authenticated encryption in civilian space m issions
play

Authenticated encryption in civilian space m issions: context and - PowerPoint PPT Presentation

May 14, 2023 •168 likes •499 views

Authenticated encryption in civilian space m issions: context and requirem ents I. Aguilar Snchez, D. Fischer Stockholm 05/ 07/ 2012 DI AC 2012 Presentation | I . Aguilar Snchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and

  1. Authenticated encryption in civilian space m issions: context and requirem ents I. Aguilar Sánchez, D. Fischer Stockholm 05/ 07/ 2012 DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 1 ESA UNCLASSI FI ED – For Official Use ESA UNCLASSI FI ED – For Official Use

  2. Outline − Introduction − Securing Space Missions − Space assets protection − Mission products protection − Spacecraft security services implementation − Issues, concerns, constraints and requirements − Thirteen items to be introduced − Conclusion DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 2 ESA UNCLASSI FI ED – For Official Use

  3. I NTRODUCTI ON DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 3 ESA UNCLASSI FI ED – For Official Use

  4. CCSDS background 1. Civilian space agencies cooperate for the development of security concepts applicable to their space missions through CCSDS. a. Blue Books (standards) b. Green Books (reports) 2. CCSDS has developed over 25 years a set of standard communication protocols & services supporting data transfers within space systems & interoperability: a. 60+ standards published; b. Serving 500+ space missions. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 4 ESA UNCLASSI FI ED – For Official Use

  5. CCSDS Security effort 1 . Several reports and standards like a. The Application of CCSDS Protocols to Secure Systems; b. Cryptographic Algorithms; c. Security Guide for Mission Planners. 2 . Space Data Link Security ( SDLS) protocol . This security protocol offers a. security services to the three Space Data Link protocols previously standardized by CCSDS; b. security services: authentication, encryption and authenticated encryption; c. flexibility in the selection of services and cryptographic algorithms. d. ‘Baseline modes’ in SDLS and their companion cryptographic algorithms as recommend in another key CCSDS standard on security: Cryptographic Algorithms. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 5 ESA UNCLASSI FI ED – For Official Use

  6. Pragm atic approach 1. Cryptography: a. Rely on civilian research and standardization (e.g., ISO, NIST) and adopt civilian cryptographic standards; b. Study and solve adaptation to space context. 2. Regarding Authenticated Encryption: a. Advanced Encryption Standard Galois Counter Mode (AES- GCM); b. Potential issue for the future: MAC limited to 128-bits; c. In no position to research alternatives or determine ground rules for the combination of authentication and encryption. 3. Take this opportunity to express issues, concerns, constraints and requirements perceived by civilian space missions. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 6 ESA UNCLASSI FI ED – For Official Use

  7. SECURI NG SPACE MI SSI ONS DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 7 ESA UNCLASSI FI ED – For Official Use

  8. General 1. Two security problems are identified and differentiated when considering how to secure a space mission. a. The first one concerns the protection of the space mission assets and their infrastructure, e.g., the satellite or the constellation when more than one satellite is involved, the ground stations, the operations control centre(s), the mission control centre(s), the networks that interconnect them and the interface with the user(s). b. The second security problem corresponds to the protection of the mission products, that is, the signals and/ or data produced by the spacecraft. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 8 ESA UNCLASSI FI ED – For Official Use

  9. CI A Requirem ents Confidentiality needed for: 1. Key protection while cryptographic key uploading (TC); 2. Protection Sensitive parameter of security unit in TM, if any; 3. Telecommand protection Confidentiality Integrity (optional). Integrity/ Authentication needed for: 1. Transmission error protection; 2. Anti-spoofing/ Command source authorization; 3. Complement to Encryption (optional). Availability Availability needed for: 1. Protection of Telecommand transmission (spread spectrum, null-steering antennas, high- power up-link). DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 9 ESA UNCLASSI FI ED – For Official Use

  10. Space asset protection 1. Main Threats: a. Unauthorized access to spacecraft control; b. Denial-of-service on command link; c. Traffic analysis. 2. Specific mission risk assessment will dictate the adoption of Protection measures like: a. Command authentication; b. Command and telemetry encryption; c. Anti-jam techniques (e.g. cryptographic spread spectrum, antenna null-steering); d. Spacecraft autonomy, ground station diversity. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 10 ESA UNCLASSI FI ED – For Official Use

  11. Mission products protection 1. Main Threats: a. Unauthorized access to mission data or mission signal on space link; b. Unauthorized access to mission processed data at payload data ground segment. 2. Protection measures: a. Mission data encryption on space link; decryption keys distributed to authorized users; b. User identification, authentication, access control, encryption when interacting with payload data ground segment for mission processed data. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 11 ESA UNCLASSI FI ED – For Official Use

  12. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 12 ESA UNCLASSI FI ED – For Official Use

  13. Spacecraft end-to-end security ( 1 ) Single space link topology DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 13 ESA UNCLASSI FI ED – For Official Use

  14. Spacecraft end-to-end security ( 2 ) Separate payload link topology DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 14 ESA UNCLASSI FI ED – For Official Use

  15. Spacecraft security services im plem entation ( 1 ) 1. Typical implementation for spacecraft security services and key management is based on hardware. a. Quality and reliability are critical. b. Choice of technology is driven by those two plus complexity and non-recurrent cost. c. Integration with other spacecraft data handling functions is possible. ASIC could be favoured. 2. For the ground counterpart implementation can be based on software. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 15 ESA UNCLASSI FI ED – For Official Use

  16. Spacecraft security services im plem entation ( 2 ) 3. Security evaluation needs may call for a physically segregated security module/ unit. a. Decouples most of spacecraft integration and testing activities from security function evaluation and testing. b. Still a later integration/ end-to-end connectivity test with ‘flight keys’ is required. 4. Secure partitioning, a software based concept inherited from aeronautical industry, is being considered for future implementation of security functions at low data rate. a. One virtual machine among many running on a common processor will implement security functions; b. Security assurance, i.e. no data leakage between virtual machines, is critical. DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 16 ESA UNCLASSI FI ED – For Official Use

  17. I SSUES, CONCERNS, CONSTRAI NTS AND REQUI REMENTS DI AC 2012 Presentation | I . Aguilar Sánchez, D. Fischer | Stockholm | 05/ 07/ 2012 | Technical and Quality Management | Slide 17 ESA UNCLASSI FI ED – For Official Use

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Authenticated Encryption Kenny Paterson Information Security Group @kennyog ;

Authenticated Encryption Kenny Paterson Information Security Group @kennyog ;

Authenticated Encryption Kenny Paterson Information Security Group @kennyog ; www.isg.rhul.ac.uk/~kp Motivation for Authenticated Encryption Authenticated Encryption (AE) m 1 m 2 Security goals: Confidentiality and integrity of messages

649 views • 60 slides
Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint

. . . . . . Permutation-based encryption, authentication and authenticated encryption Permutation-based encryption, authentication and authenticated encryption Joan Daemen 1 Joint work with DIAC 2012, Stockholm, July 6 Guido Bertoni 1 ,

739 views • 49 slides
PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry

PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry

PAEQ: Parallelizable Permutation-based Authenticated Encryption Alex Biryukov and Dmitry Khovratovich University of Luxembourg 12 October 2014 Authenticated encryption Simple encryption If you just want to protect confidentiality of your

991 views • 32 slides
Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein

Goals of Encryption authenticated encryption sender Daniel J. Bernstein University of Illinois at Chicago & m Technische Universiteit Eindhoven c k More details, credits: competitions.cr.yp.to network

1.33k views • 118 slides
The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich

The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich

The LOCAL attack: Cryptanalysis of the authenticated encryption scheme ALE Dmitry Khovratovich and Christian Rechberger University of Luxembourg and DTU (Denmark) Presented by Yu Sasaki (NTT, Japan) 15 August 2013 Authenticated encryption

556 views • 22 slides
Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and

Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and

(A brief, incomplete) Introduction to Authenticated Encryption Tom Shrimpton Summer School on Real-World Crypto and Privacy June 11, 2018 Authenticated Encryption M M Its complicated Probabilistic or deterministic AE? Nonce based AE?

868 views • 47 slides
Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan

Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan

Permutation-based encryption, authentication and authenticated encryption Guido Bertoni 1 , Joan Daemen 1 , Michal Peeters 2 , and Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Abstract. While mainstream symmetric cryptography has

519 views • 12 slides
Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva

Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva

Security Aspects of Authenticated Encryption (in light of the CAESAR competition) Elena Andreeva COSIC, KU Leuven, Belgium Cryptoday 2014 Technion, Haifa, Israel 30/12/2014 Outline Authenticated Encryption: AE Generic AE composition

732 views • 55 slides
Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul

Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul

ELmD Authenticated Encryption Scheme EME based Authenticated Encryption Schemes Comparative Study of ELmD with other EME based AEs Different Features of ELmD, EME Based Authenticated Encryption Schemes Nilanjan Datta and Mridul Nandi Indian

364 views • 20 slides
The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA

The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA

The Evolution of Authenticated Encryption Phillip Rogaway University of California, Davis, USA Includes joint work with Mihir Bellare, John Black, Ted Krovetz, and Tom Shrimpton DIAC Directions in Authenticated Ciphers 05 July 2012

748 views • 52 slides
AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological

AEGIS A Fast Authenticated Encryption Algorithm Hongjun Wu, Bart Preneel Nanyang Technological University, Katholieke Universiteit Leuven Presented at DIAC 1 Classification of Authenticated Encryption AEGIS Design rationale

635 views • 19 slides
Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso Gagliardoni Authenticated Encryption! ( Using AES with 128 bit block size in Galois Counter Mode and SHA2 ) Taxonomy of security Authenticated encryption

440 views • 26 slides
CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE:

CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE:

CHAE: Challenges in Authenticated Encryption White paper available: https://chae.cr.yp.to CHAE: Challenges in Authenticated Encryption https://chae.cr.yp.to Contributors to the white paper Jean-Philippe Aumasson David McGrew Steve Babbage

411 views • 4 slides
Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso

Unforgeable quantum encryption Christian Majenz Joint work with Gorjan Alagic and Tommaso Gagliardoni Authenticated Encryption! ( Using AES with 128 bit block size in Galois Counter Mode and SHA2 ) Authenticated Encryption! ( Using AES with 128

893 views • 67 slides
Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr

Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr

Authenticated Encryption with Variable Stretch Reza Reyhanitabar 1 Serge Vaudenay 2 Damian Vizr 2 1 NEC Laboratories Europe, Germany 2 EPFL, Switzerland DIAC 2016: Directions in Authenticated Ciphers 2016 This work was partially supported by

696 views • 43 slides
Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1

Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1

TBCs and AE NSIV Generic Composition EPWC MAC CTRT Encryption Conclusion Counter-in-Tweak: Authenticated Encryption Modes for Tweakable Block Ciphers Thomas Peyrin 1 Yannick Seurin 2 1 NTU, Singapore 2 ANSSI, France August 15, 2016

1.29k views • 102 slides
Skin and soft tissue infections Sarah Doernberg, MD, MAS Associate Professor Medical Director of

Skin and soft tissue infections Sarah Doernberg, MD, MAS Associate Professor Medical Director of

Skin and soft tissue infections Sarah Doernberg, MD, MAS Associate Professor Medical Director of Antimicrobial Stewardship Disclosures Consultant: Genentech, Basilea Pharmaceutica Outline Cellulitis Necrotizing infections

332 views • 31 slides
Recent Results from MICE on Multiple Coulomb Scattering and Energy Loss Scott Wilbur on behalf

Recent Results from MICE on Multiple Coulomb Scattering and Energy Loss Scott Wilbur on behalf

Recent Results from MICE on Multiple Coulomb Scattering and Energy Loss Scott Wilbur on behalf of the MICE collaboration University of Sheffield Scott Wilbur MICE Scattering and Energy Loss 1 Ionization Cooling Emittance change depends

721 views • 19 slides
Jumpgate: In-Network Processing as a Service for Data Analytics Craig Mustard, Fabian Ruffy, Anny

Jumpgate: In-Network Processing as a Service for Data Analytics Craig Mustard, Fabian Ruffy, Anny

Jumpgate: In-Network Processing as a Service for Data Analytics Craig Mustard, Fabian Ruffy, Anny Gakhokidze, Ivan Beschastnikh, Alexandra Fedorova University of British Columbia 1 In-Network Processing Can Accelerate Data Analytics Switches

325 views • 15 slides
Sepsis Screening and Nurse Driven Protocols Cairn Ruhumuliza, MSN, RN CPHQ Sepsis Coordinator,

Sepsis Screening and Nurse Driven Protocols Cairn Ruhumuliza, MSN, RN CPHQ Sepsis Coordinator,

Sepsis Screening and Nurse Driven Protocols Cairn Ruhumuliza, MSN, RN CPHQ Sepsis Coordinator, McLaren Northern Michigan Hospital Lily Popkin, BSN, MSN, RN Sepsis Coordinator, Lutheran Medical Center Amy Sprague, DNP, RN, ACNS-BC, CCRN Patient

881 views • 49 slides
Powder Neutron Diffraction - an introduction MENA3100 March 7 2018 Magnus H. Srby

Powder Neutron Diffraction - an introduction MENA3100 March 7 2018 Magnus H. Srby

Powder Neutron Diffraction - an introduction MENA3100 March 7 2018 Magnus H. Srby 13.03.2018 Scope The advantages of neutrons vs. X-rays Examples of neutron diffraction studies Neutron diffraction at IFE The glory of

681 views • 38 slides
Sub-Nyquist Sampling of Wideband Signals Deborah Cohen Technion Israel Institute of

Sub-Nyquist Sampling of Wideband Signals Deborah Cohen Technion Israel Institute of

Sub-Nyquist Sampling of Wideband Signals Deborah Cohen Technion Israel Institute of Technology Sub-Nyquist Sampling (Xampling) Smart Sampling Seminar March 21 st , 2012 1 /20 Outline Motivation Algorithms Sampling: MWC and Multicoset

242 views • 22 slides
Duality of upper and lower powerlocales on locally compact locales Tatsuji Kawai University of

Duality of upper and lower powerlocales on locally compact locales Tatsuji Kawai University of

Duality of upper and lower powerlocales on locally compact locales Tatsuji Kawai University of Padova Duality of lower and upper powerlocales on locally compact locales Tatsuji Kawai (University of Padova) Why powerlocales? Compact and

847 views • 51 slides
Composable GPU programming GPUs -- what are they? Basic model: SIMD, SPMD, MIMD; blocks

Composable GPU programming GPUs -- what are they? Basic model: SIMD, SPMD, MIMD; blocks

Composable GPU programming GPUs -- what are they? Basic model: SIMD, SPMD, MIMD; blocks of PUs with single PC, local memory (synchronous); warps many blocks (asynchronous), VRAM discontinuities/constraints from hardware

474 views • 9 slides

More recommend