[Sea-sec] Comment re: key sizes in Algorithm document

Sheehe, Charles J. (GRC-LCN0) charles.j.sheehe at nasa.gov
Thu Jul 5 18:43:35 UTC 2018


larger key size a "shall" but allow the smaller key sizes as "may" with a note strongly discouraging the smaller key sizes.

I do not agree with allowing a "may".

The system will be a non-compliant system.

The system will lose secure interoperability with the large key systems and the loss of any presumed security over time and with the advent of Quantum computers in ~5 years.

It is understandable that older systems will age out of compliance with current security requirements.

It would be bad practice, if I do not strongly object and allow 128 bit key systems to be built knowing that its security will become markedly insecure during the lifetime of this document.

[cid:image003.png at 01D4146E.8CDABAD0]

>From publically available document.

These are my opinions and do not reflect the official position of NASA.



Charles J. Sheehe III

Computer Engineer

Glenn Research Center

21000 Brookpark Rd

Cleveland, OH 44135

Charles.J.Sheehe at NASA.GOV

Office: 216-433-5179

"Omnia vero"

-----Original Message-----
From: SEA-SEC <sea-sec-bounces at mailman.ccsds.org> On Behalf Of Weiss, Howard
Sent: Thursday, July 5, 2018 1:37 PM
To: sea-sec at mailman.ccsds.org
Subject: [Sea-sec] Comment re: key sizes in Algorithm document

We currently have two documents in CESG polling for Agency Review.

On the Algorithms document, we have increased the minimum key sizes.  However we have a comment from Mario Merri (ESA):

"The main change is the strenghen of the authenticaltion keys. These have been increased, thus making implementations that followed the previous CCSDS recommentation not-compliant. Why has the document update not been made in a backward-compatible manner, still strongly recommending the new key lengths?"

Peter Shames suggested that we make the. This would satisfy Mario's backward compatibility issue.

Any comments?  Any disagreements?  Any other suggestions?





Howard Weiss, CISSP


7110 Samuel Morse Drive

Columbia, MD 21046

443-430-8089 (office)

443-494-9087 (cell)

443-430-8238 (fax)

howard.weiss at parsons.com<mailto:howard.weiss at parsons.com>


Please consider the environment before printing this message

NOTICE: This email message and all attachments transmitted with it may contain privileged and confidential information, and information that is protected by, and proprietary to, Parsons Corporation, and is intended solely for the use of the addressee for the specific purpose set forth in this communication. If the reader of this message is not the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited, and you should delete this message and all copies and backups thereof. The recipient may not further distribute or use any of the information contained herein without the express written authorization of the sender. If you have received this message in error, or if you have any questions regarding the use of the proprietary information contained therein, please contact the sender of this message immediately, and the sender will provide you with further instructions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sea-sec/attachments/20180705/4572f326/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 55129 bytes
Desc: image003.png
URL: <http://mailman.ccsds.org/pipermail/sea-sec/attachments/20180705/4572f326/attachment.png>

More information about the SEA-SEC mailing list