Sign out

Session expired

Contact sales

Overview

DIMETRA™ Key Management Facility (KMF) for End-to-End Encryption

With the DIMETRA KMF you can generate, load, and delete keys to help keep your voice and data communications secure. You can update your E2EE keys using Over-The-Air Keying (OTAK) or Over-The-Ethernet-Keying (OTEK) of devices or dispatch consoles remotely, out in the field. This eliminates the delays, inconvenience and administrative costs of having to bring devices to a central location or taking KVLs out to the field for manual rekeying.

The DIMETRA KMF is a secure solution for managing your E2EE keys.

Remote management of E2EE keys

The KMF Server is the host for the KMF server application and database. It runs all of the key management operations and stores all key material and configuration settings. It also manages E2EE key distribution via OTAK and OTEK which simplifies changing E2EE keys out in the field. OTAK and OTEK removes the logistical burden of manually rekeying TETRA devices, and help you gain greater control by being able to poll a device and update or erase its E2EE keys.

Intuitive user interface

The browser-based KMF client provides an intuitive user interface for all KMF operations. By making it easy to rekey devices and dispatch consoles, you can update the keys more frequently to help stay ahead of your adversaries and better insulate yourself from potential attacks.

Secure solution

The KMF CRYPTR is responsible for generating and protecting encryption keys, as well as for end-point encrypting and decrypting of key material so that it is never transmitted or stored in plaintext. It also performs encryption operations for key management messages (OTAK and OTEK). It provides a number of security mechanisms to protect your communications, including: secure boot, tamper protection and response, and environmental attack prevention.

Voice and data key rotation

For flexibility to have cryptographic separation between talkgroups, the KMF assigns each talkgroup a different E2EE key.

To aid E2EE key rotation, the KMF supports three keys: current, past and future. The KMF operator can switch between Active (current) and Inactive (past and future) keys. In case not all devices update their keys at exactly the same time, the three keys approach enables devices to communicate with E2EE as long as each device is using one of those three keys.

Visibility and reporting

KMF reports provide an easy way to have visibility of your radio and dispatch console fleet, so you can take action if required. They show device status, KMF performance, and help with running and managing OTAK/OTEK operations. You can choose from a wide range of reports including Summary Reports, Detailed Reports, Cryptogroup Reports, Operation Status and Inspect Operation.

Resources

Product information

Datasheet

Datasheet

Learn more about the DIMETRA KMF

Product Catalog

Please wait...