Public Key Authentication for AIS and the VHF Data Exchange System (VDES)

Abstract

The maritime industry is being made increasingly aware that it is vulnerable to cyber-attacks. By interfering with either marine aids to navigation (AtoN) or a vessel’s own navigation and control systems, a successful cyber-attack has the potential to endanger the safety of a vessel. Spoofing attacks (falsifying communications such that they purport to be from a legitimate maritime authority or AtoN) have the potential to be a particularly nefarious form of cyber-attack. For example, by spoofing unprotected Automatic Identification System (AIS) messages, it is possible to falsify vessel positions, virtual AtoN, man overboard alerts and Differential GNSS corrections. New e-navigation communications technologies under development, such as the VHF Data Exchange System (VDES), have higher bit rates and therefore a greater potential to interact with other bridge systems; therefore they may become a more attractive target to cyber-criminals. In order to mitigate the risk of spoofing data, the mariner needs to be confident that the information is provided by the appropriate body. Cryptographic authentication of the data is an appropriate way of providing protection from spoofing and confirming the data provider. This paper describes a suitable authentication scheme using Public Key Cryptography (PKC). PKC allows communications to be authenticated by the inclusion of a digital signature. Using a PKC scheme to authenticate communications has a considerable overhead and is not without disadvantages. One difficulty is incorporating relatively large digital signatures into low-bandwidth VHF communications such as AIS and VDES; digital signatures need to be large enough to provide an adequate level of security, yet small enough to permit their inclusion and ordinary use. A suitable compromise is identified and recommends the use of Elliptic Curve cryptographic algorithms, ordinarily using 256-bit key size. Using these algorithms, signatures of 512 bits in size are produced, which are small enough to permit their inclusion in multi-slot binary AIS messages (and by extension VDES messages). A demonstration system has been developed and has shown authentication of VDES ASM messages based on the above Elliptic Curve scheme; however there remain a number of open questions, such as the impact on the AIS / VDES channel loading and the management of the public keys needed to verify digital signatures.