3

BBC News reports that a new study accuses Russia of massive GPS spoofing (see also this linked blog article). I am surprised that this is so easy¹, in particular since GPS originates as a military system. Couldn't such spoofing be quite simply prevented by signing each message with a private key? Has this been done and have those keys been stolen? Or is there some (fundamental?) reason why such a protection is not feasible for GNSS?

I would expect that if this were simple, it would be done. Why isn't it?

¹Russia is also able to pull off feats that are not easy, but I've been told that this particular one happens to be quite easy.

gerrit
  • 1,829
  • 1
  • 17
  • 26

2 Answers2

6

Ultimately, the answer is that there is no way of preventing jamming and fine spoofing in GPS or a GPS-like system due to the inherent principles of which it operates.

RF systems are always subject to jamming. You can make it more difficult, as modernized GPS does with error correction, higher powers, and multiple frequencies. But you can always overwhelm a receiver with a huge signal.

Encryption in the military code does prevent gross spoofing, where contents of the message are modified. However, it is fundamentally impossible to prevent all spoofing in a 1-way broadcast system.

GPS operates by measuring the relative delay between the signals transmitted by multiple satellites. There is no way to guarantee whether a delay was real, caused by the travel of the signal in space, or if the signal was artificially delayed, say by recording the signals and playing it back slightly later.

Environmental effects, namely the ionosphere and reflections between buildings, naturally do this for us and are major sources of GPS error.

To summarize, there is no way of authenticating a variable time delay by cryptographic means in a 1-way system.

user71659
  • 277
  • 2
  • 7
  • I understand that the positioning is based on a time delay. But what's in a package? "I'm satellite x at position y at time z"? Why can't that particular package be signed in a 1-way broadcast system? When someone publishes software with a GPG signature, is not that also 1-way broadcast? – gerrit Apr 02 '19 at 19:11
  • He's saying even if you sign it, the physical properties of radio waves allow attackers to throw the receivers off. @gerrit – Vit Apr 02 '19 at 19:19
  • 2
    @gerrit Because fundamentally GPS works by the receiver knowing that it received that message at time z+delta t. The navigation information is fundamentally delta t, not z. Delta t can’t be signed like z is. – user71659 Apr 02 '19 at 19:46
0

Military GPS is encrypted, however that won't stop all attacks. Encrypted signals can still be overpowered, by stronger signals sent by attacker.

Combating that is done with new antennas and sensors, but most of that is in the testing phase now. http://mil-embedded.com/articles/securing-military-gps-spoofing-jamming-vulnerabilities/

Vit
  • 188
  • 3