A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification

Automatic dependent surveillance-broadcast (ADS-B) has become a crucial part of next generation air traffic surveillance technology and will be mandatorily deployed for most of the airspaces worldwide by 2020. Each aircraft equipped with an ADS-B device keeps broadcasting plaintext messages to other aircraft and the ground station controllers once or twice per second. The lack of security measures in ADS-B systems makes it susceptible to different attacks. Among the various security issues, we investigate the integrity and authenticity of ADS-B messages. We propose a new framework for providing ADS-B with authentication based on three-level hierarchical identity-based signature (HIBS) with batch verification. Previous signature-based ADS-B authentication protocols focused on how to generate signatures efficiently, while our schemes can also significantly reduce the verification cost, which is critical to ADS-B systems, since at any time an ADS-B receiver may receive lots of signatures. We design two concrete schemes. The basic scheme supports partial batch verification and the extended scheme provides full batch verification. We give a formal security proof for the extended scheme. Experiment results show that our schemes with batch verification are tremendously more efficient in batch verifying <inline-formula><tex-math notation="LaTeX">$n$ </tex-math><alternatives><inline-graphic xlink:href="yang-ieq1-2459709.gif"/></alternatives></inline-formula> signatures than verifying <inline-formula><tex-math notation="LaTeX">$n$</tex-math><alternatives> <inline-graphic xlink:href="yang-ieq2-2459709.gif"/></alternatives></inline-formula> signatures independently. For example, the running time of verifying 100 signatures is 502 and 484 ms for the basic scheme and the extended scheme respectively, while the time is 2500 ms if verifying the signatures independently.

[1]  Ivan Martinovic,et al.  Realities and challenges of nextgen air traffic management: the case of ADS-B , 2014, IEEE Communications Magazine.

[2]  Joonsang Baek,et al.  An Authentication Framework for Automatic Dependent Surveillance-Broadcast Based on Online/Offline Identity-Based Signature , 2013, 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[3]  Amos Fiat,et al.  Batch RSA , 1989, Journal of Cryptology.

[4]  Ilia Petrov,et al.  From Active Data Management to Event-Based Systems and More , 2010, Lecture Notes in Computer Science.

[5]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[6]  Ivan Martinovic,et al.  Security of ADS-B: State of the Art and Beyond , 2013, ArXiv.

[7]  Friedemann Mattern,et al.  From the Internet of Computers to the Internet of Things , 2010, From Active Data Management to Event-Based Systems and More.

[8]  Andrei Costin,et al.  Ghost in the Air(Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices , 2012 .

[9]  Jung Hee Cheon,et al.  Batch Verifications with ID-Based Signatures , 2004, ICISC.

[10]  Jan Camenisch,et al.  Batch Verification of Short Signatures , 2007, Journal of Cryptology.

[11]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[12]  Ivan Martinovic,et al.  Lightweight Location Verification in Air Traffic Surveillance Networks , 2015, CPSS@ASIACSS.

[13]  Joonsang Baek,et al.  Making air traffic surveillance more reliable: a new authentication framework for automatic dependent surveillance-broadcast (ADS-B) based on online/offline identity-based signature , 2015, Secur. Commun. Networks.

[14]  Ivan Martinovic,et al.  Experimental Analysis of Attacks on Next Generation Air Traffic Communication , 2013, ACNS.

[15]  Robert F. Mills,et al.  Security analysis of the ADS-B implementation in the next generation air transportation system , 2011, Int. J. Crit. Infrastructure Prot..

[16]  E. Valovage,et al.  Enhanced ADS-B Research , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[17]  Matthew Green,et al.  Practical Short Signature Batch Verification , 2009, CT-RSA.

[18]  Hussein A. Abbass,et al.  Identification of ADS-B System Vulnerabilities and Threats , 2010 .

[19]  W. Lafayette,et al.  Aircraft ADS-B Data Integrity Check , 2004 .

[20]  Gaspare Galati,et al.  Localization algorithms for multilateration (MLAT) systems in airport surface surveillance , 2015, Signal Image Video Process..

[21]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[22]  Radha Poovendran,et al.  A Framework for Securing Future e-Enabled Aircraft Navigation and Surveillance , 2009 .

[23]  FENG Ziliang,et al.  A DATA AUTHENTICATION SOLUTION OF ADS-B SYSTEM BASED ON X.509 CERTIFICATE , 2010 .

[24]  Krishna Sampigethaya,et al.  Visualization & assessment of ADS-B security for green ATM , 2010, 29th Digital Avionics Systems Conference.

[25]  Todd E. Humphreys,et al.  Can Cryptography Secure Next Generation Air Traffic Surveillance? , 2014 .