On the Achievable Equivalent Security of GNSS Ranging Code Encryption
Gianluca Caparra, University of Padova, Italy
The widespread adoption of GNSS has increased the incentives to mount attack against it. In recent years, several spoofing attacks, were reported from all over the world. From home-made GNSS spoofer built for cheating at Pokemon GO to the large area spoofing events that recently happened in the Black Sea.
In the last decade the GNSS community investigated anti-spoofing techniques both operating at the receiver side and at the system side. The former aims at achieving resiliency without requiring the modification of the current GNSS space segment. The latter aims at introducing to the signal in space (SIS) specialized signals or signal features for origin authentication or to increase robustness against masquerading. All these proposals achieve security by the means of cryptography. This can be either applied at data level, technique known as Navigation Message Authentication (NMA) or at ranging code level.
The application of the cryptographic function directly to the ranging code has garnered quite a lot of attention in recent years. This is commonly referred to as Spreading Code Encryption (SCE) if the ranging code is completely encrypted, such as the controlled access GNSS signals, and has been referred to as watermarking in the case that only part of the code is encrypted. This work presents a security analysis of SCE and watermarking techniques aiming at evaluating the limitation against spoofing attack.
The encryption can be applied to the whole of the spreading code, commonly referred to as SCE, or can be encrypted only on part of it. The first solution is usually related to restricted access service such as the military GPS P(Y). The user might be required to have tamper-resistant module in which is stored the cryptographic key used to generate the local replica. The secure module is mandatory if the user is able to track the signal in real time, in order to prevent the leakage of the key that can be used also for generating of a spoofed signal that pass the cryptographic check.
If, instead, the receiver is capable of storing the intermediate-frequency (IF) samples, then it can check the presence of the secret code if the key is disclosed at a later point, or if the samples can be dispatched to a remote processing service that is privy to the secret key. If the spreading code is fully encrypted, both the ranging and the disclosure of the key might be performed on another signal component. Alternatively, the key can be disclosed via a telecommunication link, enabling a delayed measurement of the range on the encrypted signal component. Another option explored in the literature is the use of a dual-component signal, where one component is fully encrypted and devoted to security, while the other uses an open modulation format, and carries clear-text data. In such a case the key might be released in delay over the clear component, which, depending on the configuration, might also be used for real-time ranging.
Another approach is the partial, or sporadic, encryption of the spreading code, wherein some chips are multiplied by a cryptographic sequence, and others are left unencrypted. This technique is commonly referred to as watermarking. Two main variants of watermarking are present in the literature: one in which the selection of chips that are encrypted is known to all users in advance (perhaps statically defined in the signal specification), and another in which the chip selection is also part of the cryptographic scheme, and varies randomly over time. The two variants have pros and cons. If the position of the watermark is random, the attacker does not know which chips he should estimate and which one are known, and so the process of attempting to estimate the cryptographic chips for use in the generation of counterfeit signals is rendered more difficult. However, in this case, as the position of the chips is only known to the user at a delay, then the receiver must sample the entire signal, and store all samples until such time as the corresponding key is released. On the other hand, if the position of the secret code is known, the legitimate receiver is able to sample and store only small portions of the signal, which might be more manageable for memory constrained devices. Moreover, the receiver can omit the encrypted samples from the real-time tracking process, leading reduction in correlation loss relating to the correlation across as-yet-undisclosed spreading chips. Therefore, as often happens, there is a trade-off between the security and the usability.
In an effort to evaluate this security level, this work considers the properties of the security features imbued in the signal, both from an information theoretic perspective, and also evaluates its robustness against a number of man-in-the-middle (MITM) attacks popularize in the literature. The Security Code Estimation and Replay (SCER) attack aims at transmitting the estimated symbols from the legitimate signal received at the attacker's antenna while minimizing the amount of delay introduced, and maximizing the perceived similarity between the counterfeit signal and that which is expected by the receiver (with respect to the particular test criteria implemented in the receiver).
This work focuses on SCER attacks against hypothetical authentication signals verified a posteriori (not tracked in real-time). The contribution of this work is to provide a way to evaluate the effect of replay attacks against GNSS signals with ranging code encryption. The equivalent correlation loss experienced at the victim receiver due to the estimation noise introduced by the attacker estimation is derived in closed form as a function of the carrier to noise ratio of the attacker, the one of the legitimate receiver and the difference in the pseudorange induced. Furthermore, the work will discuss different types of detection statistics, pre- and post-correlation, showing the trade-off between security and specificity of spoofing-detection under a variety of representative operating conditions. This work is extended to determine, the constraints in terms of spoofable region imposed by the estimation process are evaluated.
The outer bound in terms of Receiver Operating Characteristic (ROC) are derived for the Likelihood Ratio Test (LRT) that is the optimal binary hypothesis testing. Moreover, the impact of the receiver noise in the detection is evaluated, defining the equivalent level of security (comparable to the traditional n-bit cryptographic security levels) offered by the setup. This allows to evaluates the effectiveness of the spoofing detection schemes and to optimize the system parameters in order to achieve the desired level of security, such that each security facet of the receiver can be designed to a commensurate level, none being a stark `weak-link’, and none being unnecessarily over-engineered.
Early contributions in this area are in the form of information theoretical analysis, and offer insight into the wide range of possibilities yet to be explored in this field. Results indicate that the a number of the current techniques proposed in the literature, based on a more traditional detection-theory approach, and centred around a matched filter, fail to impose an adequate security level. In contrast, more rigorous security constraints, based on nonlinear operations, appear to dramatically degrade the performance of the receiver under moderate or weak-signal conditions. It is clear that some degree of optimization is necessary.