Secure AIS with Identity-Based Authentication and Encryption

http://www.transnav.eu the International Journal Volume 14 on Marine Navigation Number 2 and Safety of Sea Transportation June 2020 DOI: 10.12716/1001.14.02.03 Secure AIS with Identity-Based Authentication and Encryption A. Goudosis University of Piraeus, Athens, Greece The Hellenic Quality Assurance and Accreditation Agency (HQA), Greece Mediterranean College, Athens, Greece S.K. Katsikas Norwegian University of Science and Technology, Gjøvik, Norway Open University of Cyprus, Nicosia, Cyprus ABSTRACT: The Automatic Identification System (AIS) offers automatic traffic control and collision avoidance services to the maritime transportation sector worldwide. Because AIS lacks security mechanisms, it is vulnerable to misuse and exploitation by unlawful adversaries (e.g. sea-pirates, terrorists, smugglers). To address the security issues of the AIS, in an earlier paper [1], we proposed the deployment of a Maritime Certificate-less Identity-Based (mIBC) public-key cryptography infrastructure that enhances AIS with ondemand anonymity, authentication, and encryption capabilities. In this paper we address implementation aspects of that infrastructure. In particular, we propose to use the Sakai-Kasahara Identity-Based Encryption (IBE) approach to implement the mIBC infrastructure, following the IEEE 1363.3-2013 standard for IdentityBased Cryptography. 1 INTRODUCTION The Automatic Identification System (AIS) is a maritime navigation safety communications system [2]; its main aim is to improve the maritime domain awareness beyond the limitations of the radars. Radars give a good perspective of the shoreline and of moving targets but their accuracy is limited by the presence of obstacles (e.g., small islands), the RadarCross Section (RCS) value of the targets and the weather conditions. In contrast, AIS transmissions remain accurate, with good or adverse weather conditions, in areas with many physical obstacles or heavy marine traffic (e.g., Malacca Straits). Shipborne AIS devices periodically transmit static data (i.e. vessel’s name, MMSI 3 , IMO-number, type, The MMSI (9-digits) is a number that distinctively identifies a vessel. The MMSI is assigned to all the radio communications of that vessel. The International Maritime Organization number (IMO- 3 dimensions, departure port, arrival port, cargo, etc.) and dynamic real-time navigation data (i.e., Global Navigation Satellite System (GNSS), steering, speedometer, etc.) [3]. When this information, as received from all nearby AIS devices, is aggregated and overlaid on a vessel's electronic navigation chart, the officer-on-watch obtains a good overview of the nearby marine traffic. The use of the AIS is regulated by “Regulation 19” of SOLAS Chapter V, under the supervision of the International Maritime Organization (IMO) and the International Telecommunications Union (ITU). number) is also a distinctive identifier for a vessel and is formed by the prefix “IMO” followed by 7 digits. The main difference with the MMSI is that the IMO-number is the only persistent identifier for a vessel, from the start of its life to the end of it. On the contrary, the MMSI changes when a vessel changes flag and registration authority. 287 Many shore stations equipped with AIS receivers forward received AIS data to various publicly available internet sites 4 . Undoubtedly, this practice offers a valuable tool for the international maritime community but may also become a convenient tool for unlawful adversaries. Unrestrained disclosure of the AIS broadcasted data via the internet can be an aid to sea-pirates and may violate the privacy of passengers [4], [5]. Additionally, the AIS lacks source authentication of the transmitted data, as source authenticity of AIS data relies on the transmitted MMSI number of the ship and its name. However, none of these is officially hardcoded on the AIS devices, nor are the relevant messages signed and certified. Thus, anyone with little knowledge of AIS workings can use an AIS transmitter to create fake AIS data that impersonate non-existing ships, AtoN (Aid to Navigation) or SAR (Search And Rescue Operations) [6], [7]. Without AIS authentication, the maritime domain may be the true one or a fake representation of the marine traffic in the area. A possibly fake representation of the marine traffic in an area poses a very severe threat to the international maritime community. The threat landscape of the AIS ecosystem has been examined in [8]. Accordingly, enhancing the security of AIS becomes an issue of importance to the maritime community. The VHF Data Exchange System (VDES) is seen as an effective and efficient use of radio spectrum, building on the capabilities of AIS and addressing the increasing requirements for data through the system, including some security aspects. VDES is also secure by design. However, full take up of VDES is not expected to happen soon [9]. In [1] we introduced the concept of the Maritime Certificate-less Identity-Based Public Key Cryptography infrastructure (annotated for simplicity “maritime IBC” or “mIBC”), and proposed a solution to enhance the security of the AIS. In this paper, we refine and build upon that work and discuss implementation issues. Specifically, we discuss the implementation of the additional AIS modes of operation proposed in [1] using the AIS protocol and message structure specifications, the IEEE 1363.3-2013 standard, and the Sakai-Kasahara IBE scheme. The remaining of this paper is organized as follows: In section two we discuss related work. Section 3 briefly reviews the AIS security proposal in our earlier work [1], so as to make the present paper self-sustained. In the third section we discuss the seamless implementation of AIS usage modes over the conventional AIS transport protocol. The initial setup and the operation of the three mIBC-AIS usage modes (3, 4, 5) that use cryptography and divert from the standard ones are discussed in section 4. Section 5 presents the structure of the AIS messages in the mIBC-AIS and describes the operation of the mIBCApp, an application designed to ensure transparent transmission/reception of the mIBC-AIS messages over the conventional AIS protocol. In Section 6 we discuss the operational overhead imposed by the proposed mIBC. Finally, section 7 summarizes our conclusions. 4 e.g. www.marinetraffic.com 288 2 RELATED WORK In [10] a new protocol for AIS that relies on a threetiered approach to security with vessel identity verified by certificates assigned by an approving authority was proposed. This solution assumes the existence of a cryptographic infrastructure that provides the maritime community with some cryptographic capabilities. The authors in [11] use AIS, the Maritime Mobile Service Identities (MMSIs) of the vessels and Trusted Third Parties to propose a three-step mutual authentication scheme that uses AIS as the communication means to provide authentication capabilities to the ships rather t (...truncated)