SBAS Data Authentication Scheme on Q-Channel Based on Digital Signatures

Ivan Lapin, Jaron Samson, Gianluca Caparra, Matthew Dibb, Jean-Christophe Denis, Cyrille Boulanger, Mikael Mabilleau, and Ettore Canestri

Peer Reviewed

Abstract:	A novel data authentication scheme for the satellite-based augmentation system (SBAS) called DS-Q is proposed and evaluated. The scheme is based on the transmission of cryptographically secure digital signatures on SBAS L1 and SBAS L5 Q-channels, allowing the SBAS user to verify the authenticity of SBAS messages on the I-channel without any latency and without impacting message timeouts, scheduling, or service performance. DS-Q is derived using a three-step top-down process that avoids taking the available data bandwidth of SBAS signals as the main driver of the data authentication scheme. As the first step, twelve needs for an SBAS data authentication function from the system and user perspective are formulated, requiring the scheme to be secure, non-intrusive, and flexible. As the second step, the design of DS-Q is proposed, which includes SBAS data authentication message (DAM), protocol logic, and over-the-air rekeying (OTAR) mechanism. To fit the generated digital signatures into a single DAM, the feasibility of implementing an alternative signal modulation on the Q-channel providing a data rate of at least 600 bit/s is discussed. As the last step, DS-Q is qualitatively evaluated with respect to the needs formulated in the first step, showing it meets all but one need, which cannot be met by any SBAS data authentication scheme as it requires the protection of the SBAS user against meaconing or spoofing attacks targeting GNSS core constellations. The scheme presented in this work represents a valid complementary solution to be considered for a longer-term evolution of the SBAS standards. DS-Q should not preclude the possibility of standardizing the current I-channel solution discussed at the International Civil Aviation Organization (ICAO) or pursuing alternative solutions, such as signal authentication or user-based solutions.
Published in:	Proceedings of the 37th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2024) September 16 - 20, 2024 Hilton Baltimore Inner Harbor Baltimore, Maryland
Pages:	3308 - 3324
Cite this article:	Lapin, Ivan, Samson, Jaron, Caparra, Gianluca, Dibb, Matthew, Denis, Jean-Christophe, Boulanger, Cyrille, Mabilleau, Mikael, Canestri, Ettore, "SBAS Data Authentication Scheme on Q-Channel Based on Digital Signatures," Proceedings of the 37th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2024), Baltimore, Maryland, September 2024, pp. 3308-3324. https://doi.org/10.33012/2024.19718
Full Paper:	ION Members/Non-Members: 1 Download Credit Sign In