Unable to Decrypt Response (encrypted)
This ASM implements the Project 25 OTAR Unable to Decrypt Response message.
Usage Notes
- This message is sent from the Mobile Radio (MR) to the Key Management Facility when a Key Management Message cannot be decrypted by the MR.
- When the KMF receives this message, it is assumed that it refers to the most recently transmitted message.
- This message is broadcast as a non-addressed message to reduce the message size, and to avoid issues from a relocated RSI to a different MMSI.
Version 0:
This is an RTCM compliant implementation of the Project 25 OTAR Unable to Decrypt Response Message.
This ASM only has an AIS Message 26 variant.
Unable to Decrypt Response (Message 26, broadcast)
|
|
Parameter |
# of Bits |
Description |
|
|
|||
Standard Message Header |
Message ID |
6 |
Identifier for Message 26; always (decimal) 26. |
|
Repeat Indicator |
2 |
Indicates how many times a message has been repeated. 0 – 3; 0 = default; 3 = do not repeat any more. Set to zero (default). |
||
Source MMSI |
30 |
MMSI number of source station. Varies according to the transmitter ID. |
||
Destination Indicator |
1 |
0 = broadcast (no Destination ID field) 1 = Addressed (30 bit Destination ID field). Set to zero (broadcast). |
||
Binary Data Flag |
1 |
0 = unstructured binary data (no Application Identifier bits used) 1 = binary data coded as defined by the 16-bit AI. Set to 1 (structured). |
||
Destination ID |
0 |
MMSI number of destination station. Not used. |
||
Spare |
0 |
Not used. |
|
Binary Data |
Designated Area Code |
10 |
Designated area code (DAC). Set to 366. |
||
Function Identifier |
6 |
Function identifier. Set to (decimal) 35. |
||||
KMM Preamble |
Reserved |
3 |
Reserved for future use. Set to 0. |
|||
Version |
5 |
Version of KMM Preamble Message Body. Set to 0. |
||||
MFID |
8 |
Manufacturer’s ID, indicates conformance to standard. Set to 0. |
||||
Algorithm ID |
8 |
Identifies the algorithm used to encrypt payload. Set to (hex) 85 = AES-128. |
||||
Key ID |
16 |
Identifies the TEK used to encrypt the KMM. |
||||
Message Indicator |
72 |
Provides the message indicator to synchronize the encryption of the OTAR KMM. |
||||
Encrypted Payload |
OTAR Message ID |
8 |
Identifies the Project 25 “Message ID” type. One of 255 possible values assigned as the message type. Set to (decimal) 39 = Unable to Decrypt |
|||
Message Length |
16 |
A 16 bit binary number that defines the length (in octets) of the subsequent OTAR fields, including MAC. (decimal) 51 or 55. |
||||
Message Format |
RSP |
2 |
Response Kind defines acknowledgment to be returned to the sender of the KMM. 00 =Rsp Kind 1, 01 = Rsp Kind 2, 10 = Rsp Kind 3 and 11 is undefined. |
|||
MN |
2 |
Message Number defines the size of the Message Number field in the KMM. 00 = no message number, 10 = a 2 octet message number. Set to (binary) 10 |
||||
MAC Processing |
2 |
Defines the type of MAC processing performed over the entire KMM. Set to (binary) 11 = Type 3 MAC |
||||
Spare |
1 |
Set to zero. |
||||
Done |
1 |
Indicates if KMM is last in a series. 1 = More to follow (Not Done), 0 = done. |
||||
Destination RSI |
24 |
Radio Set Identifier number |
||||
Source RSI |
24 |
Radio Set Identifier Number |
||||
KMF Message Number |
16 |
A rolling sequence number to prevent message playback. Binary number representing values from 0 – 65535. |
||||
Body Message Format |
T |
1 |
TEK Included. 0 = message only contains message subheader, 1 = a Reverse Warm Start TEK segment exists. |
|||
K |
1 |
KEK Exists. 0 = KEK exists, 1 = KEK does not exist. |
||||
Spare |
6 |
Always zero. |
||||
ESYNC MFID |
8 |
MFID used in original message which could not be decrypted |
||||
ESYNC Algorithm ID |
8 |
Alg ID used in the original message which could not be decrypted. |
||||
ESYNC Key ID |
16 |
Key ID of original message which could not be decrypted |
||||
Status |
8 |
Reason for the failed decryption. See Appendix 4. |
|
Binary Data |
Encrypted Payload |
Decryption Instruction Format |
Reserved Bit |
1/0 |
Set to zero (not used). |
|
Message Indicator Block |
1/0 |
Set to zero (not used). |
|||||
Spare |
6/0 |
Always zero. |
|||||
Reverse Warm Start Algorithm ID |
8/0 |
The algorithm is used in conjunction with the KeyID to uniquely select a KEK. Set to (hex) 85 = AES-128 |
|||||
Reverse Warm Start Key ID |
16/0 |
Identifies the Key ID for the TEK. |
|||||
Message Indicator |
0 |
Optional, not used for AES-ECB wrapped keys. |
|||||
Key Length |
8 |
The number of octets to transfer the key. Set to (decimal) 16. |
|||||
Algorithm ID |
8 |
The algorithm of the KEK used to encrypt the TEK. Set to (hex) 85 = AES-128 |
|||||
Key Format |
Key Type |
1 |
Set to 0 = TEK. |
||||
Spare |
1 |
Not used, set to zero. |
|||||
Delete/Rekey |
1 |
0 = rekey (add new or change existing key), 1 = delete existing key |
|||||
Key Name Size |
5 |
Defined the length in octets of the key name field. Set to (decimal) 0. |
|||||
Storage Location Number |
16 |
Set to zero. |
|||||
Key ID |
16 |
The Key ID of the key being sent. |
|||||
Key |
128 |
The TEK. |
|||||
Key Name |
0 |
Not used. |
|||||
Message Authentication Code |
MAC |
64 |
OTAR Message authentication code, concatenated to key length/2. Calculated per paragraph 13.5.2 of TIA 102.AACA-A, September 2014. |
||||
MAC Length |
8 |
Length of message authentication code in octets. Set to (decimal) 8 |
|||||
MAC Algorithm ID |
8 |
Used with MAC Key ID to uniquely determine key to used to produce MAC. Set to (hex) 85 = AES-128. |
|||||
MAC Key ID |
16 |
Identifies the Key to be used to compute the MAC |
|||||
T |
1 |
Not used. Set to zero. |
|||||
D |
1 |
Derived Key. Set to zero = Dedicated MAC Key |
|||||
R |
1 |
Reserved for future use. Set to zero. |
|||||
Version |
5 |
Defines the version of the MAC message body. Set to zero. |
|||||
Encryption Bit Padding |
variable |
Sufficient spare bits to ensure that the binary data is a multiple of 128 bits for block encryption (512). Set to zero. |
|||||
Checksum |
16 |
16-bit CRC calculated as per EAIS Specification |
|||||
|
Footer |
Spare |
4 |
Four extra bits to ensure the message ends on a byte boundary. Set to zero. |
Communications State Selector |
1 |
0 = SOTDMA communication state follows 1 = ITDMA communication state follows |
||
Communications State |
19 |
SOTDMA communication state (see ITU 1371-5 § 3.3.7.2.1, Annex 2), if communication state selector flag is set to 0, or ITDMA communication state (§ 3.3.7.3.2, Annex 2), if communication state selector flag is set to 1. |
||
Total bits |
720 |
4 Slot Binary Message |