A Navigation Message Authentication Proposal for the Galileo Open Service

Ignacio Fernández-Hernández, Vincent Rijmen, Gonzalo Seco-Granados, Javier Simon, Irma Rodríguez and J. David Calle

Peer Reviewed

Abstract: GNSS vulnerabilities have become evident in the last decade. Authentication of the GNSS signals and data can be an important building block contributing to mitigating these vulnerabilities. This paper presents a Navigation Message Authentication (NMA) scheme based on the Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol and a novel concept based on a single one-way chain for all senders and cross-authentication. The paper presents an NMA implementation in the Galileo Open Service (OS) navigation message that should provide similar navigation performance to data-authenticated users and standard non-authenticated users in terms of time to first fix, accuracy, and availability even in difficult reception conditions. The proposal also maintains a high level of signal unpredictability to help receivers protect against replay attacks. The scheme and implementation proposed yield significant improvements compared to the state of the art, offering the opportunity for Galileo to become the reference GNSS in civil navigation authentication.
Published in: NAVIGATION: Journal of the Institute of Navigation, Volume 63, Number 1
Pages: 85 - 102
Cite this article: Export Citation
Full Paper: ION Members/Non-Members: 1 Download Credit
Sign In