Secure Automatic Identification System (SecAIS): Proof-of-Concept Implementation

The automatic identification system (AIS), despite its importance in worldwide navigation at sea, does not provide any defence mechanisms against deliberate misuse, e.g., by sea pirates, terrorists, business adversaries, or smugglers. Previous work has proposed an international maritime identity-based cryptographic infrastructure (mIBC) as the foundation upon which the offer of advanced security capabilities for the conventional AIS can be built. The proposed secure AIS (SecAIS) does not require any modifications to the existing AIS infrastructure, which can still be used for normal operations. Security-enhanced AIS messages enjoying source authentication, encryption, and legitimate pseudo-anonymization can be handled on an as-needed basis. This paper reports on a proof-of-concept implementation of the SecAIS. Specifically, we report on the implementation of the SecAIS over an mIBC founded on the RFC6507 (ECCSI) and the RFC6508 (SAKKE) standards, and we discuss the results of performance tests with this implementation. The tests indicate that the SecAIS is a feasible solution that does not affect the conventional AIS infrastructure and has an affordable operational cost.