Quantum‐resistant authentication algorithms for satellite‐based augmentation systems

Neish, Andrew; Walter, Todd; Enge, Per

doi:10.1002/navi.287

Cited by 15 publications

(11 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The security of this implementation of ECDSA is feasible with current and near-future classical computer capabilities. With the advent of quantum computing, ECDSA and other algorithms relying upon the discrete logarithm problem for security are at risk [15]. NIST is taking this threat seriously and is currently in the process of searching for asymmetric algorithms and protocols that are quantum resistant [16].…”

Section: L5q -Ecdsamentioning

confidence: 99%

Design and Analysis of a Public Key Infrastructure for SBAS Data Authentication

2019

Self Cite

View full text Add to dashboard Cite

Integral to any authentication system is the design of its public key infrastructure (PKI), allowing the system to distribute, maintain, and revoke cryptographic keys while dividing and allocating the responsibility of security between different entities. This paper develops a PKI for two SBAS candidate authentication schemes: one each for an L5 I‐channel and Q‐channel implementation. A simulator, introduced as MCOS, is developed to enable large scale Monte Carlo tests of these PKI designs. This work concludes that once a receiver has been deployed with a set of preinstalled encrypted public keys, a strictly over‐the‐air method of delivering PKI information is feasible for SBAS data authentication in nominal conditions. This work also provides a strong candidate PKI that is designed to be standardized internationally for current and future SBAS service providers.

show abstract

Section: L5q -Ecdsamentioning

confidence: 99%

Design and Analysis of a Public Key Infrastructure for SBAS Data Authentication

2019

Self Cite

View full text Add to dashboard Cite

show abstract

“…As SBAS is a widely used system and the problems with keeping secret keys secure among all users are insurmountable, authentication using asymmetric methods are the most applicable in this case. An outline of TESLA is given in [6] and the basics of the method are covered here. TESLA is a symmetric cryptographic algorithm that creates asymmetry by the delayed release of keys used to authenticate signatures called Message Authentication Codes (MACs).…”

Section: Ii: the Tesla Algorithmmentioning

confidence: 99%

“…If an attacker were able to authenticate a false root key, they would then be able to create a false keychain that receivers would verify and accept. With the advent of quantum computing [6], many asymmetric algorithms lose their assumed security and so the selection of this asymmetric algorithm will be critical.…”

Section: Ii: the Tesla Algorithmmentioning

confidence: 99%

Parameter Selection for the TESLA Keychain

Neish¹,

Walter²,

Enge³

2018

Proceedings of the 31st International Technical Meeting of the Satellite Division of the Institute of Navigation (ION GNSS+ 201

Self Cite

View full text Add to dashboard Cite

In this work, the threats to TESLA and the TESLA keychain are evaluated and the weak points in the implementation are identified. Modes of attack are modeled to emulate the effort required for an attacker to break the security of the TESLA keychain. This effort is contextualized with the window of vulnerability which is directly related to the length of the keychain and other variables. The effort required to break TESLA as these variables change is calculated using probabilistic models. While observing the variables' consequences to security, an analysis is carried out that yield recommendations for a secure implementation of the TESLA keychain.

show abstract

“…The motivation for this is twofold. Firstly, such protocols can be optimized for bandwidth, motivating numerous proposals such as Galileo Open Service Navigation Message Authentication (OSNMA) [13]; GPS's experimental signal authentication scheme, CHIMERA [5], and SBAS authentication [14] [15] [16]. Second, while the delayed disclosure requirement is only one option for data authentication (the other option being digital signatures), it may be a necessary component for spreading code authentication [17].…”

Section: Introductionmentioning

confidence: 99%

Analysis and Recommendations for MAC and Key Lengths in Delayed Disclosure GNSS Authentication Protocols

Fernández‐Hernández

Ashur

Rijmen

2021

IEEE Trans. Aerosp. Electron. Syst.

View full text Add to dashboard Cite

Data and signal authentication schemes are being proposed to address Global Navigation Satellite Systems' (GNSS) vulnerability to spoofing. Due to the low power of their signals, the bandwidth available for authentication in GNSS is scarce. Since delayed-disclosure protocols, e.g., TESLA, are efficient in terms of bandwidth and robust to signal impairments, they have been proposed and implemented by GNSS. The length of message authentication codes (MACs) and cryptographic keys are two crucial aspects of the protocol design as they have an impact on the utilized bandwidth, and therefore on the protocol performance. We analyze both aspects in detail for GNSS-TESLA and present recommendations for efficient yet safe MAC and key lengths. We further complement this analysis by proposing possible authentication success and failure policies and quantify the reduction of the attack surface resulting from employing them. The analysis shows that in some cases it is safe to use MAC and key sizes that are smaller than those proposed in best-practice guidelines. While some of our considerations are general to delayed-disclosure lightweight protocols for data and signal authentication, we particularize them for GNSS-TESLA protocols.

show abstract

Quantum‐resistant authentication algorithms for satellite‐based augmentation systems

Cited by 15 publications

References 19 publications

Design and Analysis of a Public Key Infrastructure for SBAS Data Authentication

Design and Analysis of a Public Key Infrastructure for SBAS Data Authentication

Parameter Selection for the TESLA Keychain

Analysis and Recommendations for MAC and Key Lengths in Delayed Disclosure GNSS Authentication Protocols

Contact Info

Product

Resources

About