A Low-power Authentication Signal for Open Service Signals

This paper presents a special implementation of the spreading code authentication concept (SCA) based on a low-power signal for open services. During the last years, proposals presenting authentication concepts for satellite navigation signals have been investigated to prevent falsify transmission of GNSS like signals. Particularly on spreading code level, concepts like watermarking sequences or the supersonic codes have been elaborated to prevent manipulation of the position given by satellite navigation signals. The proposed authentication concept in this paper is based on a low-power signal (steganographic channel). The signal is transmitted from the satellite having 10-20 dBs lower power than the normal navigation signals and spreading code sequences, which at the time of reception are unknown to the receiver. Based on a joint implementation of navigation message authentication (NMA) and SCA, the receiver demodulates the signature required for the NMA concept and based on this generates the random sequences on which the spreading code of the low-power signal relies on. This implies that the receiver has to store samples of the low-power authentication signal until the spreading code sequence is revealed through the transmission of the NMA signature. The idea behind the steganographic channel is to have a further signal with lower power multiplexed with the legacy GNSS signals. This signal does not carry any information for navigation purposes but only sequences, which are randomly. It does not support acquisition and tracking. Adding such kind of signal on top of the legacy signals would allow the verification process of the later ones very easily. Since this signal has lower power, longer integration times are needed to confirm its existence. A receiver already locked into the nominal navigation signal has to exploit the code and carrier tracking information to verify the presence of the low-power signal. The authentication signal is not tracked. Moreover, based on the correct tracking of the nominal signal, the down-conversion and despreading of the secret signal is ensured. As soon as the secret spreading code is generated, the receiver despreads the carrier wiped-off samples of the authentication signal and verifies its presence. The paper illustrates the applicability of the method on current GNSS signals and under various attack scenarios. Furthermore, emphasis is given to the detection process including the distinction of spoofing and multipath signals.