A Navigation Message Authentication Proposal for the Galileo Open Service

Ignacio Fernández-Hernández, Vincent Rijmen, Gonzalo Seco-Granados, Javier Simon, Irma Rodríguez, J. David Calle

Research output: Contribution to journalArticleResearchpeer-review

67 Citations (Scopus)


Copyright © 2016 Institute of Navigation. GNSS vulnerabilities have become evident in the last decade. Authentication of the GNSS signals and data can be an important building block contributing to mitigating these vulnerabilities. This paper presents a Navigation Message Authentication (NMA) scheme based on the Timed Efficient Stream Loss-tolerant Authentication (TESLA) protocol and a novel concept based on a single one-way chain for all senders and cross-authentication. The paper presents an NMA implementation in the Galileo Open Service (OS) navigation message that should provide similar navigation performance to data-authenticated users and standard non-authenticated users in terms of time to first fix, accuracy, and availability even in difficult reception conditions. The proposal also maintains a high level of signal unpredictability to help receivers protect against replay attacks. The scheme and implementation proposed yield significant improvements compared to the state of the art, offering the opportunity for Galileo to become the reference GNSS in civil navigation authentication.
Original languageEnglish
Pages (from-to)85-102
JournalNavigation, Journal of the Institute of Navigation
Issue number1
Publication statusPublished - 1 Mar 2016


Dive into the research topics of 'A Navigation Message Authentication Proposal for the Galileo Open Service'. Together they form a unique fingerprint.

Cite this