SBAS Data Authentication Scheme on Q-Channel Based on Digital Signatures
Ivan Lapin, Matthew Dibb, Gianluca Caparra, Jaron Samson, Jean-Christophe Denis, European Space Agency; Cyrille Boulanger, Centre National d'Études Spatiales; Mikael Mabilleau, Ettore Canestri, European Union Agency for Space Programme
Date/Time: Thursday, Sep. 19, 8:57 a.m.
Peer Reviewed
The satellite-based authentication system (SBAS) data authentication is a system-based solution that can help prevent or mitigate certain categories of spoofing attacks against SBAS users during which the attacker transmits modified SBAS signal-in-space (SIS) messages. To provide the data authentication function, the system disseminates cryptographic information, such as digital signatures or message authentication codes, along with SBAS messages, allowing users to verify the authenticity and integrity of the message content. Various SBAS data authentication solutions have been previously proposed and evaluated, considering either existing SBAS L1 and SBAS L5 I-channels, or new SBAS L1 and SBAS L5 Q-channels that match the I-channels in terms of modulation and data rate. However, an implementation of the authentication function with limited bandwidth inevitably imposes restrictions on system functions, performance, or operations. These restrictions might include rigid SBAS message scheduling, reduced maximum number of augmented GNSS core constellations, reduced maximum number of augmented ionospheric grid points (IGPs), alert conflicts, tailoring of non-standard algorithms or non-standard implementations, use of messages prior to the verification of their authenticity, need for external secure time synchronization, or modification of SBAS message time-outs.
The current drafted standards on SBAS data authentication use only the SBAS L1 and SBAS L5 I-channels, leaving the Q-channel unused. This paper presents the design and qualitative validation of a novel SBAS data authentication scheme, based on digital signatures transmitted on SBAS L1 and/or SBAS L5 Q-channels with a higher data rate, representing a valid complementary solution to be considered for a longer-term evolution of the standards. The proposed scheme is designed to avoid restrictions on SBAS whilst maximizing the flexibility of its implementation. To derive the optimal scheme, a three-step top-down approach is applied. As the first step, the generic needs of an SBAS data authentication function from the system perspective are defined. As the second step, the design of the scheme is formulated, considering various trade-offs on algorithms and available channels. The scheme definition includes the SBAS authentication message, protocol logic, and over-the-air rekeying (OTAR) mechanism. As the last step, the scheme is qualitatively validated with respect to the SBAS data authentication needs defined in the first step.
The proposed scheme allows to verify authenticity and integrity of SBAS messages by using the well-established elliptic curve digital signature algorithm (ECDSA). Security of each message signature is ensured by using the p-256 ECDSA curve and secure hash algorithm 3 (SHA3) guaranteeing secure operations in line with international standards and national security agencies recommendations at least up to the year 2029, and potentially beyond depending on the threats considered. Although the post-quantum threat was not considered when deriving the scheme, the limitations of the scheme against this threat are discussed in the presented paper, paving the way for a future new axis of work. Sending signatures on Q-channel in parallel to I-channel SBAS messages allows SBAS users to verify the authenticity of the messages potentially without any latency. To fit a single signature on a single Q-channel message, a modulation scheme providing a data rate of at least 600 bits per second is assumed. The feasibility of this modulation scheme is discussed.
Signing each SBAS message individually and sending the signature in parallel to the SBAS message on the Q-channel results in a full occupation of the Q-channel. This might not be desirable for those SBAS providers who might want to allocate a part of this channel to other services, such as to the precise point positioning (PPP) service. To address the needs of SBAS providers wanting to use the Q-channel for other purposes, the proposed scheme allows to optimize the bandwidth occupation by signing SBAS messages in blocks. The number of messages in each block is variable and is under the full control of the SBAS provider. As such, the scheme is flexible enough to allow the SBAS providers to implement it in a way that best fits their needs and concept of operations (CONOPS).
For Attendees Technical Program Registration CGSIC Hotel Travel and Visas Smartphone Decimeter Challenge Exhibits Submit Kepler Nomination For Authors and Chairs Abstract Management Author Resource Center Session Chair Resources Panel Moderator Resources Student Paper Awards Editorial Review Policies Publication Ethics Policies For Exhibitors Exhibitor Resource Center Marketing Resources Other Years Future Meetings Past Meetings