Xiao Chen,Ruidan Luo,Ting Liu,Hong Yuan,Haitao Wu

DOI: https://doi.org/10.3390/rs15051462

IF: 5

2023-03-06

Remote Sensing

Abstract:As the Global Navigation Satellite System (GNSS) is widely used in all walks of life, the signal structure of satellite navigation is open, and the vulnerability to spoofing attacks is also becoming increasingly prominent, which will seriously affect the credibility of navigation, positioning, and timing (PNT) services. Satellite navigation signal authentication technology is an emerging technical means of improving civil signal anti-spoofing on the satellite navigation system side, and it is also an important development direction and research focus of the GNSS. China plans to carry out the design and development of the next-generation Beidou navigation satellite system (BDS), and one of its core goals is to provide more secure and credible PNT services. This paper first expounds on the principles and technical architecture of satellite navigation signal authentication, then clarifies the development history of satellite navigation signal authentication, and finally proposes the BDS authentication service system architecture. It will provide technical support for the construction and development of the follow-up Beidou authentication service.

environmental sciences,imaging science & photographic technology,remote sensing,geosciences, multidisciplinary

Zhijun Wu,Cheng Liang,Yuan Zhang

DOI: https://doi.org/10.1109/taes.2023.3241041

IF: 3.491

2023-01-01

IEEE Transactions on Aerospace and Electronic Systems

Abstract:The Civil Navigation Message (CNAV) of the Global Navigation Satellite System (GNSS) is transmitted in an open channel without authentication and integrity protection mechanism. Therefore, the CNAV is facing the threat of interception and tampering, and it is vulnerable to spoofing attacks. To guarantee the authenticity and integrity of CNAV, we propose a cryptographic anti-spoofing scheme of CNAV in GNSS based on consortium blockchain using domestic cryptographic algorithms. In this scheme, we design a CNAV authentication model based on satellites, ground stations and key management center. And implement the authentication protocol to achieve the purpose of preventing CNAV in GNSS from being tampered with. On the basis of the authentication of the entities, the scheme further realizes the functions of information source authentication and integrity protection of the legitimate senders. And on the basis of satisfying security, the protocol has lower computing and communication cost, simplifies the process of re-authentication of information source, and has great practicability for receivers that use civil navigation message to achieve navigation and positioning functions.

telecommunications,engineering, electrical & electronic, aerospace

CHENG Xiang,CHEN Gong-liang,LI Jian-hua,GONG Jie-zhong

DOI: https://doi.org/10.3969/j.issn.1009-8054.2011.06.015

2011-01-01

Abstract:With the continuous construction and application of China Beidou Satellite Navigation System,the security issue of data transmission attracts more and more attention. Based on discussion of current security mechanisms for satellite navigation system,and in combination of the ides of IHO data protection scheme,a new data security solution is proposed,thus to implement source authenticity,confidentiality and availability of data transmission for Beidou satellite navigation system and satisfy the security requirement by specific end users. Finally,This paper,with reference to various attacks,gives security analysis of this proposed solution.

Jing Guo,Xiang Wang,Kefan Wei,Mingquan Lu

DOI: https://doi.org/10.1109/iccasit53235.2021.9633551

2021-01-01

Abstract:As an important supplement to Global Satellite Navigation System (GNSS), Satellite-Based Augmentation System (SBAS) implements wide area differential correction and integrity enhancement to ensure that GNSS core constellation meets the performance requirements of high integrity users. The next generation integrity enhancement will introduce Dual-Frequency Multi-Constellation (DFMC) technology, so that the distortion risk of navigation signal becomes the largest uncertainty source of ranging error. In order to effectively meet the needs of implementing signal quality monitoring (SQM) in Beidou Satellite-Based Augmentation System (BDSBAS) to improve integrity, a SQM algorithm based on multi-correlator observables for BDS B1C signal is proposed. The algorithm is simulated and evaluated by using B1C signal threat model and threat space recently adopted by International Civil Aviation Organization (ICAO). The results show that the algorithm can effectively ensure that B1C signal meets the integrity monitoring performance requirements under DFMC SBAS framework.

Yang Haomiao,Huang Rongshun,Wang Xiaofen,Deng Jiang,Chen Ruidong

DOI: https://doi.org/10.1016/j.cja.2014.04.028

2014-01-01

Abstract:Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellite-based aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM) systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters’ private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.

Kefan Wei,Xiaowei Cui,Jian Wen,Mingquan Lu

DOI: https://doi.org/10.33012/2020.17148

2020-01-01

Abstract:Distortion caused by satellite payload is a great threat for all SBAS (Satellite Based Augmentation System) users especially for civil aviation which has extremely strict requirements for the integrity of navigation system. A 2-OS threat model is used to model this kind of distortions and then Signal Quality Monitoring (SQM) could detect distortions on the basis of threat models (TM) and multi-correlator. TMs of the GPS L1C/A signal and GAL E1C signal and their corresponding SQM has already been studied. As an important navigation system, China's BeiDou Navigation Satellite System (BDS) will also provide SBAS service based on the new B1C signal that employs quadrature multiplexed binary offset carrier (QMBOC) modulation. SQM of B1C is now a burning issue in order to ensure the integrity of BDS. For the new B1C signal, this paper does some preliminary researches on defining its TMs, SQM detection method and the performance of SQM based on previous researches of the GPS L1C/A and GAL E1C signal.

Shizhuang Wang,Yawei Zhai,Xingqun Zhan

DOI: https://doi.org/10.1002/navi.409

2021-01-01

Abstract:The full deployment of China's BeiDou navigation satellite system (BDS) was finalized in June 2020. To support safety-critical applications, the system must provide assured signal-in-space (SIS) performance. As one of the key steps forward for BDS, this paper characterizes the SIS range errors (SISREs) for both the regional (BDS-2) and the global (BDS-3) systems from the integrity perspective. Following the safety standards in aviation, a data-driven SISRE evaluation scheme is presented in this work. This scheme evaluates the overbounding user range accuracy (URA) and the prior fault probability to respectively capture the nominal and anomalous SIS behaviors. By processing the 4.5-year ephemerides starting from 2016 for BDS-2 and the recent 1.5-year data from 2019 for BDS-3, we preliminarily provide an overall picture of the BDS SIS characteristics and reveal the significant performance variation among different satellites.

Gang Li,Shuren Guo,Jing Lv,Kanglian Zhao,Zehua He

DOI: https://doi.org/10.1016/j.asr.2020.12.011

IF: 2.611

2021-01-01

Advances in Space Research

Abstract:Short Message Communication (SMC) is a featured service of BeiDou Navigation Satellite System (BDS). After its successful deployment in 2003, Regional Short Message Communication (RSMC) service has been continuously serving China and its neighboring countries and regions, especially in life safety scenarios. In this paper, the architecture of the Global Short Message Communication (GSMC) system is proposed based on the medium earth orbit (MEO) constellation and the crosslinks of the global BeiDou navigation system (BDS-3). Three subtypes of GSMC service, i.e. positioning report, emergency search and rescue (SAR) and regular SMC are designed in accordance with the technical characteristic of integration of navigation and communication in BDS-3, which supports future wide applications of GSMC. The performance of the designed GSMC system is analyzed by numerical calculations. As BDS-3 was officially announced completion on July 31, 2020, GSMC has been providing initial service. First test results of the in orbit GSMC payloads are also presented in the paper to verify the designed capabilities. Preliminary results also show that the requirements of Global Maritime Distress and Safety System (GMDSS) can also be fulfilled.

Mingping Qi,Jianhua Chen,Yitao Chen

DOI: https://doi.org/10.1002/sat.1279

2019-01-01

Abstract:AbstractSummaryRecently, Liu et al came up with an authentication with key agreement scheme for securing communication over the low‐earth‐orbit satellite communication systems. However, this paper demonstrates that this scheme cannot provide perfect forward secrecy or defend against the smart card stolen attack, and has some very bad design defects, making it unpractical. Thus, to design a truly secure authentication scheme for satellite communication systems, this paper presents a new scheme, making use of the advantages of elliptic curve cryptography and symmetric cryptography. The security analyses by the widely used BAN logic and heuristic discussions demonstrate that our new scheme possesses perfect security properties and can defend against various well‐known malicious attacks. Moreover, our new scheme allows users to update passwords locally in accordance with their wishes, achieving a good user experience.This paper demonstrates that Liu et al's scheme cannot provide perfect forward secrecy or defend against the smart card stolen attack, and has some very bad design defects, and then presents a new scheme. The security analyses by the widely used BAN logic and heuristic discussions demonstrate that our new scheme possesses perfect security properties and can defend against various well‐known malicious attacks. Moreover, our new scheme allows users to update passwords locally in accordance with their wishes, achieving a good user experience. View Figure

Yinchao Yang,Mohammad Shikh-Bahaei,Zhaohui Yang,Chongwen Huang,Wei Xu,Zhaoyang Zhang

DOI: https://doi.org/10.1109/wcnc57260.2024.10570649

2024-01-01

Abstract:This paper investigates the secure resource allocation for a downlink integrated sensing and communication system with multiple legal users and potential eavesdroppers. In the considered model, the base station (BS) simultaneously transmits sensing and communication signals through beamforming design, where the sensing signals can be viewed as artificial noise to enhance the security of communication signals. To further enhance the security in the semantic layer, the semantic information is extracted from the original information before transmission. The user side can only successfully recover the received information with the help of the knowledge base shared with the BS, which is stored in advance. Our aim is to maximize the sum semantic secrecy rate of all users while maintaining the minimum quality of service for each user and guaranteeing overall sensing performance. To solve this sum semantic secrecy rate maximization problem, an iterative algorithm is proposed using the alternating optimization method. The simulation results demonstrate the superiority of the proposed algorithm in terms of secure semantic communication and reliable detection.

Liying Huo,Jiawen Shen,Shizhuang Wang,Yawei Zhai,Xingqun Zhan

DOI: https://doi.org/10.1007/s42401-023-00248-z

2023-01-01

Aerospace Systems

Abstract:Global Navigation Satellite System (GNSS) Signal-In-Space (SIS) quality directly affects positioning integrity, which is an important metric for safety–critical applications. BeiDou Global Navigation Satellite System (BDS-3) broadcasts two new signals interoperable with GPS and Galileo, i.e., B1C and B2a. They are expected to serve civil aviation applications, following the Standards and Recommended Practices (SARPs) released by International Civil Aviation Organization (ICAO). Therefore, the SIS accuracy and integrity performance of BDS-3 B1C and B2a are evaluated in this work. The SIS Range Errors (SISREs) are achieved by comparing the broadcast satellite positions and clock offsets derived from Civil Navigation Message (CNAV) with the precise products from International GNSS Service (IGS). Specifically, given that the IGS precise products are referring to the equivalent phase center of BeiDou Regional System (BDS-2) B1I + B3I ionosphere-free combination, Differential Code Bias (DCB) from IGS is applied to realize time synchronization. This synchronization method is also meaningful to different frequencies in other constellations and supports the en-route, approaching, and landing phases. By analyzing 1-year data, an overall SIS characteristic picture of the 18 BDS-3 MEO satellites is presented here. The results show that most BDS-3 satellites are subject to an overbounding User Range Accuracy (URA) of 0.5 m to 0.85 m and a fault probability of 1.4953×10^-5 to 1.1975×10^-4 , with an integrity performance much better than that of BDS-2 and comparable to that of GPS. BDS-3 is now ready to serve civil aviation and other safety–critical applications.

Yulei Chen,Jianhua Chen

DOI: https://doi.org/10.1002/dac.4508

2020-01-01

International Journal of Communication Systems

Abstract:The rapid development of satellite communications has brought great convenience to people's lives, as well as huge security challenges. In order to guarantee the security of users, a large number of authentication protocols have been proposed. Recently, Xu et al. proposed an improved mutual authentication protocol based on perfect forward secrecy for satellite communications. In this paper, we will point out that Xu et al.'s protocol cannot resist the offline password guessing attack and the replay attack and fails to provide user untraceability. To overcome these weaknesses, we propose a robust three-factor-based authentication protocol for satellite communication systems and analyze its correctness using Burrows-Abadi-Needham logic. In addition, the descriptive security analysis shows that our protocol is safe and robust against various attacks. By comparing with other related protocols, we find that our protocol has better performance.

Mingquan Lu,Wenyi Li,Zheng Yao,Xiaowei Cui

DOI: https://doi.org/10.1002/navi.296

2019-01-01

Navigation

Abstract:With the completion of the experimental and regional phases, China's BeiDou Navigation Satellite System (BDS) is being speedily expanded to a global and multifunctional satellite navigation system, BDS III. Confronted with challenges such as limited frequency resources and diversified user requirements, new signals with novel modulation techniques are adopted in BDS III. In addition to the legacy B1I and B3I signals, new open service signals, B1C and B2a/B2b, as well as some new authorized service signals, will be broadcast by BDS III satellites. Among them, B1C and B2a are compatible and interoperable with GPS and Galileo. The modulation techniques and the detailed signal structures of B1C and B2a are introduced in this paper, along with analysis of the initial in-orbit test results of the new signals.

mohammed ramadan,fagen li,c x xu,kwame oteng,hesham ibrahim

DOI: https://doi.org/10.1109/ICCSN.2015.7296138

2015-01-01

Abstract:The code division multiple access (CDMA) system is considered to be the most secured cellular standard because of its strong security techniques such as scrambling and interleaving. These security techniques have been improved from the GSM security system. However, the CDMA cellular standard still has some limitations particularly in term of authentication and key agreement process. In this paper, a new authentication and key agreement protocol is proposed to provide a security technique to ensure the mutual authentication of both the mobile station and the network provider, as well as provide a key agreement protocol for session keys by using short and efficenent signature with bilinear pairing method with some modifications to make the proposed scheme more compatible for the CDMA cellular system.

Sher, Burhan,Ahmad, Mustafeez,Mansoor, Khwaja

DOI: https://doi.org/10.1007/s10586-024-04566-5

2024-06-10

Cluster Computing

Abstract:This article highlights the importance of Air Traffic Control in ensuring the security and efficiency of international aviation operations. Traditional RADAR systems face limitations in power consumption, coverage, and accuracy, leading to the development of innovative solutions like the Automatic Dependent Surveillance-Broadcast (ADS-B) system. However, the open nature of ADS-B's unencrypted signals poses security challenges, allowing attackers to intercept and manipulate data. To address this, the paper emphasizes the need for symmetric authentication, which uses shared secret keys through schemes like Message Authentication Codes and block cipher encryption. The choice between these methods depends on factors such as security, performance, and usability. Symmetric authentication is a practical solution, requiring robust shared keys and careful encryption algorithm selection. The research underscores the need for secure ADS-B systems and the trade-offs required in designing authentication schemes.

computer science, information systems, theory & methods

Xiang Wang,Xiaowei Cui,Gang Liu,Mingquan Lu

DOI: https://doi.org/10.3390/rs15041008

2023-01-01

Abstract:To guarantee the integrity of a global navigation satellite system (GNSS) for safety-critical users, a satellite-based augmentation system (SBAS) makes use of the integrity monitoring architecture, of which the signal quality monitor (SQM) is an important component to address the potential risks caused by satellite-induced signal anomalies. Due to the introduction of dual-frequency multi-constellation (DFMC) techniques in 2025, the ranging uncertainty will be reduced by the elimination of first-order ionospheric delay, but the biases measured in each individual signal will be inflated by the ionosphere-free combinations. Moreover, multiple modulations of DFMC signals might introduce applicability uncertainty of a traditional SQM method that has been protecting GPS L1C/A signal only. Thus, higher requirements are put forward for future SQM methods in detection sensitivity and modulation independence. This paper first proposes a design methodology for the SQM algorithm for BDS B1C/B2a signals, which could be easily extended to the DF combinations of other GNSS core constellations. Then, by comparing the performances of SQM baseline algorithms based on traditional multi-correlator and emerging chip domain observables (CDOs), respectively, the superiority of CDO-based SQM is declared. Detailed design iterations are further discussed, including the algorithm practicalization with optimizing code-phase bin length and lowering sampling frequency, as well as the metric simplification, to promote the overall performance while preserving a lower implementation complexity. Ultimately, a CDO-based SQM algorithm for BDS B1C/B2a signals is reached, which would be considered as an effective candidate in new generation DFMC SBASs.

Haomiao Yang,Hyunsung Kim,Hongwei Li,Eunjun Yoon,Xiaofen Wang,Xuefeng Ding

DOI: https://doi.org/10.3837/tiis.2013.10.013

2013-01-01

KSII Transactions on Internet and Information Systems

Abstract:As a cornerstone of the next generation air traffic management (ATM), automatic dependent surveillance-broadcast (ADS-B) system can provide continual broadcast of aircraft position, identity, velocity and other messages over unencrypted data links to generate a common situational awareness picture for ATM. However, since ADS-B messages are unauthenticated, it is easy to insert fake aircrafts into the system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, we propose an efficient broadcast authentication scheme with batch verification for ADS-B messages which employs an identity-based signature (IBS). Security analysis indicates that our scheme can achieve integrity and authenticity of ADS-B messages, batch verification, and resilience to key leakage. Performance evaluation demonstrates that our scheme is computationally efficient for the typical avionics devices with limited resources, and it has low communication overhead well suitable for low-bandwidth ADS-B data link.

Shuishuai Xu,Xindong Liu,Mimi Ma,Jianhua Chen

DOI: https://doi.org/10.1002/sat.1309

2019-01-01

Abstract:AbstractSummaryAs the mobile network progresses fast, mobile communications have a far‐reaching influence in our daily life. In order to guarantee the communication security, a myriad of experts introduced many authentication protocols. Recently, Qi et al presented an enhanced authentication with key agreement protocol for satellite communications, and they proclaimed that their protocol could defend various attacks and support varied security requirements. Regrettably, in this paper, we prove that their protocol was fruitless in resisting smart card stolen or loss attack, supporting perfect forward secrecy and had a fundamental error. To solve these problems, we present an improved protocol based on perfect forward secrecy. In addition, the analysis of our improved protocol suggests that it gets possession of faultless security properties and overcomes the flaws in the protocol of Qi et al perfectly. Thus, our improved protocol can be appropriated for the mobile communications.In this paper we prove that Qi et al.'s protocol was unsuccessful in resisting smart card stolen or loss attack, supporting perfect forward secrecy and had a fundamental error. To solve these problems, we present an improved protocol based on perfect forward secrecy. In addition, the analysis of our improved protocol suggests that it has faultless security properties and overcomes the flaws in Qi et al.'s protocol perfectly. View Figure

Haomiao Yang,Qixian Zhou,Mingxuan Yao,Rongxing Lu,Hongwei Li,Xiaosong Zhang

DOI: https://doi.org/10.1109/jiot.2018.2882633

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:As the heart of next-generation air transportation systems, the automatic dependent surveillance-broadcast (ADS-B) is becoming a substitute for the radar, because it can enhance flight safety by requiring aircraft to regularly broadcast their precise geographic positions. Despite its promise, the lack of security mechanisms, e.g., not providing data encryption and message authentication, is a significant barrier to realistically deploy this new technology. While many methods have been proposed for ADS-B security, they can deal with either privacy or integrity unilaterally, and also need to change current ADS-B standards. In this paper, we present a new cryptographic solution to ADS-B security by first carefully exploiting some cryptographic primitives, and then adapting them to the air traffic-monitoring scenario. In contrast to previous approaches, our proposed solution is not only of high compatibility with existing protocols of ADS-B, but also lightweight for congested data links and resource-constraint avionics. Furthermore, it can also tolerate package loss and disorder that frequently occur in ADS-B wireless broadcast networks, making the proposed solution easy-to-deploy and practical. Security analysis shows that our proposal simultaneously achieves the confidentiality and authenticity of ADS-B messages. In addition, performance evaluation also demonstrates the efficiency of communication and computation for the proposal by using flight data of OpenSky-a sensor network that covers Central Europe aiming at gathering ADS-B flight data. Finally, the deployment in a real airport environment also proves the effectiveness of our solution.

Yan Si,Lina Wang,Zhihao Tan,Lili Zhao,Peng Zhang

DOI: https://doi.org/10.1109/icnisc60562.2023.00124

2023-10-27

Abstract:This paper mainly introduces the composition, principle and characteristics of the second generation of Beidou navigation satellite system, summarizes the security technology of Beidou navigation signal, puts forward the improved security enhancement technology-space-time-frequency combined adaptive anti-jamming algorithm, analyzes the advantages of the improved anti-jamming algorithm in principle, and forecasts the development trend of the security technology of Beidou navigation satellite system.

Engineering,Computer Science