SDLS ProtocolPadding concept

Ignacio Aguilar Sanchez (ESA)

CCSDS Spring Meeting 2010 | Portsmouth, VA

Padding description

– External Padding is required for some encryption and authentication algorithms that operate with input data blocks of 128-bit whenever input data length is not a block multiple.

– Encryption example: Cipher Block Chaining (CBC);

– Authentication example: CBC-MAC;

– 1 flag in security header (padding signalling flag) to signal presence or absence of padding

– limit padding to cases where it is needed;

– CCSDS recommended cryptographic algorithms do not require external padding.

– Padding signalling flag is authenticated

– as part of security header, which is always authenticated.

– If padding is present security header includes 1 octet, placed at the end of the security header, to indicate the number of padding bits (0-127)

– Padding pattern does not need to be transmitted;

– Padding convention: 1, 10, 100, 1000, 10000,…known as ISO/IEC 9797-1 Padding Method 2.

– Padding is granular at bit level.

Open points (1)

– Padding signalling flag management alternatives:

– Per frame

– SDLS protocol determines need of padding and length for every frame and sets signalling flag accordingly;

– Security header length can vary between frames; variation to be considered and accommodated by SDLS to determine SDLS output data length.

– Per mission (preferred)

– SDLS indicates presence of padding for all frames;

– Padding length can include ‘0’ value (i.e., no padding);

– Security header length is equal for all frames; simpler SDLS prediction of output data length.

Open points (2)

– Security:

– Suitability of proposed padding pattern has been studied for CBC and CBC-MAC; assessment required for other algorithms.

– Definition of padding pattern and corresponding security can be left to implementer if algorithms other than above are used; recall that CCSDS recommended algorithms do not require padding; text to be added in BB and GB accordingly.