[Sis-dtn] Spring Meeting Agenda Add: BPSec Analysis and Improvements

Felix Flentge Felix.Flentge at esa.int
Tue Sep 24 06:15:41 UTC 2024


Hi,

I think this is super interesting and we should try to have the presentation in the common session with the Security WG.

Regarding message loss detection, is there some overlap with the sequence numbering we are seeking to introduce in the Compressed Bundle Reporting / Custody transfer Orange Book (https://docs.google.com/document/d/1YPTwJ7_3az5WliWspg0F0M2FsoPoCoVS/edit)?
In its simplest form, the CREB just contains a bundle sequence number ('scoped' by the source node) with sequences according to the bundle's destination endpoint IDs. This CREB actually does not request any reporting (maybe we should work on terminology) but allows the destination node to detect gaps in sequences of bundles (and do re-ordering if required).

Regards,
Felix

From: SIS-DTN <sis-dtn-bounces at mailman.ccsds.org> On Behalf Of Tian, Xisen (LT) via SIS-DTN
Sent: Tuesday, September 24, 2024 3:23 AM
To: sis-dtn at mailman.ccsds.org
Cc: Hale, Britta (CIV) <britta.hale at nps.edu>; Bhagya Wimalasiri <b.m.wimalasiri at sheffield.ac.uk>; Benjamin Dowling <dowling.bj at gmail.com>
Subject: [Sis-dtn] Spring Meeting Agenda Add: BPSec Analysis and Improvements

Hello,


I'm Xisen Tian, I'm a PhD student being advised by Dr. Britta Hale and Scott Burleigh at the Naval Postgraduate School researching cryptographic analysis of DTN protocols. My co-authors (cc'd) and I have completed a formal analysis of BPSec with recommendations for improvements which we are ready to present to the DTN WG at the upcoming fall meeting in London. We would like to request a 30-45 minute time slot in the agenda to do a presentation of our work followed by discussion on how our improvements could be adopted (if at all). Our full paper is forthcoming: it has been submitted to a journal and we are currently going through the review/revision process. I've pasted our abstract below:

ABSTRACT: Space networking has become an increasing area of development with the advent of commercial satellite networks such as those hosted by Starlink and Kuiper, and increased satellite and space presence by governments around the world. Yet, historically such network designs have not been made public, leading to limited formal cryptographic analysis of the security offered by them. One of the few public protocols used in space networking is the Bundle Protocol, which is secured by Bundle Protocol Security (BPSec), an Internet Engineering Task Force (IETF) standard. We undertake a first analysis of BPSec, building a model of the secure channel security goals stated in the IETF standard, and note issues therein with message loss detection. We prove security of BPSec under a limited model and also provide a stronger construction, one that supports the Bundle Protocol's functionality goals while also ensuring destination awareness of missing messages components.

Please let me know if you have questions, concerns, or feedback. Thank you.

Very Respectfully,

Xisen Tian
LT     USN
PhD Student
Applied Cryptography
Naval Postgraduate School

This message is intended only for the recipient(s) named above. It may contain proprietary information and/or protected content. Any unauthorised disclosure, use, retention or dissemination is prohibited. If you have received this e-mail in error, please notify the sender immediately. ESA applies appropriate organisational measures to protect personal data, in case of data privacy queries, please contact the ESA Data Protection Officer (dpo at esa.int).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.ccsds.org/pipermail/sis-dtn/attachments/20240924/d1c683de/attachment-0001.htm>


More information about the SIS-DTN mailing list