In this concluding part of a three-part series on the space shuttle, WBT's David Geer looks at spread spectrum technology and its role in keeping encrypted data secure.

The communications link to the orbiter is a spread spectrum link, a technology that was invented by Hedy Lamar (believe it or not!) during WWII for secure radio transmissions. Spread spectrum makes signal jamming and eavesdropping much more challenging, an important issue for a radio signal coming from orbit, which could be intercepted from anywhere within its footprint. Eavesdropping can also be used to interfere with satellite transmissions via availability attacks, wherein interference from the other channel makes the signal unavailable.

The spread spectrum link uses a modulation scheme in which there are only 72KB of actual data sent. The data is convolutionally encoded (a complex form of modulation, which provides for error correction). This high data rate is like "taking an 11MHz signal and modulating that on top of the 72KB of coded data," says Phil Liebrecht, associate director and program manager for Mission Services, NASA Goddard Space Flight Center.

The process modulates 72KB of data with a much higher pseudo-noise code, which gives the orbiter link protection against interference from other RF signals. It also provides protection for those other signals to keep the orbiter signal from causing interference to the other S-band systems that are in use on earth. This interference could come from signals such as microwave links.

Encryption
Encrypted data can be delivered over almost any radio band, in space or otherwise. It's not the S and Ku bands that are secured, but rather the data that passes over them. NIST (the National Institute of Standards and Technology, Boulder, Colorado) assembles the FIPS (Federal Information Processing Standards), which are followed for all non-classified government communications.

The DES (Data Encryption Standard) is an older and popularly accepted, encryption standard, which met FIPS requirements. It used a 56-bit key. Then came the Triple DES with a 112-bit key, offering enhanced security. A new standard adopted just a few years ago is the AES (Advanced Encryption Standard), based on the Rijndael algorithm. This standard is the latest direction for cryptography in commercial applications. For everything classified (secret, top secret) the NSA (National Security Agency) at Fort Mead, Maryland is responsible for the security algorithms.

One aspect of DES and AES is what is called symmetric encryption. "You apply the encryption algorithm to your data and then you apply it again to decrypt the data. The symmetric algorithms are very fast. People have demonstrated Rijndael chips that work on gigabit Ethernet connections," says Mark A. Sturza, senior advisor to Wavestream Corporation, 3CsysCo.com. (Wavestream manufactures amplifiers for the Ku and Ka bands, which will replace the current tube amplifiers used by NASA. These amplifiers are used on the ground and in space for transmissions to the shuttle.)

To do symmetric encryption you need to have a single key, which is used at both ends of the communication. Key exchange is done utilizing public key cryptography, making use of the well-known RSA algorithm created by Ron Rivest, Adi Shamir, and Leonard Adelman. There are other methods of key exchange than RSA, but RSA has shown its strength over many years and is known to offer high security.

How Is Shuttle Mission Data Encrypted?
I had assumed that the data sent over NASA's S and Ku band systems during shuttle missions would be protected by one of the secret encryption methods from the NSA. "Actually I sort of doubt that," says Sturza. "It's probably DES or triple DES just because the AES is too new." Cryptography could be "NSA like" for the satellite command-and-control data, which is done with an NSA-approved cryptographic device. "It would be disastrous if high school students could start controlling satellites, especially military satellites," says Sturza.

For something as important as the space shuttle program, the algorithms and/or keys for encryption are probably changed regularly. "I would strongly suspect that they change it on a mission-by-mission basis," says Sturza. It's possible that this is done through hard coding using cryptoloaders such as the NSA uses. These devices are loaded with the keys at a secure location and then taken to the shuttle and plugged in so that the keys can be loaded into the embedded equipment.

Hardware
At the heart of shuttle mission communications is the NSP (Network Signal Processor), which is onboard the shuttle. This device routes and processes all commands, telemetry, and voice between the ground and the orbiter. Any command and voice data that are uplinked to the orbiter, specifically to its S-band PM uplink, or to the Ku-band forward link, are received by the NSP. Not all data is encrypted; data that is encrypted is recognized as such by the NSP and routed to the ComSec (Communications Security) device on the shuttle, where it is decrypted and routed back to the NSP. Data that is to be encrypted before leaving the shuttle is routed to the ComSec and returned to the NSP before being downlinked to the ground.

Differences in Voice and Data Handling
Voice and data are not treated the same throughout the process. When returning voice communications to the ground they are demultiplexed from the command data and converted to analog signals before being routed to the ACCU (Audio Central Control Unit). The command data on the other hand is routed to the GPCs (General Purpose Computers) within the data processing system via the flight forward MDM (multiplexer/demultiplexer).

The NSP digitizes analog voice received from the ACCU. The signal is multiplexed again with the telemetry data from the PCMMU (the pulse code modulation master unit); this multiplexed data is then ready for real-time transmission to the ground. The data is also routed to the operational recorders for archiving. Data is always encrypted at the ComSec before going to the NSP and back to the ground.

Conclusion
Clearly, communicating with the space shuttle is a much more complex proposal than just choosing a radio and talking, but as this series of articles has shown, the more we look into the details of just how the astronauts phone home the more complex it gets, and this is typical of space flight in general. Applications that are trivial in most environments require truly innovative and detailed solutions when exposed to the most hostile of environments. The astronauts' complete reliance on the technology that surrounds them means that every component is mission-critical and every detail needs to be specified and tested beyond what would seem to be common sense requirements.

While this series was in production, the shuttle Columbia was destroyed while re-entering the atmosphere, a tragic reminder of just how complex space technology is, and how easily it can fail. But as I look out my window into the night sky, I'm reminded that somewhere among the stars, one of those grand lights is an International Space Station, a wireless one. It's no longer current to say that we live in a Wireless World. With GPS for Mars coming so quickly, and a space-based Internet already in design, it's time to start talking about our Wireless Solar System.