TrustCNAV: Certificateless aggregate authentication of civil navigation messages in GNSS

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2024-10-26 DOI:10.1016/j.cose.2024.104172

Zhijun Wu , Yun Bai , Yuan Zhang , Liang Liu , Meng Yue

{"title":"TrustCNAV: Certificateless aggregate authentication of civil navigation messages in GNSS","authors":"Zhijun Wu , Yun Bai , Yuan Zhang , Liang Liu , Meng Yue","doi":"10.1016/j.cose.2024.104172","DOIUrl":null,"url":null,"abstract":"<div><div>The Global Navigation Satellite System (GNSS) is capable of accurate positioning because it can provide high-precision data. These data are transmitted to the receiver in the form of navigation messages, called civil navigation messages (CNAV). As it is transmitted in an open, transparent environment without data integrity protection mechanisms and secure data transmission measures, the CNAV is suspected to spoofing attacks. In 2023, the OPSGROUP has received approximately 50 reports of GPS spoofing activity. A spoofed plane's navigation system will show it as being in a different place - a security risk if a jet is guided to fly into a hostile country's airspace. To prevent the forging of GNSS positioning data by spoofing attacks targeting CNAV, we propose a certificateless aggregation authentication for CNAV by using the elliptic curve discrete logarithm problem and the combination of the GNAV structural characteristics, called TrustCNAV. Security proof and performance analysis indicate that this authentication scheme can resist spoofing attacks and ensure data security of CNAV, also it avoids pairing operations with high computational complexity, thus meeting security requirements without causing too much time and communication consumption.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004772","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The Global Navigation Satellite System (GNSS) is capable of accurate positioning because it can provide high-precision data. These data are transmitted to the receiver in the form of navigation messages, called civil navigation messages (CNAV). As it is transmitted in an open, transparent environment without data integrity protection mechanisms and secure data transmission measures, the CNAV is suspected to spoofing attacks. In 2023, the OPSGROUP has received approximately 50 reports of GPS spoofing activity. A spoofed plane's navigation system will show it as being in a different place - a security risk if a jet is guided to fly into a hostile country's airspace. To prevent the forging of GNSS positioning data by spoofing attacks targeting CNAV, we propose a certificateless aggregation authentication for CNAV by using the elliptic curve discrete logarithm problem and the combination of the GNAV structural characteristics, called TrustCNAV. Security proof and performance analysis indicate that this authentication scheme can resist spoofing attacks and ensure data security of CNAV, also it avoids pairing operations with high computational complexity, thus meeting security requirements without causing too much time and communication consumption.

查看原文本刊更多论文

TrustCNAV：GNSS 中民用导航信息的无证书聚合认证

全球导航卫星系统（GNSS）能够提供高精度数据，因此能够进行精确定位。这些数据以导航信息的形式传输给接收器，称为民用导航信息（CNAV）。由于是在开放、透明的环境中传输，没有数据完整性保护机制和安全数据传输措施，CNAV 容易受到欺骗攻击。2023 年，OPSGROUP 共收到约 50 起 GPS 欺骗活动报告。被欺骗飞机的导航系统会显示它在不同的地方--如果飞机被引导飞入敌对国家的领空，就会有安全风险。为了防止针对 CNAV 的欺骗攻击伪造 GNSS 定位数据，我们提出了一种通过使用椭圆曲线离散对数问题并结合 GNAV 结构特征的 CNAV 无证书聚合认证方法，称为 TrustCNAV。安全证明和性能分析表明，该认证方案可以抵御欺骗攻击，确保 CNAV 的数据安全，同时避免了计算复杂度较高的配对操作，既满足了安全要求，又不会造成过多的时间和通信消耗。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.