The move comes as the FAA enters the implementation phase of its Aeronautical Telecommunications Network (ATN). The ATN is a next-generation data link network being developed by the International Civil Aviation Organization that will eventually be used by air traffic controllers to send commands to virtually all pilots.
The FAA and its partner in the program, ATN Systems, a privately held, for-profit corporation owned by 11 US airlines, declined to comment on the security requirements of the ATN. But experts from Certicom and the aerospace industry acknowledged that the use of encryption would be paramount to prevent malicious hackers or terrorists from injecting false commands into the data link between ground controllers and pilots.
"Their biggest concern is authentication. The information is only of value if it's realtime," said Prakash Panjwani, a senior vice-president at Certicom. He said pilots needed to have assurances that the information is coming from legitimate air traffic controllers.
Panjwani said the FAA's selection of Certicom's products stemmed from its need for the encryption technology to work in extremely low bandwidth conditions. Currently, controllers are dealing with a throughput of 150 bits per second at peak times, he said.
To overcome that restriction, the ATN will rely on Certicom's Elliptic Curve Cryptography, a standard for digital signature algorithms that offers more efficient use of bandwidth than other PKI algorithms, Panjwani said.