SBAS Authentication Standards

Jed Dennis, Todd Walter, Jason Anderson, Ignacio Fernandez-Hernandez, Ettore Canestri, Mikael Mabilleau, and Eric Châtre

Abstract: This paper describes the main building blocks of a now mature proposal for Satellite-Based Augmentation System (SBAS) message authentication. It builds on previous work and addresses concerns raised in the International Civil Aviation Organization (ICAO) Navigation Systems Panel (NSP). NSP is progressing the development of the concept and associated standard, with the goal to have a baseline development standard that captures proposed changes to the Standards and Recommended Practices (SARPs) by mid-2025. The paper describes the current cryptographic protocol including generation by the SBAS system and use by user receiver equipment. The protocol is based on the Timed Efficient Stream Loss-tolerant Authentication (TESLA) scheme, scheduled in the current message sequence of both the L1 and L5 SBAS signals every six seconds. In the TESLA scheme, a symmetric key is used to generate hash-based message authentication codes (MACs) for each message. These are aggregated and sent every six seconds. Six seconds later, the SBAS broadcasts the symmetric key and the users can confirm that the data received is valid data sent by the SBAS. The symmetric keys are linked together in a chain through a hash function. This chain, often called a TESLA hash chain, can be readily calculated in one direction and is intractable to calculate in the other direction. Confirmation of the symmetric key requires hashing the key to a known symmetric key, called the TESLA Confirmed Hash Point. The TESLA Confirmed Hash point is itself authenticated using an asymmetric key following Public Key Infrastructure guidelines. NSP still has additional work including validation, with a goal to complete the standards development by the end of 2027.
Published in: Proceedings of the 37th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2024)
September 16 - 20, 2024
Hilton Baltimore Inner Harbor
Baltimore, Maryland
Pages: 465 - 481
Cite this article: Dennis, Jed, Walter, Todd, Anderson, Jason, Fernandez-Hernandez, Ignacio, Canestri, Ettore, Mabilleau, Mikael, Châtre, Eric, "SBAS Authentication Standards," Proceedings of the 37th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2024), Baltimore, Maryland, September 2024, pp. 465-481. https://doi.org/10.33012/2024.19687
Full Paper: ION Members/Non-Members: 1 Download Credit
Sign In