SDLS Protocol Padding concept Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.

Slides:

Advertisements

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

Advertisements

Web security: SSL and TLS

1 The 2-to-4 decoder is a block which decodes the 2-bit binary inputs and produces four output All but one outputs are zero One output corresponding to.

“Advanced Encryption Standard” & “Modes of Operation”

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

SDLS impact on TM, AOS, TC Space Data Link Protocols Greg Kazz NASA/JPL Oct 16/17, 2012.

Block Ciphers and the Data Encryption Standard

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

Security Implementation Proposal for OpenWSN

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Stream cipher diagram + + Recall: One-time pad in Chap. 2.

Modes of Operation CS 795. Electronic Code Book (ECB) Each block of the message is encrypted with the same secret key Problems: If two identical blocks.

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

Block and Stream Ciphers1 Reference –Matt Bishop, Computer Security, Addison Wesley, 2003.

Symmetric Key Management Books Development Plan Daniel Fischer (ESA) Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.

IPSec in a Multi-OS Environment. What is IPSec? IPSec stands for Internet Protocol Security It is at a most basic level a way of adding security to your.

Message Authentication and Hash Functions Chapter 11.

Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:

Security Association / Security Context Bruno Saba DCT/TV/IN 03/05/2010.

Feistel Cipher Structure

1 CCSDS Security Working Group Fall 2010 Meeting October 2010 British Standards Institute London, UK Howard Weiss NASA/JPL.

CCSDS Security WG meeting October 2008, hosted by DLR at DIN premises (Berlin) 1 Data Link Security BOF An ESA contribution on Lessons Learned and Issues/Questions.

More About DES Cryptography and Network Security Reference: Sec 3.1 of Stallings Text.

Shambhu Upadhyaya Security – AES-CCMP Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 13)

Modes of Operation INSTRUCTOR: DANIA ALOMAR. Modes of Operation A block cipher can be used in various methods for data encryption and decryption; these.

1 Symmetric-Key Encryption CSE 5351: Introduction to Cryptography Reading assignment: Chapter 3 Read sections first (skipping 3.2.2)

Stream Ciphers and Block Ciphers A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. Examples of classical stream.

March 7, 2008Security Proposal 1 CCSDS Link Security Proposal Ed Greenberg Greg Kazz Howard Weiss March 7, 2008.

0 CCSDS Systems Engineering Area: Security Working Group Howard Weiss NASA/JPL/PARSONS November 2014 BSI, London.

1 CIS 5371 Cryptography 4. Message Authentication Codes B ased on: Jonathan Katz and Yehuda Lindell Introduction to Modern Cryptography.

FSH/security SLS-SLP fall2009 (version 4) Page 1 Security Headers + Homogeneous approach to FSH and Insert Zone in TM/AOS/TC frames: some problems and.

Chapter 2 Symmetric Encryption.

RTL Design Methodology Transition from Pseudocode & Interface

Doc.: IEEE e Submission Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Security.

CS555Spring 2012/Topic 71 Cryptography CS 555 Topic 7: Stream Ciphers and CPA Security.

Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.

Lecture 3 RTL Design Methodology Transition from Pseudocode & Interface to a Corresponding Block Diagram.

ESA UNCLASSIFIED – For Official Use SDLS Key Management Extended Procedures Daniel Fischer, Ignacio Aguilar Sanchez CCSDS Fall Meetings 2012 Oct 2012.

Module :MA3036NI Symmetric Encryption -3 Lecture Week 4.

SDLS Protocol Green Book initiation Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA.

2010 CCSDS Spring Meeting, 5 May 2010 Portsmouth, VA, USA Encrypted Authentication ISO/IEC I. Aguilar – ESA/ESTEC.

1 Message Authentication using Message Digests and the MD5 Algorithm Message authentication is important where undetected manipulation of messages can.

Information and Computer Security CPIS 312 Lab 6 & 7 1 TRIGUI Mohamed Salim Symmetric key cryptography.

@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.

CS480 Cryptography and Information Security

RTL Design Methodology Transition from Pseudocode & Interface

Provides Confidentiality

CSCE 715: Network Systems Security

CCSDS Link Security Proposal

SDLS Protocol Green Book initiation

Web Security (TRANSPORT-LEVEL SECURITY)

Some of this slide set is from Section 2,

Web Security (TRANSPORT-LEVEL SECURITY)

Security Of Wireless Sensor Networks

Symmetric-Key Encryption

Block Ciphers: DES and AES

Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS

Security of Wireless Sensor Networks

RTL Design Methodology Transition from Pseudocode & Interface

Hashing Hash are the auxiliary values that are used in cryptography.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec

CRYPTOGRAPHY & NETWORK SECURITY

Counter With Cipher Block Chaining-MAC

Elect. Codebook, Cipher Block Chaining

Simple Hash Functions Network Security.

Secret-Key Encryption

Presentation transcript:

SDLS Protocol Padding concept Ignacio Aguilar Sanchez (ESA) CCSDS Spring Meeting 2010 | Portsmouth, VA

Padding description –External Padding is required for some encryption and authentication algorithms that operate with input data blocks of 128-bit whenever input data length is not a block multiple. –Encryption example: Cipher Block Chaining (CBC); –Authentication example: CBC-MAC; –1 flag in security header (padding signalling flag) to signal presence or absence of padding –limit padding to cases where it is needed; –CCSDS recommended cryptographic algorithms do not require external padding. –Padding signalling flag is authenticated –as part of security header, which is always authenticated. –If padding is present security header includes 1 octet, placed at the end of the security header, to indicate the number of padding bits (0-127) –Padding pattern does not need to be transmitted; –Padding convention: 1, 10, 100, 1000, 10000,…known as ISO/IEC Padding Method 2. –Padding is granular at bit level.

Open points (1) –Padding signalling flag management alternatives: –Per frame –SDLS protocol determines need of padding and length for every frame and sets signalling flag accordingly; –Security header length can vary between frames; variation to be considered and accommodated by SDLS to determine SDLS output data length. –Per mission (preferred) –SDLS indicates presence of padding for all frames; –Padding length can include ‘0’ value (i.e., no padding); –Security header length is equal for all frames; simpler SDLS prediction of output data length.

Open points (2) –Security: –Suitability of proposed padding pattern has been studied for CBC and CBC-MAC; assessment required for other algorithms. –Definition of padding pattern and corresponding security can be left to implementer if algorithms other than above are used; recall that CCSDS recommended algorithms do not require padding; text to be added in BB and GB accordingly.