CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 1 Data Link Security BOF An ESA contribution on Lessons Learned and Issues/Questions.

Slides:

Advertisements

Similar presentations

Chapter 3 The Data Link Layer.

Advertisements

The Data Link Layer Chapter 3. Data Link Layer Design Issues Services Provided to the Network Layer Framing Error Control Flow Control.

“Advanced Encryption Standard” & “Modes of Operation”

VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.

FPGA Configuration. Introduction What is configuration? – Process for loading data into the FPGA Configuration Data Source Configuration Data Source FPGA.

Data Link Protocols(HDLC & PPP). Data Link Protocols The set of specifications used to implement the DLL. DLL Protocols Synchronous Protocols Character-oriented.

HIGH-LEVEL DATA LINK CONTROL (HDLC) HDLC was defined by ISO for use on both point-to-point and multipoint data links. It supports full-duplex communication.

SDLS impact on TM, AOS, TC Space Data Link Protocols Greg Kazz NASA/JPL Oct 16/17, 2012.

A General Purpose CCSDS Link layer Protocol Next Generation Data Link Protocol (NGDLP) Ed Greenberg Greg Kazz 10/17/

8-Reliability and Channel Coding Dr. John P. Abraham Professor UTPA.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CCNA 1 v3.1 Module 6 Review. 2 What 3 things happen on an Ethernet network after a collision occurs? A backoff algorithm is invoked and transmission is.

William Stallings Data and Computer Communications 7 th Edition Chapter 7 Data Link Control Protocols.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Embedded Systems Laboratory Informatics Institute Federal University of Rio Grande do Sul Porto Alegre – RS – Brazil SRC TechCon 2005 Portland, Oregon,

1 08 January 2015 Stephen Horan Cube Quest Kick-off: Communications Rules PI for Avionics Space Technology Mission Directorate.

Adapted from Tanenbaum's Slides for Computer Networking, 4e The Data Link Layer Chapter 3.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

Gursharan Singh Tatla Transport Layer 16-May

Gursharan Singh Tatla DATA LINK PROTOCOLS 24-Mar

CCSDS october 2008 meeting – Berlin 1 Space Data Link Security BOF SEA/SLS October 14, 2008 meeting.

Presentation on Osi & TCP/IP MODEL

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

1. 2 Purpose of This Presentation ◆ To explain how spacecraft can be virtualized by using a standard modeling method; ◆ To introduce the basic concept.

Wired LANs: Ethernet In Chapter 1, we learned that a local area network (LAN) is a computer network that is designed for a limited geographic area such.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

Chapter 7 Low-Level Protocols

Data Link Control Protocols

1 Fall Technical Meeting, Bordeaux (BOD) 4/15-18/2013 SLS-CS_13-03 Separating Coding from Framing V. Sank, H. Garon - NASA/GSFC/MEI W. Fong, W.

DEVICES AND COMMUNICATION BUSES FOR DEVICES NETWORK

Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.

Security Association / Security Context Bruno Saba DCT/TV/IN 03/05/2010.

Karlstad University IP security Ge Zhang

ESA UNCLASSIFIED – For Official Use Network Layer Security - Food for Thought D. Fischer, I Aguilar-Sanchez CCSDS Fall Meetings.

Data Link Layer : Services, Framing, Error Detection and Correction2.

The Data Link Layer. Functions of the Data Link Layer Provide service interface to the network layer Dealing with transmission errors Error detection.

March 7, 2008Security Proposal 1 CCSDS Link Security Proposal Ed Greenberg Greg Kazz Howard Weiss March 7, 2008.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

FSH/security SLS-SLP fall2009 (version 4) Page 1 Security Headers + Homogeneous approach to FSH and Insert Zone in TM/AOS/TC frames: some problems and.

Proposal for a TC-2 Protocol Ed Greenberg Greg Kazz Oct /27/20151.

IRIG-106 CHAPTER 7 TELEMETRY DOWNLINK ETTC JUNE 2015 Balázs Bagó Zodiac Data Systems.

1 CCSDS Security Working Group Spring Meeting Colorado Springs Security Architecture January 19 th 2007.

CCSDS march 2008 meeting – Crystal City 1 TC/TM space links security SEA / SLS cross area meeting.

Data Link Layer: Data Link Control : Data Communication and Computer Networks Asst. Prof. Chaiporn Jaikaeo, Ph.D.

SDLS Protocol Padding concept Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.

DATA LINK CONTROL PROTOCOLS. 2 Introduction Data link control layer – often abbreviated simply to data link layer – is concerned with the transfer of.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

Ethernet Overview it the IEEE standard for Ethernet.

CCSDS SOIS Working Group Meeting – Berlin, Germany 14th of October 2008 Prototyping of CCSDS SOIS services on 1553 Bus Sev Gunes-Lasnet, Olivier Notebaert.

Apr SLS-SLP WG Goal: Progress TM, AOS Space Data Link Protocol Pink Sheets to Blue (OID frame)* Hold due to FSH/Insert Zone/Security discussion.

1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.

Key Management V 0.4 Discussion of document revision SeaSec Intermediary Meeting, Heppenheim, October 07 Daniel Fischer Uni Lux SECAN-Lab / ESA OPS-GDA.

1 Fall Technical Meeting, Bordeaux (BOD) 4/15-18/2013 SLS-CS_13-02 High Data Rate (Gbps +) Coding Architecture Part 2 (part 1 was presented at Fall 2012.

1. 2 Purpose of This Presentation ◆ To explain how spacecraft can be virtualized by using a standard modeling method; ◆ To introduce the basic concept.

ESA UNCLASSIFIED – For Official Use SDLS Key Management Extended Procedures Daniel Fischer, Ignacio Aguilar Sanchez CCSDS Fall Meetings 2012 Oct 2012.

CCNA3 Module 4 Brierley Module 4. CCNA3 Module 4 Brierley Topics LAN congestion and its effect on network performance Advantages of LAN segmentation in.

Space Data Link Secure Protocol Interoperability Testing Interfaces Definition Proposal Bruno Saba DCT/TV/IN 26/04/2010.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

1 The Data Link Layer A. S. Tanenbaum Computer Networks W. Stallings Data and Computer Communications Chapter 3.

CCSDS Telecommand Sync and Channel Coding Specification using advanced Block Codes Ed Greenberg NASA/JPL Oct. 15,

Protocol Coexistence Issue in MSA Subsequent Authentication

@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

Bruno Saba DCT/TV/IN 26/04/2010

Joint Meeting of the CCSDS and the OMG-SDTF

Hubs Hubs are essentially physical-layer repeaters:

CCSDS Link Security Proposal

Ed Greenberg Greg Kazz 10/17/2012

Chapter 3: Open Systems Interconnection (OSI) Model

Presentation transcript:

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 1 Data Link Security BOF An ESA contribution on Lessons Learned and Issues/Questions for the WG Charter I. Aguilar/D. Fischer

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 2 Some lessons learned (1) Padding or no padding? –Consider the impact of data padding: A pseudo protocol required to handle padding generation at source and processing/removal at sink. Need to identify and define the length and position of padding data. Impacts throughput. Feasibility for very high data rates? –A solution: Choose cryptographic algorithms that eliminate the need for padding Key synchronization –Critical operational concern: how to make sure that both ends of the secured communication session achieve and maintain cryptographic key synchronization in all conditions. –A solution: Use data-driven synchronization; The transmitted message contains pointer to the key to be used; Telemeter on-board set pointer. Mirror on-board and on-ground key memories.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 3 Some lessons learned (2) Secure and clear modes management: accommodation and impacts –Presence or absence of security protocol may imply presence or absence of certain data structures. –Throughput needs to be adapted according to mode. –Change data rate: An obvious solution with significant implications on implementations, e.g., more complexity. –A preferred solution: Use data structures whose data length can be modulated (short for secure mode, long for clear mode). Exceptions –Critical operational concerns: COP-1 not always present. Telemetry not always present. –Still, Telecommand security has to work. Problem with anti-replay management and blind commanding. –A solution: Relax anti-replay management condition: rather than anti-replay parameter equality accept a window of parameter values. Caveat: security is degraded.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 4 Some lessons learned (3) Logical and physical placement interaction –Same protocol design can have different throughput impacts according to physical implementation. –Position before on-board segment processor: Timing and flow control between control and data frames managed with guard times. Strong throughput impact: up to 50% reduction. –Choice driven by industrial planning considerations. –Throughput penalty acceptable for that application (GSO telecom satellite). –Solution would not be acceptable for other applications (e.g., short contact times).

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 5 Some lessons learned (4) Command authentication/decryption are Vital functions as defined by ESA. –function that is essential to mission success and that can cause permanent mission degradation if not executed when it should be, or wrongly executed, or executed in the wrong context. Need to have ALWAYS indication of TC authentication/decryption protocol status, regardless of spacecraft telemetry process. –Similar to CLCW with RF flags and COP-1. –Two free bits in CLCW (4 indications?).

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 6 Some questions for the WG Charter (1) What does a Security Association comprise in our context? –Cryptographic algorithm and configuration. –Configuration implies mode of operation, IV, cryptographic key length. –Freshness parameter. Entities on the ground and entities on the spacecraft: typically 2 on each side. Implication: –at least 4 security associations. Protocol data structures shall support the identification of the ongoing security association between ground and spacecraft. –Ability for the ground to address a primary or secondary on- board security function. –Ability for the spacecraft to identify and manage all the security associations.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 7 Some questions for the WG Charter (2) Data Link Security protocol What does it mean to protect the data link? Which are the data structures within the data link format that would be protected/affected? –Input for the WG Charter: Options need to be identified and studied. –Preliminary work already reported in Green Book. –One proposal provided by NASA for this meeting. –Others were reported in various papers at ESA TT&C 2007 Workshop, ESA studies.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 8 Some questions for the WG Charter (3) Payload Data Encryption Very High Speed Downlink requires a multi- carrier signal ergo multiple parallel data streams. Multiple instances of encryption or a single instance before de-multiplexing? Where is the Data link de-multiplexed? Virtual Channel?

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 9 Some questions for the WG Charter (4) Anti-replay management Freshness required on Authenticated Data. Freshness field shall be used not only for MAC generation but it shall also be transmitted. COP-1 assumptions? Freshness field length and key management: independent?

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 10 Some questions for the WG Charter (5) Channel error propagation: relationship with security Security shall not multiply transmission channel errors. Does security protocol design need to consider a minimum channel error performance? Authentication Protects against intentional manipulation of data. Protection against random data manipulation (e.g., transmission channel errors) is the responsibility of other protocols. CRC and coding provides detection and sometimes correction of channel errors

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 11 Some questions for the WG Charter (6) Interoperability/integration with COP-1 What are the COP-1 assumptions for the definition and operation of a Data Link Security protocol? AD mode? BD mode? BC mode? Should data link security protocol be concerned with COP-1 control frames?

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 12 Some questions for the WG Charter (7) How to accommodate both secure and clear modes without impacting much the other protocol layers? Consider secured and clear modes management.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 13 Some questions for the WG Charter (8) Which implementation assumptions, if any, need to be considered? Experience has shown (see previous slides on lessons learned) that implementation constraints can drive protocol design. A protocol designed in full isolation of implementation realities is likely to fail to be adopted. Some implementation realities and constraints are Agency dependent. Is there a chance to find some common ground for the benefit of all Agencies?