8

As far as I understand, receiving enough GPS signals at the same time enables to deduce the position and the time.

I guess it is possible to use an offline receiver as a very precise clock.

If so, is it possible to flood this offline receiver with fake signals to make it believe it's 12:00:01 when it's actually 12:00:00?

More specifically, is it possible to design a receiver that can't be attacked this way?

If GPS signals (or Galileo's) are cryptographically signed, it's easy to reject non-signed signals by saving the public key of the satellites beforehand.

Are the GPS signals cryptographically signed?

Edit: My question is not about the civilian signal being encrypted or not (meaning unreadable for people not having a secret key), but signed or not (meaning the authenticity of the signal being verifiable thanks to a public information: the public key of this satellite.)

JRE
  • 67,678
  • 8
  • 104
  • 179
Akita
  • 183
  • 5
  • 6
    No. https://en.wikipedia.org/wiki/Spoofing_attack#GPS_spoofing – Eugene Sh. Sep 06 '18 at 14:19
  • 1
    Only Military receivers use encrypted GPS signals. – Tony Stewart EE75 Sep 06 '18 at 14:23
  • Thank you both. And it remains true for Glonass, Galileo, etc? – Akita Sep 06 '18 at 14:26
  • Glonass provides both military and civilian use. Galileo only provides for civilian use. –  Sep 06 '18 at 14:37
  • 3
    If you need to design a precise clock, you would probably use a high quality frequency reference, and then use the GPS PPS signal to calibrate it over a long time. Such a system would be somewhat resistant to spoofing just because it uses a long time base. The attacker would have to maintain bogus GPS information for a long time. You could also add additional logic to try to detect bogus GPS information using whatever public information you can find (orbital parameters of the satellites are probably known). – user57037 Sep 06 '18 at 14:54
  • 3
    @mkeith ^ This is all true. I work on IEEE 1588 GM designs, and we have a very long averaging effect from each GPS update. And the onboard reference is good enough to discard timing values significantly outside the expected range. You would need to spoof bad timestamps that very slowly drift out of range, and keep it running for a very long time to have a meaningful time change. – Oliver Sep 06 '18 at 15:28
  • 1
    Just to add on (I also used to work on 1588 GM's as well) there are other methods available as well. Comparing to other constellations (e.g. does GPS and GLONASS both indicate the same time?) or using an antenna array to determine if the source of the GNSS signal is where the satellite is supposed to be are common mechanisms. – esilk Sep 06 '18 at 15:39

3 Answers3

14

GPS can be spoofed without decrypting or creating signals. Therefore, the system cannot be made secure by cryptographic signatures.

The conceptually simplest way to spoof is to erect a number of highly directional antennae and point each of those at a GPS satellite, such that it receives exclusively signals from that satellite. Then feed those signals through a bank of delay lines, mix them back together and use another directional antenna to send the result toward an enemy aircraft.

You can then sit in front of the delay lines and force arbitrary position errors upon the unsuspecting enemy. If you introduce a delay for the satellite that is south of your position, the enemy's receiver will consider itself further north than it actually is, about 30cm per nanosecond of delay.

Cryptography doesn't help you to detect or prevent those attacks, as the signals are only delayed but never changed. The only defense a receiver can mount is radio direction finding. If all satellites' signals come from the same direction, it's probably a spoofer. All modern military receiver employ this method, more sophisticated ones also crosscheck the directions of arrival against the known position of the satellites.

Rainer P.
  • 911
  • 5
  • 6
  • That's basically a replay attack, not spoofing. Spoofing requires fake information. – Passerby Sep 06 '18 at 18:03
  • 13
    It's a replay attack, but also spoofing. In GPS, delay is information. @Passerby – Rainer P. Sep 06 '18 at 18:42
  • Yes, but literal semantics means that is not a spoof. – Passerby Sep 06 '18 at 19:27
  • Thanks ! Two additional questions to answer even more precisely my question:. 1)Why can't I record all the signals, and when spotting 2 times the same signal, rely on the oldest rather than instead of the strongest? 2)An attacker can make me think it's 12:00 when it's actually 12:01. Can they do the opposite ? – Akita Sep 06 '18 at 20:29
  • 2
    @Akita - Even if you record all signals as suggested, an attacker can still employ a _carry-off attack_, where he first broadcasts the false signal in sync with the real one, then gradually increases power, then increases noise power to jam the real signal but not the false one, and only then gradually increases delay to give false positioning data. You can't defend against that except by radio direction finding or other plausibility checks. – Rainer P. Sep 06 '18 at 20:42
  • @RainerP.. Roger that. :) What about my second question? Can he make me think we are in the future? If so would it still possible if the signal was signed? Then I'll validate your answer, you deserve it. :) – Akita Sep 06 '18 at 20:46
  • @Akita - If GPS was signed (it isn't), the attacker couldn't make you believe you were in the future. But this is entirely irrelevant, as you can get this service from an internet time server. The point is: GPS time is accurate to 10ns, but an attacker can destroy that accuracy and cryptography can't prevent it. – Rainer P. Sep 06 '18 at 21:00
3

The last generation of Galileo systems use cryptographic authentication of geolocation transmissions, called navigation message authentication or NMA. GPS is also in progress of implementing their own NMA system. But there are limitations to these systems. Here's a more detailed look into NMA.

Galileo's implementation, called OSNMA, uses symmetric MAC -- with the MAC key also being broadcast -- making it possible to forge alternate contents for a message after it has been received from the real satellite. The GPS implementation, called Chimera, is under development with the L1C signal specification -- which is planned to be fully available in late 2020s. In this scheme, digital signatures are transmitted at most once every 3 minutes.

Crucially, it seems there is nothing to prevent an attacker from intercepting real navigation messages and re-transmitting them with a carefully chosen delay to give a particular receiver a different understanding of its location. If an attacker was able to cut off a receiver from real navigation messages entirely and make it listen to just retransmitted ones, it's still possible to credibly mess with someone's location (e.g. a man-in-the-middle attack).

How effective attacks are will also depend on how GNSS receivers are implemented and how they will deal with conflicting data. For better accuracy, consumer receivers listen to signals from all systems, including GLONASS and BeiDou. If they receive authentic messages from just a few Galileo satellites and lots of spoofed (unverifiable) messages from other systems -- are they going to reject the unverifiable messages? I suspect not.

intgr
  • 131
  • 4
  • 1
    I think L1C is not yet being broadcast, so Chimera is not used. I don't think it will be supported before 2030, if ever. – jinawee Apr 14 '23 at 10:03
  • 1
    @jinawee Thanks, I did not know. That was a pretty big mistake. I will update my answer. – intgr Apr 14 '23 at 10:09
2

So I guess it is possible to use an offline receiver as a very precise clock?

Yes, you can use the GPS PPS (pulse per second) signal available on most every receiver to sync up your clock an maintain better time accuracy.

If so, is it possible to flood this offline receiver with fake signals to make it believe it's 12:00:01 when it's actually 12:00:00? Or more specifically, is it possible to design a receiver who can't be attacked this way?

No, if someone spoofs a GPS satellite signal (which is really sophisticated kind of attack) then you are at the mercy of that signal. You could possibly work to build a system that could detect spoofing.

If GPS signals (or Galileo's, ...) are cryptographically signed, it's easy to reject non-signed signals by saving the public key of the satellites beforehand. But are the GPS signals cryptographically signed?

With GPS, there are two codes, and depending on which receiver you have access to (unless you're military, you're probably not going to get access to p-codes). These determine the accuracy, but so does the receiver, so I would worry about what receiver your using and not how the signals are getting to it because that is what determines the accuracy. There is no 'cryptographic signing' of the signal and it can be spoofed.

There are two codes that are used:

C/A code: The C/A code on the GPS signal is the one used for general or Civilian Access. This code is transmitted at 10.23 million chips per second, Mcps.

P code: The P code is the precision code that can only be accessed by the US military. The P code transmits at a rate of 10.23 Mcps. Source: https://www.radio-electronics.com/info/satellite/gps/signals.php

The accuracy of the PPS signal is also determined by the receiver, and how it generates this signal from the GPS data.

winny
  • 13,064
  • 6
  • 46
  • 63
Voltage Spike
  • 75,799
  • 36
  • 80
  • 208
  • 1
    GPS spoofing is _not_ a sophisticated attack. You can very easily spoof the GPS signal at home with [open source software and SDR boards](https://wiki.myriadrf.org/GPS_Simulation). Related to the fact that it is impossible to cryptographically sign the C/A signal, because information is in the carrier phase, it is possible to get information from the P/Y signal without knowing the key. This is called "codeless tracking" and is used in advanced survey-grade receivers, and is [officially supported by the US Government](https://www.gps.gov/technical/codeless/). – user71659 Sep 06 '18 at 17:28
  • It is if you want to do it for several satellites, and make the target receiver think that it is in a different location – Voltage Spike Sep 06 '18 at 17:29
  • 1
    Did you not read the link? The user made his smartphone think he was in the Maldives with a single open-source SDR board. – user71659 Sep 06 '18 at 17:31
  • Oh, never mind it is easier than thought. Editing... – Voltage Spike Sep 06 '18 at 17:32