BS ISO 20215:2015 pdf download

BS ISO 20215:2015 pdf download,Space data and information transfer systems — CCSDS cryptographic algorithms
1.4 RATIONALE
Traditionally, security mechanisms have not been employed on civilian space missions. In recognition of the increased threat, there has been a steady trend towards the integration of security services and mechanisms. For example, ground network infrastructures typically make use of controlled or protected networks. However, telecommands, telemetry, and science payload data, are still, for the most part, transmitted over unencrypted and unauthenticated Radio Frequency (RF) channels. As the threat environment becomes more hostile, this concept of operation becomes much more susceptible to attacks. This CCSDS Cryptographic Algorithm Recommended Standard is necessary because of the increasing interconnection of ground networks; the movement towards joy-sticking of instruments by principal investigators; the decreasing costs for hardware, potentially allowing cheap rogue ground stations to be established; and national trends towards enhancing mission security. These recommended algorithms establish a set of common denominators among all missions for implementing information security services.
1.5 DOCUMENT STRUCTURE
Four sections and three annexes make up this document. Section 1 provides introductory information, definitions, nomenclature, and normative references. Section 2 provides background and rationale for choice of the algorithms. Section 3 describes the encryption algorithm. Section 4 describes the authentication algorithms. Annex A discusses security considerations related to use of symmetric encryption on the space link. Annex B provides informative references. Annex C is a glossary of abbreviations and acronyms used in the document.
2.1 GENERAL OVERVIEW
This document contains recommendations for CCSDS cryptographic security algorithms for encryption, authenticated encryption, and authentication. Adoption of standard algorithms which are properly implemented will enable secure interoperability as well as reduce costs for missions utilizing security services. These algorithms are required to provide confidentiality and authentication/integrity protection for mission systems data. A ground network may support numerous, simultaneous space missions utilizing many support personnel. Likewise, a single ground station may support multiple missions, and several spacecraft might use the same communications frequencies (using spacecraft IDs or Internet Protocol addresses to demultiplex data streams). A single spacecraft might host instruments and experiment packages from various universities, corporations, space agencies, or countries. All of these separate entities may have individual security concerns and may require that their respective data or commands be protected but intermixed with others. The CCSDS cryptographic algorithms can be utilized by the missions to provide the required protections to avoid loss of data or total mission loss.