Monday, 15 October 2012

Cubesat packet authentication with HMAC

Cubesats typically transmit telemetry and scientific measurements back to Earth without any security mechanisms. While this has been ok so far, it is fundamentally insecure. There is nothing to stop an adversary from fabricating packets that appear to be from the spacecraft but actually contain incorrect data. Incorrect data may cause confusion or even undermine the mission.

Luckily, there is a simple method to protect against this called Hash-based Message Authentication Code (HMAC). HMAC is widely used on the internet today as part of TLS (HTTPS) and IPsec. There are many open-source implementations available (some are listed at the end of this post).

HMAC works using a cryptographic hash function and a secret key known only to the spacecraft and its operator. For each data packet, the hash function is computed over a concatenation of the data and the secret key. The result is appended to the packet when it is transmitted. When the packet is received by the operator, they can run the same hash procedure again to verify that the sender knew the secret key. It's impossible for an adversary to fabricate a packet since they don't know the secret key (and they can't infer it because we used a cryptographic hash function).


Naturally, the Carpcomm Ground Station Network is compatible with HMAC packets. Since the network processes raw packets regardless of their contents, satellite operators can easily include HMAC. Furthermore, our telemetry decoding system is flexible enough to include HMAC authentication of packets if desired.

Example. Suppose that
key = "secret" = 73 65 63 72 65 74,
data = "packetid:42" = 70 61 63 6b 65 74 69 64 3a 34 32,
hash function = SHA-256.
Then the HMAC is
1b cb 5c ad 3c 9b 2b c4 58 81 ec 54 2b 21 58 0c
c6 85 d9 f3 60 b7 0e 99 a8 5e 1c a2 4f 8c c0 4d.
Since this is quite long, it can be truncated e.g. by taking the leftmost 8 bytes.
Truncated HMAC = 1b cb 5c ad 3c 9b 2b c4
These bytes would then be appended to the packet when it is transmitted.

The Consultative Committee for Space Data Systems (CCSDS) recommends using a SHA-256-based HMAC. They also recommend not truncating the HMAC. However, some truncation is probably needed for cubesats to avoid overhead.

There is another issue that HMAC alone does not solve: replay attacks. In this scenario, an adversary resends an old packet with data from a year before. Since they are making an identical copy, they can keep the original HMAC and the packet will still authenticate. To protect against this, it's advisable to include a timestamp or packet counter within the data. Then if an old packet is resent, it's obvious that it's old.

HMAC standards and recommendations:
Open-source HMAC implementations:

41 comments:


  1. Thank you for this tutorial.its really informative tutorial.
    konteynershop

    ReplyDelete
  2. Thank you for this guidance.its really informative for all
    lduv-wx

    ReplyDelete
  3. Simply super comments are posted here.
    lsxgjg

    ReplyDelete
  4. I really like this And Great job too gecpx..

    ReplyDelete

  5. its really informative tutorial. Thank you for this tutorial . mrstexasamerica

    ReplyDelete
  6. I really like this And Great job too imobiliarianiteroi..

    ReplyDelete

  7. Information's are more innovative and nice to read it. wjdkj

    ReplyDelete
  8. Most of the information's are related my blog
    lyon-agenda

    ReplyDelete
  9. its really informative tutorial. Thank you for this tutorial .
    bobmehrpharmacies


    ReplyDelete
  10. Not only to read need to spreed every one
    onlyasiansforme

    ReplyDelete
  11. Nice comments too and articles are very nice michaelkorsoutletq

    ReplyDelete
  12. Thank you for this tutorial.its really informative tutorial.
    ofthedarkness


    ReplyDelete
  13. Most of the information's are related my blog
    pikkukaupunkilainen

    ReplyDelete

  14. Nice post. Every one should implement this one.
    iteratesolutions

    ReplyDelete
  15. All the words in simple way every one should understand easily
    oceanlawpublishing

    ReplyDelete
  16. Everyone can easily understand the comments thegreattequilashootout

    ReplyDelete
  17. Simply super comments are posted here.
    IkzhiBo

    ReplyDelete
  18. Technically very well above you said
    hzsdxc

    ReplyDelete
  19. Everyone can easily understand the comments solnejeskyne

    ReplyDelete
  20. Its very useful if every one should follow this
    alkinserver

    ReplyDelete
  21. its really informative tutorial. Thank you for this tutorial tantovincoio

    ReplyDelete

  22. its really informative tutorial. Thank you for this tutorial .
    artchartrons

    ReplyDelete
  23. Peoples are giving the wonderful thoughts for all comments
    ncaafootballclinics

    ReplyDelete
  24. It is very nice and thanks for sharing it event-safari

    ReplyDelete
  25. It is not only to read need to spreed every one nagasaki-npo.

    ReplyDelete
  26. Articles are really nice to read and most of the people like this
    yeyige

    ReplyDelete
  27. I am so excited while I read all the comments.
    dsn027

    ReplyDelete
  28. Thank your for your great post sundoz

    ReplyDelete
  29. Its really nice informative tutorial,so thanks for this tutorial
    aaa-stone

    ReplyDelete

  30. I am so excited while I read all the comments.
    gxshangsi

    ReplyDelete
  31. Good comments are useful to every one xhdeutz

    ReplyDelete
  32. The information's are really good and peoples are given superb comments
    gemofive

    ReplyDelete
  33. Keep posting the articles,useful to every one.
    nigerianmusicfactory

    ReplyDelete
  34. iias2013 Nice to read it...... Good stuff comments here...

    ReplyDelete