gnss
GNSS (Global Navigation Satellite System) is a satellite system that is used to pinpoint the geographic location of a user’s receiver anywhere in the world. Four GNSS systems are currently in operation: the United States’ Global Positioning System (GPS), the Russian Federation’s Global Orbiting Navigation Satellite System (GLONASS), China’s BeiDou Navigation Service System (fully operational in 2020) and Europe’s Galileo. Each of the GNSS systems employs a constellation of orbiting satellites working in conjunction with a network of ground stations.
GNSS(全球导航卫星系统)是一种卫星系统,用于查明用户接收器在世界任何地方的地理位置。 目前有四个GNSS系统正在运行:美国的全球定位系统(GPS),俄罗斯联邦的全球轨道导航卫星系统(GLONASS),中国的北斗导航服务系统(将于2020年全面运行)和欧洲的伽利略。 每个GNSS系统都采用与地面站网络协同工作的轨道卫星星座。
Satellite-based navigation systems use a version of triangulation to locate the user, through calculations involving information from a number of satellites. Each satellite transmits coded signals at precise intervals. The receiver converts signal information into position, velocity, and time estimates. Using this information, any receiver on or near the earth’s surface can calculate the exact position of the transmitting satellite and the distance (from the transmission time delay) between it and the receiver. Coordinating current signal data from four or more satellites enables the receiver to determine its position.
基于卫星的导航系统使用三角测量版本,通过涉及来自许多卫星信息的计算来定位用户。 每颗卫星都以精确的间隔发送编码信号。 接收器将信号信息转换为位置,速度和时间估计。 使用此信息,地球表面上或附近的任何接收器都可以计算出发射卫星的确切位置以及它与接收器之间的距离(根据发射时间延迟)。 协调来自四个或更多卫星的当前信号数据,使接收机能够确定其位置。
The performance of GNSS is assessed using four criteria:
GNSS的性能使用以下四个标准进行评估:
GLONASS satellite GLONASS卫星Accuracy: the difference between a receiver’s measured and real position, speed or time;
精度 :接收机的测量值与实际位置,速度或时间之间的差;
Integrity: a system’s capacity to provide a threshold of confidence and, in the event of an anomaly in the positioning data, an alarm;
完整性 :系统提供置信度阈值的能力,以及在定位数据异常的情况下提供警报的能力;
Continuity: a system’s ability to function without interruption;
连续性 :系统正常运行的能力;
Availability: the percentage of time a signal fulfils the above accuracy, integrity and continuity criteria.
可用性 :信号达到上述准确性,完整性和连续性标准的时间百分比。
Each satellite system is positioned in a specific orbit around earth:
每个卫星系统都位于围绕地球的特定轨道中:
GNSS earth orbits GNSS地球轨道Galileo is Europe’s Global Navigation Satellite System (GNSS), providing improved positioning and timing information with significant positive implications for many European services and users. For example:
伽利略(Galileo)是欧洲的全球导航卫星系统(GNSS),它提供了改进的定位和定时信息,对许多欧洲服务和用户产生了积极的影响。 例如:
Galileo allows users to know their exact position with greater precision than what is offered by other available systems.
与其他可用系统相比,Galileo允许用户更精确地知道其确切位置。
Galileo satellite 伽利略卫星The products that people use every day, from the navigation device in your car to a mobile phone, benefit from the increased accuracy that Galileo provides.
从汽车中的导航设备到手机,人们每天使用的产品都受益于Galileo提供的更高的准确性。
Critical, emergency response-services benefit from Galileo.
重要的紧急响应服务受益于Galileo。
Galileo’s services will make Europe’s roads and railways safer and more efficient.
伽利略的服务将使欧洲的公路和铁路更安全,更高效。
It boosts European innovation, contributing to the creation of many new products and services, creating jobs and allowing Europe to own a greater share of the EUR 175 billion global GNSS market.
它促进了欧洲的创新,为创建许多新产品和服务做出了贡献,创造了就业机会,并使欧洲在1750亿欧元的全球GNSS市场中占有更大的份额。
The complete Galileo constellation will comprise satellites spread evenly around three orbital planes inclined at an angle of 56 degrees to the equator. Each satellite will take about 14 hours to orbit the Earth. One satellite in each plane will be a spare, on stand-by should any operational satellite fail.
完整的伽利略星座将包括围绕三个与赤道成56度角倾斜的轨道平面均匀分布的卫星。 每颗卫星将绕地球运行约14个小时。 如果任何运行中的卫星发生故障,每架飞机中的一颗卫星将处于备用状态。
From most locations, six to eight satellites will always be visible, allowing positions and timing to be determined very accurately to within a few centimeters. Interoperability with the US system of GPS satellites will only increase the reliability of Galileo services.
在大多数位置,将始终可见六到八颗卫星,从而可以在几厘米之内非常精确地确定位置和时间。 与美国GPS卫星系统的互操作性只会提高伽利略服务的可靠性。
During the past two decades, global navigation satellite systems (GNSS) have become an integral part of many critical infrastructures, including energy transmission and distribution, telecommunications, financial services, and transportation. An ever-growing dependence on GNSS inevitably creates incentives for adversaries to target GNSS with the intention of causing damage and disruption or to obtain an illegitimate advantage.
在过去的二十年中,全球导航卫星系统(GNSS)已成为许多关键基础设施不可或缺的一部分,其中包括能源传输和分配,电信,金融服务和运输。 对GNSS的日益增长的依赖不可避免地激发了攻击者以GNSS为目标的意图,从而造成破坏和破坏或获得非法利益。
Improving the resiliency of navigation and timing can potentially be achieved through a combination of system and user-level techniques, providing protection of both navigation message and ranging level. The focus is on protection of the navigation message and various schemes for providing assurance of its authenticity and cryptographic integrity. This is commonly referred to as navigation message authentication (NMA).
可以通过结合系统和用户级别的技术来提高导航和授时的弹性,从而同时保护导航消息和测距级别。 重点是保护导航消息和各种方案,以确保其真实性和加密完整性。 这通常称为导航消息身份验证(NMA) 。
From here, we will describe more deeply the concept of navigation message encryption.
从这里,我们将更深入地描述导航消息加密的概念。
Message authentication has been referred to as the “second face” of cryptology, and it uses many of the same tools and techniques as the more well-known first face of cryptology: cryptography, or data secrecy. In message authentication, the sender uses a secret key to generate an authentication signature from the original message. Both message and signature are then transmitted to the receiver, which uses a key (potentially different to that used by the transmitter) to verify that the message and authentication signature correspond.
消息身份验证已被称为密码学的“第二面”,它使用与更广为人知的密码学第一面相同的工具和技术:密码学或数据保密性。 在消息身份验证中,发件人使用密钥从原始消息生成身份验证签名。 然后,消息和签名都被发送到接收器,后者使用密钥(可能与发送器使用的密钥不同)来验证消息和认证签名是否对应。
When the received message is authenticated the receiver can conclude that:
接收到的消息通过身份验证后,接收者可以得出以下结论:
The transmitted and received message is the same
发送和接收的消息是相同的
Only someone with access to the transmitter’s secret key could have generated the authentication message
只有有权访问发送方密钥的人才能生成身份验证消息
There are two different ways to generate authentication signatures:
有两种不同的方式来生成认证签名:
Using symmetric key techniques in which both transmitter and receiver share a secret key
使用对称密钥技术,其中发送方和接收方都共享一个秘密密钥
Using asymmetric key techniques in which the secret key is split into two parts, a “private” key, known only to the transmitter, and a public key which can be distributed publicly. The private key is used to generate the authentication message, while the public key is used in the verification step.
使用非对称密钥技术,其中将秘密密钥分为两部分,一个只有发送方才知道的“私有”密钥,以及一个可以公开分发的公共密钥。 私钥用于生成身份验证消息,而公钥用于验证步骤。
For example, GPS is using Asymmetric NMA, but Galileo uses a combination of Asymmetric and Symmetric keys.
例如,GPS使用非对称NMA,但伽利略使用非对称和对称密钥的组合。
The proposal for Galileo Open Service Navigation Message Authentication (OSNMA) differs from Chimera in that it is based on a hybrid symmetric/ asymmetric key approach known as the Timed Efficient Streamed Loss-Tolerant Authentication (TESLA) scheme.
Galileo开放服务导航消息身份验证(OSNMA)的建议与Chimera的不同之处在于,它基于称为对称有效流丢失容忍身份验证 (TESLA)方案的对称/非对称混合密钥方法。
TESLA addresses the issue of symmetric key distribution as follows. First, a Message Authentication Code (MAC) is generated using the message and the private key. Both the message and the MAC are transmitted and then, sometime later, the private key is broadcast. This delayed release mechanism should ensure that the key used to generate the MAC is not known until after the message and MAC are already received. However, this does not prevent a spoofer from simply generating their own messages, keys and MACs and broadcasting them in a manner compliant with the specifications.
TESLA如下解决对称密钥分配问题。 首先,使用消息和私钥生成消息验证码(MAC)。 消息和MAC都被发送,然后,一段时间后,广播私钥。 此延迟释放机制应确保在已经接收到消息和MAC之后才知道用于生成MAC的密钥。 但是,这不能防止欺骗者简单地生成自己的消息,密钥和MAC并以符合规范的方式进行广播。
To address this latter issue, TESLA uses the concept of a chain of keys. An initial key K0 is randomly selected. Each subsequent key in the chain Ki+1 is generated from the previous key Ki using a one way function: Ki+1 = f(Ki). A one way function is a mathematical transformation that is easy to compute but very difficult to invert. Thus, given Ki it is easy to compute Ki+1, but given Ki+1 it is computationally infeasible to establish Ki.
为了解决后一个问题,TESLA使用了密钥链的概念。 初始密钥K0是随机选择的。 使用单向函数从前一个密钥Ki生成链Ki + 1中的每个后续密钥:Ki + 1 = f(Ki)。 单向函数是一种数学变换,易于计算,但很难求逆。 因此,给定Ki易于计算Ki + 1,但给定Ki + 1则在计算上建立Ki并不可行。
TESLA key chain TESLA钥匙扣In TESLA the system generates a chain of length N, then transmits the Nth key (called the root key) along with a digital signature generated using a standard asymmetric scheme, such as ECDSA. The chain keys are then used in reverse order to generate the MACs. Knowing the one-way function, the receiver can verify that each chain key is from the same chain as the digitally signed root key, but cannot predict “future” chain keys.
在TESLA中,系统生成长度为N的链,然后传输第N个密钥(称为根密钥)以及使用标准非对称方案(例如ECDSA)生成的数字签名。 然后以相反的顺序使用链密钥来生成MAC。 知道单向功能后,接收器可以验证每个链密钥与数字签名的根密钥来自同一链,但无法预测“未来”链密钥。
Once a TESLA chain has been established by asymmetric cryptographic means, the satellites begin transmitting messages, MACs and keys using the delayed release mechanism. The receiver extracts the messages and MACs and stores them until the key is received. The key is first checked to ensure that it is part of the TESLA chain in force using the known one way function. If the key passes this test, it is then used to verify that the MAC and the message correspond.
一旦通过非对称密码手段建立了TESLA链,卫星便开始使用延迟释放机制来发送消息,MAC和密钥。 接收者提取消息和MAC并存储它们,直到收到密钥为止。 首先使用已知的单向功能对密钥进行检查,以确保它是有效的TESLA链的一部分。 如果密钥通过了此测试,则将其用于验证MAC和消息是否对应。
There is one absolutely critical assumption that must be made for the TESLA-based scheme to work: the receiver must have an authenticated time synchronization that is at least better than the key delay.
为了使基于TESLA的方案起作用,必须做出一个绝对关键的假设: 接收器必须具有经过验证的时间同步,至少比密钥延迟好。
Without this assurance, the receiver cannot be certain that the navigation message has not been generated by a spoofer that has already received the perfectly valid signing key from a live satellite signal.
如果没有这种保证,接收者将无法确定导航消息不是由已经从实时卫星信号中收到完全有效的签名密钥的欺骗者生成的。
Global I/NAV structure 全局I / NAV结构The OSNMA field is delivered every two seconds of the Galileo E1b I/NAV (a specific frequency) message.
OSNMA字段每两秒钟发送一次Galileo E1b I / NAV(特定频率)消息。
The data are grouped into subframes of 30 seconds duration, and each MAC is only 10 to 32 bits in length, while key sizes range from 80 to 256 bits.
数据被分组为30秒持续时间的子帧,每个MAC的长度仅为10到32位,而密钥大小则在80到256位之间。
The E1-B frequency nominal page structure E1-B频率标称页面结构Example of a single E1-B word nominal page structure with the OSNMA field highlighted.
突出显示OSNMA字段的单个E1-B单词标称页面结构的示例。
Full I/NAV structure in time 及时的完整I / NAV结构The figure above presents the Galileo E1-B I/NAV message structure and highlights the position of the OSNMA field (named as “Res”) within a 30-second subframe
上图显示了Galileo E1-B I / NAV消息结构,并突出显示了30秒子帧中OSNMA字段(称为“ Res”)的位置
The Galileo program is studying the provision of an open navigation message authentication (NMA) service in the years to come, in order to contribute to the mitigation of GNSS vulnerabilities and provide a differentiator with respect to other GNSS. Different applications could benefit from NMA to protect against certain spoofing attacks, used in isolation or in conjunction with inertial sensors, trusted clocks, or antenna arrays.
伽利略计划正在研究未来几年提供的开放式导航消息认证(NMA)服务,以帮助减轻GNSS漏洞并提供与其他GNSS的区别。 NMA可以保护不同的应用程序免受某些欺骗攻击的侵害,这些攻击可以隔离使用,也可以与惯性传感器,受信任的时钟或天线阵列结合使用。
This article presents a global introduction of NMA for the Galileo Open Service. It is based on the standard TESLA protocol modified in order to use a single chain of keys for all satellites, to increase robustness to data loss.
本文介绍了针对Galileo开放服务的NMA的全球介绍。 它基于修改后的标准TESLA协议,以便对所有卫星使用单个密钥链,以提高数据丢失的鲁棒性。
Based on the presented results, and notwithstanding any improvements that may be incorporated in the future, we can conclude that Galileo, through its I/NAV E1-B signal, can provide a highly available and robust NMA service.
根据呈现的结果,尽管将来可能会进行任何改进,我们可以得出结论,伽利略通过其I / NAV E1-B信号,可以提供高度可用且强大的NMA服务。
翻译自: https://medium.com/@pierrelaurent.cristille67/the-galileo-gnss-messages-authentication-process-a6ac51b8757a
gnss
相关资源:B5.159 软件定义的GPS和伽利略接收机_12176433.pdf