ADS-B, Friend or Foe: ADS-B Message Authentication for NextGen Aircraft

Legacy air traffic control systems have become outdated and cannot keep up with the trending increase in airliner traffic. With the goal of modernizing the system from one of manual air traffic positioning through radar and radio communication to a network of e-enabled aircraft, the Federal Aviation Administration (FAA) is shifting to the use of Automatic Dependent Surveillance-Broadcast (ADS-B) as a surveillance technology with higher accuracy and less man-in-the-loop dependence. However, ADS-B in its current implementation lacks the security measures needed to provide authenticity and integrity, making it an easy target for spoofing attacks. This paper presents a message authentication scheme that (1) uses a Public Key Infrastructure (PKI) to verify all ADS-B signals are from FAA registered aircraft, (2) uses asymmetric cryptography to exchange a symmetric session key, and (3) uses this symmetric session key to validate data authenticity and integrity. The scheme description is followed by a discussion of its scalability and feasibility in context of the full aviation realm that it applies to, as well as the changes that would be needed in existing technologies.