Abstract: | Open Service Navigation Message Authentication (OSNMA) serves as a critical security mechanism for the Galileo global navigation satellite system. At the core of OSNMA is a Timed Efficient Stream Loss-tolerant Authentication (TESLA) scheme, which generates a tag for each navigation message using a secret key and later discloses the key to receivers for authenticating the message-tag pair. Despite its great effectiveness against spoofing attacks, OSNMA’s ability to resist replay attacks is questionable since the replayed signals containing authentic messages and tags may bypass the authentication under certain circumstances. This paper, for the first time, reveals two serious vulnerabilities of OSNMA: time synchronization (TS) and non-continuous message authentication (NCMA). TS is a mandatory requirement that specifies that the difference between a receiver’s local reference time and the Galileo System Time (GST) extracted from Galileo signals does not exceed a given threshold. Exploiting this vulnerability, we propose a pre-startup replay (PreRep) attack, where Galileo signals are continuously recorded and replayed to a victim receiver before it starts up such that the TS requirement is satisfied and the receiver is locked to the replayed signals. NCMA means that OSNMA temporarily suspends the authentication process probably due to the reception of a broken message, tag or key, and restores the authentication after receiving a later-disclosed valid message-tag-key pair. Based on this vulnerability, we propose a post-startup replay (PosRep) attack, which conducts the replay attack after the victim receiver starts up such that the replayed signals break the currently receiving message-tag-key pair, deliberately suspending the authentication process, while subsequently-replayed signals can pass the authentication successfully as the message-tag-key pairs inside are valid. Finally, we conducted extensive experiments based on real-world OSNMA-integrated receivers and two software-defined radio (SDR) devices to demonstrate the feasibility of the proposed attacks. |
Published in: |
Proceedings of the 36th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2023) September 11 - 15, 2023 Hyatt Regency Denver Denver, Colorado |
Pages: | 3897 - 3907 |
Cite this article: | Wang, Haiyang, Zhang, Yuanyu, Shen, Yulong, Zhu, Jinxiao, Chen, Yin, Jiang, Xiaohong, "Novel Replay Attacks Against Galileo Open Service Navigation Message Authentication," Proceedings of the 36th International Technical Meeting of the Satellite Division of The Institute of Navigation (ION GNSS+ 2023), Denver, Colorado, September 2023, pp. 3897-3907. https://doi.org/10.33012/2023.19397 |
Full Paper: |
ION Members/Non-Members: 1 Download Credit
Sign In |