Table of Contents
Fetching ...

Authenticated encryption for space telemetry

Andrew Savchenko

TL;DR

The paper tackles protecting emergency space telemetry under NASA-STD-1006A by designing a lightweight AEAD scheme based on AES-GCM with a fixed 448-bit frame. A 96-bit IV composed of a $32$-bit counter and a $64$-bit timestamp ensures nonce uniqueness while enabling replay protection, and a $16$-bit AAD with a $128$-bit authentication tag strengthens integrity and authenticity. The approach emphasizes operational simplicity, deterministic latency, and compatibility with CCSDS standards, trading off larger frame overhead for predictable performance on constrained hardware. A Python reference implementation and test vectors illustrate the scheme, and the discussion outlines practical deployment considerations, risk mitigations, and directions for future enhancements such as key hierarchies and RTC recovery. Overall, the work provides a practical, standards-aligned solution for secure, reliable space telemetry in emergency scenarios, with concrete framing and replay protections suitable for real-time mission control.

Abstract

We explore how command stack protection requirements outlined in NASA-STD-1006A can be satisfied within the context of emergency space telemetry. Proposed implementation of lightweight authenticated encryption offers strong security without sacrificing performance in resource-constrained environments. It produces fixed-length messages, maintaining compatibility with the underlying data transport protocols. By focusing on predictable properties and robust authentication, we create a scheme that protects the confidentiality, integrity and authenticity of telemetry data in emergency communications while balancing security requirements with the operational constraints.

Authenticated encryption for space telemetry

TL;DR

The paper tackles protecting emergency space telemetry under NASA-STD-1006A by designing a lightweight AEAD scheme based on AES-GCM with a fixed 448-bit frame. A 96-bit IV composed of a -bit counter and a -bit timestamp ensures nonce uniqueness while enabling replay protection, and a -bit AAD with a -bit authentication tag strengthens integrity and authenticity. The approach emphasizes operational simplicity, deterministic latency, and compatibility with CCSDS standards, trading off larger frame overhead for predictable performance on constrained hardware. A Python reference implementation and test vectors illustrate the scheme, and the discussion outlines practical deployment considerations, risk mitigations, and directions for future enhancements such as key hierarchies and RTC recovery. Overall, the work provides a practical, standards-aligned solution for secure, reliable space telemetry in emergency scenarios, with concrete framing and replay protections suitable for real-time mission control.

Abstract

We explore how command stack protection requirements outlined in NASA-STD-1006A can be satisfied within the context of emergency space telemetry. Proposed implementation of lightweight authenticated encryption offers strong security without sacrificing performance in resource-constrained environments. It produces fixed-length messages, maintaining compatibility with the underlying data transport protocols. By focusing on predictable properties and robust authentication, we create a scheme that protects the confidentiality, integrity and authenticity of telemetry data in emergency communications while balancing security requirements with the operational constraints.
Paper Structure (19 sections, 19 equations, 4 figures, 1 table)

This paper contains 19 sections, 19 equations, 4 figures, 1 table.

Figures (4)

  • Figure 1: Message structure showing the encryption format.
  • Figure 2: An overview of the AEAD workflow demonstrating encryption and decryption lifecycle with replay protection.
  • Figure 3: Intentionally simplified AEAD routine demonstrating the use of 96-bit IV (counter and timestamp) with 16-bit AAD. Replay tracking is not persisted. A production implementation would require a durable storage for both counter and replay state, as discussed in the paper. Tested using Python v3.13.5 and cryptography library v43.0.0 on Debian Linux v13.1
  • Figure 4: Test vector verification routine that validates implementation against the reference values from the Table \ref{['tab:testvector']}. Tested using Python v3.13.5 and cryptography library v43.0.0 on Debian Linux v13.1