<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<style>
<!--
@font-face
        {font-family:Wingdings}
@font-face
        {font-family:Wingdings}
@font-face
        {font-family:Calibri}
@font-face
        {font-family:Tahoma}
@font-face
        {font-family:Consolas}
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif"}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline}
pre
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Courier New"}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {margin-top:0cm;
        margin-right:0cm;
        margin-bottom:0cm;
        margin-left:36.0pt;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif"}
span.PrformatHTMLCar
        {font-family:Consolas}
span.EmailStyle19
        {font-family:"Calibri","sans-serif";
        color:#1F497D}
.MsoChpDefault
        {font-family:"Calibri","sans-serif"}
@page WordSection1
        {margin:70.85pt 70.85pt 70.85pt 70.85pt}
ol
        {margin-bottom:0cm}
ul
        {margin-bottom:0cm}
-->
</style><style id="owaParaStyle" type="text/css">P {margin-top:0;margin-bottom:0;}</style>
</head>
<body ocsi="0" fpstyle="1" lang="FR" link="blue" vlink="purple">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">I agree with Bruno.<br>
<br>
Howie<br>
<div><br>
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px"><font style="font-family:Verdana" size="2"><span style="font-weight:bold"><br>
</span></font>
<hr style="width:100%; height:2px">
<font style="font-family:Verdana" size="2"><span style="font-weight:bold"></span></font><span style="font-weight:bold">Howard Weiss</span><br>
<font size="1">Technical Director</font><br>
<br>
<font size="1"><font size="2"><span style="font-weight:bold">PARSONS</span></font><br>
7110 Samuel Morse Drive<br>
Columbia, MD 21046<br>
443-430-8089 (office)<br>
410-262-1479 (cell)<br>
443-430-8238 (fax)<br>
howard.weiss@parsons.com<br>
www.parsons.com<br>
<br>
<span style="color:rgb(51,153,102)">Please consider the environment before printing this message</span></font><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div style="font-family: Times New Roman; color: #000000; font-size: 16px">
<hr tabindex="-1">
<div style="direction: ltr;" id="divRpF272126"><font color="#000000" size="2" face="Tahoma"><b>From:</b> sls-sea-dls-bounces@mailman.ccsds.org [sls-sea-dls-bounces@mailman.ccsds.org] on behalf of Saba Bruno [Bruno.Saba@cnes.fr]<br>
<b>Sent:</b> Monday, April 18, 2016 9:48 AM<br>
<b>To:</b> Daniel.Fischer@esa.int; sls-sea-dls@mailman.ccsds.org<br>
<b>Subject:</b> RE: [Sls-sea-dls] Key Verification using CRC<br>
</font><br>
</div>
<div></div>
<div>
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Dear all,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">One solution to avoid the use of a challenge-response system and stay with the simple CRC for on-board key checking is to compute the CRC on
 BOTH the Key-ID and the key itself.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">Ideally, what we know as a “key” would be a “Meta-Key”, comprising :</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         
</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The Key ID, unique identifier of the key for the whole mission duration,</span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         
</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The Key itself (secret random data)</span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         
</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The CRC, computed on the Key ID and the key itself.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">This “Meta-Key” should be considered as an single entity, not splittable, being stored, transferred and distributed as is (on-board AND at ground
 level, from generation to destruction).</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">Cheers,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>
<p class="MsoNormal" style=""><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">Bruno Saba</span><span style="color:#1F497D" lang="EN-US">
<br>
</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">CNES</span><span style="color:#1F497D" lang="EN-US">
<br>
</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">DCT/TV/IN</span><span style="color:#1F497D" lang="EN-US">
<br>
</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">18 Avenue Edouard Belin</span><span style="color:#1F497D" lang="EN-US">
<br>
</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">31401 TOULOUSE Cedex 9</span><span style="color:#1F497D" lang="EN-US">
</span></p>
<p class="MsoNormal"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D">Tel : + 33 (0) 5 61 28 28 76</span><span style="color:#1F497D">
<br>
</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D">Fax : + 33 (0) 5 61 28 19 96</span><span style="color:#1F497D">
</span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">De :</span></b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif""> sls-sea-dls-bounces@mailman.ccsds.org [mailto:sls-sea-dls-bounces@mailman.ccsds.org]
<b>De la part de</b> Daniel.Fischer@esa.int<br>
<b>Envoyé :</b> dimanche 17 avril 2016 13:13<br>
<b>À :</b> sls-sea-dls@mailman.ccsds.org<br>
<b>Objet :</b> [Sls-sea-dls] Key Verification using CRC</span></p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Dear all,</span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">I was discussing our new approach to key verification using the onboard-stored CRCs with David,</span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">He came up with a keen observation.  </span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">The CRC-based key verification is somewhat weaker than one based on a challenge-response. The reason is that the CRC ensues you that the key at a certain slot is still OK in terms of integrity.
 In contrast to the challenge-response approach it DOES NOT tell you that the key is the same as the key with same key ID on ground.</span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Is this an issue for us? What do you think? The only way we have to check key synchronisation is to use a key for actual traffic protection and see if it works.</span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">What do you think?</span>
<br>
<br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Cheers</span> <br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Daniel</span> <br>
<span style="font-size:10.0pt; font-family:"Arial","sans-serif""><br>
<br>
<br>
<br>
Dr. Daniel Fischer<br>
----------------------------<br>
Data Systems Manager<br>
Ground Segment Engineering Support Office (OPS-GE)<br>
Ground Systems Engineering Department<br>
Directorate of Operations<br>
<br>
European Space Agency - ESOC<br>
Robert-Bosch-Str. 5<br>
D-64293 Darmstadt - Germany<br>
Tel: +49 (0) 6151 90 2718 - Fax: +49 (0) 6151 90 2718<br>
Web: </span><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.esa.int_&d=BQMFAw&c=Nwf-pp4xtYRe0sCRVM8_LWH54joYF7EKmrYIdfxIq10&r=dT3K0y3n0RD9-56k-UVMPMP98PIQRd2Kzfa-AwqQOww&m=KmN17nxUMzCwV8w34kOrcf_v-AiSW05d3ZrGT3WEwEk&s=mA6vGF_WMAaO1e4I2x3Pnor6OGmfWEXhPWqN5MXu0eE&e=" target="_blank"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">http://www.esa.int</span>[esa.int]</a></p>
<pre>This message and any attachments are intended for the use of the addressee or addressees only.</pre>
<pre>The unauthorised disclosure, use, dissemination or copying (either in whole or in part) of its</pre>
<pre>content is not permitted.</pre>
<pre>If you received this message in error, please notify the sender and delete it from your system.</pre>
<pre>Emails can be altered and their integrity cannot be guaranteed by the sender.</pre>
<pre> </pre>
<pre>Please consider the environment before printing this email.</pre>
</div>
</div>
</div>
</div>
</body>
</html>