[Css-csts] Replacing/augmenting SAH-1
John Pietras
john.pietras at gst.com
Thu Jul 11 11:53:37 EDT 2013
CSTSWG colleagues ---
As you know, the only CCSDS-standard underlying communication service for SLE and CSTS is the SLE Internet Protocol for Transfer Services (ISP1: CCSDS 913.1-B-1). ISP1 specifies the use of the Secure Hash Function known as SHA-1.
In a conversation with Howie Weiss (chairman of the CCSDS Systems Engineering Area Security Working Group (SEA-SWG) last spring, Howie informed me that SHA-1 has been deprecated for US government data systems and - more importantly for all CCSDS member agencies - disallowed by the CCSDS Cryptographic Algorithms Recommended Standard (CCSDS 352.0-B-1, November 2012): http://public.ccsds.org/publications/archive/352x0b1.pdf.
Coincidentally, this fall is the fifth anniversary of the publication of the ISP1 specification, and technically it will be due for a re-affirmation or update. Given that 352.0 disallows SHA-1, I don't think that it will be possible to simple re-issue the current ISP1 specification.
I did not raise this as an issue at the Bordeaux meeting because of the already-busy schedule, but I recommend that it be added to the agenda for the fall meeting in San Antonio.
Best regards,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ccsds.org/pipermail/css-csts/attachments/20130711/7b880a19/attachment.html
More information about the Css-csts
mailing list