Broadcast Data Authentication Concepts for Future SBAS Services

Luciano Tosato, Andrea Dalla Chiara, Chris Wullems, Guillermo Fernandez Serrano, Alessandra Calabrese, Adrian Perrig, Mikael Mabilleau, Giovanni Vecchione

Abstract: Satellite Based Augmentation Systems (SBAS) are primarily designed to provide SARPS-compliant safety of life (SoL) services that enable aircraft operations using supported GNSS signals for MOPS-compliant receivers. SBASs broadcast corrections and integrity information for augmented satellites, improving accuracy and allowing aeronautic receivers to compute a protection level, bounding the residual position error with the required level of confidence. The European Geostationary Navigation Overlay Service (EGNOS) provides service levels up to LPV-200 (Localizer Performance with Vertical guidance), which enables aircraft approaches that are operationally equivalent to Category I (CAT-I) Instrument Landing System (ILS) using GNSS. As with GNSS signals, SBAS signals are received with low power and are therefore prone to interference, replication, or potential malicious alteration or forging. In particular, the broadcast of non-authentic SBAS data messages can have a detrimental impact on receiver operations, because the navigation solution could be affected even if the received GNSS signal is not spoofed. The European Commission is exploring the possibility of improving the resilience of the SBAS service against cybersecurity threats through the authentication of broadcast SBAS messages broadcast by the GEO satellites. This would enable receivers to verify that the received SBAS messages are authentic and have not been modified (i.e. authentication of origin and cryptographic integrity). With this objective, the EC is financing the SPARC (Simulation Platform for Authentication Reliable Concept) project to identify viable solutions for the authentication of SBAS data. In general terms, an authentication solution for SBAS can be seen as a combination of a number of different elements, as shown in Figure 1. The cryptographic scheme is just one of the elements that must be considered in relation to the modulation type, signal power level, band, etc. In this context, the architecture of the currently standardized SBAS service and signal play an important role, as well as the constraints imposed by the civil aviation stakeholders. This paper presents a series of authentication techniques that have been conceived considering inputs from different stakeholders including receiver manufacturers. In addition, international working groups active in the SBAS standardization activities and in the civil aviation domain (e.g. ICAO, RTCA/EUROCAE) have been involved in the SPARC activities. In SPARC project, more than ten authentication techniques specifically tailored for SBAS, have been designed and analyzed both analytically and through simulations. The four authentication techniques proposed in this paper are summarized as follows: 1. Authentication message transmitted in L5, In-Phase (I) channel (L5I), EC-Schnorr [2] Digital Signature (DS) scheme with a security level of 128 bits; 2. Authentication message transmitted in L5, In-Quadrature (Q) channel (L5Q), EC-Schnorr DS scheme with a security level of 128 bits; 3. Authentication message transmitted in L5, In-Quadrature (Q) channel (L5Q), HFEv [3] DS scheme with a security level of 100 bits and post-quantum resilient algorithm; and 4. Authentication message transmitted in L5, In-Quadrature (Q) channel (L5Q), Hybrid DS+TESLA scheme with a security level of 128 bits and TESLA [4]. For a complete analysis of the performance and impact of the authentication implementation on the SBAS message stream, a set of Key Performance Indicators (KPI) has been proposed and consolidated within ICAO Navigation System Panel activity [5] in order to assess the merits and drawbacks of each authentication solution analyzed. Five KPIs groups have been defined in SPARC as: 1. KPIs linked to SBAS performance; 2. KPIs linked to SBAS authentication scheme; 3. KPIs linked to SBAS infrastructure; 4. KPIs linked to SBAS receiver design; and 5. KPIs linked to controlling interference to aviation systems. The proposed solutions have been implemented in a simulation tool that generates and processes the GNSS (GPS and GALILEO) and the SBAS signals in L1 and L5, carrying the novel authentication frames. The performance has been evaluated considering the following scenarios: 1. Reference Scenario: (used to measure the reference performance without the presence of authentication messages) a. General Conditions: normal operation in nominal environment. b. Augmented GNSS: GPS, GALILEO c. Authentication: Disabled d. Channel Model: AWGN 2. Nominal Scenario: (used to measure the performance in nominal conditions that is without any intentional threat) a. General Conditions: normal operation in nominal environment. b. Augmented GNSS: GPS, GALILEO c. Authentication: Enabled d. Channel Model: AWGN 3. Adversarial Conditions: (used principally to measure the detection and mitigation performance) a. General Conditions: under SBAS spoofing attack b. Augmented GNSS: GPS, GALILEO c. Authentication: Enabled d. Channel Model: AWGN The final paper will report: 1. The description of all the proposed authentication concepts, indicating the differences regarding the implementation, the transmission channel, the frame dimension, the signature length and their cryptographic scheme; 2. The full specification of the authentication frame; 3. The description of the security concepts and cryptographic choices; and 4. The performance assessment against the KPIs indicated. Figure 1 Layered approach to the creation of the authentication techniques References [1] Pornin, T.: Deterministic usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). RFC 6979 (2013). [2] Schnorr, C. P.: Efficient Identification and Signatures for Smart Cards. Advances in Cryptology—Crypto '89. Lecture Notes in Computer Science, Vol. 435 (1990). [3] Mohamed M.S.E., Petzoldt A., “The Shortest Signatures Ever”, Dunkelman O., Sanadhya S. (eds) Progress in Cryptology – INDOCRYPT 2016. Lecture Notes in Computer Science, vol 10095. Springer. [4] A Perrig, R Canetti, JD Tygar, D Song, “The TESLA broadcast authentication protocol”, RSA Cryptobytes, 2005. [5] “Key Performance Indicators for SBAS Authentication”, Working paper JWGs/5-WP/36 rev1, International Civil Aviation Organization, 21/10/2019, Navigation Systems Panel (NSP), Joint Working Groups – Fifth Meeting, Montréal, 15 – 24 October 2019.
Published in: Proceedings of the 33rd International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2020)
September 21 - 25, 2020
Pages: 1 - 26
Cite this article: Tosato, Luciano, Chiara, Andrea Dalla, Wullems, Chris, Serrano, Guillermo Fernandez, Calabrese, Alessandra, Perrig, Adrian, Mabilleau, Mikael, Vecchione, Giovanni, "Broadcast Data Authentication Concepts for Future SBAS Services," Proceedings of the 33rd International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2020), September 2020, pp. 1-26. https://doi.org/10.33012/2020.17762
Full Paper: ION Members/Non-Members: 1 Download Credit
Sign In