Evaluating Future Air Traffic Management Security
This work addresses cybersecurity risks in air traffic management, proposing a more secure authentication method to prevent impersonation attacks, though it is incremental as it builds on existing PKI technology.
The paper evaluates the security of the L-Band Digital Aviation Communication System (LDACS), identifying vulnerabilities in a proposed PUF-based authentication mechanism, such as predictability by sophisticated models and threats from quantum computers, and suggests PKI as an alternative solution.
The L-Band Digital Aviation Communication System (LDACS) aims to modernize communications between the aircraft and the tower. Besides digitizing this type of communication, the contributors also focus on protecting them against cyberattacks. There are several proposals regarding LDACS security, and a recent one suggests the use of physical unclonable functions (PUFs) for the authentication module. This work demonstrates this PUF-based authentication mechanism along with its potential vulnerabilities. Sophisticated models are able to predict PUFs, and, on the other hand, quantum computers are capable of threatening current cryptography, consisting factors that jeopardize the authentication mechanism giving the ability to perform impersonation attacks. In addition, aging is a characteristic that affects the stability of PUFs, which may cause instability issues, rendering the system unavailable. In this context, this work proposes the well-established Public Key Infrastructure (PKI), as an alternative solution.