Open GNSS Signal Authentication Based on the Galileo Commercial Service (CS)

O. Pozzobon, C. Sarto, A. Pozzobon, D. Dötterböck, B. Eissfeller, E. Pérez, D. Abia

Abstract:	There has been a significant number of GNSS anti-spoofing and authentication solutions presented the in literature in the last 12 years after the Volpe report, which can be considered as the first document officially released by a government mentioning the GPS vulnerabilities. All the proposed solutions have been based on either existing signals with different “heuristic” approaches or by defining new schemes for future GNSS signals evolutions. This paper describes the first known implementation of an innovative authentication scheme based on the Galileo Commercial Service (CS), a signal that has been developed for the specific purpose of providing an authentication service. Although not operative as service, the first four Galileo satellites in orbit and all the other under development to date are capable to generate and transmit the Galileo CS signal. The CS signal is broadcast on the E6 band (1278.750 MHz) and it is a 5Mcps BPSK modulated signal. The signal is a multiplexed CASM modulation of three channels, A, B and C. While A is reserved for government use, the B and C channels are dedicated to the Galileo CS. The B and C channels public codes can be encrypted with a stream-cipher and provide controlled access, as a key is required to generate the local replica to acquire the signal. When the encryption is activated in the B and C channels the system is resistant to spoofing as the transmitted sequences are unknown and are below the received signal thermal noise for the detection and reproduction with standard antennas. A basic design of CS receivers capable to acquire, track and decode the signal would require a security module that can securely store the cryptographic keys and perform the acquisition, tracking and data extraction functions in a protected environment [1]. This would drastically increase the cost of the solution and would limit the market penetration of authentication services in the mass market. An innovative approach has been developed as part of the STON (Security Technologies based on lOcatioN) project founded by the European GNSS Agency (GSA) which limits the hardware requirements at the user segment and moves the security operations in an remote authentication service. The system architecture foresees an hardware capable to acquire both the E6 and L1 frequency, and a processor capable to determine position and time data from the L1 signal, which is considered untrusted. Acquired information are sent to the remote authentication service which can attempt to generate a local replica of the CS signal at the pretended time and location generated by the untrusted signal. This can be achieved as the authentication service is loaded with the operational cryptographic keys and has knowledge of the Galileo system time and orbits. Different approaches are used by the authentication service, based either on the generation of PVT from the trusted Galileo CS signal and comparison with the PVT to be verified or by verification of the code alignment of the received Galileo CS signal and the generated CS replica. The paper presents the system architecture, preliminary results of simulation scenarios and test results of the authentication algorithms and receiver operating characteristics. [1] O. Pozzobon, C. Wullems, M. Detratti. Security considerations in the design of tamer resistant GNSS receivers. IEEE / NAVITEC 2010, 10 December 2010, Noordwijk.
Published in:	Proceedings of the 26th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2013) September 16 - 20, 2013 Nashville Convention Center, Nashville, Tennessee Nashville, TN
Pages:	2759 - 2768
Cite this article:	Pozzobon, O., Sarto, C., Pozzobon, A., Dötterböck, D., Eissfeller, B., Pérez, E., Abia, D., "Open GNSS Signal Authentication Based on the Galileo Commercial Service (CS)," Proceedings of the 26th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2013), Nashville, TN, September 2013, pp. 2759-2768.
Full Paper:	ION Members/Non-Members: 1 Download Credit Sign In