scope:

The algorithms contained in this document are recommended for use on space missions with a requirement for information (e.g., data, voice, and video) confidentiality, authentication, or authenticated confidentiality. The algorithms may be employed on any or all mission communications links such as the forward space link (e.g., telecommand), the return space link (e.g., telemetry, science data), as well as across the ground data network. They could as well be used to ensure confidentiality and authenticity of stored data.

A symmetric algorithm assumes that all communicating entities possess a shared secret (i.e., a 'key') which enables them to encrypt, decrypt, and authenticate information shared among them. The manner in which the shared secret is distributed and managed (key management) is not within the scope of this document. Further information on key management can be found in Space Missions Key Management Concept (reference [B22]).

PURPOSE OF THIS RECOMMENDED STANDARD

This Recommended Standard provides the recommendation for standard CCSDS security algorithms.

A single, symmetric encryption algorithm is recommended for use by all CCSDS missions. In addition, a specific mode of operation for the algorithm is also recommended.

This Recommended Standard provides several alternative authentication/integrity algorithms which may be chosen for use by individual missions depending on their specific mission environments.

This Recommended Standard does not specify how, when, or where these algorithms should be implemented or used. Those specifics are left to the individual mission planners based on the mission security requirements and the results of the mission risk analysis. Suggestions for the use of these algorithms may be found in The Application of CCSDS Protocols to Secure Systems (reference [B1]), Security Architecture for Space Data Systems (reference [B17]), and Space Data Link Security Protocol (reference [B23]).

By using standardized, well-known algorithms, the use of high-quality cryptography and authentication is ensured, the potential rewards of economies of scale through the ability to buy off-the-shelf products is enabled, and the potential for interoperability among missions choosing the same algorithm is assured.

The implementer shall take into account that the use of this Recommended Standard alone does not mitigate all security risks related to confidentiality, integrity, and authentication. An information security risk assessment is necessary to identify additional security risks.

APPLICABILITY

This Recommended Standard is applicable to all civilian space missions with a requirement for information confidentiality, authentication, and authenticated confidentiality.

While the use of security services is encouraged for all missions, particularly on command links, the results of a risk analysis may reduce or eliminate its need on a mission-by-mission basis.