[Cryptography] improved identification of non-targets
jamesd at echeque.com
jamesd at echeque.com
Sun Jan 12 03:28:19 EST 2020
On 2020-01-12 16:13, John Denker via cryptography wrote:
> 3) To ask the same question in a slightly different way:
> Can we provide airliners with IFF functionality? What
> would that involve?
>
> The equipment would have to be highly trusted. If there
> were any appreciable risk that identifications could be
> stolen or forged, missile crews would ignore the IFF and
> shoot at anything that moves.
>
> 4) You can't just install military transponders in airliners,
> partly because the equipment is classified, and partly because
> the task is different. Military IFF responds only if you
> ask nicely, using a coded query, but an airliner should
> respond to anybody who asks. Instead, the airliner needs
> some kind of nonce (to prevent trivial replay attacks).
>
> So, if we can come up with some sort of design that makes
> sense, perhaps ICAO could standardize it. Once it is
> deployed, there would be a lot of pressure for militaries
> to respect it.
Here is a generic design for IFF that can be used in a wide variety of
applications, such as opening garage doors or making sure office doors
open for employees and do not open for non employees.
And identifying airliners to Tor M1 missile batteries.
The central authority frequently issues fresh signatures to various
lesser authorities, who in turn sign the keys of their subordinates, for
a hierarchy of any depth.
Since using public keys, no replay attacks. If a key leaks, it does not
last long, and if it gets used by a bad guy, the entity that leaked it
gets identified.
The secret that corresponds to the public key that gets signed can be in
a sealed box, and to get it out you would have to get into the airliner
and open up the box.
To identify as friend, you respond to a message containing an
unpredictable code, with a signed message acknowledging the code, where
the signing key was recently signed by the hierarchy
Thus the airport authority has a key signed by a higher authority that
says "this is airport so and os", or maybe the public key of the
airports well secured master key key is well known. The airport signs
the latest public key of the plane taking off with a message saying
"This key belongs to flight such and such, en-route to Toronto.
This signature is valid for 20 hous, and the flight is going to arrive
in Toronto well before that" Then the flight, when it gets an IFF
interrogation, responds with a signature of the unpredictable data in
the interrorgation using its secret key, and the airport's signature of
its corresponding public key.
More information about the cryptography
mailing list