Abstract: | Herein, we delineate and suggest mitigations for a critical security attack involving the time synchronization requirement of any broadcast-only Timed-Efficient Stream Loss-tolerant Authentication (“TESLA”) scheme, including those in development for many Global Navigation Satellite Systems (“GNSS”). TESLA’s bandwidth efficiency and loss-tolerant properties are advantageous, even necessary, to provide GNSS cryptographic authentication security on data channels and ranging signals. TESLA presumes a loose-time synchronization assumption, and receivers must externally (i.e., via an out-of-band channel) verify this assumption (e.g., at startup, routine maintenance, routinely) to assert authentication security. However, the combination of (1) TESLA’s adaptation to the broadcast-only context and (2) the current network timing synchronization standards lends to an attack that could allow receivers to accept forgeries. The time synchronization protocol must be modified to mitigate this threat. We show this attack’s concrete feasibility using data from a study conducted on a Network Time Protocol (“NTP”) server. |
Published in: |
Proceedings of the 2023 International Technical Meeting of The Institute of Navigation January 24 - 26, 2023 Hyatt Regency Long Beach Long Beach, California |
Pages: | 277 - 285 |
Cite this article: | Anderson, Jason, Lo, Sherman, Walter, Todd, "Addressing a Critical Vulnerability in Upcoming Broadcast-Only TESLA-Based GNSS-Enabled Systems," Proceedings of the 2023 International Technical Meeting of The Institute of Navigation, Long Beach, California, January 2023, pp. 277-285. https://doi.org/10.33012/2023.18623 |
Full Paper: |
ION Members/Non-Members: 1 Download Credit
Sign In |