As part of its duties concerning Galileo Services & Exploitation, the European Commission is studying services to be offered by Galileo to the GNSS community in the next few years. A service that could be provided without modifying the payload of the current Galileo satellites is the authentication of the navigation information. The Galileo data authentication service would contribute to improving worldwide GNSS security and make Galileo more attractive to user communities. In order to design and compare different solutions, a conceptual framework including performance indicators is presented. Based on standard navigation performance analysis metrics, the higher-level performance indicators considered in the authentication framework are Availability, Accuracy, Time to First Authenticated Fix and Robustness. Other lower level indicators traced to the above will be defined as well. It is justified why Authentication Error Rate (AER) and Time Between Authentications (TBA) arise as the main indicators. Indicators related to robustness against replay attacks and signal unpredictability, as Maximum Predictable Time (MPT) or Unpredictable Symbol Ratio (USR) will be presented as well. Secondly, this paper presents contributions to the state-ofthe-art of standard symmetric, asymmetric and hybrid (symmetric and asymmetric) authentication approaches for satellite navigation. Implementations of crossauthentication among satellites are discussed, and some schemes based on a Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol are presented. The paper then presents and characterizes one Navigation Message Authentication (NMA) solution for the Galileo E1B Open Service signal. Finally, some conclusions and further work are proposed. MOTIVATION AND CONTEXT As part of the safety-of-life service, Galileo foresaw to provide a data authentication service for the integrity tables to be transmitted in the I/NAV message. However, as the safety-of-life service has been re-profiled and some requirements of the Galileo system waived, this authentication service is not maintained and, even if it were, it might not satisfy the needs of a broad user base, as its main purpose was to authenticate the Galileo integrity data only and not the navigation data. In addition, the Galileo Commercial Service foresees to use signals in the E6 band (E6B and E6C) whose spreading codes can be encrypted through a secret key, therefore providing a level of access control and authentication that can be found useful by several user communities. Due to the high demand to strengthen GNSS open civil signals for consumer or mass market users, the Galileo program is studying how open navigation message authentication could be implemented within the Galileo signal, and what would be the usefulness of it for the mass market users. The analysis of an NMA standalone service is triggered by the following facts: In the current and future GNSS context, with around a hundred navigation satellites providing open ranging signals to the users, the public value of Galileo can be enhanced by offering additional services. The Galileo signal design and message structure is adequate for introducing authentication, as it allows higher bitrates compared to other GNSS [1][2] and, due to the safety-of-life 're-profiling', a significant amount of bandwidth has been liberated for other uses. The impact in terms of risks and cost in the Galileo program of adding NMA is low: The Galileo ground and space architecture can accommodate the transmission of data from an external source into the operational system in real time, opening the possibility to transmit authentication information into the core infrastructure without modifying the operational baseline. Even if modifications to the current Galileo specification might increase performance and robustness of an NMA solution, NMA could be provided in accordance with the current Galileo core system specification. Previous literature suggests that, when complemented with additional checks at the receiver, it can provide a reasonable level of protection not only of the satellite data but also against replay attacks [3][4]. In any case, as the Galileo service offering includes spreading-code encrypted signals in the E6B as part of the Commercial Service, an NMA service could be combined with these signals for users that rely on encrypted spreading codes. The proposed NMA scheme could also be upgraded in future Galileo generations available in the next decades. Due to all these reasons, an additional line of work was started by early 2013 to assess the provision of NMA in the short term through Galileo open signals, with a minimal, if any, disturbance of the Galileo system or operational requirements. PROTECTION OF NMA AGAINST REPLAY
[1]
O. Pozzobon,et al.
Signal authentication and integrity schemes for next generation global navigation satellite systems
,
2005
.
[2]
Oscar Pozzobon,et al.
Galileo Commercial Service from the Early Definition to the Early Proof-of-Concept
,
2014
.
[3]
Dawn Song,et al.
The TESLA Broadcast Authentication Protocol
,
2002
.
[4]
Elliott D. Kaplan.
Understanding GPS : principles and applications
,
1996
.
[5]
Hugo Krawczyk,et al.
HMAC: Keyed-Hashing for Message Authentication
,
1997,
RFC.
[6]
Todd E. Humphreys,et al.
Detection Strategy for Cryptographic GNSS Anti-Spoofing
,
2013,
IEEE Transactions on Aerospace and Electronic Systems.
[7]
Oscar Pozzobon,et al.
Preparing for the Galileo Commercial Service – Proof of Concept and Demonstrator Development
,
2014
.
[8]
L. Scott,et al.
Anti-Spoofing & Authenticated Signal Architectures for Civil Navigation Systems
,
2003
.
[9]
Todd E. Humphreys,et al.
Practical cryptographic civil GPS signal authentication
,
2011
.