A Satellite-Based Two-Way Ranging Protocol for GNSS Positioning Authentication and Time Transfer

This paper describes an innovative two-way ranging protocol for position authentication and secure time transfer. In positioning mode, the system exploits the integration of multiple two-way ranging measurements, generated using satellites sparse in different directions. By intersecting the ellipsoids associated to all the two-way ranging measurements it is possible to derive a bounding area inside which the user is guaranteed to be located, hence limiting the positions that are compatible with a spoofing attack. In time transfer mode, a standard time transfer protocol such as NTP/NTS is used; in addition, a single two-way ranging measurement is compared with a geometrical bound on the Round Trip Time (RTT) to determine the acceptance of the computed time. This approach allows to constrain the maximum time error caused by an attacker. The proposed two-way ranging strategies are implemented in a Matlab simulator and the obtained simulation results are very promising. In positioning mode, the application availability is above 90%, false alarm and hazardous misdetection events are never observed. In time transfer mode, the availability is 100%, false alarm and hazardous misdetection events are never observed, allowing a secure time transfer with a maximum error of few milliseconds.