AUTONOMOUS AND SEAMLESS KEY DISTRIBUTION MECHANISM

US 20160056957A1
Filed: 03/28/2014
Published: 02/25/2016
Est. Priority Date: 03/28/2013
Status: Active Grant

First Claim

Patent Images

1. A method of transmitting a session key in a satellite system comprising first and second devices, one of the first and second devices being a satellite and the other one of the first and second devices being a device arranged to send signals to the satellite and/or receive signals from the satellite, the method comprising:

obtaining the session key at the first device;

protecting the session key at the first device, based on a private key of the first device and a public key of the second device; and

transmitting the protected session key from the first device to the second device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A satellite system comprises first and second devices, one of the first and second devices being a satellite and the other one of the first and second devices being a device arranged to send signals to the satellite and/or receive signals from the satellite. A session key can be distributed in the satellite system by obtaining the session key at the first device, protecting the session key at the first device, based on a private key of the first device and a public key of the second device, and transmitting the protected session key from the first device to the second device. The second device can receive the protected session key from the first device and obtain the session key from the protected session key based on a public key of the first device and a private key of the second device. Replay detection information can be transmitted with the protected session key, for determining whether the session key has been transmitted previously. The protected session key can be transmitted by inserting a predetermined number of bytes of the protected session key into each frame of a data stream, for example a telemetry (TM) data stream as defined in the Consultative Committee for Space Data Systems (CCSDS) TM protocol. Validity information can be transmitted with the protected session key, defining a period in which the session key is valid. The protected session key can be transmitted bonded to a command message, for example a telecommand (TC) as defined in the CCSDS TC protocol.

13 Citations

View as Search Results

15 Claims

1. A method of transmitting a session key in a satellite system comprising first and second devices, one of the first and second devices being a satellite and the other one of the first and second devices being a device arranged to send signals to the satellite and/or receive signals from the satellite, the method comprising:
- obtaining the session key at the first device;
  
  protecting the session key at the first device, based on a private key of the first device and a public key of the second device; and
  
  transmitting the protected session key from the first device to the second device.
- View Dependent Claims (2, 3, 4, 5, 11)
- - 2. The method of claim 1, wherein transmitting the protected session key comprises transmitting the protected session key and replay detection information for determining whether the protected session key has been transmitted previously.
  - 3. The method of claim 2, wherein the protected session key and the replay detection information are included in a key distribution message, or wherein the second device is the satellite and the first device is a control station for sending command messages to the satellite, and the replay detection information is included in a command message bonded to a key distribution message including the protected session key.
  - 4. The method of claim 1, wherein the first device is the satellite and the second device is the device arranged to receive signals from the satellite, the method further comprising:
    - transmitting a data stream from the satellite to the second device, the data stream including a plurality of predefined parts,wherein transmitting the protected session key comprises transmitting the protected session key through the data stream by inserting a predetermined number of bytes of the protected session key into each one of the plurality of predefined parts.
  - 5. The method of claim 4, wherein the obtained session key is a next session key for use in the next session following a current session, the method further comprising:
    - obtaining a current session key for use in the current session;
      
      protecting the current session key at the satellite, based on a private key of the satellite and a public key of the second device;
      
      transmitting the current session key through the data stream; and
      
      transmitting validity information through the data stream, the validity information defining a time period in which the current session key is valid and a time period in which the next session key is valid.
  - 11. A computer-readable storage medium arranged to store a computer program which, when executed by a device, causes the device to perform a method according to claim 1.

6. A method of obtaining a session key in a satellite system comprising first and second devices, one of the first and second devices being a satellite and the other one of the first and second devices being a device arranged to send signals to the satellite and/or receive signals from the satellite, the method comprising:
- receiving a protected session key from the first device, at the second device; and
  
  obtaining the session key from the received protected session key at the second device, based on a public key of the first device and a private key of the second device.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, further comprising:
    - obtaining information about an expected location of the first device when the protected session key was transmitted; and
      
      determining that the received protected session key is authentic if a location from which the protected session key was received matches the expected location of the first device, within a predetermined margin of error.
  - 8. The method of claim 6, wherein receiving the protected session key from the first device comprises receiving the protected session key in a key distribution message bonded to a command message, the command message including replay detection information for determining whether the protected session key has been transmitted previously, the method further comprising:
    - determining that the protected session key has not been transmitted previously if the replay detection information indicates that the command message bonded to the key distribution message has not been transmitted previously.
  - 9. The method of claim 6, wherein the first device is the satellite and the second device is the device arranged to receive signals from the satellite, and receiving the protected session key from the satellite comprises:
    - receiving a data stream from the satellite at the second device, the data stream including a plurality of predefined parts;
      
      extracting a predetermined number of bytes of the protected session key from each one of the plurality of predefined parts; and
      
      combining the extracted bytes of the protected session key to obtain the protected session key.
  - 10. The method of claim 9, wherein the obtained session key is a next session key for use in the next session following a current session, the method further comprising:
    - receiving a protected current session key for use in the current session, and validity information defining a time period in which the current session key is valid and a time period in which the next session key is valid, through the data stream;
      
      obtaining the current session key from the protected current session key at the second device, based on a public key of the satellite and a private key of the second device;
      
      obtaining information about a time at which protected data was transmitted through the data stream; and
      
      accessing the protected data based on the current session key if the obtained is information indicates that the protected data was transmitted during the time period in which the current session key is valid, or accessing the protected data based on the next session key if the obtained information indicates that the protected data was transmitted during the time period in which the next session key is valid.

12. A first device comprising:
- a key obtaining module arranged to obtain a session key;
  
  a key protecting module arranged to protect the obtained session key, based on a private key of the first device and a public key of a second device to which the protected session key is to be transmitted; and
  
  a transmitter arranged to transmit the protected session key to the second device,wherein the first device and/or the second device is a satellite.
- View Dependent Claims (13, 14)
- - 13. The first device of claim 12, further comprising:
    - a replay information generator arranged to generate replay detection information for determining whether the protected session key has been transmitted previously,wherein the transmitter is arranged to transmit the protected session key and the replay detection information to the second device.
  - 14. The first device of claim 12, wherein the first device is a satellite arranged to transmit a data stream to the second device, the data stream including a plurality of predefined parts, and the transmitter is arranged to transmit the protected session key through the data stream by inserting a predetermined number of bytes of the protected session key into each one of the plurality of predefined parts, orwherein the second device is the satellite and the first device is a control station for sending command messages to the satellite, and the transmitter is arranged to include the replay detection information in a command message bonded to a key distribution message including the protected session key.

15. A first device for receiving signals from a second device, the first device comprising:
- a receiver arranged to receive a protected session key from the second device; and
  
  a key extraction module arranged to obtain the session key from the protected session key, based on a private key of the first device and a public key of the second device from which the protected session key was received,wherein the first device and/or the second device is a satellite.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Airbus Defence and Space Limited
Original Assignee
Airbus Defence and Space Limited
Inventors
CLARKE, Steve, MCCOY, Thomas

Granted Patent

US 10,069,624 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04B 7/18593   Arrangements for preventing...

H04L 2463/062   applying encryption of the ...

H04L 63/068   using time-dependent keys, ...

H04L 9/0825   using asymmetric-key encryp...

H04W 12/04   Key management, e.g. using ...

H04W 12/50   Secure pairing of devices

AUTONOMOUS AND SEAMLESS KEY DISTRIBUTION MECHANISM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

AUTONOMOUS AND SEAMLESS KEY DISTRIBUTION MECHANISM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links