為了更好地管理海上交通，大多數管理組織機構使用船舶交通管理系統（VTS）。在這些系統中，有一種船舶自動識別系統（AIS）用於船對船通訊，主要使用 AIS 收發機將船舶自身的訊息廣播到附近的 AIS 收發機。由於此訊息是以明文方式廣播的，攻擊者可以輕易地篡改或進行其他攻擊。由於海洋環境的限制，船舶的計算資源有限，因此有必要盡可能降低計算成本，但同時也必須考慮船對船認證在安全性方面的重要性。因此，本論文提出了一種結合對稱加密和非對稱加密的階層式認證和通訊配對協議框架，並透過這個階層式框架建立了一個安全的認證機制。我們提出匿名化航行船舶的身份，以保護其真實身份（例如 MMSI）不被攻擊者竊取。此外，我們提出了一種新的超平面認證方法，可以快速認證群內成員，以實現對其他船舶合法性的有效快速驗證。

To better manage maritime traffic, most management organization agencies use vessel traffic management systems (VTS). Among these, there is an Automatic Identification System (AIS) for vessel-to-vessel communication, which mainly uses AIS transceivers to broadcast their own vessel information to nearby AIS transceivers. Since the information is broadcast in plaintext, attackers can easily tamper with it or perform other attacks. Due to the constraints of the maritime environment, vessels have limited computational resources, so it is necessary to reduce their computing costs as much as possible, but at the same time, the importance of vessel-to-vessel authentication in terms of safety must also be considered. Therefore, this paper proposes a hierarchical framework of authentication and communication pairing protocol that combines symmetric encryption and asymmetric encryption and establishes a secure authentication mechanism through this hierarchical framework. We propose to anonymize the identity of the sailing vessels to protect their real identities (e.g. MMSI) from being stolen by attackers. Additionally, we propose a new hyperplane authentication method that can quickly authenticate members within a group to achieve effective and rapid verification of the legitimacy of the other vessel.

[1] WTO, “Global trade outlook and statistics,” April 2024.
[2] UNCTAD, “The geography of trade and supply chain reconfiguration: Implications for trade, global value chains and maritime transport,” September 2022.
[3] 3rd Generation Partnership Project (3GPP), “Maritime communication services over 3gpp system,” March 2022.
[4] T. Yang, Z. Cui, A. H. Alshehri, M. Wang, K. Gao, and K. Yu, “Distributed maritime transport communication system with reliability and safety based on blockchain and edge computing,” IEEE Transactions on Intelligent Transportation Systems, vol. 24, no. 2, pp. 2296–2306, 2023.
[5] P. A. Lessing, L. J. Bernard, B. J. Tetreault, and J. N. Chaffin, “Use of the automatic identification system (ais) on autonomous weather buoys for maritime domain awareness applications,” in OCEANS 2006, pp. 1–6, 2006.
[6] 3rd Generation Partnership Project (3GPP), “Technical specification group services and system aspects feasibility study on maritime communication services over 3gpp system,” December 2018.
[7] S. Chang, “Development and analysis of ais applications as an efficient tool for vessel traffic service,” in Oceans ’04 MTS/IEEE Techno-Ocean ’04 (IEEE Cat. No.04CH37600), vol. 4, pp. 2249–2253 Vol.4, 2004.
[8] M. Fiorini, “Maritime awareness through data sharing in vts systems,” in 2012 12th International Conference on ITS Telecommunications, pp. 402–407, 2012.
[9] N. Wakabayashi and I. Jurdana, “Maritime communications and remote voyage monitoring,” in 2020 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom), pp. 1–8, 2020.
[10] F. S. Alqurashi, A. Trichili, N. Saeed, B. S. Ooi, and M.-S. Alouini, “Maritime communications: A survey on enabling technologies, opportunities, and challenges,” IEEE Internet of Things Journal, vol. 10, no. 4, pp. 3525–3547, 2023.
[11] S. Hristov, X. Lyu, L. Daniel, A. De Luca, A. Stove, M. Cherniakov, and M. Gashinova, “Ship detection using inmarsat bgan signals,” in International Conference on Radar Systems (Radar 2017),
pp. 1–4, 2017.
[12] ITU-R, “Recommendation itu-r m.1371-5, technical characteristics for an automatic identification system using time division multiple access in the vhf maritime mobile frequency band,” February 2014.
[13] M. R. Averly and J. Suryana, “Cubesat communication system for maritime needs,” in 2020 27th International Conference on Telecommunications (ICT), pp. 1–5, 2020.
[14] H. Idmouida, K. Minaoui, and Z. Guennoun, “Designing ais link based on software defined radio for leo satellites,” in 2022 IEEE Ocean Engineering Technology and Innovation Conference: Management and Conservation for Sustainable and Resilient Marine and Coastal Resources (OETIC),
pp. 88–92, 2022.
[15] F. Lázaro, R. Raulefs, W. Wang, F. Clazzer, and S. Plass, “Vhf data exchange system (vdes): an enabling technology for maritime communications,” in CEAS Space Journal, vol. 11, pp. 55–63, 2019.
[16] M. Balduzzi, A. Pasta, and K. Wilhoit, “A security evaluation of ais automated identification system,” in Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC ’14, (New York, NY, USA), p. 436–445, Association for Computing Machinery, 2014.
[17] E. d’Afflisio, P. Braca, and P. Willett, “Malicious ais spoofing and abnormal stealth deviations: A comprehensive statistical framework for maritime anomaly detection,” IEEE Transactions on
Aerospace and Electronic Systems, vol. 57, no. 4, pp. 2093–2108, 2021.
[18] C. Ray, R. Gallen, C. Iphar, A. Napoli, and A. Bouju, “Deais project: Detection of ais spoofing and resulting risks,” in OCEANS 2015 - Genova, pp. 1–6, 2015.
[19] J. Coleman, F. Kandah, and B. Huber, “Behavioral model anomaly detection in automatic identification systems (ais),” in 2020 10th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0481–0487, 2020.
[20] J. J. Dijkstra and J. Van Mill, “On Sets that Meet Every Hyperplane in n-Space in at Most n Points,”
Bulletin of the London Mathematical Society, vol. 34, pp. 361–368, 05 2002.
[21] M. P. Tucci, “Time-varying parameters: a critical introduction,” Structural Change and Economic Dynamics, vol. 6, no. 2, pp. 237–260, 1995.
[22] Y. Yang, F. chen, X. Zhang, J. Yu, and P. Zhang, “Research on the hash function structures and its application,” Wireless Personal Communications, vol. 94, no. 4, pp. 2969–2985, 2017.
[23] D. Johnson, A. Menezes, and S. Vanstone, “The elliptic curve digital signature algorithm (ecdsa),”
International Journal of Information Security, vol. 1, no. 1, pp. 36–63, 2001.
[24] V. S. Miller, “Use of elliptic curves in cryptography,” in Advances in Cryptology — CRYPTO ’85 Proceedings (H. C. Williams, ed.), (Berlin, Heidelberg), pp. 417–426, Springer Berlin Heidelberg, 1986.
[25] M. Hellman, “New directions in cryptography,” IEEE transactions on Information Theory, vol. 22, no. 6, pp. 644–654, 1976.
[26] M. Bellare and P. Rogaway, “Entity authentication and key distribution,” in Advances in Cryptology
— CRYPTO’ 93 (D. R. Stinson, ed.), (Berlin, Heidelberg), pp. 232–249, Springer Berlin Heidelberg, 1994.
[27] M. Bellare and C. Namprempre, “Authenticated encryption: Relations among notions and analysis of the generic composition paradigm,” Journal of cryptology, vol. 21, no. 4, pp. 469–491, 2008.
[28] G. Hanaoka and H. Imai, “A generic construction of CCA-secure cryptosystems without NIZKP for a bounded number of decryption queries.” Cryptology ePrint Archive, Paper 2006/408, 2006. https://eprint.iacr.org/2006/408.
[29] M. Bellare and P. Rogaway, “Introduction to modern cryptography,” Lecture Notes, 2001.
[30] S. Liu, F. Zhang, and K. Chen, “Public-key encryption scheme with selective opening chosen- ciphertext security based on the decisional diffie–hellman assumption,” Concurrency and Computation: Practice and Experience, vol. 26, no. 8, pp. 1506–1519, 2014.
[31] B. Shani, “On the bit security of elliptic curve diffie–hellman,” in Public-Key Cryptography – PKC 2017 (S. Fehr, ed.), (Berlin, Heidelberg), pp. 361–387, Springer Berlin Heidelberg, 2017.
[32] D. Hankerson and A. Menezes, Elliptic Curve Discrete Logarithm Problem, pp. 397–400. Boston, MA: Springer US, 2011.
[33] A. Aziz, P. Tedeschi, S. Sciancalepore, and R. D. Pietro, “Secureais - securing pairwise vessels communications,” in 2020 IEEE Conference on Communications and Network Security (CNS), pp. 1–9, 2020.
[34] S. Jegadeesan, M. S. Obaidat, P. Vijayakumar, and M. Azees, “Seat: Secure and energy efficient anonymous authentication with trajectory privacy-preserving scheme for marine traffic management,” IEEE Transactions on Green Communications and Networking, vol. 6, no. 2, pp. 815–824, 2022.
[35] M. Y. Chen and H. T. Wu, “An automatic-identification-system-based vessel security system,” IEEE Transactions on Industrial Informatics, vol. 19, no. 1, pp. 870–879, 2023.
[36] F. Maqsood, M. Ahmed, M. M. Ali, and M. A. Shah, “Cryptography: a comparative analysis for modern techniques,” International Journal of Advanced Computer Science and Applications, vol. 8, no. 6, 2017.
[37] M. S. Henriques and N. K. Vernekar, “Using symmetric and asymmetric cryptography to secure communication between devices in iot,” in 2017 International Conference on IoT and Application (ICIOT),
pp. 1–4, 2017.
[38] D. Li and Y. Gallot, “An efficient modular exponentiation proof scheme,” arXiv preprint arXiv:2209.15623, 2022.
[39] E. Lemaire, “Pretty modular symmetric encryption (pmse), compact algorithm for ”embedded cryptography” with quite low computational cost,” arXiv preprint arXiv:1905.08150, 2019.
[40] D. E. Knuth, The Art of Computer Programming: Seminumerical Algorithms, Volume 2. Addison- Wesley Professional, 2014.
[41] A. J. Menezes, P. C. Van Oorschot, and S. A. Vanstone, Handbook of applied cryptography. CRC press, 2018.
[42] Y. Li, “Hardware implementations of elliptic curve cryptography using shift-sub based modular multiplication algorithms,” Cryptography, vol. 7, no. 4, p. 57, 2023.
[43] M. Bufalo, D. Bufalo, and G. Orlando, “Some properties of the computation of the modular inverse with applications in cryptography,” Computation, vol. 11, no. 4, p. 70, 2023.
[44] U. Banerjee and A. P. Chandrakasan, “A low-power bls12-381 pairing cryptoprocessor for internet-of-things security applications,” IEEE Solid-State Circuits Letters, vol. 4, pp. 190–193, 2021.
[45] J. Ku, J. Zhang, H. Shan, S. Samudrala, J. Wu, Q. Zheng, Z. Li, J. Rajendran, and Y. Chen, “Mod-sram: Algorithm-hardware co-design for large number modular multiplication in sram,” arXiv preprint arXiv:2402.14152, 2024.
[46] P. Schlage and C. Jan, “On shanks’ algorithm for modular square roots,” arXiv preprint arXiv:1105.1456, 2011.
[47] A. Mrabet, “A systolic hardware architectures of montgomery modular multiplication for public key cryptosystems, cryptology eprint archive,” Report 2016, vol. 487, 2016.
[48] D. Mills, “Internet time synchronization: the network time protocol,” IEEE Transactions on Communications, vol. 39, no. 10, pp. 1482–1493, 1991.
[49] NIST, “Digital signature standard (DSS),” February 2023.