN 4095