Driving Behavioral Change for Information Management through Data-Driven Gree...
A study of cryptography for satellite applications
1. By
Rajesh Azmera
Shakun Yawatkar
at
Digital Systems Group
ISAC, Bangalore
2. Objectives
Study of basics of cryptography and different
cryptographic methods.
Study of CCSDS security needs and recommendations
Comparison of several cryptographic algorithms
Finding the best cryptographic algorithm for satellite
security( downlink in RS satellites)
3. Overview
Aspects of Satellite Security and their
Countermeasures
Introduction to Cryptography
Classification of Cryptography
Attacks and their classification
Various Cryptographic Algorithms and their
comparison
CCSDS Recommendations
Comparison of Block and Stream Ciphers
Conclusion
4. Aspects of Satellite Security
Access Control:
Process of granting access to the resources of a system only
to authorized users, programs, processes.
Enable only approved operators to access mission control
systems
Authentication:
Ability to verify the identity of a user or device.
Only authenticated telecommands are obeyed by the
onboard systems.
Availability:
Assurance that a system will be usable when it has to be.
Spread Spectrum and Frequency Hopping techniques can
be used to prevent jamming.
5. Aspects of Satellite Security Continued
Confidentiality:
Ensures that data is disclosed only to the authorized systems.
Prevents disclosure of sensitive information contained within space mission
data system.
Confidentiality of uplink and downlink data
Prevents analysis of communication traffic by unauthorized system.
CRYPTOGRAPHY COMES INTO PICTURE.
Data Integrity:
Ensuring that data transmitted from a source is not modified, altered or
destroyed
Mission data has not been manipulated in any way during Transmission.
Appending Integrity Check Value (ICV) to the data structure
A form of sequence numbering for stream of data.
Accountability:
Ensures that the system actions are logged with the identity of the entity
initiating the action and the data and time the action occurred( Auditing)
6. Classes of Missions with respect to security
High Security Missions:
Government or Military section
Protection of mission data from unauthorized
access, Prevention from detection, interception, and
exploitation
Moderate Security Missions:
Commercial Communications, Meteorological and Remote
Sensing Missions
Protection from unauthorized access, protect payload data
Minimal Security Missions:
Other space missions
Confidentiality requirement for specific telemetry
information
7. Introduction to Cryptography
Need of Cryptography:
Confidentiality, Authentication, Integrity and Non-
repudiation are needed in various applications like
Radio Communication,
Telephonic Communication
Network Communication
Mobile Communication
Internet
8. Cryptography
Cryptography is the science of protecting data, which
provides means and methods of converting data into
unreadable form, so that
The data cannot be accessed for unauthorized use.
The content of the data frames is hidden.
The authenticity of the data can be established.
The undetected modification of the data is avoided.
The originator of the message cannot disown the data.
10. Some Important Terms
Plaintext: An original intelligible message or data that is
fed into the algorithm as input.
Ciphertext: The coded message is known as Ciphertext. It
depends upon the plaintext and the secret key
Encryption: The process of conversion of plaintext into
ciphertext is known as Encryption
Decryption: Restoring the plaintext from ciphertext is
known as Decryption.
Cryptanalysis: Techniques used for deciphering a message
without any knowledge of enciphering details fall into the
area of Cryptanalysis.
Cryptology: The areas of cryptography and cryptanalysis
together are called Cryptology.
11. Classification of Cryptographic Techniques
Symmetric Key Cryptography
also known as Secret Key Cryptography
Problem: Process of transferring keys to the recipient
is prone to risk. Includes a authorized third party.
12. Asymmetric (Public Key) Cryptography:
This technique is very slow as compared to symmetric
one.
14. Cryptographic Algorithms in Symmetric Key
Cryptography
Data Encryption Standard (DES)
Extensively studied since its publication and is the best
known algorithm
Developed by IBM in 1970 s.
64-bit block size and 56-bit key
In multiuser environment, secure key distribution may
be difficult
Most recently DES cracking machine was used to
recover 56-bit key in 22 hrs.
Result: DES is not secure, Banned by U.S. Government.
15. Triple DES
Minor Variation of DES, three times slower than DES
More secure than DES
EDE(Encrypt- Decrypt-Encrypt)
Encrypts plaintext data with a 56-bit key. The
ciphertext obtained is decrypted with different key
giving garbage data. And this garbage data is again
encrypted using the first key.
Some other algorithms are IDEA, RC4, RC5, CAST 128
16. Advanced Encryption Standard (AES)
National Institute of Standards and Technology (NIST) realized the
need of new secure algorithm to replace DES. And arranged a
competition.
One of the criteria for the arranged competition was the ability to
support 128-bit blocks of plaintext.
The finalists of the competition were
MARS: by IBM
RC6: by Ron Rivest of RSA Labs
Twofish: from Counterpane Internet Security (highly suitable for
microprocessors and smart cards
Serpent: by Ross Anderson, Eli Bihan and Lars Knudsen
Rijndael: by Daemen and Rijmen
Of all these, Rijndael was judged best and announced to be new AES.
17. Rijndael Algorithm
Fixed Block Sixe of 128-bits and key size of 128, 192 or
256 bits.
Operates on 4*4 matrix of bytes, termed the state.
8 or 10 or 12 rounds as per the respective key size. Each
round consists of several processing steps.
18. High-level description of the algorithm:
Key Expansion- round keys are derived from the cipher key using Rijndael's key schedule
Initial Round
Add Round Key- each byte of the state is combined with the round key using bitwise
xor
Rounds
SubBytes- a non-linear substitution step where each byte is replaced with another
according to a lookup table.
ShiftRows- a transposition step where each row of the state is shifted cyclically a
certain number of steps.
MixColumns- a mixing operation which operates on the columns of the
state, combining the four bytes in each column.
AddRoundKey
Final Round (no MixColumns)
SubBytes
ShiftRows
AddRoundKey
20. Algorithms in Asymmetric Cryptography
The most common algorithm is RSA.
Ronald Rivest, Adi Shamir, and Leonard Adleman
developed the RSA system in 1977; RSA stands for the first
letter in each of its inventors’ last names.
Take two large primes, p and q, and compute their product
n = pq: n is called the modulus. Choose a number ‘e’ less
than n and relatively prime to (p-1)(q-1), Which means e
and (p - 1)(q - 1) have no common factors except 1.
Find another number d such that (ed - 1) is divisible by (p -
1)(q - 1). The values e and d are called the public and private
exponents/keys. The public key is the pair (n; e); the
private key is (n; d). The factors p and q may be destroyed
or kept with the private key.
21. It is currently difficult to obtain the private key d from
the public key (n; e). However if one could factor n
into p and q, then one could obtain the private key d.
Thus the security of the RSA system is based on the
assumption that factoring is difficult.
22. Symmetric encryption are further classified as
Block ciphers – It encrypts plain text and decipher the
text blocks of a fixed length.
Stream ciphers – In this plain text bits are combined with
a pseudorandom cipher bit stream by exclusive –or
operation. In this plain text bits are encrypted one at a
time.
23. Different types of Block ciphers are:
1. Electronic Code Book Mode(ECB).
2. Cipher-Block Chaining Mode(CBC).
3. Cipher Feed-Back Mode(CFB).
4. Output Feed Back Mode(OFB).
5. Counter Mode(CTR).
24. Electronic Code Book mode - Each plain text block is
encrypted by the underlying algorithm Block
Encryption, transmitted and decrypted . The last fragment
of the message is suitably padded with zero to make it
block size.
Disadvantage – Identical plain text block has identical
cipher text block, where it does not provide serious
message confidentiality.
25. Cipher Block Chaining Mode- Co is initialization vector which is
used as the seed for the process.
Initialization vector- A block of bits is used by several modes to
randomize the encryption.
26. Cipher Feed back Mode-
The cipher key stream is extracted from the outputs of the block cipher
encryption whose inputs are taken as the feedback from the cipher text
stream. Before the feedback is available , an initialization vector is used as
a seed.
27. Out put Feed back Mode- This is almost similar to the CFB
mode ,except that the block cipher encryption takes the feedback
directly from its own outputs.
30. Stream classified into two types
1. Synchronous stream Cipher- In this type of cipher the sender
and receiver must be exactly in step/synchronized for decryption to
be successful. If digits are added or removed from the message during
transmission, synchronization is lost, however a single bit is lost and
error doesn’t propagate.
2. Self-synchronous Stream cipher- In this type, if digits are
added/removed during the transmission synchronization can be
attained by the algorithm.
In this stream ciphers padding is not required as in case of block ciphers.
31. Various types of attacks that are possible on
cryptographic systems
There are two types of basic attacks:
Passive attack.
Active attack.
Passive attack: This type of attack is generally accomplished by
eavesdropping and modification of data is not possible.
A space system can be subjected to two principle types of passive attacks :
Compromise of Data confidentiality- Disclosure of information
flowing between ground and space systems
Compromise of traffic flow confidentiality-Disclosure of
information like volume, source and destination of the information.
eg: traffic analysis.
These are difficult to detect because they don’t involve alteration of data.
32. Active attacks-
Some of the possible types of attacks to be considered for space systems
are:
Modification of messages- This kind of attack occurs when some
amount of data is altered resulting in undesirable effects.
Replay Attack- when a message or part of it is stored and repeated at
later time to produce undesirable effect.
Insider attack- Most of the computer crimes are the result of insider
attack.
Software threats- programs like viruses , worms etc.. to allow
bypassing the usual security controls.
33. Attacks which are possible on stream ciphers
Possible attacks on stream ciphers are:
Known Cipher text attack.
Known plain text attack.
Chosen plain text attack.
Chosen cipher text attack.
Side channel attack.
Bit flipping attack.
Known Cipher text attack – In this type of attack where the attacker
assumed to have access to set of cipher texts. The attack is completely
successful if the plain text is deducted.
Various techniques developed by the cryptographers are:
Traffic analysis.
Brute force attack.
34. Know plain text attack : the attacker has the samples of both the
cipher text and plain text and use them to reveal the information.
Chosen plain text attack- Here the attacker has the capability to
choose the plain text and obtain the corresponding cipher text. The goal
of the attack to gain some further information which reduces the security
of the encryption scheme.
Chosen cipher text attack- In this attacker gather the information at
least in part by part and obtaining its decryption under a unknown key.
The aim is to deduce the key.
Key recovery method- a method to recover the key.
35. Side channel attack- Side channel attacks are based on side channel
information, side cannel information is retrieved from physical
implementation instead of theoretical weakness. Here the attacker
studies the power consumption of a cryptographic device and uses its
electro magnetic radiation to find out the key.
Bit flipping attack- in this type of attack, attacker can change the cipher
text in such a way that a predictable change in plain text is made.
This type of attack can be avoided by using message authentication codes
(MAC) to increase the likelihood that tampering will be detected.
36. Attacks that are possible on block ciphers:
Brute force attack.
Linear crypt analysis.
Differential crypt analysis.
Brute force attack- It involves symmetrically checking all the possible
keys until the correct key is found. In the worst case, this would involve
traversing entire search space.
Linear crypt analysis- In this attack it takes the advantage of linear
relationships between a the input and output of cipher keys. The usual
approach is to analyze the non linear components and approximate them.
37. Differential crypt analysis- In this type of attack it analyzes the
differences in pair of plaintext on the difference of resultant cipher texts.
These differences can be used to assign probabilities to the possible keys
and locate the most possible key.
38. Comparison of various algorithms based data
rate, throughput and hardware.
Throughput- defined as the no.of bits encrypted and decrypted in
unit of time.
Through put per slice-which measures the hardware
cost, associated with the implementation resulting throughput.
Latency- time necessary to encrypt and decrypt a single block of
plain text or cipher text.
39. Performance comparison of stream ciphers:
Cipher Area (Slices) Frequency (MHz) Throughput (Mbps) Through/Area
A5/1 32 188.3 188.3 5.88
W7 608 96 768 1.26
E0 895 189 189 0.21
Helix 418 32 1024 2.45
RC4 140 60.8 120.8 0.86
Hardware used- Xilinx Virtex XC2v6000 1152-6 FPGA which contains
33792 slices and 144 RAM blocks.
Conclusion- A5/1 is considered as best.
40. Performance comparison of Block ciphers
It consists of two basic type of architectures-
Basic Looping Architecture-
44. Conclusion obtained from above table :
A5/1 is most efficient but is the weakest
Helix appears to be efficient but requires software pre-computations
which may not be practical.
LILI-II is not competitive with modern block ciphers and its expensive
synchronization limits its efficiency.
SNOW2.0 considered to be best and comparable to ICEBERG
Comparison between ICEBERG and AES shows that AES should be
preferred for space application where through put is compromised.
45. CCSDS :
The Consultative Committee for Space Data Systems, formed in 1982
by the major space agencies of the world.
Since its establishment, actively developing recommendations for data
and information systems.
CCSDS standardization reduces the cost burden of missions by cost
sharing between agencies and cost effective commercialization.
CCSDS recommendations
Proposed only block cipher for encryption than stream cipher because
Block cipher are faster and different algorithms can be implemented
without changing the hardware.
Stream cipher can be susceptible to serious security problems if used
incorrectly.
46. Algorithm selection by CCSDS
AES,BLOWFISH,TEA,IDEA,SEED were considered but AES was
recommended.
BLOWFISH : It is the predecessor of the AES finalist TWOFISH which was
not on CCSDS’s list.
Tiny Encryption Algorithm(TEA): It requires many rounds (64). So extreme
high speed is not achieved with cryptographic weaknesses.
IDEA: Strong but speed is not high. Also, IDEA is patented and licensed.
SEED: Korean algorithm, performance was not outstanding and usage was
limited to Korea.
AES: Selected through lengthy, open , international competition.
Available worldwide on a royalty free basis and not covered by any
legal restrictions/patents.
AES USING COUNTER MODE OPERATION IS RECOMMENDED BY CCSDS.
47. Advantages of counter mode:
Counter mode is very efficient in operation.
Padding is not required.
Single bit error results in loss of single bit.
Counter mode effectively converts block cipher to stream cipher so that
advantages of both can be achieved.
Parallel computation is possible.
48. Comparison between stream and block cipher:
Stream cipher Block cipher
1. It encrypts and decrypts one bit data at a time. It encrypts a block at a time of size M.
2. Different algorithms cannot be implemented using the Using block cipher hardware architecture different types of
same hardware. algorithm can be implemented without changing the
hardware
3. Applications where the speed is required it cannot It provides high speed though the encryption is
provide high speed providing more encryption which is not comparatively lower than that of stream ciphers.
required by the application
4. Transmission error can affect only single bit. Transmission error in one cipher text block has no effect on
other blocks in counter mode.
5. Padding is not required. Padding is required.
6. Insertion and deletion of bits is not possible. Insertion and deletion of blocks is possible.
7. Less susceptible for crypt analysis attack but if used More susceptible for crypt analysis attack as compared to
incorrectly, can be susceptible to serious security problems. stream ciphers
8. Through put is less than block ciphers. Through put is high.
9. Hardware required is less. Hardware requirement is high.
10. Difficult to implement in software basis. Easy to implement compared to stream ciphering.
11. Cipher resynchronization is required when there is Resynchronization is not required.
error in a bit.
12. Synchronous stream cipher is periodic and key may No repetition is done because key is generated randomly.
repeat after d characters.
13. Parallel process of encryption can be done. Parallel process of encryption cannot be done.
49. Conclusion:
Security of Remote sensing satellites fall under high or moderate levels.
As the high resolution imaging payloads generate data, large in size. So
higher data rate is required along with security.
Stream ciphers cannot provide high speed, block cipher are preferred.
Block cipher in counter mode is preferred so as to minimize BER.
Considering the comparison between various algorithms and CCSDS
recommendations AES with counter mode is preferred for satellite
downlink data.
50. References :
[1] RSA Laboratories, RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, Version 4.1, RSA Security
Inc., 2000
[2] Encryption algorithm Trade Survey, Report Concerning Space Data System Standards, CCSDS-350.2-G-1, Green
Book, Washington D.C.: CCSDS, March 2008.
[3] Symmetric Encryption, Draft Recommendation for Space Data Practices, CCSDS 353.0-R-1, Red Book, Washington
D.C., October 2008
[4] Audia_S_Abd Al_R_Asedy, Ameer A.J Al_ Swidi, An advantages and disadvantages of Block and Stream Cipher,
<http://www.uobabylon.edu.iq/uobColeges/fileshare/articles/block.pdf>
[5]Cryptography Basics
<http://media.wiley.com/product_data/excerpt/94/07645487/0764548794.pdf>
[6] Advanced Encryption Standard, Federal Information Processing Standards Publications
197, November 26, 2001
[7] Mohammed Atiquzzaman and Md. Shohrab Hossain, Security Issues in Space Networks,
[8] The Secret Satellite, www.apscc.or.kr | APSCC Yearbook 2007
[9]Michalis Galanis, Paris Kitsos, Giorgos Kostopoulos, Nicolas Sklavos, and Costas Goutis, Comparison
of the Hardware Implementation of the Stream Ciphers, The International Arab Journal of Information
Technology, Vol. 2, No. 4, October 2005