Advancing the Security of LDACS

Kurzfassung

The "Single European Sky" air traffic management master plan foresees the introduction of several modern digital data links for aeronautical communications. The candidate for long-range continental communications is the L-band Digital Aeronautical Communications System (LDACS). LDACS is a cellular, ground-based digital communications system for flight guidance and communications related to safety and regularity of flight. Hence, the aeronautical standards, imposed by the International Civil Aviation Organization (ICAO), for cybersecurity of the link and network layer, apply. In previous works, threat-and risk analyses of LDACS were conducted, a draft for an LDACS cybersecurity architecture introduced, algorithms proposed, and the security of a Mutual Authentication and Key Establishment (MAKE) procedure of LDACS formally verified. However, options for cipher-suites and certificate management for LDACS were missing. Also, previous works hardly discussed the topic of post-quantum security for LDACS. This paper proposes a cell-attachment procedure, which establishes a secure LDACS communication channel between an aircraft and corresponding ground-station upon cell-entry of the aircraft. Via the design of a hybrid LDACS Public Key Infrastructure (PKI), the choice of a pre-or post-quantum Security Level (SL) is up to the communications participants. With that, this work introduces a full LDACS cell-attachment protocol based on a PKI, certificates, certificate revocation and cipher-suites including pre-and post-quantum options. Evaluations in the symbolic model show the procedure to fulfill LDACS security requirements and a communications performance evaluation demonstrates feasibility, matching requirements imposed by regulatory documents.