Christoph Bader (Airbus Defence & Space GmbH)

Recent reports on the state of satellite security reveal that many satellite systems that are operational today do not implement sufficient protection against cyber-attacks. Most notably is the fact that many systems lack of cryptographic protection on their TT&C link. If COMSEC protection on the TT&C link is missing an attacker with access to the RF link can eavesdrop on the communication and, even worse, could be able to inject specially crafted messages that would be processed by the satellite.

In this paper, we analyze needs and establish high level requirements for concepts aiming to secure TT&C link communication (with respect to confidentiality and authentication). The requirements cover key aspects of security and operations. We assess existing standards (SDLS and SDLS EP) against our requirements and determine that SDLS is suitable for traffic protection while SDLS EP does not meet all security requirements for key management (namely, it does not meet post compromise security). Finally, we discuss alternative key management approaches such as stateless authenticated key agreement and stateful authenticated key agreement (or key evolution protocols) and how they meet our requirements.

View More Papers

EnclaveFuzz: Finding Vulnerabilities in SGX Applications

Liheng Chen (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Institute for Network Science and Cyberspace of Tsinghua University), Zheming Li (Institute for Network Science and Cyberspace of Tsinghua University), Zheyu Ma (Institute for Network Science and Cyberspace of Tsinghua University), Yuan Li (Tsinghua University),…

Read More

SLMIA-SR: Speaker-Level Membership Inference Attacks against Speaker Recognition Systems

Guangke Chen (ShanghaiTech University), Yedi Zhang (National University of Singapore), Fu Song (Institute of Software, Chinese Academy of Sciences; University of Chinese Academy of Sciences)

Read More