Symmetric Key Management Books Development Plan Daniel Fischer (ESA) Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA

Introduction: Status of Key Management (1/2) –“Space Mission Key Management Concept” Green Book has been completed, final editorials are being implemented –This book covers basic key management concepts, including a lot of background material –Key Management Lifecycle –Key Infrastructures –Key Hierarchies –Key Management procedures options for the space link –Key Management Examples –The Green Book is a good starting point, but more concrete documentation needs to be produced

Introduction: Status of Key Management (2/2) –In the ESTEC fall meeting it was decided to go ahead with the creation of two new key management books  Symmetric Key Management Blue Book  Symmetric Key Management Green Book –Asymmetric key management was abandoned for the time being since it is not identified as a priority –May be addressed in the WG’s future work –These documents have they following purpose –Standalone standards documentation, independent of specific secure transport protocols –Direct support to SDLS standardization to create a complete SDLS framework

Key Management Books: Organization and Schedule –The books will be produced by the Security Working group in close collaboration with the SDLS WG –SDLS protocols will be a first use case for the symmetric key management concepts to be produced –The books will be authored by I. Aguilar-Sanchez (ESA) and D. Fischer (ESA) Symmetric KM BB Symmetric KM GB Generic KM GB Defines concepts SDLS BB SDLS GB supports complement

Key Management Books Schedule –White Book: Fall 2010 –Red Book 1 st Draft: Spring 2011 –Green Book 1 st Draft, Red Book 2 nd Draft: Fall 2011 –Green Book 2 st Draft, Red Book Final: Spring 2012 –Interoperability Implementations: 2012 –Green Book Final, Blue Book Final: Fall 2012

Key Management Blue Book: Contents –Recommendation for a symmetric key management concept –Will use the terminology that was laid down in the general KM Green Book –Key Management Procedures & Protocols –Which ones to cover? –Key Wrapping Procedures –Use of pre-loaded keys only –Key Derivation/ Synchronization? (Some input here?) –Key Length and Lifetime recommendations –Dependent on life time, key use, and amount of data to be protected by the keys –Any input from Agencies?

Key Management Green Book: Contents –The Key Management Green Book will support the Blue Book and cover the following: –Mapping of blue book recommendations to mission profiles –Providing rationale for the recommendations included in the Blue Book –Rationale for key length and lifetime recommendations –Rationale for protocol & procedure recommendations –Putting the blue book into context with SDLS and cryptographic algorithms book –Key Hierarchies –Configuration tradeoffs –Guidelines for Applications / Missions

Next Things to Do –Key Management Blue Book –A list of items that will be included as recommended practises will be prepared –Distribution to WG members and request for further items from the Agencies –Consolidated list will then be distributed before the next meeting and a first draft of the red book will be prepared –Key Management Green Book –No concrete actions, only information collection so far since no draft is foreseen for the Fall Meeting

Secure Co. Possible Future Steps –One link still missing: Mapping of key management (and also security association management) to standardized application layer services –Development of common interfaces for on-board security units –SM&C is a possible successor of the European PUS standard and other application layer service standards –Future activity could be to map the procedures defined in the key management blue book to SM&C services Ground Segment S/C Secure Co. Secure Comms Protocols Secure Crypto Protocols ? Secure Services Interface