MA28140 Datasheet, PDF(15/72 Page) Dynex Semiconductor

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

MA28140 Datasheet, PDF (15/72 Pages) Dynex Semiconductor – Packet Telecommand Decoder

◁

MA28140

4.3 AUTHENTICATION LAYER

Structure of the Authenticated Segments

The TC segment is the protocol data unit of the

Segmentation Layer. The general format of an authenticated

TC Segment is specified in Section 10 of ref.1. The particular

format of an authenticated TC segment for the PTD is the

following:

(a) The length of the signature field of the Authentication

Tail is 5 octets.

(b) The length of the Authentication Tail is 9 octets (5 octets

for the signature + 4 octets for the LAC); the maximum length

of the TC Segment is 249 octets (Segment Header (1 octet) +

Segment Data Field (239 octets) + Authentication Tail (9

octets)), and its minimum length 10 octets (Segment Header (1

octet) + Authentication Tail (9 octets)).

SEGMENT SEGMENT

SEGMENT HEADER

DATA FIELD TRAILER

Sequence

MAP

(optional)

Flags

Identifier

2 bits

6 bits

variable

9 octets

<----------------1 octet ------------><----- from 9 to 248 octets ------>

The segment trailer is optional and has a fixed length of 9

octets. The following table summarizes the management of the

Segment Trailer.

Type of

Authentication

Internal AU

External AU

Ty pe of Fra me

Authenticated frame

Not authenticated frame

Authenticated frame

AU disable

Not authenticated frame

All

S e gme nt Tra ile r

segment trailer (9 octets length)

no segment trailer

segment trailer (9 octets length)

if AuTsl=0,

no segment trailer if AuTsl=1

no segment trailer

The selection of MAPs that are deemed to carry

authenticated TC segments takes into account the possibility

to associate MAP IDs in pairs when packet re-assembly is

required. Therefore, authenticated MAPs are selected by

pairs, using the 5 LSBs of the MAP identifier field of the

Segment Header. The selection mechanism is such that it will

point at the last pair of MAP identifiers (counting upwards from

MAP 0) that carries authenticated segments. The value

identifying this particular pair of identifiers is called the

Authenticated MAP ID Pointer and is stored in ROM.

For example, selecting MAP 4 (i.e. Authenticated MAP ID

Pointer = 4) means that the first 5 pairs of MAPs (i.e. MAP 0

and 32, MAP 1 and 33, MAP 2 and 34, MAP 3 and 35, MAP 4

and 36) are expected to carry authenticated TC segments.

Overview of the Layer

This optional layer is implemented on-chip but a

connection to an external Authentication Unit is also

implemented in case another implementation is desired. The

choice of the AU is done by means of a dedicated

configuration input AUEXT:

â¢ AUEXT = 1: the internal AU is disabled and the external

AU is used,

â¢ AUEXT = 0: the internal AU is used and the external AU

is disabled.

MAP 63 is reserved for AU configuration commands when

authentication is disabled. It is possible to bypass this layer

(when no authentication is required) by means of a dedicated

configuration input AUDIS. In this case, segments are passed

directly to the segmentation layer .The values of the AUDIS pin

are:

â¢ AUDIS = 1: the internal or external AU is disabled,

â¢ AUDIS = 0: the internal or external AU is enabled.

When the AU is disabled, the TC segment does not have

an AU tail (the last nine octets are not deleted), the

Authenticated MAP ID Pointer has no meaning and MAP 63 is

considered as a standard MAP (the data is output on MAP

number 63 without removing the AU tail).

An 80 bit length status, AUS, is generated by this block and

fetched by the telemetry system in order to send it back to the

ground segment.

The Authentication Processor

The authentication method specified in references 1 and 2

consists of generating a 40-bit digital signature using a

transformation under a secret key applied to the TC Segment.

This authentication signature is appended to the TC segment

and guarantees to the recipient that the TC Segment is

authentic with respect to its sender and its contents.

An incoming TC Segment is authenticated by performing

the same transformation made by the transmitting end, and by

comparing the received signature with the onboard-generated

one. A functional diagram of the Authentication Processor is

shown below. There are four main parts:

- the Hashing Function;

- the Hard Knapsack;

- the Deletion Box;

- the Signature Comparator.

They are described in the next four subsections. Not

apparent on the functional diagram of Figure 7 is the

organisation of the secret Authentication Keys stored in the

Authentication Processor. This is described in the section on

AU Control Commands on page 18.

15/72

▷