Upload
matthew-daniel
View
222
Download
4
Embed Size (px)
Citation preview
Symmetric Key Management BooksDevelopment Plan
Daniel Fischer (ESA)
Ignacio Aguilar Sanchez (ESA)
CCSDS Spring Meeting 2010 | Portsmouth, VA
Introduction:Status of Key Management (1/2)
– “Space Mission Key Management Concept” Green Book has been completed, final editorials are being implemented
– This book covers basic key management concepts, including a lot of background material
– Key Management Lifecycle
– Key Infrastructures
– Key Hierarchies
– Key Management procedures options for the space link
– Key Management Examples
– The Green Book is a good starting point, but more concrete documentation needs to be produced
Introduction:Status of Key Management (2/2)
– In the ESTEC fall meeting it was decided to go ahead with the creation of two new key management books
Symmetric Key Management Blue Book
Symmetric Key Management Green Book
– Asymmetric key management was abandoned for the time being since it is not identified as a priority
– May be addressed in the WG’s future work
– These documents have they following purpose
– Standalone standards documentation, independent of specific secure transport protocols
– Direct support to SDLS standardization to create a complete SDLS framework
Key Management Books:Organization and Schedule
– The books will be produced by the Security Working group in close collaboration with the SDLS WG
– SDLS protocols will be a first use case for the symmetric key management concepts to be produced
– The books will be authored by I. Aguilar-Sanchez (ESA) and D. Fischer (ESA)
SymmetricKM BB
SymmetricKM GB
GenericKM GB
Defines concepts
SDLSBB
SDLS GB
supports
complement
Key Management Books Schedule
– White Book: Fall 2010
– Red Book 1st Draft: Spring 2011
– Green Book 1st Draft, Red Book 2nd Draft: Fall 2011
– Green Book 2st Draft, Red Book Final: Spring 2012
– Interoperability Implementations: 2012
– Green Book Final, Blue Book Final: Fall 2012
Key Management Blue Book: Contents
– Recommendation for a symmetric key management concept
– Will use the terminology that was laid down in the general KM Green Book
– Key Management Procedures & Protocols
– Which ones to cover?
– Key Wrapping Procedures
– Use of pre-loaded keys only
– Key Derivation/ Synchronization? (Some input here?)
– Key Length and Lifetime recommendations
– Dependent on life time, key use, and amount of data to be protected by the keys
– Any input from Agencies?
Key Management Green Book: Contents
– The Key Management Green Book will support the Blue Book and cover the following:
– Mapping of blue book recommendations to mission profiles
– Providing rationale for the recommendations included in the Blue Book
– Rationale for key length and lifetime recommendations
– Rationale for protocol & procedure recommendations
– Putting the blue book into context with SDLS and cryptographic algorithms book
– Key Hierarchies
– Configuration tradeoffs
– Guidelines for Applications / Missions
Next Things to Do
– Key Management Blue Book
– A list of items that will be included as recommended practises will be prepared
– Distribution to WG members and request for further items from the Agencies
– Consolidated list will then be distributed before the next meeting and a first draft of the red book will be prepared
– Key Management Green Book
– No concrete actions, only information collection so far since no draft is foreseen for the Fall Meeting
Secure Co.
Possible Future Steps
– One link still missing: Mapping of key management (and also security association management) to standardized application layer services
– Development of common interfaces for on-board security units
– SM&C is a possible successor of the European PUS standard and other application layer service standards
– Future activity could be to map the procedures defined in the key management blue book to SM&C services
Ground
Segment
S/C
Secure Co.
Secure Comms
Protocols
Secure Crypto
Protocols ?
Secure
Services
Interface