what is acars
play

What is ACARS? Aircraft Communications Addressing and Reporting - PowerPoint PPT Presentation

Dec 27, 2022 •572 likes •860 views

M odern jets, retro ciphers: How monoalphabetic substitution ciphers are still in use Matthew Smith*, Daniel Moser $ , Martin Strohmeier*, Vincent Lenders , Ivan Martinovic* *University of Oxford $ ETH Zurich armasuisse

  1. M odern jets, retro ciphers: How monoalphabetic substitution ciphers are still in use Matthew Smith*, Daniel Moser $ , Martin Strohmeier*, Vincent Lenders ¥ , Ivan Martinovic* *University of Oxford $ ETH Zurich ¥ armasuisse first.last@cs.ox.ac.uk first.last@inf.ethz.ch first.last@armasuisse.ch Real World Crypto 2018, January 10-12, Zurich

  2. What is ACARS? • Aircraft Communications Addressing and Reporting System (ACARS) is a widely-used avionic data link on both commercial and non-commercial aircraft • Around since late 1970’s, it is now used for vastly different purposes to its original intention • Since then, it has become multi-medium and multi-purpose • Easily collectible with $10 hardware Modern Jets, Retro Ciphers: 2 How monoalphabetic substitution ciphers are still in use

  3. What is ACARS? Modern Jets, Retro Ciphers: 3 How monoalphabetic substitution ciphers are still in use

  4. What is ACARS? Service provider handles messages - like cell networks Modern Jets, Retro Ciphers: 3 How monoalphabetic substitution ciphers are still in use

  5. What is ACARS? ATC use ACARS to control aircraft without requiring voice Modern Jets, Retro Ciphers: 3 How monoalphabetic substitution ciphers are still in use

  6. What is ACARS? AOC communications allow administration in-flight, e.g. passenger updates, gate information Modern Jets, Retro Ciphers: 3 How monoalphabetic substitution ciphers are still in use

  7. What is ACARS? Software defined radios collected from one location over 9 months - ~1 million messages Modern Jets, Retro Ciphers: 3 How monoalphabetic substitution ciphers are still in use

  8. Security in ACARS • A number of ACARS applications clearly require some authentication or confidentiality - but ACARS has no security as standard • ‘Post-hoc’ solutions exist (e.g. Secure ACARS) • However, it costs extra on top of existing ACARS - this deters users - no use thus far Modern Jets, Retro Ciphers: 4 How monoalphabetic substitution ciphers are still in use

  9. Security in ACARS • A number of ACARS applications clearly require some authentication or confidentiality - but ACARS has no security as standard • ‘Post-hoc’ solutions exist (e.g. Secure ACARS) • However, it costs extra on top of existing ACARS - this deters users - no use thus far Many users require privacy but don’t want to pay Modern Jets, Retro Ciphers: 4 How monoalphabetic substitution ciphers are still in use

  10. Analysing messages • We collected over a million VHF and SATCOM ACARS messages, and noticed that some business aircraft were sending scrambled messages 07*?X.0)Emk.;M].;4;Dm)m..) Y(*)]s($).M4U).U;;).MmD)..D+0 07*?X.0)EmUmkm]..D00M)4k.)]rr6) Y-\).k.<);4<k);000).;;+U 07*?X.0)EmUmUU]..D0Mk)m;.)]E{-) 6-r).k.;);;;;);4;;)..U+. Modern Jets, Retro Ciphers: 5 How monoalphabetic substitution ciphers are still in use

  11. Analysing messages • We collected over a million VHF and SATCOM ACARS messages, and noticed that some business aircraft were sending scrambled messages Key identifier 07*?X.0)Emk.;M].;4;Dm)m..) Y(*)]s($).M4U).U;;).MmD)..D+0 07*?X.0)EmUmkm]..D00M)4k.)]rr6) Y-\).k.<);4<k);000).;;+U 07*?X.0)EmUmUU]..D0Mk)m;.)]E{-) 6-r).k.;);;;;);4;;)..U+. 08,suL}Zq`cLLK=LLa`aLZ`YLZP\,0ZPf0,ZLaLYZLKeeZLc}KZLLc[` 08,suL}Zq`tee}=LLaL}KZ}vvZ=yy~ZPuAfZLaYYZYevLZY}eLZLLc[t 08,suL}Zq`KYev=LLK}aKZ}tLZbZbZLaYYZYevvZY`YvZbbbbb 09|\L46c+Ns6,,G4418,hcN84cGeodc-r!Lc4Bh1c8B4hc8BBBc44Z5Z 09|\L46c+N,BZ,G44BBZNc614c-r|Gc-W|Pc4BhZc48hNc48BZcbbbbb 09|\L46c+Ns8NhG44s6,,c6B4c-W|Pc-r.-c4B68c888Bc88NZc44B5, Modern Jets, Retro Ciphers: 5 How monoalphabetic substitution ciphers are still in use

  12. Cipher & usage properties • 9 static keys were used by all aircraft using the cipher • Using frequency analysis (and some deduction), we could recover ~76% of the Bombardier Learjet 45 substitutions for the 9 keys using 2690 messages • All aircraft used the Honeywell Primus avionics suite Gulfstream G650 Modern Jets, Retro Ciphers: 6 How monoalphabetic substitution ciphers are still in use

  13. Aircraft type Manuf. A B C D E Model A-1 A-2 A-3 B-1 B-2 B-3 C-1 D-1 E-1 Avg. Manuf. 2008 2008 2014 2014 2010 2012 2010 2002 2011 Year No./Model 118 56 12 11 3 2 1 1 1 No./Manuf. 186 16 1 1 1 Modern Jets, Retro Ciphers: 7 How monoalphabetic substitution ciphers are still in use

  14. Aircraft type Manuf. A B C D E Model A-1 A-2 A-3 B-1 B-2 B-3 C-1 D-1 E-1 Avg. Manuf. 2008 2008 2014 2014 2010 2012 2010 2002 2011 Year No./Model 118 56 12 11 3 2 1 1 1 No./Manuf. 186 16 1 1 1 Modern Jets, Retro Ciphers: 7 How monoalphabetic substitution ciphers are still in use

  15. Aircraft type Manuf. A B C D E Model A-1 A-2 A-3 B-1 B-2 B-3 C-1 D-1 E-1 Avg. Manuf. 2008 2008 2014 2014 2010 2012 2010 2002 2011 Year No./Model 118 56 12 11 3 2 1 1 1 No./Manuf. 186 16 1 1 1 Modern Jets, Retro Ciphers: 7 How monoalphabetic substitution ciphers are still in use

  16. Aircraft type Manuf. A B C D E Model A-1 A-2 A-3 B-1 B-2 B-3 C-1 D-1 E-1 Avg. Manuf. 2008 2008 2014 2014 2010 2012 2010 2002 2011 Year No./Model 118 56 12 11 3 2 1 1 1 No./Manuf. 186 16 1 1 1 Modern Jets, Retro Ciphers: 7 How monoalphabetic substitution ciphers are still in use

  17. Hidden aircraft • A significant proportion of aircraft using this cipher also used a block, so do not appear on flight trackers. Modern Jets, Retro Ciphers: 8 How monoalphabetic substitution ciphers are still in use

  18. Hidden aircraft • A significant proportion of aircraft using this cipher also used a block, so do not appear on flight trackers. Flightradar24 Modern Jets, Retro Ciphers: 8 How monoalphabetic substitution ciphers are still in use

  19. Hidden aircraft • A significant proportion of aircraft using this cipher also used a block, so do not appear on flight trackers. Flightradar24 Modern Jets, Retro Ciphers: 8 How monoalphabetic substitution ciphers are still in use

  20. Hidden aircraft • A significant proportion of aircraft using this cipher also used a block, so do not appear on flight trackers. • This implies that they are privacy sensitive - and so are being undermined by the weak cipher Modern Jets, Retro Ciphers: 8 How monoalphabetic substitution ciphers are still in use

  21. Hidden aircraft • A significant proportion of aircraft using this cipher also used a block, so do not appear on flight trackers. • This implies that they are privacy sensitive - and so are being undermined by the weak cipher Data Set Not Blocked Blocked Total VHF 5 (10%) 44 (90%) 49 SATCOM 10 (6%) 146 (94%) 156 Modern Jets, Retro Ciphers: 8 How monoalphabetic substitution ciphers are still in use

  22. Message content • 29% of messages were status reports, revealing position , departure and arrival airports Modern Jets, Retro Ciphers: 9 How monoalphabetic substitution ciphers are still in use

  23. Message content • 29% of messages were status reports, revealing position , Arrival Airport - Farnborough, UK, ETA 14:19 departure and arrival airports Position Report 2 - 13:27 Position Report 1 - 12:57 Departure Airport - Instanbul, Turkey From Google Maps Modern Jets, Retro Ciphers: 9 How monoalphabetic substitution ciphers are still in use

  24. Message content • 29% of messages were status reports, revealing position , Arrival Airport - Farnborough, UK, ETA 14:19 departure and arrival airports Position Report 2 - 13:27 Position Report 1 - 12:57 Departure Airport - Instanbul, Turkey From Google Maps Modern Jets, Retro Ciphers: 9 How monoalphabetic substitution ciphers are still in use

  25. Message content • 29% of messages were status reports, revealing position , departure and arrival airports • Blocked aircraft sent 90% of all status reports Modern Jets, Retro Ciphers: 9 How monoalphabetic substitution ciphers are still in use

  26. Responsible disclosure • Reported to Honeywell prior to publication and met with a resounding ‘it’s not a problem’ • Cipher isn’t encryption but obfuscation thus not a security risk “Obfuscation becomes encryption when a high level of confidentiality is assured. The confidentiality assurance of the substitution cipher is low.” Modern Jets, Retro Ciphers: 10 How monoalphabetic substitution ciphers are still in use

  27. Full paper: Economy Class Crypto: Exploring Weak Cipher Usage in Avionic Communications via ACARS - FC2017 Questions Matthew Smith*, Daniel Moser $ , Martin Strohmeier*, Vincent Lenders ¥ , Ivan Martinovic* *University of Oxford $ ETH Zurich ¥ armasuisse first.last@cs.ox.ac.uk first.last@inf.ethz.ch first.last@armasuisse.ch Real World Crypto 2018, January 10-12, Zurich

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Assumptions Competitive (price-taking) behavior; this needs concave production functions No

Assumptions Competitive (price-taking) behavior; this needs concave production functions No

ECO 305 FALL 2003 November 6 GENERAL EQUILIBRIUM AND EFFICIENCY MATHEMATICAL VERSION Assumptions Competitive (price-taking) behavior; this needs concave production functions No information asymmetries (for people or planner)

242 views • 6 slides
ADVANCES IN TELEVISION TRANSMISSION SOLUTIONS MARTYN HORSPOOL PRODUCT MANAGER TV MASON,

ADVANCES IN TELEVISION TRANSMISSION SOLUTIONS MARTYN HORSPOOL PRODUCT MANAGER TV MASON,

ADVANCES IN TELEVISION TRANSMISSION SOLUTIONS MARTYN HORSPOOL PRODUCT MANAGER TV MASON, OHIO, USA CONNECTING WHATS NEXT 1 ADVANCES IN TELEVISION TRANSMISSION SOLUTIONS Todays Virtual Event Topics: Innovative High-Efficiency TV

643 views • 50 slides
nSight-1 CubeSat Mission Presented by: Francois Visser Date: 13 December 2017 S P A C E A D V I

nSight-1 CubeSat Mission Presented by: Francois Visser Date: 13 December 2017 S P A C E A D V I

S P A C E A D V I S O R Y C O M P A N Y ( P T Y ) L T D [ S A C ] Development of a Satellite Tracking Ground Station for the nSight-1 CubeSat Mission Presented by: Francois Visser Date: 13 December 2017 S P A C E A D V I S O R Y

335 views • 32 slides
Intro to VHF/UHF Operation Tim Guyot KB1POP 1 Agenda Getting Licensed Operating

Intro to VHF/UHF Operation Tim Guyot KB1POP 1 Agenda Getting Licensed Operating

RaRa Presentation 12/04/2019 Intro to VHF/UHF Operation Tim Guyot KB1POP 1 Agenda Getting Licensed Operating Opportunities Bands Making Contacts Squelch, CTCSS, DSC, etc Operating in a Net Simplex Buying a Radio

352 views • 14 slides
2019 WInnComm-Europe Conference NATOs perspective on tactical interoperability Berlin, 16 May

2019 WInnComm-Europe Conference NATOs perspective on tactical interoperability Berlin, 16 May

2019 WInnComm-Europe Conference NATOs perspective on tactical interoperability Berlin, 16 May 2019 v03 NCI Agency, NSII Service Line Luis Bastos, NHQC3S PoW Lead for Communications Interoperability Serdar Ozen, Technical Lead for Waveform

532 views • 15 slides
Call to Order November 5, 2015 Welcome and Introductions Guests: Welcome and Introductions

Call to Order November 5, 2015 Welcome and Introductions Guests: Welcome and Introductions

Call to Order November 5, 2015 Welcome and Introductions Guests: Welcome and Introductions Teri Lucie Thompson, Senior Vice President, University Relations Ed Frisch, CAB Financial Info Committee Sue Beauchamp, AZPM Human Resources Coordinator

909 views • 16 slides
Incentive Auctions Peter Cramton* Professor of Economics, University of Maryland Chairman,

Incentive Auctions Peter Cramton* Professor of Economics, University of Maryland Chairman,

Incentive Auctions Peter Cramton* Professor of Economics, University of Maryland Chairman, Market Design Inc. 3 June 2011 * Special thanks to Larry Ausubel, Evan Kwerel, and Paul Milgrom for collaborating with me on this topic over the last

693 views • 43 slides
High-speed broadband radio interferometry for mapping and imaging lightning Julia Tilles , Ningyu

High-speed broadband radio interferometry for mapping and imaging lightning Julia Tilles , Ningyu

High-speed broadband radio interferometry for mapping and imaging lightning Julia Tilles , Ningyu Liu Department of Physics/ Earth, Ocean, and Space Science Center, University of New Hampshire, Durham, NH In collaboration with New Mexico T ech

481 views • 20 slides
The Largest Ionospheric Disturbances Produced by the HAARP HF Facility Paul A. Bernhardt 1 , Carl

The Largest Ionospheric Disturbances Produced by the HAARP HF Facility Paul A. Bernhardt 1 , Carl

The Largest Ionospheric Disturbances Produced by the HAARP HF Facility Paul A. Bernhardt 1 , Carl L. Seifring 1 , Stanley J. Briczinski 2 , Elizabeth A. kendall 3 , Brenton J. Watkins 4 , William Bristow 4 , Robert Michell 5 , Mike McCarrick 6 , A.

390 views • 17 slides
Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad

Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad

Long Term Investigations, EEC Towards Selective Addressing of Aircraft with Voice Radio Watermarks Horst Hering, Konrad Hofbauer EUROCONTROL Experimental Centre (EEC), Bretigny, France 1 European Organisation for the Safety of Air

249 views • 23 slides
Self-Structuring Antenna for Television Reception B. T. Perry*, C. M. Coleman, E. J. Rothwell, B.

Self-Structuring Antenna for Television Reception B. T. Perry*, C. M. Coleman, E. J. Rothwell, B.

Self-Structuring Antenna for Television Reception B. T. Perry*, C. M. Coleman, E. J. Rothwell, B. F. Basch J. E. Ross Department of Electrical and Computer Engineering John Ross &amp; Associates Michigan State University 422 N. Chicago Street

894 views • 25 slides
WW8TF/Rover 2018 Ohio ARES VHF Simplex contest What is the Ohio ARES VHF Simplex Contest? 6

WW8TF/Rover 2018 Ohio ARES VHF Simplex contest What is the Ohio ARES VHF Simplex Contest? 6

WW8TF/Rover 2018 Ohio ARES VHF Simplex contest What is the Ohio ARES VHF Simplex Contest? 6 hours Ops can be from FIXED, FIXED at an EOC, PORTABLE, or ROVER 6 meters and up, all modes Object is contact as many stations as

436 views • 20 slides
IPv6 Technology Gaps in Comparison to the Aeronautical Telecommunications Network Wesley M. Eddy

IPv6 Technology Gaps in Comparison to the Aeronautical Telecommunications Network Wesley M. Eddy

IPv6 Technology Gaps in Comparison to the Aeronautical Telecommunications Network Wesley M. Eddy Verizon Federal Network Systems weddy@grc.nasa.gov Presentation Outline Assume familiarity with TCP/IP Introduce ATN Compare ATN to

305 views • 15 slides
Space Business Overview Satellites Telecommunications Remote Sensing Rockets

Space Business Overview Satellites Telecommunications Remote Sensing Rockets

Space Business Overview Satellites Telecommunications Remote Sensing Rockets Space Tourism Activity Satellites Some companies use satellites to beam telephone conversations, television broadcasts, and data. Other

399 views • 23 slides
Our Goals &amp; Beliefs The Continued Success of Free Over-The-Air Television Which Is Vital

Our Goals &amp; Beliefs The Continued Success of Free Over-The-Air Television Which Is Vital

Our Goals &amp; Beliefs The Continued Success of Free Over-The-Air Television Which Is Vital For The Nation Community Television (including LPTV) Is a Key Component of The Broadcast Industry Todays Over-The-Air Television

558 views • 28 slides
Wireless data networks Why is wireless different? Martin Heusse X L A TEX E General info

Wireless data networks Why is wireless different? Martin Heusse X L A TEX E General info

Wireless data networks Why is wireless different? Martin Heusse X L A TEX E General info This is TLEN 5520, or ECEN 5032 ECCS 1B12, WF, 3:00pm to 4:15pm Please register to the class mailing list! send a mail to

337 views • 16 slides
Distributed Arrays for Space Weather Sensing and the SCINDA Network International Space Weather

Distributed Arrays for Space Weather Sensing and the SCINDA Network International Space Weather

Distributed Arrays for Space Weather Sensing and the SCINDA Network International Space Weather Initiative Keith Groves, Charles Carrano, Christopher Bridgwood and William McNeil Boston College keith.groves@bc.edu 20-24 May 2019 ICTP,

354 views • 20 slides
Wireless Sensor Networks 1. Basics Christian Schindelhauer Technische Fakultt Rechnernetze

Wireless Sensor Networks 1. Basics Christian Schindelhauer Technische Fakultt Rechnernetze

Wireless Sensor Networks 1. Basics Christian Schindelhauer Technische Fakultt Rechnernetze und Telematik Albert-Ludwigs-Universitt Freiburg Version 17.04.2016 1 Physics Background Moving particles with electric charge cause

383 views • 25 slides
State and Territory Single Points of Contact (SPOC) Meeting November 17, 2016 | Phoenix Kevin

State and Territory Single Points of Contact (SPOC) Meeting November 17, 2016 | Phoenix Kevin

State and Territory Single Points of Contact (SPOC) Meeting November 17, 2016 | Phoenix Kevin McGinnis, FirstNet Board Member Conversation Room Rural Command Vehicle Interoperable Communications Chief Kasey Beal | Deputy Chief Mesa

463 views • 17 slides
Wednesday, November 13, 2013 Jerome M. Hauer Commissioner DHSES Roll Call; Approval of the

Wednesday, November 13, 2013 Jerome M. Hauer Commissioner DHSES Roll Call; Approval of the

Wednesday, November 13, 2013 Jerome M. Hauer Commissioner DHSES Roll Call; Approval of the Meeting Agenda; Approval of Minutes from September 18, 2013 Meeting Presented by Linda Messina OIEC Counsel DHSES Presented by Toby Dusha Radio Engineer

653 views • 28 slides
Man Overboard! It could happen to you - how to be best prepared. Navy Offshore Sailing Varsity

Man Overboard! It could happen to you - how to be best prepared. Navy Offshore Sailing Varsity

Navy Offshore Sailing Varsity Offshore Sailing Team Man Overboard! It could happen to you - how to be best prepared. Navy Offshore Sailing Varsity Offshore Sailing Team Sobering MOB Facts 24% were characterized as falls overboard 24%

330 views • 16 slides
Before: After: Stations that continued broadcasting were assigned potentially new channels to fit

Before: After: Stations that continued broadcasting were assigned potentially new channels to fit

Incentive Auction Design Alternatives: A Simulation Study Neil Newman, Kevin Leyton-Brown, Paul Milgrom, Ilya Segal Over 13 months in 2016-17 the FCC held an incentive auction to repurpose radio spectrum from broadcast television to

280 views • 4 slides
AMATEUR RADIO CLUB OF COLUMBIA COUNTY, INC. THE ARCCC, INC. WELCOMES YOU! The meeting will begin

AMATEUR RADIO CLUB OF COLUMBIA COUNTY, INC. THE ARCCC, INC. WELCOMES YOU! The meeting will begin

AMATEUR RADIO CLUB OF COLUMBIA COUNTY, INC. THE ARCCC, INC. WELCOMES YOU! The meeting will begin at 7 PM The meeting host will mute participant audio when the meeting starts AMATEUR RADIO CLUB OF COLUMBIA COUNTY, INC. GENERAL MEETING

413 views • 24 slides
Spa Sparsi rsity-pr propor porti tional Ba Backhaul l an and Compute e fo for SDRs

Spa Sparsi rsity-pr propor porti tional Ba Backhaul l an and Compute e fo for SDRs

Spa Sparsi rsity-pr propor porti tional Ba Backhaul l an and Compute e fo for SDRs Moein Khazraee, Ye Yeswanth Gu Guddeti , Sam Crow, Alex C. Snoeren, Kirill Levchenko, Dinesh Bharadia, Aaron Schulman Software Defined Radios have a

312 views • 27 slides

More recommend