Proposal Protocol for DME and Airplane Communication

following 3 parts: data, P KDME, and an aggregated (combination of multiple signatures) signature.
The aggregated signature contains the signature of the FAA on the CERTF AA and the signature
of the DME on the data. The DME signs the data using its SKDME, and the plane verifies the
signature using P KDME. It is important to note that this scheme tolerates packet loss because each
packet is individually signed and does not require any previous or future packets for authentication.
The proof of security and specifics of aggregated signatures are described in Boneh et al. [1].
The signatures are done using 256-bit elliptic curves [2]. Therefore, the P KDME and signature
are 256 bits each. The authentication requires 512 bits. However, this number can be reduced by
using lower bit curves, but this also leads to a lower security.
This scheme can be written with a small amount of code ( 100 lines) assuming that we have a
library that can do elliptic curve cryptography. In terms of speed, it takes about 3 milliseconds to
generate a 256-bit elliptic curve signature and about 70 milliseconds to verify it.
4 Hash Mac Scheme
The scheme has a more detailed authentication protocol, but it only requires 288 bits. When the
first approaches the DME, it has to wait 10 seconds (or time intervals) before we can determine
if the data is authenticated or not. The key setup is the same as the signature scheme. However,
additional calculations and setups have to be done daily and hourly. We describe the daily setup
of the DME, the DME transmission over a 24 hour period, and then the verification done by the
plane over this 24 hour period.
4.1 DME Hash Chain Generation
At a specified time at night (preferably when there is low air traffic), the DME generates a hash
chain of keys to be used during each time interval during the day. Similar one-way chains have
been used in other broadcasting protocols [3]. In this report, our chain will be 86,400 keys long,
and we will assume each time interval is 1 second. To generate this chain, we start with the nth key
(Kn). This key should be randomly generated. The 0th key is found by applying a one-way (hash)
function H n times (e.g. K0 = H n (Kn)). In our implementation, we use Secure Hash Algorithm
(SHA) 256, which is a one way, collision resistant function that outputs 256 bits. and 128 bit keys.
We take the least significant 128 bits before we apply the one way function. Given a key, Kj, Ki =
H j−i (Kj) for j > i.
The keys are used in reverse order. In other words, time interval 0 uses K0, time interval 1
uses K1, etc. Knowing any previous key allows to see if a future key was generated from the same
previous key. A one way function means that there is no known inverse function, so it would be
very difficult to find Kj knowing Ki for j > i. We need some way to store this chain. We can
calculate it all at once and store it, which would require O(n) space but constant time for retrieval.
We can just calculate K0 and recompute the chain every time, which would require O(n) time but
constant space. Re-generating the hash chain every time would be computationally expensive. For
a chain with 86,400 keys, it takes about 135 milliseconds. Jakobsson [4], and Coppersmith and
Jakobsson [5] describe a method for computing the next value in the chain with n elements that
requires O(log n) space and O(log n) time for each retrieval.
4.2 Transmission of the DME over a 24 hour period
Every 10 minute window contains 600 time intervals. Let Kw be the first key from the hash chain
associated with the current 10 minute time window.
2