A Cybersecurity Architecture for the L-band Digital Aeronautical Communications System (LDACS)
Nils Maurer,Arne Bilzhause +1 more
TLDR
A cybersecurity architecture for LDACS is introduced and a suitable security algorithm is proposed, which can achieve the security objectives on top of the architecture, to integrate new security functions within the existing protocol stack ofLDACS.Abstract:
With air transportation growing and current civil aeronautical communication systems reaching their capacity limit in high density areas, the need for new aeronautical communication technologies becomes apparent. The biggest challenge in recent years is the transition from analogue voice to digital data communication and the related trend towards an increased autonomous data processing. A promising candidate for the digital future communication infrastructure in continental areas is the terrestrial long-range L-band Digital Aeronautical Communications System (LDACS), which is currently in the process of being standardized by the International Civil Aviation Organization (ICAO). As safety and security are strongly intertwined in civil aviation, every installation of LDACS requires protection against cyber-attacks. This paper introduces a cybersecurity architecture for LDACS and proposes suitable security algorithm, which can achieve the security objectives on top of the architecture. Therefore we integrate new security functions within the existing protocol stack of LDACS. We provide an architecture for user data encryption, data integrity, authenticated key agreement, entity authentication, broadcast channel protection, and key and access management.read more
Citations
More filters
Journal ArticleDOI
Flight Trial Demonstration of Secure GBAS via the L-band Digital Aeronautical Communications System (LDACS)
Nils Maurer,Thomas Graupl,Miguel A. Bellido-Manganell,Daniel M. Mielke,Alexandra Filip-Dhaubhadel,Oliver Heirich,Daniel Gerbeth,Michael Felux,Lukas Marcel Schalk,Dennis Becker,Nicolas Schneckenburger,Michael Schnell +11 more
TL;DR: Results indicate that cryptographically secured GBAS data via LDACS can provide GAST-C and Gasts approach service type-D services with high availability if cryptographic parameters are chosen appropriately.
Book ChapterDOI
Securing the Air–Ground Link in Aviation
TL;DR: This chapter analyzes the current situation of the aviation airground link in a comprehensive manner, collects reported security and privacy incidents, and creates a novel taxonomy that proposes future directions for aviation security research.
Proceedings ArticleDOI
Comparing Different Diffie-Hellman Key Exchange Flavors for LDACS
TL;DR: The STS protocol based on a central Public Key Infrastructure (PKI) trust solution with Supersingular Isogeny Diffie–Hellman (SIDH) for post-quantum security to be best suited for long term security is concluded.
Proceedings ArticleDOI
Towards Successful Realization of the LDACS Cybersecurity Architecture: An Updated Datalink Security Threat- And Risk Analysis
Nils Maurer,Corinna Schmitt +1 more
TL;DR: A suitable set of algorithms and protocols for security support for LDACS is presented, evaluated performance and security wise to match the cybersecurity architecture specification identified in earlier work.
Journal ArticleDOI
Modelling, investigation, and feasibility of stratospheric broadband mm-wave 5g and beyond networks for aviation
TL;DR: The proposed aircraft– SB 5G network is compared to the most recent low-Earth orbit (LEO) Internet satellites where the proposed system is expected to provide low latency, less atmospheric attenuation, longer aircraft–SB link duration, and very low handover rate.
References
More filters
HMAC: Keyed-Hashing for Message Authentication
TL;DR: This document describes HMAC, a mechanism for message authentication using cryptographic hash functions that can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared key.
The TESLA Broadcast Authentication Protocol
TL;DR: The TESLA (Timed Efficient Stream Loss-tolerant Authentication) broadcast authentication protocol is presented, an efficient protocol with low communication and computation overhead, which scales to large numbers of receivers, and tolerates packet loss.
HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
Hugo Krawczyk,Pasi Eronen +1 more
TL;DR: This document specifies a simple Hashed Message Authentication Code (HMAC)-based key derivation function (HKDF), which can be used as a building block in various protocols and applications.
Internet Security Glossary, Version 2
TL;DR: The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process (RFC 2026) following the principles that such writing should use the same term or definition whenever the same concept is mentioned.
Journal Article
Faster and Timing-Attack Resistant AES-GCM
Emilia Käsper,Peter Schwabe +1 more
TL;DR: A bitsliced implementation of AES encryption in counter mode for 64-bit Intel processors, up to 25% faster than previous implementations, while simultaneously offering protection against timing attacks, and is the only cache-timing-attack resistant implementation offering competitive speeds for stream as well as for packet encryption.