[Sea-sec] Comment re: key sizes in Algorithm document

Ignacio.Aguilar.Sanchez at esa.int Ignacio.Aguilar.Sanchez at esa.int
Fri Jul 6 07:54:37 UTC 2018

Howie et al.,

I have seen Charles', Mehmet's and Daniel's contributions to your e-mail.

I would like to understand first what Mario means with backwards 
compatibility and what it could actually mean in this context (does it 
make sense at all?).
For instance is Mario implying that future implementations with the 
recommended larger sizes are also capable to support smaller sizes, if 
necessary, so that everybody is compliant?
We know that most spacecraft  implementations do not allow for in-flight 
reprogramming of cryptographic functions to support different key sizes 
(longer or shorter) or new algorithms. This means that any recommendation 
for a different key size (larger in this case) makes those systems not 
So why should older implementations need to be compliant with a future 
Aren't future standards written for future systems?
Maybe I am missing something but frankly, I am a bit at a loss with the 

Kind regards,



Ignacio Aguilar Sánchez
Communication Systems Engineer
Electrical Engineering Department

European Space Research and Technology Centre
Keplerlaan 1, PO Box 299, 2200 AG Noordwijk, The Netherlands
Tel. (31) 71 565 5695
Fax (31) 71 565 5418
Email: ignacio.aguilar.sanchez at esa.int

From:   "Weiss, Howard" <Howard.Weiss at parsons.com>
To:     "sea-sec at mailman.ccsds.org" <sea-sec at mailman.ccsds.org>
Date:   05/07/2018 19:38
Subject:        [Sea-sec] Comment re: key sizes in Algorithm document
Sent by:        "SEA-SEC" <sea-sec-bounces at mailman.ccsds.org>

We currently have two documents in CESG polling for Agency Review.

On the Algorithms document, we have increased the minimum key sizes. 
However we have a comment from Mario Merri (ESA):

"The main change is the strenghen of the authenticaltion keys. These have 
been increased, thus making implementations that followed the previous 
CCSDS recommentation not-compliant. Why has the document update not been 
made in a backward-compatible manner, still strongly recommending the new 
key lengths?"

Peter Shames suggested that we make the larger key size a "shall" but 
allow the smaller key sizes as "may" with a note strongly discouraging the 
smaller key sizes. This would satisfy Mario's backward compatibility 

Any comments?  Any disagreements?  Any other suggestions?




Howard Weiss, CISSP

7110 Samuel Morse Drive
Columbia, MD 21046
443-430-8089 (office)
443-494-9087 (cell)
443-430-8238 (fax)
howard.weiss at parsons.com

Please consider the environment before printing this message

NOTICE: This email message and all attachments transmitted with it may 
contain privileged and confidential information, and information that is 
protected by, and proprietary to, Parsons Corporation, and is intended 
solely for the use of the addressee for the specific purpose set forth in 
this communication. If the reader of this message is not the intended 
recipient, you are hereby notified that any reading, dissemination, 
distribution, copying, or other use of this message or its attachments is 
strictly prohibited, and you should delete this message and all copies and 
backups thereof. The recipient may not further distribute or use any of 
the information contained herein without the express written authorization 
of the sender. If you have received this message in error, or if you have 
any questions regarding the use of the proprietary information contained 
therein, please contact the sender of this message immediately, and the 
sender will provide you with further instructions.
SEA-SEC mailing list
SEA-SEC at mailman.ccsds.org

This message is sent for information and/or discussion purposes only.
It shall neither be binding nor construed as constituting a commitment for ESA.
It is intended only for the recipient(s) named above.
It may contain proprietary information and/or protected content.
Any unauthorised disclosure, use, retention or dissemination is prohibited.
If you have received this e-mail in error, please notify the sender immediately.
ESA applies appropriate organisational measures to protect personal data.
In case of data privacy queries, please contact the ESA Data Protection Officer (dpo at esa.int).

Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sea-sec/attachments/20180706/39aa9e1a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1155 bytes
Desc: not available
URL: <http://mailman.ccsds.org/pipermail/sea-sec/attachments/20180706/39aa9e1a/attachment.gif>

More information about the SEA-SEC mailing list