HARDENING AUTOMATIC IDENTIFICATION SYSTEMS: PROVIDING INTEGRITY THROUGH AN APPLICATION OF LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES

Abstract

The Automatic Identification System (AIS) employed onboard maritime vessels was designed to improve the safety of navigation at sea, but focused on functionality rather than cybersecurity. Previous research has revealed that the AIS technical architecture and protocol have significant vulnerabilities that have the potential to facilitate cyber attacks such as spoofing and denial-of-service against AIS-equipped maritime vessels and port facilities. AIS data manipulation could have significant negative impacts on the global economy, regional geo-political stability, and safety-of-navigation at sea.

This thesis examines the technical and architectural feasibility of augmenting the current AIS architecture with data integrity and authentication capabilities to potentially mitigate AIS spoofing vulnerabilities. We assess the existing AIS architecture and lightweight cryptographic algorithms to determine an optimal, backwards-compatible authentication system. We then engineer a proof-of-concept AIS authenticator system using commercial AIS equipment and a physical testbench and demonstrate AIS message validation through public key digital signature verification.