160 likes | 305 Vues
Oscar Pozzobon Chris Wullems Prof. Kurt Kubik. Security issues in next generation satellite systems. 14/03/2005 CGSIC Meeting, Prague, Czech Republic. Introduction. GPS security issues today GNSS security issues in integration scenarios Need for trust quantification methods for civil uses
E N D
Oscar Pozzobon Chris Wullems Prof. Kurt Kubik Security issues in next generation satellite systems 14/03/2005 CGSIC Meeting, Prague, Czech Republic
Introduction • GPS security issues today • GNSS security issues in integration scenarios • Need for trust quantification methods for civil uses • Levels of security obtainable using proposed signal authentication methods • Level of protection • Performance
Qascom Background • R&D on trusted locations systems • R&D on trusted GNSS receivers • NavSec Consortium • Vulnerability assessment of critical infrastructures that rely on GNSS
GNSS Security Policy • June 2004, US-Europe Agreement on GNSS Cooperation and Security • December 8, presidential policy on Space-Based Positioning, Navigation, and Time (PNT) • December 10, GPS and GLONASS cooperation • GLONASS-M : Russia and India launching and modernizing GLONASS.
Civil GNSS Security Today Integrity monitoring systems Non Intentional Intentional Jamming detection / mitigation / localization techniques Jamming Spoofing Signal authentication techniques
Future Civil GNSS Security Issues • Complexity of Integration with different signals and different security mechanisms (e.g. GPS + Galileo SoL) • Difficult for GPS user to quantify the total trust • Need for security metrics
Security Metrics • What security level is needed? • what security level can be achieved? Non intentional Integrity monitoring systems Intentional Jamming detection / Mitigation / localization techniques Jamming Spoofing Signal Authentication Techniques
Integrity / Authenticity Performance Requirements for Critical Application • Time-to-alarm for SoL Integrity (non-intentional effects) • Time-to-alarm for malicious attacks? (Spoofing) • 3 levels of security for GNSS: Level 2: SCE (Spreading Code Encryption) Level 1: NMA (Navigation Message Authentication) No Security
Source: The Galilei Project: GALILEO Design Consolidation, 2003 Level 1: NMA (Navigation Message Authentication) • What is NMA? • A Navigation Authentication Message include a digital signature authenticating the other navigation messages (ephemeris, almanac data, etc) • Certified receiver is able to authenticate verify integrity of NAV messages using signature. • Authentication NAV messages are created on the ground and transmitted to the satellites for broadcast.
Level 1: NMA (Navigation Message Authentication) • What does NMA protect against? • Protects against navigation message spoofing • Authenticates navigation messages (ephemeris, almanac data, etc) from satellites preventing a spoofer from generating navigation messages • Significantly increases complexity of spoofing • Messages could be theoretically acquired by a receiver and replayed over a simulated signal in order to spoof the Galileo signal - would require functionality not commonly found in commercial signal simulators, and would require operation to be performed within very small time window • Attack cost vs Attack outcome
Level 1: NMA (Navigation Message Authentication) • Performance of NMA • Time-to-alarm of authentication/integrity failure? • Depending on signal data rates and ANM repetition rate • GPS L2C – 25bps • Minimum Authentication time = 1,6 minutes with cert obtained in 5,6 minutes* • More realistic scenario = approx 5 minutes, longer cert collection time • Galileo E1-L1-E2 – 125bps / E5a – 25bps / E5b – 125bps • Potentially better performance (unknown NAV message structure / only projected data rates) • NMA performance characteristics may be outside time-to-alarm requirements • Suitable for dangerous goods tracking, but not for time-critical applications *Based on ECCDSA 160bit / CNAV message structure (ICD-GPS-200C) with 48 second frame message sequencing
Level 2: SCE (Spreading Code Encryption) • What is SCE? • CDMA code is kept secret and can only be derived using a symmetric key • Symmetric keys can be distributed using PKI and asymmetric encryption techniques • GPS P(Y) code uses declassified black keying infrastructure for key distribution
Level 2: SCE (Spreading Code Encryption) • What does it protect against? • Protects against signal spoofing and navigation data spoofing • Users without key are denied access; Spoofed signal acquisition is virtually impossible as CDMA code is unknown to an attacker • Time-to-alarm requirements of are easily met for both intentional and non-intentional integrity failures
Level 2: SCE (Spreading Code Encryption) • Proposed usage in Galileo • Commercial Service (CS) • Public Regulated Service (PRS) • Implementation is unknown – expected to be similar to US black-key infrastructure
Conclusions • Current civil GNSS security do not prevent spoofing • There is a need for signal authentication to prevent malicious attacks such as spoofing • It appears as though L2C will not provide NMA or SCE • Galileo proposals for SoL indicate NMA may be included • NMA alone may not provide the required performance for SoL time-to-alarm • CS and SoL provide different quality of service guarantees • Civil signal authentication is a challenge for next generation satellite systems • Need for metrics to quantify security of complex integrated systems
Oscar Pozzobon o.pozzobon@qascom.com Chris Wullems c.wullems@qascom.com Questions?