A key agreement scheme for avionics communications security

In order to share the resource and information in a military aircraft, all avionics systems are interconnected using avionics data bus. COMmunications SECurity (COMSEC) is an important issue in an aircraft network. Any intrusion or information leakage will lead to a risk to the military tasks. The key security problem is how to construct a secure link between two AAPs (Avionics Application Processes). Data encryption can protect the confidentiality of transmitted data. By requiring each AAP shares a common key with its partners, those AAPs can encrypt and decrypt the data transmitted among them. Key agreement is the basis of data encryption. An efficient key agreement scheme can save much time and computational resource for avionics networks. This is especially important to a resource constrained UAV (Unmanned Air Vehicle). In this paper, we propose a key agreement scheme for avionics communications security. A secure avionics network consists of many processors, switches, NKMU (Network Key Management Units) and other hardware components connected by LAN. An NKMU is used to distribute key materials for AAPs in the network. In an aircraft, software may come from different suppliers. It is necessary to authenticate AAPs and distribute encryption keys to them. Each AAP registers at an Off-line Registration Authority (RA) to get a signature. Then, this AAP gets its partial private keys from the NKMUs by the signature. After the AAP receiving at least t partial private keys from the NKMUs, it computes its private key. Any two AAPs in the network can establish a shared secret key by using each other's identity and its own private key. With this shared secret key, they can communicate with each other securely at the subsequent data exchange. Finally, we give an analysis of the proposed key agreement scheme.