New chair for the SFPG
Brian Murgatroyd, Chairman of the Security and Fraud Prevention Group (SFPG), and TETRA Working Group 6 – Security has retired from PITO. The new Chairman is Trevor Evans, also from PITO.
TETRA Working Group 6 is responsible for the development of the TETRA security standard. The SFPG is an independent group of the TETRA Association dealing with security and fraud prevention issues.
Brian Murgatroyd (left) and Trevor Evans
Brian explains: “The TETRA standard specifies a large number of air interface security features. However, it only stipulates that you should take security measures, e.g. an authentication mechanism between the mobile equipment and the TETRA infrastructure, and that you should encrypt the information being transferred. It does not tell you how and when to implement these features, or how to store and distribute security keys in a safe way. This is less of a problem when you are dealing with only one manufacturer and one network. In TETRA however, where a number of different manufacturers supply equipment for the same TETRA system, it is necessary to make agreements in order to ensure interoperability. SFPG ensure that the security implementations in systems supplied by different equipment manufacturers are compatible, and that the many TETRA security features are optimally implemented and securely used.
“The SFPG has defined a framework for End-to-End security that is flexible enough to address the needs of all users and their security policies. Those who have specific security needs can ‘drop’ their own encryption algorithms into the framework, and standard algorithms are specified for those who are looking for an off-the-shelf solution. We are currently working on edition 5 of the Recommendation on TETRA End-to-End Security. This is probably the most important of the recommendations and has become the de facto standard for end-to-end encryption and key management.”
Even in the case of TETRA, which is currently the most secure standard for mobile communication, new developments can bring new challenges for hackers and defrauders. The composition of the SFPG, which brings together manufacturers, operators and users, provides a platform not only to keep track of current developments, but to stay one step ahead of defrauders.”
Members can find the complete list of Recommendations, and minutes of meetings, on the SFPG section in the members’ area of this website. Group secretary Marjan Bolle can be contacted at SFPG@xs4all.nl for more information.
On behalf of SFPG and WG6 members we thank Brian for his invaluable contribution to the success of the work, and wish him a long, happy and fulfilling retirement.
If you wish to receive SFPG documents:
All SFPG Recommendations are available to Association members upon request from the SFPG secretary SFPG@xs4all.nl. In view of the sensitive nature of the information, they will be distributed by snail mail, after signing of a non-disclosure agreement.