Search Icon
Register

On Requirements and Concepts for TT&C Link Key Management

Christoph Bader (Airbus Defence & Space GmbH)

Recent reports on the state of satellite security reveal that many satellite systems that are operational today do not implement sufficient protection against cyber-attacks. Most notably is the fact that many systems lack of cryptographic protection on their TT&C link. If COMSEC protection on the TT&C link is missing an attacker with access to the RF link can eavesdrop on the communication and, even worse, could be able to inject specially crafted messages that would be processed by the satellite.

In this paper, we analyze needs and establish high level requirements for concepts aiming to secure TT&C link communication (with respect to confidentiality and authentication). The requirements cover key aspects of security and operations. We assess existing standards (SDLS and SDLS EP) against our requirements and determine that SDLS is suitable for traffic protection while SDLS EP does not meet all security requirements for key management (namely, it does not meet post compromise security). Finally, we discuss alternative key management approaches such as stateless authenticated key agreement and stateful authenticated key agreement (or key evolution protocols) and how they meet our requirements.

Paper

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 104 [1] => 71 ) ) ) [post__not_in] => Array ( [0] => 17347 ) )

Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware

Ryan Pickren (Georgia Institute of Technology), Tohid Shekari (Georgia Institute of Technology), Saman Zonouz (Georgia Institute of Technology), Raheem Beyah (Georgia Institute of Technology)

Read More

Wait, What Does a SOC Do?

Joe Nehila, Drew Walsh (Deloitte And Touche)

Read More

Facilitating Non-Intrusive In-Vivo Firmware Testing with Stateless Instrumentation

Jiameng Shi (University of Georgia), Wenqiang Li (Independent Researcher), Wenwen Wang (University of Georgia), Le Guan (University of Georgia)

Read More

Acoustic Keystroke Leakage on Smart Televisions

Tejas Kannan (University of Chicago), Synthia Qia Wang (University of Chicago), Max Sunog (University of Chicago), Abraham Bueno de Mesquita (University of Chicago Laboratory Schools), Nick Feamster (University of Chicago), Henry Hoffmann (University of Chicago)

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)