Session A1: Navigation Security and Authentication

Looking Into the Galileo Signal Authentication Service: Early Demonstration of the Service and Experimentation
Miguel A. Ramírez, Simón Cancela, David Calle, GMV; Ignacio Fernandez-Hernandez, Tom Willems, Jon Winkel, European Commission; Rafael Terris-Gallego, Gonzalo Seco-Granados, Univ Autonoma de Barcelona, CERES-IEEC
Location: Holiday 1 (Second Floor)
Alternate Number 3

The Galileo Signal Authentication Service (SAS) is the next new feature to be offered by Galileo, the European GNSS. Its initial signal-in-space capability is planned for 2025, starting with the L3 (launch 3) satellites in elliptical orbits. SAS relies on encrypted spreading code sequences of the E6-C component, which are “re-encrypted” with cryptographic material provided by the Galileo Open Service Navigation Message Authentication (OSNMA). These Re-Encrypted spreading Code Sequences (RECS) are distributed to users following the semi-assisted authentication concept: future E6-C codes are re-encrypted with OSNMA key material and published by a server for user download. The European Commission launched an R&D project to develop a SAS receiver, an assistance server, and a test platform. The project, named Message and Measurement Authentication Receiver for Initial Operations (MMARIO), began in April 2024 and is now approaching its experimentation phase. The prototype receiver is capable of processing encrypted E6-C signals and generating authenticated position, velocity, and time (PVT) solutions, implementing additional anti-spoofing features such as anti-replay and vestigial signal detection. This paper reports on the first experimentation campaign carried out with real encrypted signals transmitted by Galileo L3 elliptical satellite E14 in June 2025. The use of the Test Platform is foreseen in the upcoming validation phase to simulate encrypted signals and spoofing attacks under controlled conditions.