Cryptography Is Not Enough: Relay Attacks on Authenticated GNSS Signals

Civilian-GNSS is vulnerable to signal spoofing attacks, and countermeasures based on cryptographic authentication are being proposed to protect against these attacks. Both Galileo and GPS are currently testing broadcast authentication techniques based on the delayed key disclosure to validate the integrity of navigation messages. These authentication mechanisms have proven secure against record now and replay later attacks, as navigation messages become invalid after keys are released. This work analyzes the security guarantees of cryptographically protected GNSS signals and shows the possibility of spoofing a receiver to an arbitrary location without breaking any cryptographic operation. In contrast to prior work, we demonstrate the ability of an attacker to receive signals close to the victim receiver and generate spoofing signals for a different target location without modifying the navigation message contents. Our strategy exploits the essential common reception and transmission time method used to estimate pseudorange in GNSS receivers, thereby rendering any cryptographic authentication useless. We evaluate our attack on a commercial receiver (ublox M9N) and a software-defined GNSS receiver (GNSS-SDR) using a combination of open-source tools, commercial GNSS signal generators, and software-defined radio hardware platforms. Our results show that it is possible to spoof a victim receiver to locations around 4000 km away from the true location without requiring any high-speed communication networks or modifying the message contents. Through this work, we further highlight the fundamental limitations in securing a broadcast signaling-based localization system even if all communications are cryptographically protected

Location-independent GNSS Relay Attacks: A Lazy Attacker’s Guide to Bypassing Navigation Message Authentication

In this work, we demonstrate the possibility of spoofing a GNSS receiver to arbitrary locations without modifying the navigation messages. Due to increasing spoofing threats, Galileo and GPS are evaluating broadcast authentication techniques to validate the integrity of navigation messages. Prior work required an adversary to record the GNSS signals at the intended spoofed location and relay them to the victim receiver. Our attack demonstrates the ability of an adversary to receive signals close to the victim receiver and in real-time generate spoofing signals for an arbitrary location without modifying the navigation message contents.We exploit the essential common reception and transmission time method used to estimate pseudorange in GNSS receivers, thereby potentially rendering any cryptographic authentication useless. We build a proof-of-concept real-time spoofer capable of receiving authenticated GNSS signals and generating spoofing signals for any arbitrary location and motion without requiring any high-speed communication networks or modifying the message contents. Our evaluations show that it is possible to spoof a victim receiver to locations as far as 4000 km away from the actual location and with any dynamic motion path. This work further highlights the fundamental limitations in securing a broadcast signaling-based localization system even if all communications are cryptographically protected