NASA is developing Disruption Tolerant Networking techniques in collaboration with industry and academia. DTN is designed to provide reliable end-to-end delivery of information between nodes and to do so in an environment that experiences frequent connectivity disruptions and topology changes. Such a capability will directly support human and robotic space exploration, as well as have wide applicability to land-mobile and airborne terrestrial communications.
Part of the reality of modern networks is the need to provide robust security capabilities through the use of an architecture that does not overly constrain user operability. A major factor in such security architectures is the mechanism by which cryptographic keys are initialized, distributed and validated among members of a network in order to provide trusted and secure communications supporting confidentiality, authentication and integrity. Most key management approaches in use today rely on either pre-shared secrets (pre-shared public keys or pre-loaded private key pairs), or rely on knowledge of the network connectivity and topology to enable a trusted third party (certificate authority) to authenticate and mediate a “handshake” between two previously unknown nodes.
In a connection disrupted network made up of nodes that come and go at random, it is very hard to base a key management approach on previous knowledge of trusted entities, communication paths, or pre-shared secrets. Trusted network paths come and go (or disappear entirely). Nodes enter and leave the network at random. Pre-shared secrets may be distributed and “expire” before connections are reliably established to verify the credential is valid. These problems drive the need for a new approach to key management and key exchange.
Project Overview & Stats
This project launched in August, 2013 and was completed in December, 2014.
The project was completed using 14 challenges, and had 425 registrants from over 48 different countries. The primary objective of the project was to devise a method by which cryptographic keys can be exchanged among peers in a DTN network suffering from network connectivity disruptions and random topology changes. The method will function in the absence of previous knowledge of network members or pre-shared secrets.
- Security Key Challenge Overview
- Code – to download the code, please visit the following Source Forge links and download the latest project archives:
- AWS EC2 – Please send a request to firstname.lastname@example.org
- Security Threats Against Space Missions
- Space Mission Key Management Concepts
- Authentication and Integrity Algorithm Issues Survey
- Rationale Scenarios and Requirements for DTN In Space
- DTN Security Activity – elements