This paper focuses on Navigation Message Authentication (NMA) for GNSS, a message-level authentication capability that aims at providing assurance of authenticity and cryptographic integrity of the navigation message. In designing a NMA scheme, there is an inevitable trade-off among security, resources (e.g. bandwidth and computational power), and performance (e.g. time to authentication of navigation message and authentication error rate). Other requirements may come from the channel dissemination performance (especially in harsh environments) and the complexity of key management. In this paper, we propose a novel NMA scheme that attempts to amortize the resources typically required for digital signatures by using a one-way chain of authentication tags of the message itself, rather than a chain of delayed keys as in TESLA based proposals. We show that this new paradigm in chaining implementation can offer significant improvements to NMA in terms of flexibility, security and performance. Indeed, all such metrics will be evaluated, compared with alternative proposals and discussed.
A Novel Navigation Message Authentication Scheme for GNSS Open Service
CAPARRA, GIANLUCA;STURARO, SILVIA;LAURENTI, NICOLA;
2016
Abstract
This paper focuses on Navigation Message Authentication (NMA) for GNSS, a message-level authentication capability that aims at providing assurance of authenticity and cryptographic integrity of the navigation message. In designing a NMA scheme, there is an inevitable trade-off among security, resources (e.g. bandwidth and computational power), and performance (e.g. time to authentication of navigation message and authentication error rate). Other requirements may come from the channel dissemination performance (especially in harsh environments) and the complexity of key management. In this paper, we propose a novel NMA scheme that attempts to amortize the resources typically required for digital signatures by using a one-way chain of authentication tags of the message itself, rather than a chain of delayed keys as in TESLA based proposals. We show that this new paradigm in chaining implementation can offer significant improvements to NMA in terms of flexibility, security and performance. Indeed, all such metrics will be evaluated, compared with alternative proposals and discussed.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.