Upload
sky-burney
View
214
Download
1
Tags:
Embed Size (px)
Citation preview
Challenges of Practical Civil GNSS Security
Todd Humphreys, UT Austin
Civil Navigation and Timing Security Splinter Meeting |Portland, Oregon | September 23, 2010
Civil GPS Spoofing Testbed at UT Austin
Data bit latency defense Phase trauma monitoring Dual-frequency tracking
Spoofer
Defender
Thoughts on the Way Forward for Civil GNSS Authentication More signals means more inherent security, but probably insufficient
Some civil cryptographic authentication scheme is likely required “Signal definition inertia is enormous” – Tom Stansell Navigation message authentication (NMA) appears to be best, practical
option (advocated by Logan Scott in 2003, others since) Goal of cryptographic authentication: force adversary to use directional
antennas in a replay attack Preliminary evaluation of NMA for L2C suggests optimism, but strategy
is not water-tight Cryptography is the easy part
Hard Part: Defend Against Security Code Replay Attack
>500 MHz FPGAs enablenear-zero-delay replay attack Soft W-bit
Estimation Hard W-bit Estimation
Spoofing Detection as a Hypothesis Testing Problem (Soft W Estimation)
Spoofing detection depends critically on good estimates of nominal (C/No)s and (C/No)r
Final Observations Must defend against following spoofing strategy: (1)
soften up target with low-grade jamming, (2) begin soft-estimate replay attack, (3) transition to hard-estimate replay attack
A J/N meter is indispensable in spoofing detection to eliminate the possibility that the receiver’s estimate of its own nominal C/No (in the absence of spoofing) has been altered
Solar radio bursts, unintentional/intentional jamming will tend to trigger spoofing alarms
Spoofing detection is challenging for dynamic platforms because of the volatility in the nominal C/No