Evaluating Future Air Traffic Management Security

TL;DR

This paper evaluates the security of LDACS communication system, analyzing PUF-based authentication vulnerabilities and proposing PKI as a more secure alternative.

Contribution

It demonstrates vulnerabilities of PUF-based authentication in LDACS and suggests PKI as a robust solution against cyber threats.

Findings

Predictive models can compromise PUF security.

Quantum computers threaten current cryptography.

Aging affects PUF stability and system availability.

Abstract

The L-Band Digital Aviation Communication System (LDACS) aims to modernize communications between the aircraft and the tower. Besides digitizing this type of communication, the contributors also focus on protecting them against cyberattacks. There are several proposals regarding LDACS security, and a recent one suggests the use of physical unclonable functions (PUFs) for the authentication module. This work demonstrates this PUF-based authentication mechanism along with its potential vulnerabilities. Sophisticated models are able to predict PUFs, and, on the other hand, quantum computers are capable of threatening current cryptography, consisting factors that jeopardize the authentication mechanism giving the ability to perform impersonation attacks. In addition, aging is a characteristic that affects the stability of PUFs, which may cause instability issues, rendering the system unavailable. In this context, this work proposes the well-established Public Key Infrastructure (PKI), as an alternative solution.