[Cryptography] improved identification of non-targets

Peter Fairbrother peter at tsto.co.uk
Sun Jan 12 16:44:16 EST 2020 

On 12/01/2020 08:28, jamesd at echeque.com wrote:
> On 2020-01-12 16:13, John Denker via cryptography wrote:
>> 3) To ask the same question in a slightly different way:
>>   Can we provide airliners with IFF functionality?  What
>>   would that involve?
>>
>>   The equipment would have to be highly trusted.  If there
>>   were any appreciable risk that identifications could be
>>   stolen or forged, missile crews would ignore the IFF and
>>   shoot at anything that moves.
>>
>> 4) You can't just install military transponders in airliners,
>>   partly because the equipment is classified, and partly because
>>   the task is different.  Military IFF responds only if you
>>   ask nicely, using a coded query, but an airliner should
>>   respond to anybody who asks.  Instead, the airliner needs
>>   some kind of nonce (to prevent trivial replay attacks).
>>
>>   So, if we can come up with some sort of design that makes
>>   sense, perhaps ICAO could standardize it.  Once it is
>>   deployed, there would be a lot of pressure for militaries
>>   to respect it.
> 
> Here is a generic design for IFF [...]
> The secret that corresponds to the public key that gets signed can be in 
> a sealed box, and to get it out you would have to get into the airliner 
> and open up the box.

Or steal the box and put it in your bomber ...



There is a reason why IFF works as it does - you want to not shoot down 
your own guys. Anyone else is either the enemy or collateral damage - 
and it is more important to shoot down the enemy than to avoid 
collateral damage.

You don't want a hierarchical universal generic design really - you want 
your own people to issue your own version of get-out-of-being-shot-down 
cards, nobody else.

For outgoing airliners any IFF-y box which attaches to a transponder on 
the aircraft would do. The codes are only valid for however long the 
airliner is going to be in your defended airspace. You might do 
something similar for approaching airliners, the approaching airliner 
gets a one-use code from air traffic control [to go in a secure box 
perhaps].

But I expect things will go on as they are, with public condemnation 
being the main factor limiting unwanted shooting down of airliners.

Though I suppose it has happened, I never heard of somebody getting shot 
or even discharged for shooting down an airliner - to the military, it 
is more important to shoot down the enemy than to avoid collateral damage.

Peter Fairbrother

More information about the cryptography mailing list