< draft-ietf-raw-ldacs-06.txt   draft-ietf-raw-ldacs-07.txt >
RAW N. Maeurer, Ed. RAW N. Maeurer, Ed.
Internet-Draft T. Graeupl, Ed. Internet-Draft T. Graeupl, Ed.
Intended status: Informational German Aerospace Center (DLR) Intended status: Informational German Aerospace Center (DLR)
Expires: 29 July 2021 C. Schmitt, Ed. Expires: 21 August 2021 C. Schmitt, Ed.
Research Institute CODE, UniBwM Research Institute CODE, UniBwM
25 January 2021 17 February 2021
L-band Digital Aeronautical Communications System (LDACS) L-band Digital Aeronautical Communications System (LDACS)
draft-ietf-raw-ldacs-06 draft-ietf-raw-ldacs-07
Abstract Abstract
This document provides an overview of the architecture of the L-band This document provides an overview of the architecture of the L-band
Digital Aeronautical Communications System (LDACS), which provides a Digital Aeronautical Communications System (LDACS), which provides a
secure, scalable and spectrum efficient terrestrial data link for secure, scalable and spectrum efficient terrestrial data link for
civil aviation. LDACS is a scheduled, reliable multi-application civil aviation. LDACS is a scheduled, reliable multi-application
cellular broadband system with support for IPv6. LDACS SHALL provide cellular broadband system with support for IPv6. LDACS SHALL provide
a data link for IP network-based aircraft guidance. High reliability a data link for IP network-based aircraft guidance. High reliability
and availability for IP connectivity over LDACS are therefore and availability for IP connectivity over LDACS are therefore
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 29 July 2021. This Internet-Draft will expire on 21 August 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 48 skipping to change at page 2, line 48
8.2. Beyond Layer 2 . . . . . . . . . . . . . . . . . . . . . 18 8.2. Beyond Layer 2 . . . . . . . . . . . . . . . . . . . . . 18
9. Protocol Stack . . . . . . . . . . . . . . . . . . . . . . . 18 9. Protocol Stack . . . . . . . . . . . . . . . . . . . . . . . 18
9.1. MAC Entity Services . . . . . . . . . . . . . . . . . . . 19 9.1. MAC Entity Services . . . . . . . . . . . . . . . . . . . 19
9.2. DLS Entity Services . . . . . . . . . . . . . . . . . . . 21 9.2. DLS Entity Services . . . . . . . . . . . . . . . . . . . 21
9.3. VI Services . . . . . . . . . . . . . . . . . . . . . . . 22 9.3. VI Services . . . . . . . . . . . . . . . . . . . . . . . 22
9.4. LME Services . . . . . . . . . . . . . . . . . . . . . . 22 9.4. LME Services . . . . . . . . . . . . . . . . . . . . . . 22
9.5. SNP Services . . . . . . . . . . . . . . . . . . . . . . 22 9.5. SNP Services . . . . . . . . . . . . . . . . . . . . . . 22
10. Security Considerations . . . . . . . . . . . . . . . . . . . 22 10. Security Considerations . . . . . . . . . . . . . . . . . . . 22
10.1. Reasons for Wireless Digital Aeronautical 10.1. Reasons for Wireless Digital Aeronautical
Communications . . . . . . . . . . . . . . . . . . . . . 22 Communications . . . . . . . . . . . . . . . . . . . . . 22
10.2. Requirements for LDACS . . . . . . . . . . . . . . . . . 23 10.2. LADACS Requirements . . . . . . . . . . . . . . . . . . 23
10.3. Security Objectives for LDACS . . . . . . . . . . . . . 24 10.3. LDACS Security Objectives . . . . . . . . . . . . . . . 24
10.4. Security Functions for LDACS . . . . . . . . . . . . . . 24 10.4. LDACS Security Functions . . . . . . . . . . . . . . . . 24
10.5. Resulting Security Architectural Details . . . . . . . . 24 10.5. LDACS Security Architecture . . . . . . . . . . . . . . 25
10.5.1. Entities in LDACS Security Model . . . . . . . . . . 25 10.5.1. Entities . . . . . . . . . . . . . . . . . . . . . . 25
10.5.2. Matter of LDACS Entity Identification . . . . . . . 25 10.5.2. Entity Identification . . . . . . . . . . . . . . . 25
10.5.3. Matter of LDACS Entity Authentication and Key 10.5.3. Entity Authentication and Key Negotiation . . . . . 25
Negotiation . . . . . . . . . . . . . . . . . . . . . 25 10.5.4. Message-in-transit Confidentiality, Integrity and
10.5.4. Matter of LDACS Message-in-transit Confidentiality, Authenticity . . . . . . . . . . . . . . . . . . . . 26
Integrity and Authenticity . . . . . . . . . . . . . 26 10.6. LDACS Security Modules . . . . . . . . . . . . . . . . . 26
10.6. Security Modules for LDACS . . . . . . . . . . . . . . . 26 10.6.1. Placements of Security Functionality in Protocol
11. Privacy Considerations . . . . . . . . . . . . . . . . . . . 27 Stack . . . . . . . . . . . . . . . . . . . . . . . . 26
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 10.6.2. Trust . . . . . . . . . . . . . . . . . . . . . . . 27
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 27 10.6.3. Mutual Authentication and Key Exchange (MAKE) . . . 27
14. Normative References . . . . . . . . . . . . . . . . . . . . 27 10.6.4. Key Derivation and Key Hierarchy . . . . . . . . . . 28
15. Informative References . . . . . . . . . . . . . . . . . . . 27 10.6.5. User Data Security . . . . . . . . . . . . . . . . . 28
Appendix A. Selected Information from DO-350A . . . . . . . . . 30 10.6.6. Control Data Security . . . . . . . . . . . . . . . 28
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 11. Privacy Considerations . . . . . . . . . . . . . . . . . . . 29
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 29
14. Normative References . . . . . . . . . . . . . . . . . . . . 29
15. Informative References . . . . . . . . . . . . . . . . . . . 30
Appendix A. Selected Information from DO-350A . . . . . . . . . 34
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36
1. Introduction 1. Introduction
One of the main pillars of the modern Air Traffic Management (ATM) One of the main pillars of the modern Air Traffic Management (ATM)
system is the existence of a communication infrastructure that system is the existence of a communication infrastructure that
enables efficient aircraft control and safe separation in all phases enables efficient aircraft control and safe separation in all phases
of flight. Current systems are technically mature but suffering from of flight. Current systems are technically mature but suffering from
the VHF band's increasing saturation in high-density areas and the the VHF band's increasing saturation in high-density areas and the
limitations posed by analogue radio communications. Therefore, limitations posed by analogue radio communications. Therefore,
aviation globally and the European Union (EU) in particular, strives aviation globally and the European Union (EU) in particular, strives
skipping to change at page 4, line 43 skipping to change at page 4, line 46
DCCH Dedicated Control Channel DCCH Dedicated Control Channel
DCH Data Channel DCH Data Channel
DLL Data Link Layer DLL Data Link Layer
DLS Data Link Service DLS Data Link Service
DME Distance Measuring Equipment DME Distance Measuring Equipment
DSB-AM Double Side-Band Amplitude Modulation DSB-AM Double Side-Band Amplitude Modulation
FCI Future Communication Infrastructure FCI Future Communication Infrastructure
FL Forward Link FL Forward Link
GNSS Global Navigation Satellite System GNSS Global Navigation Satellite System
GS Ground-Station GS Ground-Station
GSC Ground-Station Controller
G2A Ground-to-Air G2A Ground-to-Air
HF High Frequency HF High Frequency
ICAO International Civil Aviation Organization ICAO International Civil Aviation Organization
IP Internet Protocol IP Internet Protocol
kbit/s kilobit per second kbit/s kilobit per second
LDACS L-band Digital Aeronautical Communications System LDACS L-band Digital Aeronautical Communications System
LLC Logical Link Control LLC Logical Link Control
LME LDACS Management Entity LME LDACS Management Entity
MAC Medium Access Layer MAC Medium Access Layer
MF Multi Frame MF Multi Frame
skipping to change at page 8, line 10 skipping to change at page 8, line 10
In addition to standardization activities several industrial LDACS In addition to standardization activities several industrial LDACS
prototypes have been built. One set of LDACS prototypes has been prototypes have been built. One set of LDACS prototypes has been
evaluated in flight trials confirming the theoretical results evaluated in flight trials confirming the theoretical results
predicting the system performance [GRA2018] [SCH20191]. predicting the system performance [GRA2018] [SCH20191].
5. Applicability 5. Applicability
LDACS is a multi-application cellular broadband system capable of LDACS is a multi-application cellular broadband system capable of
simultaneously providing various kinds of Air Traffic Services simultaneously providing various kinds of Air Traffic Services
(including ATS-B3) and AOC communications services from deployed (including ATS-B3) and AOC communications services from deployed
Ground-Stations (GS). The LDACS A2G sub-system physical layer and Ground-Stations (GS). The A2G sub-system physical layer and data
data link layer are optimized for data link communications, but the link layer of LDACS are optimized for data link communications, but
system also supports digital air-ground voice communications. the system also supports digital air-ground voice communications.
LDACS supports communication in all airspaces (airport, terminal LDACS supports communication in all airspaces (airport, terminal
maneuvering area, and en-route), and on the airport surface. The maneuvering area, and en-route), and on the airport surface. The
physical LDACS cell coverage is effectively de-coupled from the physical LDACS cell coverage is effectively de-coupled from the
operational coverage REQUIRED for a particular service. This is new operational coverage REQUIRED for a particular service. This is new
in aeronautical communications. Services requiring wide-area in aeronautical communications. Services requiring wide-area
coverage can be installed at several adjacent LDACS cells. The coverage can be installed at several adjacent LDACS cells. The
handover between the involved LDACS cells is seamless, automatic, and handover between the involved LDACS cells is seamless, automatic, and
transparent to the user. Therefore, the LDACS A2G communications transparent to the user. Therefore, the LDACS A2G communications
concept enables the aeronautical communication infrastructure to concept enables the aeronautical communication infrastructure to
skipping to change at page 11, line 22 skipping to change at page 11, line 22
AOC communication is considered the main business case for LDACS AOC communication is considered the main business case for LDACS
communication service providers since modern aircraft generate communication service providers since modern aircraft generate
significant amounts of data (e.g., engine maintenance data). significant amounts of data (e.g., engine maintenance data).
5.2.5. LDACS Navigation 5.2.5. LDACS Navigation
Beyond communication radio signals can always also be used for Beyond communication radio signals can always also be used for
navigation. LDACS takes this into account. navigation. LDACS takes this into account.
For future aeronautical navigation, ICAO recommends the further For future aeronautical navigation, ICAO RECOMMENDS the further
development of GNSS based technologies as primary means for development of GNSS based technologies as primary means for
navigation. However, the drawback of GNSS is its inherent single navigation. However, the drawback of GNSS is its inherent single
point of failure - the satellite. Due to the large separation point of failure - the satellite. Due to the large separation
between navigational satellites and aircraft, the received power of between navigational satellites and aircraft, the received power of
GNSS signals on the ground is very low. As a result, GNSS GNSS signals on the ground is very low. As a result, GNSS
disruptions might occasionally occur due to unintentional disruptions might occasionally occur due to unintentional
interference, or intentional jamming. Yet the navigation services interference, or intentional jamming. Yet the navigation services
MUST be available with sufficient performance for all phases of MUST be available with sufficient performance for all phases of
flight. Therefore, during GNSS outages, or blockages, an alternative flight. Therefore, during GNSS outages, or blockages, an alternative
solution is needed. This is commonly referred to as Alternative solution is needed. This is commonly referred to as Alternative
skipping to change at page 13, line 42 skipping to change at page 13, line 42
The current LDACS design is focused on the specification of layer 2. The current LDACS design is focused on the specification of layer 2.
Achieving stringent the continuity, availability, and integrity Achieving stringent the continuity, availability, and integrity
requirements defined in [DO350A] will require the specification of requirements defined in [DO350A] will require the specification of
layer 3 and above mechanisms (e.g. reliable crossover at the IP layer 3 and above mechanisms (e.g. reliable crossover at the IP
layer). Fault management mechanisms are similarly undefined. Input layer). Fault management mechanisms are similarly undefined. Input
from the working group will be appreciated here. from the working group will be appreciated here.
7.1. LDACS Sub-Network 7.1. LDACS Sub-Network
An LDACS sub-network contains an Access Router (AR), a Ground-Station An LDACS sub-network contains an Access Router (AR) and several GS,
Controller (GSC), and several GS, each of them providing one LDACS each of them providing one LDACS radio cell.
radio cell.
User plane interconnection to the ATN is facilitated by the AR User plane interconnection to the ATN is facilitated by the AR
peering with an A2G Router connected to the ATN. It is up to peering with an A2G Router connected to the ATN.
implementer's choice to keep AR and A2G Router functions separated,
or to merge them.
The internal control plane of an LDACS sub-network is managed by the The internal control plane of an LDACS sub-network interconnects the
GSC. An LDACS sub-network is illustrated in Figure 1. GS. An LDACS sub-network is illustrated in Figure 1.
wireless user wireless user
link plane link plane
A--------------G----------------AR---A2G-----ATN AS-------------GS---------------AR---A2G-----ATN
S..............S | Router . | Router
. control . | . control |
. plane . | . plane |
. . | . |
GSC..............| GS...............|
. | . |
. | . |
GS---------------+ GS---------------+
Figure 1: LDACS sub-network with two GSs and one AS Figure 1: LDACS sub-network with three GSs and one AS
7.2. Topology 7.2. Topology
LDACS operating in A2G mode is a cellular point-to-multipoint system. LDACS operating in A2G mode is a cellular point-to-multipoint system.
The A2G mode assumes a star-topology in each cell where Aircraft The A2G mode assumes a star-topology in each cell where Aircraft
Stations (AS) belonging to aircraft within a certain volume of space Stations (AS) belonging to aircraft within a certain volume of space
(the LDACS cell) is connected to the controlling GS. The LDACS GS is (the LDACS cell) is connected to the controlling GS. The LDACS GS is
a centralized instance that controls LDACS A2G communications within a centralized instance that controls LDACS A2G communications within
its cell. The LDACS GS can simultaneously support multiple bi- its cell. The LDACS GS can simultaneously support multiple bi-
directional communications to the ASs under its control. LDACS's GSs directional communications to the ASs under its control. LDACS's GSs
themselves are connected to a GSC controlling the LDACS sub-network. themselves are connected to each other and the AR.
Prior to utilizing the system an AS has to register with the Prior to utilizing the system an AS has to register with the
controlling GS to establish dedicated logical channels for user and controlling GS to establish dedicated logical channels for user and
control data. Control channels have statically allocated resources, control data. Control channels have statically allocated resources,
while user channels have dynamically assigned resources according to while user channels have dynamically assigned resources according to
the current demand. Logical channels exist only between the GS and the current demand. Logical channels exist only between the GS and
the AS. the AS.
The LDACS wireless link protocol stack defines two layers, the The LDACS wireless link protocol stack defines two layers, the
physical layer and the data link layer. physical layer and the data link layer.
skipping to change at page 15, line 27 skipping to change at page 15, line 27
provides acknowledged point-to-point logical channels between the provides acknowledged point-to-point logical channels between the
aircraft and the GS using an automatic repeat request protocol. aircraft and the GS using an automatic repeat request protocol.
LDACS supports also unacknowledged point-to-point channels and G2A LDACS supports also unacknowledged point-to-point channels and G2A
broadcast. broadcast.
7.5. LDACS Mobility 7.5. LDACS Mobility
LDACS supports layer 2 handovers to different LDACS channels. LDACS supports layer 2 handovers to different LDACS channels.
Handovers MAY be initiated by the aircraft (break-before-make) or by Handovers MAY be initiated by the aircraft (break-before-make) or by
the GS (make-before-break). Make-before-break handovers are only the GS (make-before-break). Make-before-break handovers are only
supported for GSs connected to the same GSC. supported for GSs connected to each other.
External handovers between non-connected LDACS sub-networks or External handovers between non-connected LDACS sub-networks or
different aeronautical data links SHALL be handled by the FCI multi- different aeronautical data links SHALL be handled by the FCI multi-
link concept. link concept.
8. Reliability and Availability 8. Reliability and Availability
8.1. Layer 2 8.1. Layer 2
LDACS has been designed with applications related to the safety and LDACS has been designed with applications related to the safety and
skipping to change at page 18, line 22 skipping to change at page 18, line 22
this quite hard. The deployment of a larger number of small cells is this quite hard. The deployment of a larger number of small cells is
certainly possible, suffers, however, also from the scarcity of certainly possible, suffers, however, also from the scarcity of
spectrum. An additional constraint to take into account, is that spectrum. An additional constraint to take into account, is that
Distance Measuring Equipment (DME) is the primary user of the Distance Measuring Equipment (DME) is the primary user of the
aeronautical L-band. That is, any LDACS deployment has to take DME aeronautical L-band. That is, any LDACS deployment has to take DME
frequency planning into account, too. frequency planning into account, too.
The aeronautical community has therefore decided not to rely on a The aeronautical community has therefore decided not to rely on a
single communication system or frequency band. It is envisioned to single communication system or frequency band. It is envisioned to
have multiple independent data link technologies in the aircraft have multiple independent data link technologies in the aircraft
(e.g., terrestrial and SatCom) in addition to legacy VHF voice. (e.g., terrestrial and satellite communications) in addition to
legacy VHF voice.
However, as of now no reliability and availability mechanisms that However, as of now no reliability and availability mechanisms that
could utilize the multi-link have been specified on Layer 3 and could utilize the multi-link have been specified on Layer 3 and
above. above.
Below Layer 2 aeronautics usually relies on hardware redundancy. To Below Layer 2 aeronautics usually relies on hardware redundancy. To
protect availability of the LDACS link, an aircraft equipped with protect availability of the LDACS link, an aircraft equipped with
LDACS will have access to two L-band antennae with triple redundant LDACS will have access to two L-band antennae with triple redundant
radio systems as REQUIRED for any safety relevant system by ICAO. radio systems as REQUIRED for any safety relevant aeronautical
systems by ICAO.
9. Protocol Stack 9. Protocol Stack
The protocol stack of LDACS is implemented in the AS, GS, and GSC: It The protocol stack of LDACS is implemented in the AS and GS: It
consists of the Physical Layer (PHY) with five major functional consists of the Physical Layer (PHY) with five major functional
blocks above it. Four are placed in the Data Link Layer (DLL) of the blocks above it. Four are placed in the Data Link Layer (DLL) of the
AS and GS: (1) Medium Access Layer (MAC), (2) Voice Interface (VI), AS and GS: (1) Medium Access Layer (MAC), (2) Voice Interface (VI),
(3) Data Link Service (DLS), and (4) LDACS Management Entity (LME). (3) Data Link Service (DLS), and (4) LDACS Management Entity (LME).
The last entity resides within the Sub-Network Layer: Sub-Network The last entity resides within the Sub-Network Layer: Sub-Network
Protocol (SNP). The LDACS network is externally connected to voice Protocol (SNP). The LDACS network is externally connected to voice
units, radio control units, and the ATN Network Layer. units, radio control units, and the ATN Network Layer.
Figure 2 shows the protocol stack of LDACS as implemented in the AS Figure 2 shows the protocol stack of LDACS as implemented in the AS
and GS. and GS.
skipping to change at page 19, line 41 skipping to change at page 19, line 41
((*)) ((*))
FL/RL radio channels FL/RL radio channels
separated by separated by
Frequency Division Duplex Frequency Division Duplex
Figure 2: LDACS protocol stack in AS and GS Figure 2: LDACS protocol stack in AS and GS
9.1. MAC Entity Services 9.1. MAC Entity Services
The MAC time framing service provides the frame structure necessary The MAC time framing service provides the frame structure necessary
to realize slot-based Time Division Multiplex access on the physical to realize slot-based Time Division Multiplex (TDM) access on the
link. It provides the functions for the synchronization of the MAC physical link. It provides the functions for the synchronization of
framing structure and the PHY Layer framing. The MAC time framing the MAC framing structure and the PHY Layer framing. The MAC time
provides a dedicated time slot for each logical channel. framing provides a dedicated time slot for each logical channel.
The MAC Sub-Layer offers access to the physical channel to its The MAC Sub-Layer offers access to the physical channel to its
service users. Channel access is provided through transparent service users. Channel access is provided through transparent
logical channels. The MAC Sub-Layer maps logical channels onto the logical channels. The MAC Sub-Layer maps logical channels onto the
appropriate slots and manages the access to these channels. Logical appropriate slots and manages the access to these channels. Logical
channels are used as interface between the MAC and LLC Sub-Layers. channels are used as interface between the MAC and LLC Sub-Layers.
The LDACS framing structure for FL and RL is based on Super-Frames The LDACS framing structure for FL and RL is based on Super-Frames
(SF) of 240 ms duration. Each SF corresponds to 2000 OFDM symbols. (SF) of 240 ms duration. Each SF corresponds to 2000 OFDM symbols.
The FL and RL SF boundaries are aligned in time (from the view of the The FL and RL SF boundaries are aligned in time (from the view of the
skipping to change at page 22, line 19 skipping to change at page 22, line 19
party line) or MAY be created on demand. The creation and selection party line) or MAY be created on demand. The creation and selection
of voice circuits is performed in the LME. The VI provides only the of voice circuits is performed in the LME. The VI provides only the
transmission services. transmission services.
9.4. LME Services 9.4. LME Services
The mobility management service in the LME provides support for The mobility management service in the LME provides support for
registration and de-registration (cell entry and cell exit), scanning registration and de-registration (cell entry and cell exit), scanning
RF channels of neighboring cells and handover between cells. In RF channels of neighboring cells and handover between cells. In
addition, it manages the addressing of aircraft/ ASs within cells. addition, it manages the addressing of aircraft/ ASs within cells.
It is controlled by the network management service in the GSC.
The resource management service provides link maintenance (power, The resource management service provides link maintenance (power,
frequency and time adjustments), support for adaptive coding and frequency and time adjustments), support for adaptive coding and
modulation, and resource allocation. modulation, and resource allocation.
9.5. SNP Services 9.5. SNP Services
The DLS provides functions REQUIRED for the transfer of user plane The DLS provides functions REQUIRED for the transfer of user plane
data and control plane data over the LDACS sub-network. data and control plane data over the LDACS sub-network.
The security service provides functions for secure communication over The security service provides functions for secure communication over
the LDACS sub-network. Note that the SNP security service applies the LDACS sub-network. Note that the SNP security service applies
cryptographic measures as configured by the GSC. cryptographic measures as configured by the GS.
10. Security Considerations 10. Security Considerations
10.1. Reasons for Wireless Digital Aeronautical Communications 10.1. Reasons for Wireless Digital Aeronautical Communications
Aviation will require secure exchanges of data and voice messages for Aviation will require secure exchanges of data and voice messages for
managing the air-traffic flow safely through the airspaces all over managing the air-traffic flow safely through the airspaces all over
the world. Historically Communication Navigation Surveillance (CNS) the world. Historically Communication Navigation Surveillance (CNS)
wireless communications technology emerged from military and a threat wireless communications technology emerged from military and a threat
landscape where inferior technological and financial capabilities of landscape where inferior technological and financial capabilities of
adversaries were assumed [STR2016]. The main communication method adversaries were assumed [STR2016]. The main communication method
for ATC today is still an open analogue voice broadcast within the for ATC today is still an open analogue voice broadcast within the
aeronautical VHF band. Currently, the information security is purely aeronautical VHF band. Currently, the information security is purely
procedural based by using well-trained personnel and proven procedural based by using well-trained personnel and proven
communications procedures. This communication method has been in communications procedures. This communication method has been in
service since 1948. However since the emergence of civil service since 1948. However, since the emergence of civil
aeronautical CNS application and today, the world has changed. First aeronautical CNS application and today, the world has changed. Civil
of all civil applications have significant lower spectrum available applications have significant lower spectrum available than military
than military applications. This means several military defense applications. This means several military defence mechanisms such as
mechanisms such as frequency hopping or pilot symbol scrambling and frequency hopping or pilot symbol scrambling and, thus, a defense-in-
thus a defense-in-depth approach starting at the physical layer is depth approach starting at the physical layer is infeasible for civil
impossible for civil systems. With the rise of cheap Software systems. With the rise of cheap Software Defined Radios, the
Defined Radios, the previously existing financial barrier is almost previously existing financial barrier is almost gone and open source
gone and open source projects such as GNU radio [GNU2012] allow the projects such as GNU radio [GNU2012] allow the new type of
new type of unsophisticated listeners and possible attackers. unsophisticated listeners and possible attackers. Most CNS
Furthermore most CNS technology developed in ICAO relies on open technology developed in ICAO relies on open standards, thus syntax
standards, thus syntax and semantics of wireless digital aeronautical and semantics of wireless digital aeronautical communications SHOULD
communications can be common knowledge for attackers. Finally with be expected to be common knowledge for attackers. With increased
increased digitization and automation of civil aviation the human as digitization and automation of civil aviation the human as control
control instance is being taken gradually out of the loop. instance is being taken gradually out of the loop. Autonomous
Autonomous transport drones or single piloted aircraft demonstrate transport drones or single piloted aircraft demonstrate this trend.
this trend. However without profound cybersecurity measures such as However, without profound cybersecurity measures such as authenticity
authenticity and integrity checks of messages in-transit on the and integrity checks of messages in-transit on the wireless link or
wireless link or mutual entity authentication, this lack of a control mutual entity authentication, this lack of a control instance can
instance can prove disastrous. Thus future digital communications prove disastrous. Thus, future digital communications waveforms will
waveforms will need additional embedded security features to fulfill need additional embedded security features to fulfill modern
modern information security requirements like authentication and information security requirements like authentication and integrity.
integrity. However, these security features require sufficient These security features require sufficient bandwidth which is beyond
bandwidth which is beyond the capabilities of a VHF narrowband the capabilities of a VHF narrowband communications system. For
communications system. For voice and data communications, sufficient voice and data communications, sufficient data throughput capability
data throughput capability is needed to support the security is needed to support the security functions while not degrading
functions while not degrading performance. LDACS is a data link performance. LDACS is a data link technology with sufficient
technology with sufficient bandwidth to incorporate security without bandwidth to incorporate security without losing too much user
losing too much user throughput. throughput.
As digitalization progresses even further with LDACS and automated As digitalization progresses even further with LDACS and automated
procedures such as 4D-Trajectories allowing semi-automated en-route procedures such as 4D-Trajectories allowing semi-automated en-route
flying of aircraft, LDACS requires stronger cybersecurity measures. flying of aircraft, LDACS requires stronger cybersecurity measures.
10.2. Requirements for LDACS 10.2. LADACS Requirements
Overall there are several business goals for cybersecurity to protect Overall there are several business goals for cybersecurity to protect
in FCI in civil aviation: in FCI in civil aviation:
1. Safety: The system MUST sufficiently mitigate attacks, which 1. Safety: The system MUST sufficiently mitigate attacks, which
contribute to safety hazards. contribute to safety hazards.
2. Flight regularity: The system MUST sufficiently mitigate attacks, 2. Flight regularity: The system MUST sufficiently mitigate attacks,
which contribute to delays, diversions, or cancellations of which contribute to delays, diversions, or cancellations of
flights. flights.
3. Protection of business interests: The system MUST sufficiently 3. Protection of business interests: The system MUST sufficiently
mitigate attacks which result in financial loss, reputation mitigate attacks which result in financial loss, reputation
damage, disclosure of sensitive proprietary information, or damage, disclosure of sensitive proprietary information, or
disclosure of personal information. disclosure of personal information.
To further analyze assets and derive threats and thus protection To further analyze assets and derive threats and thus protection
scenarios several Threat-and Risk Analysis were performed for LDACS scenarios several Threat-and Risk Analysis were performed for LDACS
[MAE20181] , [MAE20191]. These results allowed deriving security [MAE20181] , [MAE20191]. These results allowed deriving security
scope and objectives from the requirements and the conducted Threat- scope and objectives from the requirements and the conducted Threat-
and Risk Analysis. and Risk Analysis.
10.3. Security Objectives for LDACS 10.3. LDACS Security Objectives
Security considerations for LDACS are defined by the official Security considerations for LDACS are defined by the official
Standards And Recommended Practices document by ICAO [ICA2018]: Standards And Recommended Practices (SARPS) document by ICAO
[ICA2018]:
1. LDACS SHALL provide a capability to protect the availability and 1. LDACS SHALL provide a capability to protect the availability and
continuity of the system. continuity of the system.
2. LDACS SHALL provide a capability including cryptographic 2. LDACS SHALL provide a capability including cryptographic
mechanisms to protect the integrity of messages in transit. mechanisms to protect the integrity of messages in transit.
3. LDACS SHALL provide a capability to ensure the authenticity of 3. LDACS SHALL provide a capability to ensure the authenticity of
messages in transit. messages in transit.
4. LDACS SHOULD provide a capability for nonrepudiation of origin 4. LDACS SHOULD provide a capability for nonrepudiation of origin
for messages in transit. for messages in transit.
5. LDACS SHOULD provide a capability to protect the confidentiality 5. LDACS SHOULD provide a capability to protect the confidentiality
of messages in transit. of messages in transit.
6. LDACS SHALL provide an authentication capability. 6. LDACS SHALL provide an authentication capability.
7. LDACS SHALL provide a capability to authorize the permitted 7. LDACS SHALL provide a capability to authorize the permitted
actions of users of the system and to deny actions that are not actions of users of the system and to deny actions that are not
explicitly authorized. explicitly authorized.
8. If LDACS provides interfaces to multiple domains, LDACS SHALL 8. If LDACS provides interfaces to multiple domains, LDACS SHALL
provide capability to prevent the propagation of intrusions within provide capability to prevent the propagation of intrusions within
LDACS domains and towards external domains. LDACS domains and towards external domains.
10.4. Security Functions for LDACS 10.4. LDACS Security Functions
These objectives were used to derive several security functions for These objectives were used to derive several security functions for
LDACS REQUIRED to be integrated in the LDACS cybersecurity LDACS REQUIRED to be integrated in the LDACS cybersecurity
architecture: (1) Identification, (2) Authentication, (3) architecture: (1) Identification, (2) Authentication, (3)
Authorization, (4) Confidentiality, (5) System Integrity, (6) Data Authorization, (4) Confidentiality, (5) System Integrity, (6) Data
Integrity, (7) Robustness, (8) Reliability, (9) Availability, and Integrity, (7) Robustness, (8) Reliability, (9) Availability, and
(10) Key and Trust Management. Several works investigated possible (10) Key and Trust Management. Several works investigated possible
measures to implement these security functions [BIL2017], [MAE20181], measures to implement these security functions [BIL2017], [MAE20181],
[MAE20191]. Having identified security requirements, objectives and [MAE20191]. Having identified security requirements, objectives and
functions it MUST be ensured that they are applicable. functions it MUST be ensured that they are applicable.
10.5. Resulting Security Architectural Details 10.5. LDACS Security Architecture
The requirements lead to a LDACS security model including different The requirements lead to a LDACS security model including different
entities for identification, authentication and authorization entities for identification, authentication and authorization
purposes ensuring integrity, authenticity and confidentiality of data purposes ensuring integrity, authenticity and confidentiality of data
in-transit especially. in-transit especially.
10.5.1. Entities in LDACS Security Model 10.5.1. Entities
A simplified LDACS architectural modelrequires the following A simplified LDACS architectural modelrequires the following
entities: Network operators such as the Societe Internationale de entities: Network operators such as the Societe Internationale de
Telecommunications Aeronautiques (SITA) [SIT2020] and ARINC [ARI2020] Telecommunications Aeronautiques (SITA) [SIT2020] and ARINC [ARI2020]
are providing access to the (1) Ground IPS network via an (2) A2G are providing access to the (1) Ground IPS network via an (2) A2G
LDACS Router. This router is attached to a closed off LDACS Access LDACS Router. This router is attached to a closed off LDACS Access
Network (3) which connects via further (4) Access Routers to the Network, (3) which connects via further (4) Access Routers to the
different (5) LDACS Cell Ranges, each controlled by a (6) GSC and different (5) LDACS Cell Ranges, each controlled by a (6) GS (serving
spanning a local LDACS Access Network connecting to the (7) GSs that one LDACS cell), with several interconnected GS (7) spanning a local
serve one LDACS cell. Via the (8) A2G wireless LDACS data link (9) LDACS access network. Via the (8) A2G wireless LDACS data link (9)
AS the aircraft is connected to the ground network and via the (10) AS the aircraft is connected to the ground network and via the (10)
aircrafts's VI and (11) aircraft's network interface, aircraft's data aircrafts's VI and (11) aircraft's network interface, aircraft's data
can be sent via the AS back to the GS and the forwarded back via GSC, can be sent via the AS back to the GS and the forwarded back via GSC,
LDACS local access network, access routers, LDACS access network, A2G LDACS local access network, access routers, LDACS access network, A2G
LDACS router to the ground IPS network. LDACS router to the ground IPS network.
10.5.2. Matter of LDACS Entity Identification 10.5.2. Entity Identification
LDACS needs specific identities for (1) the AS, (2) the GS, (3) the LDACS needs specific identities for (1) the AS, (2) the GS, (3) the
GSC and (4) the Network Operator. The aircraft itself can be GS, and (4) the Network Operator. The aircraft itself can be
identified using the ICAO unique address of an aircraft, the call identified using the ICAO unique address of an aircraft, the call
sign of that aircraft or the recently founded Privacy ICAO Address sign of that aircraft or the recently founded Privacy ICAO Address
(PIA) program [FAA2020]. It is conceivable that the LDACS AS will (PIA) program [FAA2020]. It is conceivable that the LDACS AS will
use a combination of aircraft identification, radio component use a combination of aircraft identification, radio component
identification such as MAC addresses and even operator features identification such as MAC addresses and even operator features
identification to create a unique AS LDACS identification tag. identification to create a unique AS LDACS identification tag.
Similar to a 4G's eNodeB Serving Network (SN) Identification tag, a Similar to a 4G's eNodeB Serving Network (SN) Identification tag, a
GS could be identified using a similar field. And again similar to GS could be identified using a similar field. The identification of
4G's Mobility Management Entities (MME), a GSC could be identified the network operator is again similar to 4G (e.g., E-Plus, AT&T, and
using similar identification fields within the LDACS network. The TELUS), in the way that the aeronautical network operators are listed
identification of the network operator is again similar to 4G (e.g., (e.g., ARINC [ARI2020] and SITA [SIT2020]).
E-Plus, AT&T, and TELUS), in the way that the aeronautical network
operators are listed (e.g., ARINC [ARI2020] and SITA [SIT2020]).
10.5.3. Matter of LDACS Entity Authentication and Key Negotiation 10.5.3. Entity Authentication and Key Negotiation
In order to anchor Trust within the system all LDACS entities In order to anchor Trust within the system all LDACS entities
connected to the ground IPS network SHALL be rooted in an LDACS connected to the ground IPS network SHALL be rooted in an LDACS
specific chain-of-trust and PKI solution, quite similar to AeroMACS specific chain-of-trust and PKI solution, quite similar to AeroMACS
approach [CRO2016]. These X.509 certificates [RFC5280] residing at approach [CRO2016]. These X.509 certificates [RFC5280] residing at
the entities and incorporated in the LDACS PKI proof the ownership of the entities and incorporated in the LDACS PKI proof the ownership of
their respective public key, include information about the identity their respective public key, include information about the identity
of the owner and the digital signature of the entity that has of the owner and the digital signature of the entity that has
verified the certificate's content. First all ground infrastructures verified the certificate's content. First all ground infrastructures
MUST mutually authenticate to each other, negotiate and derive keys MUST mutually authenticate to each other, negotiate and derive keys
skipping to change at page 26, line 14 skipping to change at page 26, line 19
established methods to secure user plane by IPSec [RFC4301] and IKEv2 established methods to secure user plane by IPSec [RFC4301] and IKEv2
[RFC7296] or the application layer via TLS 1.3 [RFC8446] are [RFC7296] or the application layer via TLS 1.3 [RFC8446] are
conceivable. The LDACS PKI with their chain-of-trust approach, conceivable. The LDACS PKI with their chain-of-trust approach,
digital certificates and public entity keys lay the groundwork for digital certificates and public entity keys lay the groundwork for
this step. In a second step the AS with the LDACS radio approaches this step. In a second step the AS with the LDACS radio approaches
an LDACS cell and performs a cell entry with the corresponding GS. an LDACS cell and performs a cell entry with the corresponding GS.
Similar to the LTE cell attachment process [TS33.401], where Similar to the LTE cell attachment process [TS33.401], where
authentication happens after basic communication has been enabled authentication happens after basic communication has been enabled
between AS and GS (step 5a in the UE attachment process [TS33.401]), between AS and GS (step 5a in the UE attachment process [TS33.401]),
the next step is mutual authentication and key exchange. Hence, in the next step is mutual authentication and key exchange. Hence, in
step three using the identity based Station-to-Station (STS) protocol step three using the identity-based Station-to-Station (STS) protocol
with Diffie-Hellman Key Exchange [MAE2020], AS and GS establish with Diffie-Hellman Key Exchange [MAE2020], AS and GS establish
mutual trust by authenticating each other, exchanging key material mutual trust by authenticating each other, exchanging key material
and finally both ending up with derived key material. A key and finally, both ending up with derived key material. A key
confirmation is mandatory before the communication channel between confirmation is mandatory before the communication channel between
the AS and the GS can be opened for user-data communications. the AS and the GS can be opened for user-data communications.
10.5.4. Matter of LDACS Message-in-transit Confidentiality, Integrity 10.5.4. Message-in-transit Confidentiality, Integrity and Authenticity
and Authenticity
The subsequent key material from the previous step can then be used The subsequent key material from the previous step can then be used
to protect LDACS Layer 2 communications via applying encryption and to protect LDACS Layer 2 communications via applying encryption and
integrity protection measures on the SNP layer of the LDACS protocol integrity protection measures on the SNP layer of the LDACS protocol
stack. As LDACS transports AOC and ATS data, the integrity of that stack. As LDACS transports AOC and ATS data, the integrity of that
data is most important, while confidentiality only needs to be data is most important, while confidentiality only needs to be
applied to AOC data to protect business interests [ICA2018]. This applied to AOC data to protect business interests [ICA2018]. This
possibility of providing low layered confidentiality and integrity possibility of providing low layered confidentiality and integrity
protection ensures a secure delivery of user data over the air gap. protection ensures a secure delivery of user data over the air gap.
Furthermore it ensures integrity protection of LDACS control data. Furthermore, it ensures integrity protection of LDACS control data.
10.6. Security Modules for LDACS 10.6. LDACS Security Modules
A draft of the cybersecurity architecture of LDACS can be found in A draft of the cybersecurity architecture of LDACS can be found in
[ICA2018] and [MAE20182] and respective updates in [MAE20191], [ICA2018] and [MAE20182] and respective updates in [MAE20191],
[MAE20192], and [MAE2020]. It proposes the use of an own LDACS PKI, [MAE20192], and [MAE2020].
identity management based on aircraft identities and network operator
identities (e.g., SITA and ARINC), public key certificates 10.6.1. Placements of Security Functionality in Protocol Stack
incorporated in the PKI based chain-of-trust and stored in the
entities allowing for mutual authentication and key exchange Placing protection mechanisms in the LME and SNP entities within the
procedures, key derivation mechanisms for perfect forward secrecy and protocol stack of LDACS will be most efficient in securing LDACS.
user/control plane message-in-transit integrity and confidentiality MAC and DLS will also receive new tasks like the measurement
protection. This secures data traveling over the airgap between AS performance for control channel protection. Security endpoints for
and GS and also between GS and ANSP regardless of the secure or secure user data communication, control data protection and primary
unsecure nature of application data. Of course application data entity authentication are the AS and GS.
itself MUST be additionally secured to achieve end-to-end security
(secure dialogue service), however the LDACS datalinks aims to 10.6.2. Trust
provide an additional layer of protection just for this network
segment. The LDACS security concept requires all entities in an LDACS network
to authenticate to each other to ascertain that only trusted
participants can use the system. To establish trust within the
network, inter-operations between all FCI candidates must be
possible, thus LDACS will follow AeroMACS lead and also use an FCI
specific PKI [RFC5280]. A PKI can solve the problem of having to
trust a communication's partner identity claim via involving a
trusted third party who verifies the identities of the parties who
wish to engage in communication via issuing a digital certificate.
As aviation operates worldwide, a hierarchical PKI will have to be
deployed with several sub-CAs being distributed over the world.
Basically, there are two proposals on how to achieve worldwide trust
coverage:
1. One root CA is installed per geographic region and then it
performs cross-certification with distributed root-CAs of all
other geo-graphic regions around the world. Subdomains can exist
within ATM organizations. Here trust emerges from the assured
trustworthiness of each regional root CA cross-certifying other
and being cross-certified by other regional CAs
2. The other idea is to have one worldwide (probably offline) root
CA, hosted by a trusted worldwide entity, such as ICAO, with
several regions sub-CAs distributed around the world. That way,
the ICAO hosted root CA serves as trust bridge.
10.6.3. Mutual Authentication and Key Exchange (MAKE)
Via a modified, identity-based STS procedure and digital certificate
and public keys pre-deployed during maintenance at the respective
end-entities, the MAKE procedure can guarantee (1) Mutual
Authentication, (2) Secure Key Agreement, (3) Prefect Forward Secrecy
and (4) Key Confirmation [MAE2020]. As Diffie-Hellman Key Exchange
(DHKE) procedure, we are currently evaluating the classic ephemeral
DHKE [DIF1976] with 3072bit keys, Elliptic Curve DHKE (ECDH) with
256bit keys [KOB1987] and the Supersingular Isogeny DHKE (SIDH) with
2624bit key sizes [JAO2011]. As minimization of security data on the
datalink is key, ECDH is currently the favorite way forward.
Assuming that an LDACS security header consists of TYPE, ID, UA and
PRIO fields, the entire header is of length 48bit [GRA2019].
Cryptographic nonces are 96bit long, signatures 512bit and the public
elliptic curve Diffie-Hellman keys 256bit. With these bit sizes, the
entire STS-MAKE procedure between AS and GS requires a total of 4
messages and 1920bit [MAE2021].
10.6.4. Key Derivation and Key Hierarchy
Once all parties within the network have successfully authenticated
to each other, key derivation is necessary to generate different keys
for different purposes. We need different keys for user data
protection and keys for control data protection. As key derivation
function, we propose the Hash-based Message Authentication Code
(HMAC) Key Derivation Function (KDF) - HKDF [RFC5869]. First the
input keying material (here: master key/static Diffie Hellman shared
key) is taken and a fixed-length pseudo-random key is extracted. We
extract a pseudorandom key from the master key by adding a salt
value, which can be any fixed non-secret string chosen at random. In
the process the pseudo random key becomes indistinguishable from a
uniform distribution of bits. As LDACS will be deployed in 2024 with
a recommendation of a minimum-security level of 128bit.
10.6.5. User Data Security
It is proposed to secure LDACS Sub-Network Packet Data Units (SN-
PDU)s, as their size can vary from 128 to 1536 Byte [GRA2019], which
makes them possibly the largest PDUs within LDACS. This helps
minimizing security data overhead, in case a Message Authentication
Code (MAC) tag is attached to the SN-PDU. For confidentiality
protection, it is RECOMMENDED symmetric approaches for data
encryption, due to low computational overhead and fast operation
times. As encryption algorithm, it is RECOMMENDED to use AES-128-
GCM/AES-256-GCM [RFC5288] with Galois Counter Mode (GCM) being a mode
of operation on symmetric key block. It provides authenticated
encryption and decryption operations and it proves robust against
currently known quantum-computer-based algorithms [BER2017]. For
message integrity/authenticity protection, it is RECOMMENDED either
to use the aforementioned AES-GCM with tag lengths of at least 128bit
or HMAC with hash-functions from the SHA-3 family [PRI2014]. At
least HMAC-SHA3-128 with a tag length of 128bit is RECOMMENDED. This
way the tag security data overhead ranges from 1.04 to 12.50% for
user data, depending on the SN-PDU size.
10.6.6. Control Data Security
LDACS has four control channels: AS announce their existence in the
RA, at the beginning of each SF in the RL, where each AS can transmit
56bit. GS announce their existence in the BC, at the beginning of
each SF in the FL, where the GS can transmit a total of 2304bit. AS
can request resources in the DC, where each AS has an 83bit long slot
and GS can grant those resources in the CC, with 728bit per CC-PHY-
SDU. As the control channels of LDACS are very small-size, it is
obvious that protection is challenging. Having security requirements
in mind it is RECOMMENDED to introduce group key mechanisms for
LDACS. Thus, after the MAKE procedure of LDACS, a control plane
related group key is derived by the GS and shared with all AS in a
protected manner. As group key procedure, several approaches are
investigated (e.g., G-IKEv2 [I-D.ietf-ipsecme-g-ikev2], CRGT
[ZHE2007], CAKE [GUG2018], LKH [SAK2014], and OFT [KUM2020]). As OFT
has the least requirements on network operations compared to the
other, LDACS will use OFT with a fixed tree of 512-member nodes for a
maximum of 512 supported AS in an LDACS cell. All AS and GS use this
group key to protect the exchanged control data in the CC/DC slots.
As these messages remain valid for a time period in the order of 10
ms and the transmission is distance bound by the MAC protocol of
LDACS, very small digest tags of 16 or 32bit can suffice to protect a
minimum of integrity of control messages of LDACS. To that end, it
is proposed to use blake2b or blake2s and to trim the tag after 4
bytes [RFC7693].
11. Privacy Considerations 11. Privacy Considerations
LDACS provides a Quality-of-Service, and the generic considerations LDACS provides a Quality-of-Service, and the generic considerations
for such mechanisms apply. for such mechanisms apply.
12. IANA Considerations 12. IANA Considerations
This memo includes no request to IANA. This memo includes no request to IANA.
skipping to change at page 27, line 51 skipping to change at page 30, line 19
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/info/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand
Key Derivation Function (HKDF)", RFC 5869,
DOI 10.17487/RFC5869, May 2010,
<https://www.rfc-editor.org/info/rfc5869>.
[RFC5288] Salowey, J., Choudhury, A., and D. McGrew, "AES Galois
Counter Mode (GCM) Cipher Suites for TLS", RFC 5288,
DOI 10.17487/RFC5288, August 2008,
<https://www.rfc-editor.org/info/rfc5288>.
[RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, DOI 10.17487/RFC7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>.
15. Informative References 15. Informative References
[SCHN2016] Schneckenburger, N., Jost, T., Shutin, D., Walter, M., [SCHN2016] Schneckenburger, N., Jost, T., Shutin, D., Walter, M.,
Thiasiriphet, T., Schnell, M., and U.C. Fiebig, Thiasiriphet, T., Schnell, M., and U.C. Fiebig,
"Measurement of the L-band Air-to-Ground Channel for "Measurement of the L-band Air-to-Ground Channel for
Positioning Applications", IEEE Transactions on Aerospace Positioning Applications", IEEE Transactions on Aerospace
and Electronic Systems, 52(5), pp.2281-229 , 2016. and Electronic Systems, 52(5), pp.2281-229 , 2016.
[MAE20191] Maeurer, N., Graeupl, T., and C. Schmitt, "Evaluation of [MAE20191] Maeurer, N., Graeupl, T., and C. Schmitt, "Evaluation of
the LDACS Cybersecurity Implementation", IEEE 38th Digital the LDACS Cybersecurity Implementation", IEEE 38th Digital
skipping to change at page 30, line 35 skipping to change at page 33, line 13
Aeronautiques", August 2020, <https://www.sita.aero/>. Aeronautiques", August 2020, <https://www.sita.aero/>.
[ARI2020] ARINC, "Aeronautical Radio Incorporated", August 2020, [ARI2020] ARINC, "Aeronautical Radio Incorporated", August 2020,
<https://www.aviation-ia.com/>. <https://www.aviation-ia.com/>.
[DO350A] RTCA SC-214, "Safety and Performance Standard for Baseline [DO350A] RTCA SC-214, "Safety and Performance Standard for Baseline
2 ATS Data Communications (Baseline 2 SPR Standard)", May 2 ATS Data Communications (Baseline 2 SPR Standard)", May
2016, <https://standards.globalspec.com/std/10003192/rtca- 2016, <https://standards.globalspec.com/std/10003192/rtca-
do-350-volume-1-2>. do-350-volume-1-2>.
[DIF1976] Diffie, W. and M. Hellman, "New Directions in
Cryptography", IEEE Transactions on Information Theory,
22(6):644-654 , November 1976.
[KOB1987] Koblitz, N. and M. Hellman, "Elliptic Curve
Cryptosystems", Mathematics of Computation,
48(177):203-209. , January 1987.
[JAO2011] Jao, D. and L. De Feo, "Towards Quantum-Resistant
Cryptosystems from Super-singular Elliptic Curve
Isogenies", 4th International Workshop on Post-Quantum
Cryptography, Springer, Heidelberg, Germany, pp. 19-34 ,
November 2011.
[MAE2021] Maeurer, N., Graeupl, T., and C. Schmitt, "Cybersecurity
for the L-band DigitalAeronautical Communications System
(LDACS)", Aviation Cybersecurity: Foundations, Principles,
and Applications. H. Song, K. Hopkinson, T. De Cola, T.
Alexandrovich, and D. Liu (Eds.), Chapter 07, in printing
process , 2021.
[BER2017] Bernstein, D.J. and T. Lange, "Post-Quantum Cryptography",
Nature, 549(7671):188-194 , 2017.
[PRI2014] Pritzker, P. and P.D. Gallagher, "SHA-3 standard:
Permutation-Based Hash and Extendable-Output Functions",
Information Tech Laboratory National Institute of
Standards and Technology, pp. 1-35 , 2014.
[ZHE2007] Zheng, X., Huang, C.T., and M. Matthews, "Chinese
Remainder Theorem-Based Group Key Management", 45th Annual
Southeast Regional Conference, ACM, New York, NY, USA, pp.
266-271 , March 2007.
[GUG2018] Guggemos, T., Streit, K., Knuepfer, M., gentsche Felde,
N., and P. Hillmann, "No Cookies, Just CAKE: CRTbased Key
Hierarchy for Efficient Key Management in Dynamic Groups",
International Conference for Internet Technology and
Secured Transactions, Cambridge, UK, pp. 25-32 , December
2018.
[SAK2014] Sakamoto, N., "An Efficient Structure for LKH Key Tree on
Secure Multi-Cast Communications", 15th IEEE/ACIS
International Conference on Software Engineering,
Artificial Intelligence, Networking and Parallel/
Distributed Computing, New York, NY, USA, pp. 1-7 ,
November 2014.
[KUM2020] Kumar, V., Kumar, R., and S.K. Pandey, "A Computationally
Efficient Centralized Group Key Distribution Protocol for
Secure Multicast Communications Based Upon RSA Public Key
Cryptosystem", Journal of King Saud University - Computer
and Information Sciences, 32(9):1081-1094 , 2020.
[RAW-TECHNOS] [RAW-TECHNOS]
Thubert, P., Cavalcanti, D., Vilajosana, X., Schmitt, C., Thubert, P., Cavalcanti, D., Vilajosana, X., Schmitt, C.,
and J. Farkas, "Reliable and Available Wireless and J. Farkas, "Reliable and Available Wireless
Technologies", Work in Progress, Internet-Draft, draft- Technologies", Work in Progress, Internet-Draft, draft-
ietf-raw-technologies-00, 20 October 2020, ietf-raw-technologies-00, 20 October 2020,
<https://tools.ietf.org/html/draft-ietf-raw-technologies- <https://tools.ietf.org/html/draft-ietf-raw-technologies-
00>. 00>.
[RAW-USE-CASES] [RAW-USE-CASES]
Papadopoulos, G., Thubert, P., Theoleyre, F., and C. Papadopoulos, G., Thubert, P., Theoleyre, F., and C.
Bernardos, "RAW use cases", Work in Progress, Internet- Bernardos, "RAW use cases", Work in Progress, Internet-
Draft, draft-ietf-raw-use-cases-00, 23 October 2020, Draft, draft-ietf-raw-use-cases-00, 23 October 2020,
<https://tools.ietf.org/html/draft-ietf-raw-use-cases-00>. <https://tools.ietf.org/html/draft-ietf-raw-use-cases-00>.
[I-D.ietf-ipsecme-g-ikev2]
Smyslov, V. and B. Weis, "Group Key Management using
IKEv2", Work in Progress, Internet-Draft, draft-ietf-
ipsecme-g-ikev2-02, 11 January 2021,
<https://tools.ietf.org/html/draft-ietf-ipsecme-
g-ikev2-02>.
Appendix A. Selected Information from DO-350A Appendix A. Selected Information from DO-350A
This appendix includes the continuity, availability, and integrity This appendix includes the continuity, availability, and integrity
requirements interesting for LDACS defined in [DO350A]. requirements interesting for LDACS defined in [DO350A].
The following terms are used here: The following terms are used here:
CPDLC Controller Pilot Data Link Communication CPDLC Controller Pilot Data Link Communication
DT Delivery Time (nominal) value for RSP DT Delivery Time (nominal) value for RSP
ET Expiration Time value for RCP ET Expiration Time value for RCP
 End of changes. 42 change blocks. 
121 lines changed or deleted 305 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/