Symmetric Key Management BooksDevelopment Plan

Daniel Fischer (ESA)

Ignacio Aguilar Sanchez (ESA)

CCSDS Spring Meeting 2010 | Portsmouth, VA

Introduction:Status of Key Management (1/2)

– “Space Mission Key Management Concept” Green Book has been completed, final editorials are being implemented

– This book covers basic key management concepts, including a lot of background material

– Key Management Lifecycle

– Key Infrastructures

– Key Hierarchies

– Key Management procedures options for the space link

– Key Management Examples

– The Green Book is a good starting point, but more concrete documentation needs to be produced

Introduction:Status of Key Management (2/2)

– In the ESTEC fall meeting it was decided to go ahead with the creation of two new key management books

Symmetric Key Management Blue Book

Symmetric Key Management Green Book

– Asymmetric key management was abandoned for the time being since it is not identified as a priority

– May be addressed in the WG’s future work

– These documents have they following purpose

– Standalone standards documentation, independent of specific secure transport protocols

– Direct support to SDLS standardization to create a complete SDLS framework

Key Management Books:Organization and Schedule

– The books will be produced by the Security Working group in close collaboration with the SDLS WG

– SDLS protocols will be a first use case for the symmetric key management concepts to be produced

– The books will be authored by I. Aguilar-Sanchez (ESA) and D. Fischer (ESA)

SymmetricKM BB

SymmetricKM GB

GenericKM GB

Defines concepts

SDLSBB

SDLS GB

supports

complement

Key Management Books Schedule

– White Book: Fall 2010

– Red Book 1st Draft: Spring 2011

– Green Book 1st Draft, Red Book 2nd Draft: Fall 2011

– Green Book 2st Draft, Red Book Final: Spring 2012

– Interoperability Implementations: 2012

– Green Book Final, Blue Book Final: Fall 2012

Key Management Blue Book: Contents

– Recommendation for a symmetric key management concept

– Will use the terminology that was laid down in the general KM Green Book

– Key Management Procedures & Protocols

– Which ones to cover?

– Key Wrapping Procedures

– Use of pre-loaded keys only

– Key Derivation/ Synchronization? (Some input here?)

– Key Length and Lifetime recommendations

– Dependent on life time, key use, and amount of data to be protected by the keys

– Any input from Agencies?

Key Management Green Book: Contents

– The Key Management Green Book will support the Blue Book and cover the following:

– Mapping of blue book recommendations to mission profiles

– Providing rationale for the recommendations included in the Blue Book

– Rationale for key length and lifetime recommendations

– Rationale for protocol & procedure recommendations

– Putting the blue book into context with SDLS and cryptographic algorithms book

– Key Hierarchies

– Configuration tradeoffs

– Guidelines for Applications / Missions

Next Things to Do

– Key Management Blue Book

– A list of items that will be included as recommended practises will be prepared

– Distribution to WG members and request for further items from the Agencies

– Consolidated list will then be distributed before the next meeting and a first draft of the red book will be prepared

– Key Management Green Book

– No concrete actions, only information collection so far since no draft is foreseen for the Fall Meeting

Secure Co.

Possible Future Steps

– One link still missing: Mapping of key management (and also security association management) to standardized application layer services

– Development of common interfaces for on-board security units

– SM&C is a possible successor of the European PUS standard and other application layer service standards

– Future activity could be to map the procedures defined in the key management blue book to SM&C services

Ground

Segment

S/C

Secure Co.

Secure Comms

Protocols

Secure Crypto

Protocols ?

Secure

Services

Interface