A Location-Based Global Authorization Method for Underwater Security

National or international maritime authorities are used to handle requests for licenses for all kinds of marine activities. These licenses constitute authorizations limited in time and space, but there is no technical security service to check for the authorization of a wide range of marine assets. We have noted secure AIS solutions suitable for more or less constantly internet-connected assets such as ships with satellite connections. The additional constraints posed by underwater autonomous assets, namely less power and connectivity, can be mitigated by using symmetric cryptography. We propose a security service that allows the automatized check of asset authorization status based on large symmetric keys. Key generation can take place at a central authority according to the time and space limitations of a license, i.e. timestamped and geocoded. Our solution harnesses the exceptionally large key size of the RC5 cipher and the standardized encoding of geocells in the Open Location Code system. While we developed and described our solution for offshore underwater use, aerial and terrestrial environments could also make use of it if they are similarly bandwidth constrained or want to rely on quantum-resistant and computationally economic symmetric methods.

Authentication of Underwater Assets

Secure digital wireless communication underwater has become a key issue as maritime operations shift towards employing a heterogeneous mix of robotic assets and as the security of digital systems becomes challenged across all domains. At the same time, a proliferation of underwater signal coding and physical layer options are delivering greater bandwidth and flexibility, but mostly without the standards necessary for interoperability. We address here an essential requirement for security, namely a confirmation of asset identities also known as authentication. We propose, implement, verify and validate an authentication protocol based on the first digital underwater communications standard. Our scheme is applicable primarily to AUVs operating around offshore oil and gas facilities, but also to other underwater devices that may in the future have acoustic modems. It makes communication including command and control significantly more secure and provides a foundation for the development of more sophisticated security mechanisms.