Register    Attendee Sign In Sign in to access papers, presentations, photos and videos
Return to Session A2

Session A2: GNSS Security: Interference, Jamming, and Spoofing 1

Authentication of GPS Modernized Signals Using TESLA Chimera
Michael H. Cole, James T. Gillis, Rachel Allen, Albert H. Hayden, The Aerospace Corporation
Location: Beacon A

Spoofing of GNSS signals continues to grow as a threat to PNT users globally, including safety-of-life and other critical infrastructure users. Space Policy Directive 7 includes provisions for the U.S. government to pursue authentication solutions for GPS. We will present a proposed TESLA Chimera based authentication approach for modernized GPS signals that would provide in-band authentication of ranging measurements and navigation message content. Specific CNAV/CNAV-2 messages formats and schedules are proposed, as are results of simulations characterizing performance metrics including timeliness of authentication events for a representative nominal configuration.
Chips-Message Robust Authentication (Chimera) [1] is based on the interleaving of two ideas – Navigation Message Authentication (NMA) via asymmetric digital signatures and Watermark-Signal-Authentication on the pseudo-range via bit-commitment in satellite navigation systems. The Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol [2] was developed to reduce bandwidth and provide assurance in Internet Protocol based applications. It uses hash chains of keys (here anchored by a digital signature) to validate the packet-based data using shared key Message Authentication Codes (MACs). These TESLA chains have the property that, when a key is exposed, all previous keys in the chain are derivable back to the initialization point. This derivation improves the time to validation and time to authentication statistics when communication errors occur.
When ranging and navigation message information is substantiated by the TESLA MACs and delayed TESLA key reveal it is “validated,” and when further substantiated by a digital signature the information is considered “authenticated.” The distinction between “authenticated” and “validated” occurs in that an adversary can construct a consistent TESLA chain to the point of authentication but cannot anchor it with a digital signature. In this case, authenticated is stronger than validated. This approach can be adopted such that the entire constellation, or sub-constellations, are on the same TESLA chain, and such that the broadcast of TESLA Chimera epochs and digital signature messages are staggered across the constellation to improve performance.
There are several alternatives for how the channels are interleaved into sub-constellations. These choices affect performance in several ways, most notably at the occurrence of TESLA Chain re-initialization. This presentation will present simulations of notional TESLA Chimera configurations and their respective estimated performance for users globally. Simulation results show the performance gains and illuminate the effect of hash-chain (re)initialization. The trades between having each channel (space vehicle) on its own chain, using a small number of sub constellations, and having the complete constellation on the same hash chain are presented. Trade-offs of bandwidth consumed vs. frequency of authentication messages are also discussed, as well as implications for CNAV navigation broadcast schedules in order to accommodate authentication messages alongside other critical navigation message content.
Bibliography
[1] J. Anderson, K. Carroll, N. DeVilbiss, J. Gillis, J. Hinks, B. O’Hanlon, J. J. Rushanan and L. Scot, "Chips-Message Robust Authentication (Chimera) for GPS Civilian Signals," in Proceedings of the 30th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2017), Portland, Oregon, 2017.
[2] A. Perrig, R. Caneti, J. Tygar and D. Song, "The TESLA Broadcast Authentication Protocol," CryptoBytes, 2002.



Return to Session A2