Oscar Pozzobon

1
Security issues in next generation satellite
systems

• Oscar Pozzobon
• Chris Wullems
• Prof. Kurt Kubik

14/03/2005 CGSIC Meeting, Prague, Czech Republic
2
Introduction

• GPS security issues today
• GNSS security issues in integration scenarios
• Need for trust quantification methods for civil
  uses
• Levels of security obtainable using proposed
  signal authentication methods
• Level of protection
• Performance

3
Qascom Background

• RD on trusted locations systems
• RD on trusted GNSS receivers
• NavSec Consortium
• Vulnerability assessment of critical
  infrastructures that rely on GNSS

4
GNSS Security Policy

• June 2004, US-Europe Agreement on GNSS
  Cooperation and Security
• December 8, presidential policy on Space-Based
  Positioning, Navigation, and Time (PNT)
• December 10, GPS and GLONASS cooperation
• GLONASS-M Russia and India launching and
  modernizing GLONASS.

5
Civil GNSS Security Today
Integrity monitoring systems
Non Intentional
Intentional
Jamming detection / mitigation / localization
techniques
Jamming
Spoofing
Signal authentication techniques
6
Future Civil GNSS Security Issues

• Complexity of Integration with different signals
  and different security mechanisms (e.g. GPS
  Galileo SoL)
• Difficult for GPS user to quantify the total
  trust
• Need for security metrics

7
Security Metrics

• What security level is needed?
• what security level can be achieved?

Non intentional
Integrity monitoring systems
Intentional
Jamming detection / Mitigation / localization
techniques
Jamming
Spoofing
Signal Authentication Techniques
8
Integrity / Authenticity Performance Requirements
for Critical Application

• Time-to-alarm for SoL Integrity (non-intentional
  effects)
• Time-to-alarm for malicious attacks? (Spoofing)
• 3 levels of security for GNSS

Level 2 SCE (Spreading Code Encryption)
Level 1 NMA (Navigation Message Authentication)
No Security
9
Level 1 NMA (Navigation Message Authentication)

• What is NMA?
• A Navigation Authentication Message include a
  digital signature authenticating the other
  navigation messages (ephemeris, almanac data,
  etc)

• Certified receiver is able to authenticate verify
  integrity of NAV messages using signature.
• Authentication NAV messages are created on the
  ground and transmitted to the satellites for
  broadcast.

10
Level 1 NMA (Navigation Message Authentication)

• What does NMA protect against?
• Protects against navigation message spoofing
• Authenticates navigation messages (ephemeris,
  almanac data, etc) from satellites preventing a
  spoofer from generating navigation messages
• Significantly increases complexity of spoofing
• Messages could be theoretically acquired by a
  receiver and replayed over a simulated signal in
  order to spoof the Galileo signal - would require
  functionality not commonly found in commercial
  signal simulators, and would require operation to
  be performed within very small time window
• Attack cost vs Attack outcome

11
Level 1 NMA (Navigation Message Authentication)

• Performance of NMA
• Time-to-alarm of authentication/integrity
  failure?
• Depending on signal data rates and ANM repetition
  rate
• GPS L2C 25bps
• Minimum Authentication time 1,6 minutes with
  cert obtained in 5,6 minutes
• More realistic scenario approx 5 minutes,
  longer cert collection time
• Galileo E1-L1-E2 125bps / E5a 25bps / E5b
  125bps
• Potentially better performance (unknown NAV
  message structure / only projected data rates)
• NMA performance characteristics may be outside
  time-to-alarm requirements
• Suitable for dangerous goods tracking, but not
  for time-critical applications

Based on ECCDSA 160bit / CNAV message structure
(ICD-GPS-200C) with 48 second frame message
sequencing
12
Level 2 SCE (Spreading Code Encryption)

• What is SCE?
• CDMA code is kept secret and can only be derived
  using a symmetric key
• Symmetric keys can be distributed using PKI and
  asymmetric encryption techniques
• GPS P(Y) code uses declassified black keying
  infrastructure for key distribution

13
Level 2 SCE (Spreading Code Encryption)

• What does it protect against?
• Protects against signal spoofing and navigation
  data spoofing
• Users without key are denied access Spoofed
  signal acquisition is virtually impossible as
  CDMA code is unknown to an attacker
• Time-to-alarm requirements of are easily met for
  both intentional and non-intentional integrity
  failures

14
Level 2 SCE (Spreading Code Encryption)

• Proposed usage in Galileo
• Commercial Service (CS)
• Public Regulated Service (PRS)
• Implementation is unknown expected to be
  similar to US black-key infrastructure

15
Conclusions

• Current civil GNSS security do not prevent
  spoofing
• There is a need for signal authentication to
  prevent malicious attacks such as spoofing
• It appears as though L2C will not provide NMA or
  SCE
• Galileo proposals for SoL indicate NMA may be
  included
• NMA alone may not provide the required
  performance for SoL time-to-alarm
• CS and SoL provide different quality of service
  guarantees
• Civil signal authentication is a challenge for
  next generation satellite systems
• Need for metrics to quantify security of complex
  integrated systems

16
Questions?

• Oscar Pozzobon
• o.pozzobon_at_qascom.com
• Chris Wullems
• c.wullems_at_qascom.com