CCSDS Security WG -

sunflowerplateAI and Robotics

Nov 21, 2013 (3 years and 27 days ago)

77 views

ESA UNCLASSIFIED


For Official Use

CCSDS Security WG
-


I. Aguilar, D. Fischer

CCSDS Fall 2012 Meeting, Cleveland, USA

15/10/2012

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
2

ESA UNCLASSIFIED


For Official Use

Motivation


The objective of this presentation is to share information concerning
recent ESA activities and participation to conferences and workshops
which is deemed relevant to the CCSDS Security Working Group.


Information.


Discussion of possible new areas for work.

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
3

ESA UNCLASSIFIED


For Official Use

Topics


Physical
Layer Security (IAS
).


Ongoing
Key Management Research at ESA
-
University of Waterloo
(IAS/DF
).


Directions
in Authenticated Ciphers (DIAC 2012 Workshop)
-

Debriefing
(IAS/DF
).


ESTEL
2012 Conference
-

Debriefing (IAS
).


SpaceOps

2012 Conference


Debriefing (DF).





ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
4

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Cryptographic spread spectrum (1)


As part of a general effort to strengthen TT&C links against denial
-
of
-
service attacks (jamming), ESA initiated research on two specific
topics:


Cryptographic sequences to be applied on spread spectrum
communications with multiple
-
user access capability and


Advanced synchronization techniques able to acquire such
ultra
-
long codes under signal dynamic conditions (Doppler,
jerk) experienced by various missions topologies as well as
under stress (jamming).


Such research was funded with an activity of the ESA Technology
Research Programme (TRP). Thales
Alenia

Space (Italy), a leading
European supplier of ‘robust’ transponders, teamed up with Prof. J.
Massey, a well
-
known authority on both pseudo
-
noise sequences and
cryptography.


ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
5

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Cryptographic spread spectrum (2)


The research effort delivered good results. A family of pseudo
-
noise
sequences that can provide both cryptographic strength and controlled
cross
-
correlation, vital for multi
-
user access was identified.


Cryptographic Pseudo
-
Noise Sequences:


Let

PN
CR

be

the

cryptographically

strong


1

PN

sequence

that

is

assigned

to

every

satellite
.


Let

PN
MA
(i)

be

the

periodic


1

PN

spreading

sequence

whose

first

period

corresponds

to

the

phase

of

the

maximal
-
length

sequence

that

is

assigned

to

the

i
th

satellite
.


Spreading

sequence

PN
(i)

used

by

the

G/S

for

transmission

to

the

i
th

satellite

is

the

Hadamard

produc
t

of

PN
CR

and

PN
MA
(
i
)
,

i
.
e
.
,


PN
(
i
)

=
PN
CR

PN
MA
(
i
)
.



ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
6

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Cryptographic spread spectrum (3)


Furthermore, techniques to quickly synchronize very long PN
sequences were identified, analysed and evaluated.


Those
techniques, based on frequency
-
domain signal
processing
algorithms (Generalized Zero Padding),
have
improved several orders of magnitude the performance
compared with classical serial search techniques.


In
combination with a clever 3
-
step acquisition protocol, they
allow to transit from an already long PN sequence (2exp 22) to
a cryptographic sequence in a few seconds.


Some details of the acquisition technique can be found on the following
paper presented at MILCOM 2011
.


Fast acquisition techniques for very long PN codes for On
-
Board Secure TTC transponders
,
L
. Simone
,
G.Fittipaldi
, I.
Aguilar Sánchez.




ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
7

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Advanced TC Coding (1)


CCSDS
Telecommand

Space

Link Protocol employs BCH code either in TED
(triple error detection) or SED (single error correction) modes.


High integrity;


Somewhat limited coding gain;


Average White Gaussian Noise (AWGN) channel.


Such BCH codes are sub
-
optimal for spread spectrum modulations.


Poor performance under jamming, which produces burst errors.


Enhancement for cryptographic direct
-
sequence spread
-
spectrum
modulation highly desirable.


Potential to increase robustness under interference/jamming.


Concatenation of convolutional (r=1/2, K=7) existing for a while in systems
like TDRSS and used in missions like ATV


Improvement under AWGN condition;


Still too sensitive to burst errors.

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
8

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Advanced TC Coding (2)


Can better codes be found to complement cryptographic direct
-
sequence
spread
-
spectrum modulation?


Consider the particular requirements of TC protocol like the ability
to encode from short (64 octets) to relatively large (1024 octets)
blocks of data;


Consider most destructive jamming signals for direct
-
sequence
modulation (e.g. pulsed jammer);


Consider coding literature;


Consider relevant CCSDS experience.


A study with
Politecnico

di Torino (Italy) and Univ.
Politecnica

delle

Marche
(Italy) just initiated in September 2012.


Team has very strong record both on coding and CCSDS;


Targets mainly Binary Low Density Parity Check Codes (LDPC);


Considers as well NASA LDPC codes proposed for TC (in AWGN
condition) but under jamming environment.

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
9

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Secret channels


C. Shannon
, the father of Information Theory, among other key works established the
foundations of secret channel capacity;


A.D.
Wyner

builds on previous Shannon work on secret channels and produces another
seminal paper


The Wire
-
Tap Channel
, Bell System Technical Journal, 1975.

Source
Encoder
Main Channel
Decoder
Wiretap
Channel
S
k
X
k

Y
n
S
k
Z
n

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
10

ESA UNCLASSIFIED


For Official Use

Physical Layer Security

Why bother?


The design of proper ‘channel codes’ can increase the Rate of
Equivocation (term defined by Shannon) of the eavesdropper;


In theory, no need for data encryption with such codes on a wireless
channel!


Unbreakable, regardless of attacker’s computing power;


Mobile communications research community is very actively
working on this subject;


Authentication also possible;


The cryptographers contender to quantum encryption, working on RF!


In the absence of my personal database on this topic (
hard disk with all
my files undergoing encryption at ESTEC!)

present some slides from
Vince Poor (Princeton) covering the topic.


http://
wireless.vt.edu/symposium/2012/keynote/poor.html


ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
11

ESA UNCLASSIFIED


For Official Use

On
-
going Key Management Research

ESA NPI (1)


ESA and the University of Waterloo (Canada) are working together on
key management research for space missions under the ESA Network
Partnering Initiative (NPI).


Each partner funds 50% of the research.


Research can be for a Ph.D. or post
-
doc.


Dr.

Marcio

Juliato

(Univ. of Waterloo) is the lead researcher.


Project Co
-
supervisors:


Prof. Catherine H.
Gebotys

(Univ. of Waterloo);


I. Aguilar Sánchez (ESA/ESTEC).


Project Details:


Schedule:


3
-
years, initiated summer 2011,


o
f which 1
-
year stay at ESTEC with visits to ESOC.

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
12

ESA UNCLASSIFIED


For Official Use

On
-
going Key Management Research

ESA NPI (2)


3 Phases:


Phase 1, focusing on providing scientific basis for the determination of
crypto periods for TC and TM secure communications links on space
missions based on symmetric algorithms; 2 generic missions considered
with GEO and LEO orbits;


Phase 2, looking at the use of trusted modules for key
management/recovery;


Phase 3, investigating more complex mission topologies like those relying
on space networks and the application of asymmetric algorithms to support
key management.


Results of first phase:


Draft Technical Report produced;


Paper recently presented at IEEE AESS ESTEL 2012 Conference.


On the Specification of Symmetric Key Management Parameters for Secure
Space Missions
,
Marcio

Juliato

, Catherine
Gebotys
,
Ignacio Aguilar
Sanchez.







ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
13

ESA UNCLASSIFIED


For Official Use

Directions in Authenticated Ciphers
(DIAC 2012 Workshop)
(1)


This workshop is part of ECRYPT, the European Network of Excellence in
Cryptology; this is a network funded by the European Commission Seventh
Framework Programme.


This workshop gathered top cryptographers and practitioners in industry
and academia like


B.
Preneel
, Univ.
Katoliek

Leuven (Belgium);


P.
Rogaway
, Univ. of California at Davis, USA;


J.
Daemen
, STM Microelectronics, AES
father
;


A, McGrew
, CISCO, USA (AES
-
GCM
father
);


The following website provides relevant information:


http://hyperelliptic.org/DIAC
/


ESA presented a
‘white paper’
with a view to inform the research community
and possibly trigger their interest about the particular requirements, issues,
constraints and concerns of authenticated encryption:


Authenticated encryption in civilian space missions: context and
requirements
, I. Aguilar Sánchez, D. Fischer


ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
14

ESA UNCLASSIFIED


For Official Use

Directions in Authenticated Ciphers
(DIAC 2012 Workshop)
(2)


Feedback:


Space considered a user community at one (tough) end of the
spectrum of user requirements (
T. Lange
dixit);


At opposite end one can find the so
-
called
‘lightweight
cryptography’
(e.g. embedded processors);


Some surprise shown by the anticipated need for a MAC longer
than 128 bits (
D. McGrew
);


D
oubt raised about the true security strength given by a particular
MAC length, triggered by conversation with
P.
Rogaway
;
apparently a 128
-
bit MAC would give 128
-
bit security (not 64
-
bit);
question still to be solved!


NIST and some top non
-
European Universities (USA, Japan)
actively involved in the Workshop;


Possibly a new competition for an advanced AE algorithm in the
pipeline; certainly, a lot of interest by represented parties;
however, who would fund it?

ESA Presentation | I. Aguilar, D. Fischer | CCSDS Fall 2012 Meeting, Cleveland, USA | 15/10/2012 | TEC | Slide
15

ESA UNCLASSIFIED


For Official Use

ESTEL 2012 Conference


See
http://www.estelconference.org/


Organised by IEEE Aerospace and Electronic Systems Society in Europe (a
first!);


Broad scope: satellites, launchers, navigation, earth observation,
ground systems, satellite networks,…


A
Special Track on Security and Privacy



Covering a broad range of security issues, well beyond space
missions.


But a good
Security Session

in general program with papers like


Marcio’s

paper on Key Management;


Cryptographic Transforms for a Lightweight and Efficient DVB Link
-
Layer Security
Extension
, Michael
Nosterning
, University of
Salzburg;


Ignacio’s paper on Telecommunication Mission Security, including
PR campaign for CCSDS Security!