Distance-decreasing attack in GPS

Final Presentation

Horacio Arze

Prof. Jean-Pierre Hubaux

Assistant: Marcin Poturalski

January 2009

Security and Cooperation in Wireless Networks

2Secowinet 2009/2010

Outline

• GNSS

• Threat model

• Distance-decreasing attack

• Performance

• Discussion

• Conclusion

3Secowinet 2009/2010

INTRO

GNSS

Global Navigation Satellite Systems

• Road toll collection

• Position-based insurance

• Air traffic control

• Resource access controlSecurity sensitive

applications

GPS

GLONASS

Compass

Galieleo

GPS

GLONASS

Compass

Galileo

4Secowinet 2009/2010

Security in GNSS

• Integrity

• Authentication

• Privacy

SPOOFING

5Secowinet 2009/2010

GNSS

11),( StSloc

1Vt

1

1St

ctttVlocSloc SVV 1111 )()(

cttt SVV 2222Vt

2

2St

3Vt

3

3St

4Vt

4

4St

VV ttTimeGlobal

6Secowinet 2009/2010

Spoofing

11),( StSloc

1'Vt 22 ),( StSloc2'Vt

Attack actually implemented by O’Hanlon et al. at Cornell Univ.

Software-defined receiver/spoofer

Cost :1500$

O’ Hanlon, B. et al., January 1 2009, Assessing the Spoofing Threat, GPS World, http://www.gpsworld.com/defense/security-surveillance/assessing-spoofing-threat-3171

7Secowinet 2009/2010

Solutions

• Signal Authentication through Spread Spectrum Security Codes (SSSC)

• Signal Authentication through Spreading Code Encryption (SCE)

• Non cryptographic methods• Navigation Message Encryption• Navigation Message Authentication

– Digital signature included in the messages– Public/private key pairs for each satellite

O. Pozzobon et al. 2004, Secure Tracking using Trusted GNSS Receivers and Galileo Authentication Services, Journal of Global Positioning Systems, Vol. 3, No. 1-2: 200-207.

G.W. Hein and F. Kneissl, September/October 2007, Authenticating GNSS Proofs Against Spoofs, InsideGNS.

8Secowinet 2009/2010

Relay attack

111 ,),( dstSloc S

1'Vt

222 ,),( dstSloc S

2'Vt

G.W. Hein and F. Kneissl, September/October 2007, Authenticating GNSS Proofs Against Spoofs, InsideGNS.

The relay retransmits the messages bit by bit introducing a certain delay for each message of Si

Relay

9Secowinet 2009/2010

Mistaken GNSS

cttt SVV 111

12

1

2

1Vt

cttt SVV 222

VV ttTimeGlobal

Clock Offset Test

Papadimitatos, P., Jovanovic, A., Global Navigation Satellite Systems (GNSS) - Attacks and Countermeasures, in IEEE Military Communications Conference (IEEE MILCOM), p. 1-7

2Vt

10Secowinet 2009/2010

DD-attack

• Distance-decreasing attacks proposed by Clulow et al. in 2006 in the context of distance bounding protocols.

• Same configuration that the relay attack.

• “Reduce” the actual propagation delay.

J. Clulow, G. P. Hancke, M. G. Kuhn, and T. Moore So near and yet so far: Distance-bounding attacks in wireless networks. , In ESAS, 2006.

11Secowinet 2009/2010

DD-attack

bit

bit

TLC

Trelay

Trelay

Satellite

Relay Rx

Relay Tx

GPS

time

bitTED

bit

Tb

dist

ance

12Secowinet 2009/2010

Early detection

• Know the value of the bit, before the bit is completely transmitted.

bit Satellite

Relay RxbitTED

Tb

13Secowinet 2009/2010

Late commit

• Start transmitting something (e.g. noise)

• Then, transmit something else so the receiver still decode the bit correctly.

bitTLC Relay Tx

GPSbit

14Secowinet 2009/2010

DD-attack

GPS

bit

bit

TLC

Trelay

Trelay

Satellite

Relay Rx

Relay Tx

time

bitTED

bit

Tb

dist

ance

15Secowinet 2009/2010

GPS Modulation (L1)

Bit sequence

Code

CDMA sequence

• DSSS Direct-sequence spread spectrum - CDMA• Data rate 50 bps• Sequence or Spreading code (Pseudorandom)

– Rate 1.023 MHz, period of 1023 chips• BPSK

16Secowinet 2009/2010

GPS Receiver

Down-converter

Antenna

A/DConverter

DigitalIF

X

X

CarrierReplica

COS

P

X

X

CodeGenerator

Q

IPS

QPS

PSIN

I IP

QP

Demodulation

bT

PSIM

b01 Mif

00 Mif

17Secowinet 2009/2010

ED and LC

• ED

• LC– First phase: Signal constant during TS but

average 0– Second phase: Signal corresponding to ED’s

result

EDT

PSIMCED TkT

18Secowinet 2009/2010

Performance

• Metric: BER estimated by theoretical Pe

– Pe probability of error per bit

• Parameters– C/N0 Carrier-to-noise Density

– TED

– Trelay

19Secowinet 2009/2010

DD-attack

bit

bit

TLC

Trelay

Trelay

Satellite

Relay Rx

Relay Tx

GPS

time

bitTED

bit

Tb

dist

ance

20Secowinet 2009/2010

Performance

• ED

b

LCbe T

TTN

CerfcP2

02

1

EDe TNCerfcP

02

1

• LC

• Normal Detector

be TNCerfcP

02

1

xt

t dtexerfc22

21Secowinet 2009/2010

BER for ED

22Secowinet 2009/2010

BER for LC

23Secowinet 2009/2010

DD-attack performance

LCeEDeLCeEDee PPPPP 2

TLC = 2ms

TLC = 4ms

TLC = 6ms

TLC = 8ms

TLC = 10ms

TLC = 12ms

TLC = 14ms

TLC = 16ms

TLC = 18ms

24Secowinet 2009/2010

Compact presentation

25Secowinet 2009/2010

Discussion

• Feasibility– O’Hanlon et al. device is a perfect platform for

DD-Attack– By increasing the Tx power of the relay, we

can achieve any performance.

– Trelay = 1ms => already 300Km in range error.

– Performance increased by bit prediction

26Secowinet 2009/2010

Discussion

• Countermeasures– Non cryptographic countermeasures

Inertial Tests, Doppler Shift, Angle of arrival– Clock Offset Test non effective!– Analysis of the samples at the receiver

• To be further developed

27Secowinet 2009/2010

Conclusion

• Distance-decreasing attack is feasible in GPS L1 carrier.

• A considerable error in position estimation can be introduced by with practically no lose of performance.

• DD-attacks are specific to coding and modulation scheme. Analysis for other signals to be done (e.g. GPS L2 and L5, Galileo L5).

• Designers of security sensitive devices must be warned about these kind of attacks.