Australia/New Zealand DFMC SBAS and Navigation Message Authentication

Abstract

Satellite navigation systems are widely used for positioning, navigation and timing applications spread across critical and non-critical infrastructures. It is common knowledge that GNSS signals are received with a very low power level and are thus vulnerable to natural and artificial electromagnetic phenomena that can degrade or disrupt the Service. This inherent weakness permits malicious attackers and GNSS-like signal emitters to transmit signals that could be considered by a GNSS receiver as emanating from a GNSS/SBAS satellite. Protection of satellite navigation services and their augmentations against such threats presents a significant challenge. The GNSS community devotes substantial efforts to strengthen GNSS services from unintentional as well as intentional interference. As one result of these efforts, Europe is considering the addition of authentication features for both Galileo and EGNOS. Europe has confirmed the addition of NMA (Navigation Message Authentication) to the Galileo I/NAV signal for Galileo 1st Generation and is currently evaluating authentication schemes for EGNOS. A second generation satellite based augmentation system is currently undergoing a series of demonstrations for various civil applications in Australia and New Zealand through early CY2019. This Dual Frequency Multi-Constellation (DFMC) SBAS Testbed provides both Satellite Based Augmentation System (SBAS) and real time Precise Point Positioning (PPP) capabilities through the SBAS L1 and L5 signals broadcast using the Inmarsat 4F1 geostationary satellite. The first transmissions of the DFMC SBAS augmentation signal in space (SIS) started in June 2017, while the first transmission of the PPP services began in October 2017. By the ION GNSS + conference in September 2018, this Testbed Service will have accumulated more than eleven months of service provision. The objective of this paper is to describe a technique suitable for navigation message authentication for DFMC SBAS in the DFMC era (where denial of either L1 or L5 would result in reversion to a form of ARAIM operations). The paper describes the approach for achieving NMA via the SBAS L5 channel where capacity is readily available, i.e., this L5-centric approach avoids constraints and challenges posed by use of the L1 C/A channel. This approach has the advantage of simplicity in both generation of the authentication message as well as in verification of authentication message by the user receiver. The technique described in this paper is intended to demonstrate the feasibility of an NMA approach utilizing the L5-Q channel for the DFMC SBAS, with possible demonstration of the application via the DFMC SBAS Testbed. The important performance metrics determined for the NMA algorithm are time between authentications, cryptographic security parameters and public key management. This effort will describe an algorithm utilizing SBAS L5-Q modulation features based on a public-private key methodology (solely for example, use of a secure hash function as the ‘private’ key in conjunction with TESLA as the ‘public’ key). In order to avoid a receiver requirement to store the private key, asymmetric approaches are utilized. While it’s recognized that this approach is not readily adaptable for some other applications, this effort is intended to first resolve the approach for the aviation application, then eventually assess what extensions to other modes entails. Given the physical layer characteristics of the GNSS signal in space (SIS), we assert the following. • Full replacement of the legitimate signal with an illegitimate signal is the predominant means of attack, either through meaconing or signal synthesis. • The risk associated with single bit or single message replacement is low. An attempt to purposefully replace a single bit or message would face extraordinary challenges in terms of time synchronization between SIS, targeted receiver, and the interfering transmitter. Notably, the I-channel and Q-channel are intertwined by phase keying within the L5 dual BPSK modulation, so purposeful alteration of single or multiple bits in the I-channel is highly improbable. • The risk of private key discovery is high, likely inevitable. Given the global availability of the L5 SIS and the relative weakness of the algorithms when used in a channel with an information capacity of 212 bps, we consider a high rate of key pair generation and distribution as necessary. • Unlike many applications of cryptography, the SIS provides a one-way broadcast medium in which the content does not require Confidentiality or Non-repudiation. Authenticity and Integrity of the L5-I message are the goals of GNSS Message Authentication. We regard the threat models against SBAS to be uniquely different from those addressed by the majority of cryptographic research. The unique characteristics of broadcast radio-wave reception differ markedly from a digitally switched computer network. In that context, the objectives of this paper are as follows: • Describe results from an ongoing study effort that should be useful in developing standards for future satellite navigation services where authentication features might be envisaged; and • Further considerations relative to developing guidance or tentative requirements for DFMC SBAS authentication features.