NASA’s Disruption Tolerant Networking Challenge Series

Welcome to the NASA Disruption Tolerant Networking (DTN) project. DTN is an approach to computer network architecture that seeks to address the technical issues in heterogeneous networks that may lack continuous network connectivity. Examples of such networks are those operating in mobile or extreme terrestrial environments, or planned networks in space. Disruption may occur because of the limits of wireless radio range, sparsity of mobile nodes, energy resources, attack, and noise.

Project Background

NASA is developing Disruption Tolerant Networking techniques in collaboration with industry and academia.  DTN is designed to provide reliable end-to-end delivery of information between nodes and to do so in an environment that experiences frequent connectivity disruptions and topology changes. Such a capability will directly support human and robotic space exploration, as well as have wide applicability to land-mobile and airborne terrestrial communications.

 

Click the image above to see an example scenario

Part of the reality of modern networks is the need to provide robust security capabilities through the use of an architecture that does not overly constrain user operability.  A major factor in such security architectures is the mechanism by which cryptographic keys are initialized, distributed and validated among members of a network in order to provide trusted and secure communications supporting confidentiality, authentication and integrity. Most key management approaches in use today rely on either pre-shared secrets (pre-shared public keys or pre-loaded private key pairs), or rely on knowledge of the network connectivity and topology to enable a trusted third party (certificate authority) to authenticate and mediate a “handshake” between two previously unknown nodes.


 

Click the image above to see an additional example scenario

 

In a connection disrupted network made up of nodes that come and go at random, it is very hard to base a key management approach on previous knowledge of trusted entities, communication paths, or pre-shared secrets.  Trusted network paths come and go (or disappear entirely).  Nodes enter and leave the network at random.  Pre-shared secrets may be distributed and “expire” before connections are reliably established to verify the credential is valid.  These problems drive the need for a new approach to key management and key exchange.

 

 


High Level Requirements

This project will need to devise a method by which cryptographic keys can be exchanged among peers in a DTN network suffering from network connectivity disruptions and random topology changes.  The method must function in the absence of previous knowledge of network members or pre-shared secrets.

The following requirements must be met:

  • Provide a method (logical / mathematical algorithm) for distribution of symmetric key pairs among previously unknown and un-validated network nodes in a disrupted network environment.
  • Provide a method (logical / mathematical algorithm) for generation, validation, distribution and authentication of asymmetric keys (public/private key pairs) in a disrupted network environment.
  • Provide a method (logical / mathematical algorithm) for detecting and protecting against invalid or malicious manipulation, intrusion, and / or interception of keys during the exchange and validation process.
  • Keys and processes must be of sufficient complexity and cryptographic strength to meet the U.S. Federal Information Processing Standards (NIST/FIPS).
  • Provide a method by which multiple, federated, key exchange and management domains can co-exist in the same network.
  • Provide a method by which keys and cryptographic messages of multiple classifications (low, medium, high) or multiple compartments (A, B, C) can co-exist in the same network.

For full details, please see the resource section. Specifically:

 

Atomized Project Plan

Name Start End Resource Names Status
DTN Security – DTN Elements Documentation 10/25/2013 11/20/2013 Content Creation Completed
DTN Security – Network Elements Classification 11/14/2013 11/27/2013 Architecture Completed
DTN Security – Logic Puzzle Idea 11/22/2013 12/18/2013 Conceptualization Completed
DTN Security – Logic Puzzle Idea Part 2 01/02/2014 01/22/2014 Conceptualization Completed
DTN Security – Contests Design 01/24/2014 02/17/2014 Content Creation Completed
DTN Security -  Logic Puzzle Solution Part 1 02/19/2014 03/10/2014 Content Creation Completed
DTN Security – Logic Puzzle Solution Part 2 03/11/2014 04/02/2014 Content Creation Completed
DTN Security Key – Logic Puzzle Solution Part 3 04/02/2014 04/20/2014 Content Creation Completed
DTN Security – Logic Puzzle Solution Specification 04/16/2014 04/30/2014 Specification Completed
DTN Security Key Architecture 07/04/2014 07/20/2014 Architecture
System Assembly – DTN Security Environment Setup 07/07/2014 07/23/2014 Assembly Competition
DTN Security Key Assembly 07/21/2014 08/06/2014 Assembly Competition
DTN Security Key Test Scenarios 07/21/2014 08/06/2014 Test Scenarios
DTN Security Key Bug Hunt 08/03/2014 08/07/2014 Bug Hunt
DTN Security Key Test Suites 08/06/2014 08/22/2014 Test Suites
Proof of Concept – DTN Security Puzzle Solution Simulator 08/06/2014 08/27/2014 Assembly Competition
Release Assembly – DTN Security Key Update 08/22/2014 09/07/2014 Assembly Competition
Delivery Date 09/19/2014

 

Resources

Top