Running Cryptography on a Raspberry Pi Zero on the Space Station
Launched on board the Cygnus NG-11 cargo craft back in the middle of April this year, the Cryptographic ICE Cube experiment has now been installed on the European Columbus module and has started returning data to CERN.
Built around a Raspberry Pi Zero, the experiment is an attempt to overcome the problems of radiation when sending encrypted communications in space.
The experiment is testing two different, but related, approaches to problem of encryption in non-radiation hardened systems.
“The first is a method of re-exchanging the encryption key if it gets corrupted. This needs to be done in a secure and reliable way, to restore the secure link very quickly. This relies on a secondary fall-back base key, which is wired into the hardware so it cannot be compromised. However, this hardware solution can only be done for a limited number of keys, reducing flexibility. The second is an experimental hardware reconfiguration approach which can recover rapidly if the encryption key is compromised by radiation-triggered memory ‘bit flips’. A number of microprocessor cores are inside CryptIC as customisable, field-programmable gate arrays (FPGAs), rather than fixed computer chips. These cores are redundant copies of the same functionality. Accordingly, if one core fails then another can step in, while the faulty core reloads its configuration, thereby repairing itself.”—Lukas Armborst, ESA Young Graduate Trainee
Designed to examine how encryption keys can be scrambled when radiation hits the memory and processors doing the encryption in orbit, not something that happens a lot on the ground due to the atmosphere being in the way, the experiment deliberately uses an off the shelf components.
The experiment uses the Raspberry Pi Zero more or less in its off the shelf state; the only difference is it has had to be covered with a plastic ‘conformal’ coating, to fulfil standard safety requirements for operating on the space station.