Authentication and Integrity Protection at Data and Physical layer for Critical Infrastructures

This thesis examines the authentication and the data integrity services in two prominent emerging contexts such as Global Navigation Satellite Systems (GNSS) and the Internet of Things (IoT), analyzing various techniques proposed in the literature and proposing novel methods. GNSS, among which Global Positioning System (GPS) is the most widely used, provide affordable access to accurate positioning and timing with global coverage. There are several motivations to attack GNSS: from personal privacy reasons, to disrupting critical infrastructures for terrorist purposes. The generation and transmission of spoofing signals either for research purpose or for actually mounting attacks has become easier in recent years with the increase of the computational power and with the availability on the market of Software Defined Radios (SDRs), general purpose radio devices that can be programmed to both receive and transmit RF signals. In this thesis a security analysis of the main currently proposed data and signal level authentication mechanisms for GNSS is performed. A novel GNSS data level authentication scheme, SigAm, that combines the security of asymmetric cryptographic primitives with the performance of hash functions or symmetric key cryptographic primitives is proposed. Moreover, a generalization of GNSS signal layer security code estimation attacks and defenses is provided, improving their performance, and an autonomous anti-spoofing technique that exploits semi-codeless tracking techniques is introduced. Finally, physical layer authentication techniques for IoT are discussed, providing a trade-off between the performance of the authentication protocol and energy expenditure of the authentication process

Satellite-Based Communications Security: A Survey of Threats, Solutions, and Research Challenges

Satellite-based Communication systems are gaining renewed momentum in Industry and Academia, thanks to innovative services introduced by leading tech companies and the promising impact they can deliver towards the global connectivity objective tackled by early 6G initiatives. On the one hand, the emergence of new manufacturing processes and radio technologies promises to reduce service costs while guaranteeing outstanding communication latency, available bandwidth, flexibility, and coverage range. On the other hand, cybersecurity techniques and solutions applied in SATCOM links should be updated to reflect the substantial advancements in attacker capabilities characterizing the last two decades. However, business urgency and opportunities are leading operators towards challenging system trade-offs, resulting in an increased attack surface and a general relaxation of the available security services. In this paper, we tackle the cited problems and present a comprehensive survey on the link-layer security threats, solutions, and challenges faced when deploying and operating SATCOM systems.Specifically, we classify the literature on security for SATCOM systems into two main branches, i.e., physical-layer security and cryptography schemes.Then, we further identify specific research domains for each of the identified branches, focusing on dedicated security issues, including, e.g., physical-layer confidentiality, anti-jamming schemes, anti-spoofing strategies, and quantum-based key distribution schemes. For each of the above domains, we highlight the most essential techniques, peculiarities, advantages, disadvantages, lessons learned, and future directions.Finally, we also identify emerging research topics whose additional investigation by Academia and Industry could further attract researchers and investors, ultimately unleashing the full potential behind ubiquitous satellite communications.Comment: 72 page

Authentication of GNSS signal by Information-theoretic security

In this work a new authentication protocol for global navigation satellite system (GNSS) signals is proposed. The protocol uses artificial noise to confuse the adversary and send an initially hidden verification message. Correctness is based on information-theoretic security and performances are evaluated in terms of secrecy capacityope

Reliable Location-Based Services from Radio Navigation Systems

Loran is a radio-based navigation system originally designed for naval applications. We show that Loran-C’s high-power and high repeatable accuracy are fantastic for security applications. First, we show how to derive a precise location tag—with a sensitivity of about 20 meters—that is difficult to project to an exact location. A device can use our location tag to block or allow certain actions, without knowing its precise location. To ensure that our tag is reproducible we make use of fuzzy extractors, a mechanism originally designed for biometric authentication. We build a fuzzy extractor specifically designed for radio-type errors and give experimental evidence to show its effectiveness. Second, we show that our location tag is difficult to predict from a distance. For example, an observer cannot predict the location tag inside a guarded data center from a few hundreds of meters away. As an application, consider a location-aware disk drive that will only work inside the data center. An attacker who steals the device and is capable of spoofing Loran-C signals, still cannot make the device work since he does not know what location tag to spoof. We provide experimental data supporting our unpredictability claim

Challenges of Implementing Automatic Dependent Surveillance Broadcast in the Nextgen Air Traffic Management System

The Federal Aviation Administration is in the process of replacing the current Air Traffic Management (ATM) system with a new system known as NextGen. Automatic Dependent Surveillance-Broadcast (ADS-B) is the aircraft surveillance protocol currently being introduced as a part of the NextGen system deployment. The evolution of ADS-B spans more than two decades, with development focused primarily on increasing the capacity of the Air Traffic Control (ATC) system and reducing operational costs. Security of the ADS-B communications network has not been a high priority, and the inherent lack of security measures in the ADS-B protocol has come under increasing scrutiny as the NextGen ADS-B implementation deadline draws near. The research conducted in this thesis summarizes the ADS-B security vulnerabilities that have been under recent study. Thereafter, we survey both the theoretical and practical efforts which have been conducted concerning these issues, and review possible security solutions. We create a classification of the ADS-B security solutions considered and provide a ranking of the potential solutions. Finally, we discuss the most compatible approaches available, given the constraints of the current ADS-B communications system and protocol

A key Management Scheme for Access Control to GNSS Services

Conditional access is a challenging problem in GNSS scenarios. Most key management schemes present in literature can not cope with all GNSS related issues, such as extremely low bandwidth, stateless receivers and the absence of an aiding channel. After assessing existing techniques, a novel key management scheme called RevHash has been devised with particular emphasis on guaranteeing revocation capabilities to the system, in order for it to be robust against anomalies and attacks

Modified Timed Efficient Stream Loss-tolerant Authentication to Secure Power Line Communication

This paper investigates the feasibility of Timed Efficient Stream Loss-tolerant Authentica- tion to serve security needs of Power Line Communication (PLC) system. PLC network has been identified as the ideal choice to function as the last mile network, deliver load management messages to smart meters. However, there is need to address the security concerns for load management messages delivered over power line communications. The ubiquitous nature of the power line communication infrastructure exposes load management systems (LMS) deployed over it to a security risk. Ordinarily, PLC network does not em- ploy any security measures on which the smart meters and data concentrators can depend on. Therefore, the need to provide a secure mechanism for communication of load man- agement system messages over a PLC network. In LMS, source authentication is of highest priority because we need to respond only to messages from an authenticated source. This is achieved by investigating suitable robust authentication protocols. In this paper we present modifications to Timed Efficient Stream Loss-tolerant Authentication for secure authentica- tion to secure messages for load management over PLC. We demonstrate that PLC can be used to securely and effectively deliver Load Management messages to smart meters, with minimal overhead.

A comprehensive proposal for securing terrestrial radionavigation systems

The security of terrestrial radionavigation systems (TRNS) has not yet been addressed in the literature. This proposal builds on what is known about securing global navigation satellite systems (GNSS) to address this gap, re-evaluating proposals for GNSS security in light of the distinctive properties of TRNS. TRNS of the type envisioned in this paper are currently in their infancy, unburdened by considerations of backwards compatibility: security for TRNS is a clean slate. This thesis argues that waveform- or signal-level security measures are irrelevant for TRNS, preventing neither spoofing nor unauthorized use of the service. Thus, only security measures which modify navigation message bits merit consideration. This thesis proposes orthogonal mechanisms combining navigation message encryption (NME) and navigation message authentication (NMA), constructed from standard cryptography primitives and specialized to TRNS: message encryption allows providers to offer tiered access to navigation parameters on a bit-by-bit basis, and message authentication disperses the bits of a message authentication code across all data packets, posing an additional challenge to spoofers. This cryptographic proposal, however, is still vulnerable to certain types of replay threats. This thesis addresses this gap by augmenting TRNS with autonomous signal-situational-awareness (SSA) capability, allowing TRNS operators to detect spoofing and meaconing attacks. Two signal authentication techniques for SSA are developed to detect a weak spoofing signal in the presence of static and dynamic multipath. This thesis also proposes enhancements to these signal authentication techniques. These enhancements exploit the synergy from combining information across multiple epochs, or over multiple monitoring beacons, to further lower the spoofer detection threshold. Both techniques with their enhancements are shown to be effective in simulations of the varied operating environments that a generic TRNS will encounter. With both proposed cryptographic NME+NMA scheme and autonomous SSA in place, TRNS gains a defensive capability that GNSS cannot easily match: a comprehensive defense against most man-in-the-middle attacks on position, navigation and timing services.Aerospace Engineerin

PNT cyber resilience : a Lab2Live observer based approach, Report 1 : GNSS resilience and identified vulnerabilities. Technical Report 1

The use of global navigation satellite systems (GNSS) such as GPS and Galileo are vital sources of positioning, navigation and timing (PNT) information for vehicles. This information is of critical importance for connected autonomous vehicles (CAVs) due to their dependence on this information for localisation, route planning and situational awareness. A downside to solely relying on GNSS for PNT is that the signal strength arriving from navigation satellites in space is weak and currently there is no authentication included in the civilian GNSS adopted in the automotive industry. This means that cyber-attacks against the GNSS signal via jamming or spoofing are attractive to adversaries due to the potentially high impact they can achieve. This report reviews the vulnerabilities of GNSS services for CAVs (a summary is shown in Figure 1), as well as detection and mitigating techniques, summarises the opinions on PNT cyber testing sourced from a select group of experts, and finishes with a description of the associated lab-based and real-world feasibility study and proposed research methodology

Novel Models and Algorithms Paving the Road towards RF Convergence

After decades of rapid evolution in electronics and signal processing, the technologies in communications, positioning, and sensing have achieved considerable progress. Our daily lives are fundamentally changed and substantially defined by the advancement in these technologies. However, the trend is challenged by a well-established fact that the spectrum resources, like other natural resources, are gradually becoming scarce. This thesis carries out research in the field of RF convergence, which is regarded as a mean to intelligently exploit spectrum resources, e.g., by finding novel methods of optimising and sharing tasks between communication, positioning, and sensing. The work has been done to closely explore opportunities for supporting the RF convergence. As a supplement for the electromagnetic waves propagation near the ground, ground-to-air channel models are first proposed and analysed, by incorporating the atmospheric effects when the altitude of aerial users is higher than 300 m. The status quos of techniques in communications, positioning, and sensing are separately reviewed, and our newly developments in each field are briefly introduced. For instance, we study the MIMO techniques for interference mitigation on aerial users; we construct the reflected echoes, i.e., the radar receiving, for the joint sensing and communications system. The availability of GNSS signals is of vital importance to the GNSS-enabled services, particularly the life-critical applications. To enhance the resilience of GNSS receivers, the RF fingerprinting based anti-spoofing techniques are also proposed and discussed. Such a guarantee on GNSS and ubiquitous GNSS services drive the utilisation of location information, also needed for communications, hence the proposal of a location-based beamforming algorithm. The superposition coding scheme, as an attempt of the waveform design, is also brought up for the joint sensing and communications. The RF convergence will come with many facets: the joint sensing and communications promotes an efficient use of frequency spectrum; the positioning-aided communications encourage the cooperation between systems; the availability of robust global positioning systems benefits the applications relying on the GNSS service