A. proposal is the development of an International

1. International Maritime PKI description
The foundation of our proposal is the development of an International
Maritime Public Key Infrastructure that should act as the coordinator of
the infrastructure and may be functionally under International Maritime
Organization. On the other hand each maritime country should develop
its own public key infrastructure that should satisfy a minimum number
of the International Maritime PKI standards in order to be compatible.
Hence, in this paper the International Root Certification Authority
along the International Root Registration Authority assumed to be
functioning under the IMO and called PKI-IMO. Respectively, the national
part of the International Maritime PKI called national Maritime PKI
(PKI-NMO), i.e. Greek Maritime PKI (PKI-Greek-MO). The national
organizations based on each country’s responsible authority where they
operate the corresponding national Certification and Registration
authorities. National Certification and Registration authorities divided
to national Vessels Certification and Registration authorities and to
national Officers Certification and Registration authorities. (See
figure: … )

1.1 International Maritime PKI Authority
The International Maritime PKI Authority under the International
Maritime Organization publishes the criteria and the legislations that a
national Maritime PKI (PKI-NMO) must meet in order to be part of the
PKI-IMO. The maritime nation that wants to be part of the PKI-IMO makes a
request to IMO in order to register with the International Root
Registration Authority. IMO and International Root Registration
Authority are responsible to check if the candidate nation’s maritime
PKI fulfills the criteria for registration. Following a successful
registration the International Root Certification authority of the IMO
signs with the PKI-IMO root certificate the registered nation’s national
root certificate and therefore makes that nation’s PKI-NMO part of the
International Maritime Public Key Infrastructure Organization
(PKI-IMO). Therefore the IMO is responsible to validate each nation’s
request to be a legitimate partner of the PKI-IMO, thus IMO register and
certifies only national sub-certification and sub-registration
authorities and not vessels or officers. It is important to highlight
the importance to control the registration of the national authorities
to the PKI-IMO in order to avoid the possible registration of a National
PKI authority that it is not complying with the minimum standards.
1.2 National Maritime PKI Authority
National Maritime PKI Authority divided in two independent PKI: Vessels’
PKI and Officers’ PKI. Each PIK has its Registration and Certification
authority and its particular measures that should be met by vessels and
officers in order to registered and certified. However, noted that both
PKI have their national root certificates respectively signed by the
international root certificate of the PKI-IMO. National Vessels
Maritime PKI Authority operates the Vessels registration and
certification authorities, which are responsible to check, validate and
finally register and certify all the vessels that operating under the
nation’s flag. Accordingly, National Officer Maritime PKI Authority
operates the Officers registration and certification authorities, which
are responsible to check, validate and finally register and certify all
the maritime officers of this country. Therefore, each vessel is
registered and it has its unique key-pair along with the corresponding
National Vessels Maritime PKI certificate on a smart token. Respectively
each maritime officer is registered and it has its unique key-pair
along with the corresponding National Officer Maritime PKI certificate
on a smart token. Noted, for each two National PKI Authorities that are
registered and certified from PKI-IMO then they able to trust each other
and consequently both nations’ vessels and officers have trusted
1.3 Certificates and Smart Tokens
In order to advantage IMO-PKI capabilities each registered vessel should
equip with a special device that would be able to read vessel’s smart
token and officer of the watch (OOW) smart token simultaneously; for
simplicity of this paper this special device named as “smart token
reader”. The smart token reader should be able to use both vessel and
OOW certificates and key-pairs as needed for authentication, encryption,
decryption, and signing of data. In addition smart token reader should
have a data input device (keyboard, USB reader) and should be connected
to the GPS and the improved AIS (AAS) transmitted of the vessel. Finally
the smart token reader should be on secure place preferably on the
vessel’s bridge.
1.4 The Procedure
When the vessel commissioned the National PKI-NMO register and certifies
the vessel as shown then a representative of the PKI-NMO and a
representative of the owner place the smart token of the vessel in the
special smart token reader of the vessel and they sealed it. Assumed
that the vessel is anchored and none officer is commissioned yet, the
smart token reader broadcast vessels data via improved AIS (AAS) signed
only with vessel’s certificate. All the broadcasting data receivers are
able to authenticate the vessel and simultaneously indirectly informed
of the OOW absence on the specific vessel. Therefore the receivers they
are able to evaluate this information as needed for safety, security, or
legislative reasons. When an officer commissioned on the vessel should
have with him his smart-talking and each time that starts his duty, as
an officer of the watch (OOW), on the bridge should place his smart
token to the vessel’s smart token reader. It is obvious that since an
officer should be responsible for the vessel at all time, the
corresponding officer’s smart token must be also placed on the reader
along with the vessel’s smart token. Thus, the absence of either
vessel’s or officer’s smart token is a reason to alarm the vessels
nearby and the coast guard.
2 Automatic Authentication System (AAS)

The proposed Automatic Authentication System (AAS) is improved AIS that
is able to switch between two modes of operation: authentication only (A
mode) and authentication along with encryption (A/E mode). The
authentication only mode (A mode) should consider as the predefined mode
of operation and would be used at all times everywhere on the globe
with the exception of some piracy hot zones that PKI-IMO should
encourage the use of (A/E mode). The main advantage of the A/E-mode over
the simple A-mode is that the signed data of the vessel and the officer
of the watch are broadcasted encrypted and thus only authenticated
nearby vessels and the authorities may decrypt them and have access to
them. Therefore the not authenticated nearby pirates do not gain access
to sensitive vessel’s data where the vessel is still able to broadcast
its data for safety reasons without to compromise its security. Noted
that both modes of AAS operation, especially A/E mode, needs a
considerable more bandwidth along with better quality of the signal in
order to operate than conventional AIS needs; however this technical
considerations are beyond the scope of this research.
2.1 Authentication only mode (A-mode) of the AAS
The aim behind the A-mode is to give the opportunity to the maritime
community to use distant automatic strong authentication instead of the
inadequate automatic identification used today. Therefore by using the
experience from internet security this research considers each vessel
kind such as a public access server and the officer on watch as the
administrator of this server where the nearby vessels considered such as
the clients of the server. Keeping those similarities in mind as each
browser must be able to authenticate each web server’s certificate the
next logical step is to provide all vessels with the equipment that be
able to authenticate others vessels signed data. That equipment is an
AAS on A-mode that both broadcast digitally signed data and
authenticates received data from other vessels’ AAS. Assume that a cargo
vessel and a coast guard vessel are inside each other AAS broadcasting
data. On cargo vessel’s smart token reader are placed both vessel’s
smart token and officer of watch smart token; reminded that smart tokens
save the signed from PKI-IMO digital signatures of the cargo vessel and
the OOW respectively. Then the AAS equipment inputs the data that the
conventional AIS uses (i.e. Ship name, id, speed, position, etc.) and
digitally sign them with both cargo vessel’s certificate and OOW
certificate and broadcast them via radio. The coast guard’s AAS
equipment receives the broadcasted data and automatically checks the
validity of the cargo vessel and OOW digital certificates according to
the validity of the PKI-NatonalMO and the PKI-IMO signing of the
certificates. If the examination of the digital certificates is
successful the coast guard AAS equipment informs the coast guard
officers for a successful authentication of the cargo vessel and
validates the broadcasted cargo vessel’s data. Otherwise if the vessel’s
or the OOW certificate has a problem the coast guard AAS equipment
informs the coast guard officers for a partial successful authentication
or even for a failed authentication and automatically alarms and
downgrades the validity of the cargo vessel’s broadcasted data. On the
same way cargo vessel is able to authenticate the coast guard vessel
along with its supervisor officer. The above procedure is possible even
if the cargo vessel is from a foreign nation of that of the coast guard
because both trust and they are undeniable sure about the PKI-IMO public
key, and therefore they are able to validate the PKI-IMO signing over
the PKI-NationalMO and therefore PKI-NationalMO signing over the vessel
and OOW certificates. Noted that the above procedure is totally
automatic and all the restriction and the precondition of a PKI are
applied (i.e. Revocation lists, secure public dissemination of the
PKI-IMO certificate/public key); however the examination of them is
beyond the scope of this paper. Finally it is very important to
highlight that the PKI-IMO and the organization that supporting it does
not have any active role on the authentication procedures that they are
automatic and they do not imply any kind of active communication with
any of the national or international public key infrastructures. That
it is not true for the Authentication/Encryption mode that needs the
active support of both the national and international public key