2 CCSDS Security Architecture Requirement To securely distribute key material to every communications node in a space system. To do so efficiently. –Use minimal bandwidth overhead –Use minimal processing & storage overhead. –Use minimal handshaking
3 CCSDS Security Architecture Constraints Transmission delay Available bandwidth Processing and memory resources of remote platforms. Communications are non-continuous. Communication windows are variable –(and short in case of LEO) Mission lifetimes can last for years. 3 rd Parties are a long way away!
4 CCSDS Security Architecture Bonuses Number of times session keys need to be changed is minimal Data rates are low Man-in-the-middle attacks are hard/impossible to do.
5 CCSDS Security Architecture Types of Key Distribution Symmetric Asymmetric (Public Key) Quantum Key Distribution IKE Identity Based Encryption Distributed Key Management (PGP) Threshold Scheme (many non-trusted parties) Fortified Key Negotiation (Variation on DH)
6 CCSDS Security Architecture Symmetric Key Distribution Wide mouth frog Needham-schroeder Kerberos Otway Rees Yahalom Neuman-Stubblebine Pairwise Shaired Keys Blom’s Scheme Need a Trusted 3 rd Party Variation of Pre-Load
8 CCSDS Security Architecture Quantum Key Exchange Based on the physical properties of photons. Very secure Currently limited range. Not compatible with RF communications.
9 CCSDS Security Architecture IKE Developed by the IETF as the Key Management system for IPSec. Based on combination of symmetric and asymmetric techniques. IKE v1 was extremely complex to implement. IKE v2 is now being agreed. IKE v2 much simpler than v1 however still has a lot of handshaking. Possible use of IKE v2 phase one only –just two challenge/response pairs.
10 CCSDS Security Architecture Identity Based Encryption Newly developed scheme Similar to PKI, however any arbitrary string can be used as public key. No need for certificate management. Cannot be used for authentication. Patented
11 CCSDS Security Architecture Recommendations Use variant of IKEv2 phase one for the exchange of sessions keys. Use public/private keys and certificates for authentication.