Project Members: Kyle Wesson, Daniel Shepard, Todd Humphreys

Former Project Members: Mark Rothlisberger

Summary: Over the past decade, the concept of national security has evolved from a focus on protecting military and critical government resources to also include the protection of vital elements of civilian and commercial infrastructure. Civil GPS has become a key element of this infrastructure; hence its security represents a matter of national security. The deepening dependence of the civil infrastructure on GNSS—especially for timing synchronization—and the potential for financial gain or high-profile mischief make civil GNSS spoofing a gathering threat.  Since the publication of the U.S. Department of Transportation's Volpe Report on GPS dependence nearly a decade ago, GNSS security researchers have repeatedly warned that civil GPS is not yet secure, and that users trust its signals at their peril.  As Professor David Last commented at a recent conference on GNSS security, ``Navigation is no longer about how to measure where you are accurately.  That's easy. Now it's how to do so reliably, safely, robustly.''

In response to the spoofing threat, several defenses have been offered, some non-cryptographic and some cryptographic.  Among non-cryptographic defenses, the multi-antenna defense is generally regarded as the strongest, although it remains vulnerable to a coordinated spoofing attack.  The vestigial signal defense, whereby a receiver is always on the lookout for suspicious “vestigial” peaks in the correlation function, is also thought to be a receiver-autonomous defense.

A growing literature suggests navigation message authentication (NMA) is a practical basis for civil GPS signal authentication. In NMA, the low-rate navigation message is encrypted or digitally signed, allowing a receiver to verify that the GPS Control Segment generated the data. NMA could be implemented without fundamental changes to the GPS Interface Specification by exploiting the extensibility of the modern GPS civil navigation (CNAV) messaging format. Moreover, NMA has been proposed for implementation in the European Galileo GNSS.

The following work establishes the practicality and effectiveness of NMA to authenticate the civil GPS signal. Future work will focus on developing the vestigial signal defense.

Related Publications:

Practical Cryptographic Civil GPS Signal Authentication

Detection Strategy for Cryptographic GNSS Anti-Spoofing

GPS Spoofing Detection System

Radionavigation Robustness and Security

An Evaluation of the Vestigial Signal Defense for Civil GPS Anti-Spoofing

A Testbed for Developing and Evaluating GNSS Authentication Techniques

Civilian GPS Spoofing Detection based on Dual-Receiver Correlation of Military Signals