Quantum‐resistant authentication algorithms for satellite‐based augmentation systems

Cryptography in the form of digital signatures can be a part of the solution to the threat of spoofing and is going to be implemented on Galileo and other Global Navigation Satellite Systems (GNSS). Digital signatures incorporated into the data stream authenticate the integrity of the data as well as the origin of the message. A multitude of signature algorithms already exist. Most are designed for use over the internet where there are fast data rates, high computing power and the option for call and response. Implementing a digital signature on a system such as a Satellite-Based Augmentation System (SBAS) for use in aviation will require the signature to be short, one-way and secure for the next 30 or more years. With the advent of quantum computing, many state-of-the-art authentication schemes are no longer viable, so an authentication scheme implemented in SBAS will need to be quantum secure. This paper introduces the cryptographic primitives (foundational problems) necessary to understand the vulnerabilities in modern day cryptography due to quantum computing and investigates the use of TESLA (Timed Efficient Stream Loss-Tolerant Authentication) and EC-Schnorr algorithms in broadcast systems. A brief introduction to quantum computing and how it will change the field of cryptography is presented followed by attacks on the aforementioned authentication schemes. State of the art quantum resistant authentication algorithms are introduced and compared with the earlier classical cryptographic methods. Finally, recommendations are put forward for the selection and implementation of authentication schemes for SBAS that withstand the threat of quantum computing.

[1]  Joanna C. Hinks,et al.  Chips-Message Robust Authentication (Chimera) for GPS Civilian Signals , 2017 .

[2]  Todd E. Humphreys,et al.  Practical cryptographic civil GPS signal authentication , 2011 .

[3]  Quynh H. Dang,et al.  Recommendation for Applications Using Approved Hash Algorithms , 2009 .

[4]  Marc Stevens,et al.  The First Collision for Full SHA-1 , 2017, CRYPTO.

[5]  Preskill,et al.  Efficient networks for quantum factoring. , 1996, Physical review. A, Atomic, molecular, and optical physics.

[6]  Todd E. Humphreys,et al.  A blueprint for civil GPS navigation message authentication , 2014, 2014 IEEE/ION Position, Location and Navigation Symposium - PLANS 2014.

[7]  R. Feynman Simulating physics with computers , 1999 .

[8]  Ran Canetti,et al.  Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction , 2005, RFC.

[9]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[10]  Nicola Laurenti,et al.  Authentication Concepts for Satellite-Based Augmentation Systems , 2016 .

[11]  Peter Schwabe,et al.  SPHINCS: Practical Stateless Hash-Based Signatures , 2015, EUROCRYPT.

[12]  Lov K. Grover A fast quantum mechanical algorithm for database search , 1996, STOC '96.

[13]  Nicola Laurenti,et al.  Evaluating the security of one-way key chains in TESLA-based GNSS Navigation Message Authentication schemes , 2016, 2016 International Conference on Localization and GNSS (ICL-GNSS).