Binary phase hopping based spreading code authentication technique

Civil receivers of Global Navigation Satellite System (GNSS) are vulnerable to spoofing and jamming attacks due to their signal structures. The Spreading Code Authentication (SCA) technique is one of the GNSS message encryption identity authentication techniques. Its robustness and complexity are in between Navigation Message Authentication (NMA) and Navigation Message Encryption (NME)/Spreading Code Encryption (SCE). A commonly used spreading code authentication technique inserts unpredictable chips into the public spreading code. This method changes the signal structure, degrades the correlation of the spreading code, and causes performance loss. This paper proposes a binary phase hopping based spreading code authentication technique, which can achieve identity authentication without changing the existing signal structure. Analysis shows that this method can reduce the performance loss of the original signal and has good compatibility with the existing receiver architecture.


Introduction
Global Navigation Satellite System (GNSS) is an important national infrastructure, which plays a key role in vehicle navigation, civil aviation, financial transactions and many others (Liang et al. 2013). GNSS civil receivers are vulnerable to spoofing and jamming attacks because the format and modulation of GNSS civil signals are public ("GPS Interface Control Documents IS- GPS-200G" 2012;Humphreys 2013), and there exist obvious security vulnerabilities (Guenther 2014). Deception jamming is divided into repeater deception jamming and generated spoofing jamming (Hu et al. 2016). It is of great significance to study the anti-deception technology and improve the robustness of receivers. GNSS anti-spoofing technology is categorized into non-encryption-based technology and encryption-based technology (Psiaki and Humphreys 2016). The non-encryption-based technology mainly includes signal quality monitoring, doppler consistency monitoring and other anti-spoofing technologies. The encryption-based technology includes Navigation Message Authentication (NMA), Spreading Code Authentication (SCA), Navigation Message Encryption (NME) and Spreading Code Encryption (SCE) (Dovis 2015;Shen and Guo 2018a). Anti-spoofing technology can greatly enhance the security of information (Wesson et al. 2012).
The SCA technique is considered to be one of the key innovations for the next generation of GNSS civil signals (Margaria et al. 2017). Its robustness and complexity are in between NMA and NME/SCE. For the SCA technique unpredictable chips are inserted into the unencrypted public spreading code and verified in receivers to ensure the credibility of pseudo range measurement (Shen and Guo 2018a;. At present, the main implementation methods of the SCA technique include Spread Spectrum Security Code (SSSC) (Scott 2003), Hidden Marker (HM) (Kuhn 2005) and Signal Authentication Sequence (SAS) Pozzobon 2011). The ideas adopted at the signal level are inserting unpredictable authentication chips into the public spreading code. The advantage of the SCA technique is that the received power is − 160 dB·W. Unless the encrypted information

Open Access
Satellite Navigation https://satellite-navigation.springeropen.com/ *Correspondence: tang_zuping@hust.edu.cn School of Electronic Information and Communications, Huazhong University of Science and Technology, Wuhan 430074, China is available, it is difficult for attackers to predict the SCA chips correctly. The disadvantage is that the output of the correlator will be greatly attenuated as the proportion of the SCA chips in the code sequence increases, resulting in the failure of acquisition and tracking, for receivers do not participate in identity authentication (Pozzobon 2011). When the proportion of the inserted chips is small, the signal is vulnerable to multiple access interference. The adjustment of time, position and scale of chip insertion is not flexible.
In view of the above problems, this paper proposes a binary phase hopping based SCA technique. The proposed technique avoids non-cooperative parties to obtain information, and improves the signal confidentiality performance. Phase hopping modulation can be in multi-ary, and the proposed technique uses binary phase hopping. By adding pseudo-random phase hop into the civil signal, and correlating demodulation results with pseudo-random code in the receiver, we can achieve identity authentication. This technique can reduce the performance loss of the original signal and the impact on the receivers, which do not participate in authentication. Besides, it has good compatibility with the existing receiver architecture. This technique also has stronger anti-multiple access interference ability and higher authentication success rate. Moreover, it is more flexible because the transmitter can adjust the ratio of authentication component flexibly, and the receiver can also choose a flexible receiving mode. This SCA method provides a good technical solution for the design of modern GNSS signals.

Phase hopping modulation
Phase hopping modulation is a new anti-interception method for improving the security and reliability of a system. Its aim is to improve the security performance of a wireless communication system without increasing the system bandwidth.
Phase hopping modulation is suitable for a variety of signals, such as baseband signal, Radio Frequency (RF) signal, and carrier. This modulation can also be regarded as a secondary modulation after the basic modulation, including Phase Shift Keying (PSK) modulation, Quadrature Amplitude Modulation (QAM), etc. The phase hopping sequence generator generates a phase hopping sequence to control the phase shifter, so the initial phase of the input signal changes with the hopping of the phase hopping sequence. Then the output signal can be processed according to different requirements and transmitted by the antenna. For the demodulation unit in the receiver, the same phase sequence generator generates the phase hopping sequence and controls the phase compensator to compensate the signal phase so as to achieve demodulation. The phase compensator is implemented by a phase shifter, which makes the phase of the input signal change with the hopping sequence. These two hopping procedures are complementary, which is essential for the signal synchronization.

Phase hopping modulation unit
The phase hopping modulation unit is shown in Fig. 1.
The phase hopping sequence generator generates Nary pseudo-random sequence c(k) , which is used as the phase hopping sequence, and the corresponding phase offset is where e jϕ(t) is phase shift factor. The relationship between t and k is where T c is the chip width of the phase hopping sequence.

Phase hopping demodulation unit
The phase hopping demodulation unit is shown in Fig. 2.
Under the control of a synchronous system, the phase hopping sequence generator generates the same

Binary phase hopping based SCA technique
The commonly used SCA technique inserts unpredictable authentication chips into the public spreading code. This paper proposes an SCA technique that modulates authentication information on the signal phase.

Signal structure
The phase hopping sequence c(k) is binary and its value is given by The corresponding phase offset is where ϕ PH is the phase hopping amplitude.
Assuming that there are two GNSS signal components, and they are compounded together, such as Global Positioning System (GPS) L5, Galileo Navigation Satellite System (Galileo) E5a, BeiDou Navigation Satellite System (BDS) B2a, using the Quadrature Phase Shift Keying (QPSK) modulation. The baseband equivalent expression of the phase hopping modulation unit is where d(t) is the data bits, c d (t) is the spreading code of the data channel (I channel), c p (t) is the spreading code of the pilot channel (Q channel). The output signal of the phase hopping modulation unit is if and the RF signal is where P 1 is the power of the data channel, ω c is carrier frequency, ϕ 0 is carrier initial phase, P 2 is the power of the pilot channel. Figure 3 shows the constellation of the output signal, where P 1 = P 2 , and ϕ PH = 5 • .

SCA at receiver end
In the user segment, it is easy for a receiver to achieve authentication, and there is no need to make massive changes to the existing receiver. The process is as follows.
After the down conversion, the Intermediate Frequency (IF) signal obtained from the receiver is where P r1 is the data channel power, P r2 is the pilot channel power, ω i is the IF carrier frequency, ϕ i is the IF carrier phase, and n is noise.
The identity authentication relies on the sin ϕ(t) , which can be implemented in the following three ways.

Only pilot channel used for authentication
The schematic diagram is shown in Fig. 4. The dashed box in the figure is the identity authentication module, and the rest is the traditional tracking loop. After mixing the IF signal with the locally generated carriers, where ω o is the frequency of the local carrier, ϕ o,p is the initial phase of the local carrier, and n i,p , n q,p are the noises of the I and Q channels, respectively.
Equation (9) tells that the authentication is not affected by the data bits. First, the Q channel signal in Eq. (12) is correlated and integrated with the pilot channel spreading code c p and the phase hopping sequence c(k) . The higher-order components will be cleared after the filter in the authentication module. Then, to further improve C N 0 , a coherent accumulation for the length of T coh is carried out, and the normalized detection value V i is when θ is small, sin θ ≈ θ . The threshold value V t is (12) = P r1 I out + n q,p + · · · (13) V i = − P r1 (ϕ PH · π/180) where σ n is the standard deviation of the noise, and P fa is false alarm probability. If V i is higher than V t , the authentication successes, otherwise fails.

Only data channel used for authentication
The schematic diagram is shown in Fig. 5. The dashed box in the figure is the identity authentication module, and the rest is the traditional tracking loop. After mixing the IF signal with the locally generated carriers, the highorder components are filtered out. When the tracking loop is stable, the I and Q channel signals are (assuming there are no frequency difference and initial phase difference between the received IF signal and the replicated signal) = − P r2 Q out + n q,d + · · · where ω o is the frequency of the local carrier, ϕ o,d is the initial phase of the local carrier, and n i,d , n q,d are the noises of the I and Q channels, respectively. Equation (9) tells that to use the data channel for authentication, it is necessary to eliminate the influence of data bits. First, the Q channel signal in Eq. (15) is correlated and integrated with the data channel spreading code c d and the phase hopping sequence c(k) respectively. The higher-order components will be cleared after the filter in the authentication module. Then the influence of data bit inversion is eliminated according to the data bit estimation of the I channel. Next, to further improve C N 0 , a coherent accumulation for the length of T coh is carried out, and the normalized detection value V q is when θ is small, sin θ ≈ θ . The threshold value V t is where σ n is the standard deviation of the noise, and P fa is false alarm probability. If V q is higher than V t , the authentication successes, otherwise fails.

Both data and pilot channels used for authentication
When the receiver tracks pilot signal and data signal independently, the above two methods are directly combined to get the normalized detection value V as While if the receiver tracks pilot signal and data signal jointly, it is necessary to determine the phase relation between V i and V q according to the practical tracking loop and make a right combination.
To use the above three methods, we only need to add an identity authentication module in the classic tracking loop. Table 1 shows the increase in hardware complexity, which is mainly reflected in the number of code sequence generators and correlators.

Performance analysis
In order to verify the performance of the binary phase hopping based SCA technique, this paper simulates the performance loss and detection probability, then compares it with the inserting chip based SCA technique. It is assumed that the energy proportion of the authentication part is the same, i.e., (sin ϕ PH ) 2 . The simulation result is shown in Fig. 6. In the figure, "PN_I" represents the method of using the data channel for authentication, "PN_Q" represents the method of using the pilot channel for authentication. The detection probability curves of the two methods coincide. "Combination" represents the method of using both pilot channel and data channel for authentication. When both channels are used, the signal power is fully utilized, so its performance is optimal. The coherent accumulation time required to achieve the same detection probability is reduced by a half.

Performance loss of receivers not participating in authentication
For the existing civil receivers which do not include identity authentication module. The authentication component in the signal is regarded as noise, which will degrade C N 0 .
For the inserting chip based SCA technique, assuming the spreading code length is N, the length of the authentication codes is K , signal amplitude is A , and the power of noise is σ 2 , then the C N 0 of the non-authentication signal is A 2 2σ 2 · N . For the receivers which do not participate in authentication, the C N 0 is A 2 2σ 2 · (N −K ) 2 N . So, the C N 0 degradation is where p u is the ratio of the authentication part in a signal, that is, the ratio of the unpredictable sequence inserted in the spreading code sequence.
For the binary phase hopping based SCA technique, the C N 0 degradation is where p u is the ratio of the authentication part in a signal, and the relationship with the phase hopping amplitude is it is known that theoretically the C N 0 degradation of the binary phase hopping based SCA technique is lower, which is a half of that for the inserting chip based SCA technique. Figure 7 shows the simulation results of C N 0 degradation of the two SCA techniques. The theoretical results coincide with the simulation results. The binary phase (19) �C N 0 = 10 log 10 (1 − p u ) 2 (20) �C N 0 = 10 log 10 (1 − p u ) (21) p u = (sin ϕ PH ) 2  hopping based SCA technique has lower C N 0 degradation and better compatibility with the existing receiver architecture.

Simulation of detection probability
This section simulates the Receiver Operating Characteristic (ROC) performance for the two SCA techniques, and the binary phase hopping based SCA technique uses the third authentication method. In the following figures the abscissa represents the false alarm probability P fa and the ordinate is for the detection probability P d . The simulated ROC performances are plotted in Figs. 8 and 9 with the coherent integration time T coh = 600 ms , code rate R c = 1.023 Mcps , phase jump amplitude ϕ PH = 5 • , and C N 0 being 35 dB·Hz and 40 dB·Hz, respectively. When C N 0 is 40 dB·Hz, the coherent integration time of 600 ms is long enough. There is no significant difference between the authentication success rates of the two SCA techniques. Under the same false alarm probability, the authentication success rates of the two SCA techniques are almost 100%. When C N 0 is reduced to 35 dB·Hz, the coherent integration time of 600 ms is not enough. Under the same false alarm probability, the authentication success rate of the phase hopping based SCA technique improves obviously. One reason is that in the same coherent integration time, the authentication code length of the phase hopping based SCA technique is R c · T coh , and the authentication code length of the inserting chip based SCA technique is R c · p u · T coh . For a GNSS signal, the longer the spreading code sequence is, the higher the spreading gain will be, meaning stronger anti-multiple access interference ability.
Considering the errors in PLL, such as phase jitter and dynamic stress error, Fig. 10 shows the constellation diagram of demodulation with the root-mean-square error (RMSE) of phase jitter σ i being 5°. The phases of actual signal jitter are near the ideal eight phase points. Figure 11 shows the constellation diagram of demodulation with the steady-state value of dynamic stress error θ e being 5°. There is a fixed deviation between the phase points of the actual signal and the eight ideal phase points. Figure 12 shows the ROC performance of authentication module for the cases that the root-meansquare error of phase jitter is 5° and 10°, the steady value of dynamic stress error is 5° and 10°, and C N 0 is 35 dB·Hz. Compared with the ideal (i.e., without error), the dynamic stress error hardly affects the ROC performance of authentication module, while the phase jitter does, but not much deteriorate the ROC performance.

Flexibility analysis
The premise of successful authentication is the correct detection of the authentication code, which requires low false alarm probability and high detection probability. The success rate of authentication is related to the power and time of authentication signal. When the total power of the signal is constant, the higher the power proportion of the authentication signal, the shorter the necessary time for successful authentication will be, otherwise the longer the authentication time should be adopted. Therefore, there is a need for a tradeoff between the authentication component power proportion and the real-time authentication, which can be adjusted if necessary.
For the inserting chip based SCA technique, if we want to change the percentage of unpredictable sequence inserted in the spreading code sequence, the strategies of generating spreading sequence on the satellite and the receiver processing spreading code sequence need to be adjusted. The insert position and time need to update, and the transmission and synchronization of these updated information also need additional resources, which is less flexible.
For the binary phase hopping based SCA technique, to change the energy proportion of the authentication part in the signal, only the phase hopping amplitude needs to be changed. The receiver does not need to change the receiving mode and processing strategy, which has high implementation flexibility.

Applicability analysis
The modulation mode adopted in the simulation is Direct Sequence Spread Spectrum (DSSS)/QPSK, and code rate is 1.023 Mcps. In the design of a modern GNSS signal structure, subcarrier modulation and higher code rate are also used for some signals. Compared with the proposed modulation method, the difference of the subcarrier modulation process is that it adds a subcarrier modulation module before the carrier modulation. The corresponding demodulation in the receiver does not affect the constellation diagram of the signal, which means it does not affect the receiver authentication module. At the same time, higher code rate will bring higher spreading gain, which can also improve the performance of the receiver authentication module. Therefore, the proposed scheme is suitable for modern GNSS signals.

Conclusion
In this paper, a new SCA technique of the binary phase hopping based SCA technique is proposed. The performance of this technique is compared with the inserting chip based SCA technique through a simulation. In terms of compatibility, the proposed technique is more compatible with the existing receiver architecture, and also reduces the impact on the receivers that do not participate in identity authentication. In terms of authentication success rate, the binary phase hopping based SCA technique has stronger anti-multiple access interference ability and higher authentication success rate in the same condition. In terms of flexibility, the binary phase hopping based SCA technique is more flexible and easier to adjust. The binary phase hopping based SCA technique provides an efficient implementation scheme for future GNSS security design.