<html dir="ltr">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">

<style>

<!--

@font-face

        {font-family:Wingdings}

@font-face

        {font-family:Wingdings}

@font-face

        {font-family:Calibri}

@font-face

        {font-family:Tahoma}

@font-face

        {font-family:Consolas}

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman","serif"}

a:link, span.MsoHyperlink

        {color:blue;

        text-decoration:underline}

a:visited, span.MsoHyperlinkFollowed

        {color:purple;

        text-decoration:underline}

pre

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:10.0pt;

        font-family:"Courier New"}

p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph

        {margin-top:0cm;

        margin-right:0cm;

        margin-bottom:0cm;

        margin-left:36.0pt;

        margin-bottom:.0001pt;

        font-size:12.0pt;

        font-family:"Times New Roman","serif"}

span.PrformatHTMLCar

        {font-family:Consolas}

span.EmailStyle19

        {font-family:"Calibri","sans-serif";

        color:#1F497D}

.MsoChpDefault

        {font-family:"Calibri","sans-serif"}

@page WordSection1

        {margin:70.85pt 70.85pt 70.85pt 70.85pt}

ol

        {margin-bottom:0cm}

ul

        {margin-bottom:0cm}

-->

</style><style id="owaParaStyle" type="text/css">P {margin-top:0;margin-bottom:0;}</style>

</head>

<body ocsi="0" fpstyle="1" lang="FR" link="blue" vlink="purple">

<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">I agree with Bruno.<br>

<br>

Howie<br>

<div><br>

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px">

<div style="font-family:Tahoma; font-size:13px"><font style="font-family:Verdana" size="2"><span style="font-weight:bold"><br>

</span></font>

<hr style="width:100%; height:2px">

<font style="font-family:Verdana" size="2"><span style="font-weight:bold"></span></font><span style="font-weight:bold">Howard Weiss</span><br>

<font size="1">Technical Director</font><br>

<br>

<font size="1"><font size="2"><span style="font-weight:bold">PARSONS</span></font><br>

7110 Samuel Morse Drive<br>

Columbia, MD 21046<br>

443-430-8089 (office)<br>

410-262-1479 (cell)<br>

443-430-8238 (fax)<br>

howard.weiss@parsons.com<br>

www.parsons.com<br>

<br>

<span style="color:rgb(51,153,102)">Please consider the environment before printing this message</span></font><br>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

<div style="font-family: Times New Roman; color: #000000; font-size: 16px">

<hr tabindex="-1">

<div style="direction: ltr;" id="divRpF272126"><font color="#000000" size="2" face="Tahoma"><b>From:</b> sls-sea-dls-bounces@mailman.ccsds.org [sls-sea-dls-bounces@mailman.ccsds.org] on behalf of Saba Bruno [Bruno.Saba@cnes.fr]<br>

<b>Sent:</b> Monday, April 18, 2016 9:48 AM<br>

<b>To:</b> Daniel.Fischer@esa.int; sls-sea-dls@mailman.ccsds.org<br>

<b>Subject:</b> RE: [Sls-sea-dls] Key Verification using CRC<br>

</font><br>

</div>

<div></div>

<div>

<div class="WordSection1">

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D">Dear all,</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">One solution to avoid the use of a challenge-response system and stay with the simple CRC for on-board key checking is to compute the CRC on

 BOTH the Key-ID and the key itself.</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">Ideally, what we know as a “key” would be a “Meta-Key”, comprising :</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         

</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The Key ID, unique identifier of the key for the whole mission duration,</span></p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         

</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The Key itself (secret random data)</span></p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"><span style="">-<span style="font:7.0pt "Times New Roman"">         

</span></span></span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">The CRC, computed on the Key ID and the key itself.</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">This “Meta-Key” should be considered as an single entity, not splittable, being stored, transferred and distributed as is (on-board AND at ground

 level, from generation to destruction).</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US">Cheers,</span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"> </span></p>

<p class="MsoNormal" style=""><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">Bruno Saba</span><span style="color:#1F497D" lang="EN-US">

<br>

</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">CNES</span><span style="color:#1F497D" lang="EN-US">

<br>

</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">DCT/TV/IN</span><span style="color:#1F497D" lang="EN-US">

<br>

</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">18 Avenue Edouard Belin</span><span style="color:#1F497D" lang="EN-US">

<br>

</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D" lang="EN-US">31401 TOULOUSE Cedex 9</span><span style="color:#1F497D" lang="EN-US">

</span></p>

<p class="MsoNormal"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D">Tel : + 33 (0) 5 61 28 28 76</span><span style="color:#1F497D">

<br>

</span><span style="font-size:10.0pt; font-family:"Arial","sans-serif"; color:#1F497D">Fax : + 33 (0) 5 61 28 19 96</span><span style="color:#1F497D">

</span><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D"></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Calibri","sans-serif"; color:#1F497D" lang="EN-US"> </span></p>

<p class="MsoNormal"><b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">De :</span></b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif""> sls-sea-dls-bounces@mailman.ccsds.org [mailto:sls-sea-dls-bounces@mailman.ccsds.org]

<b>De la part de</b> Daniel.Fischer@esa.int<br>

<b>Envoyé :</b> dimanche 17 avril 2016 13:13<br>

<b>À :</b> sls-sea-dls@mailman.ccsds.org<br>

<b>Objet :</b> [Sls-sea-dls] Key Verification using CRC</span></p>

<p class="MsoNormal"> </p>

<p class="MsoNormal"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Dear all,</span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">I was discussing our new approach to key verification using the onboard-stored CRCs with David,</span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">He came up with a keen observation.  </span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">The CRC-based key verification is somewhat weaker than one based on a challenge-response. The reason is that the CRC ensues you that the key at a certain slot is still OK in terms of integrity.

 In contrast to the challenge-response approach it DOES NOT tell you that the key is the same as the key with same key ID on ground.</span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Is this an issue for us? What do you think? The only way we have to check key synchronisation is to use a key for actual traffic protection and see if it works.</span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">What do you think?</span>

<br>

<br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Cheers</span> <br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif"">Daniel</span> <br>

<span style="font-size:10.0pt; font-family:"Arial","sans-serif""><br>

<br>

<br>

<br>

Dr. Daniel Fischer<br>

----------------------------<br>

Data Systems Manager<br>

Ground Segment Engineering Support Office (OPS-GE)<br>

Ground Systems Engineering Department<br>

Directorate of Operations<br>

<br>

European Space Agency - ESOC<br>

Robert-Bosch-Str. 5<br>

D-64293 Darmstadt - Germany<br>

Tel: +49 (0) 6151 90 2718 - Fax: +49 (0) 6151 90 2718<br>

Web: </span><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.esa.int_&d=BQMFAw&c=Nwf-pp4xtYRe0sCRVM8_LWH54joYF7EKmrYIdfxIq10&r=dT3K0y3n0RD9-56k-UVMPMP98PIQRd2Kzfa-AwqQOww&m=KmN17nxUMzCwV8w34kOrcf_v-AiSW05d3ZrGT3WEwEk&s=mA6vGF_WMAaO1e4I2x3Pnor6OGmfWEXhPWqN5MXu0eE&e=" target="_blank"><span style="font-size:10.0pt; font-family:"Arial","sans-serif"">http://www.esa.int</span>[esa.int]</a></p>

<pre>This message and any attachments are intended for the use of the addressee or addressees only.</pre>

<pre>The unauthorised disclosure, use, dissemination or copying (either in whole or in part) of its</pre>

<pre>content is not permitted.</pre>

<pre>If you received this message in error, please notify the sender and delete it from your system.</pre>

<pre>Emails can be altered and their integrity cannot be guaranteed by the sender.</pre>

<pre> </pre>

<pre>Please consider the environment before printing this email.</pre>

</div>

</div>

</div>

</div>

</body>

</html>