Abstract
Secure positioning and localization refer to the use of technology to accurately determine the location of an object or person in a secure and trustworthy manner. It involves GPS, Bluetooth, Wi-Fi, and other wireless technologies to determine location. Several methods have been proposed to address this problem by securing the content of the signals cryptographically. Distance bounding and timed efficient stream loss-tolerant authentication are two leading examples. Furthermore, with autonomous vehicles becoming increasingly essential and utilized in all domains (land, water, air), secure and robust positioning and navigation capabilities will be crucial.
You have full access to this open access chapter, Download chapter PDF
1 Introduction
Secure positioning and localization refer to the use of technology to accurately determine the location of an object or person in a secure and trustworthy manner. It involves GPS, Bluetooth, Wi-Fi, and other wireless technologies to determine location. The goal is to ensure the privacy and security of users while providing accurate location information.
2 Analysis
2.1 Definition
Localization and broadcast positioning techniques (e.g., Global Navigation Satellite Systems or GNSS) are crucial to many applications in the military, business, and society. However, the analysis of their security over the past two decades has shown that an attacker who controls the signals at the antenna of a receiver can spoof the positioning results. Several methods have been proposed to address this problem by securing the content of the signals cryptographically. Distance bounding [1, 2] and TESLA (Timed Efficient Stream Loss-Tolerant Authentication) [3] are two leading examples.
Distance bounding helps to enable secure positioning systems. It allows so-called verifiers to bound the distance of a prover node. As a concrete use case, one can thus prove that a car key is not further than a certain distance away from the car it wants to open. Additionally, the prover node can use distance bounding to determine its correct position even under spoofing/wireless interference by an attacker. Furthermore, distance bounding can also enable secure position verification where a verifier verifies the position claim of an (untrusted) prover node [4].
The TESLA protocol and its derivatives/further developments enable the cryptographic authentication of broadcast communication such as those used in GNSS. It uses symmetric cryptography in connection with time as its asymmetric property to enable the receiver of the GNSS messages to verify the authenticity of the navigation content.
Finally, these methods compete with and complement many non-cryptographic methods using physical properties (think classical radar) to verify location claims and positions. An overview is given in [4].
2.2 Trends
The general expectation is that known secure solutions for navigation, positioning, and localization systems will mature and be deployed more widely. This will affect many important sectors in the industry, the government, and the military. For example, the GNSS market alone is growing steadily over the next decade, reaching cumulative revenues of €3860 bn [5]. Furthermore, with autonomous vehicles becoming increasingly essential and utilized in all domains (land, water, air), secure and robust positioning and navigation capabilities will be crucial. Nevertheless, many other growth segments will rely on secure navigation systems besides traditional navigation-dependent sectors such as shipping, aviation, cars, and rail. These include, but are not limited to, industrial automation, agriculture, climate services, infrastructure, insurance and finance, space, and urban development.
Actors developing and integrating such solutions range from startups and university spinouts such as 3db [6] to the major defense contractors and suppliers in the GNSS market (e.g., Garmin, car manufacturers, and tech companies such as Alphabet). We also expect disruption through the new Low Earth Orbit (LEO) mega-constellations such as Starlink and OneWeb, which could be used for navigation [7]. Last but not least, the major global powers behind the GNSS systems will be pushing for secure and robust solutions, exemplified by the recent addition of TESLA to Galileo, the European GNSS. [8].
3 Consequences for Switzerland
In terms of knowledge and research, Switzerland is well-placed with some of the significant academic research on secure positioning coming from Swiss universities and/or conducted by Swiss academics. However, without its space missions and satellite constellation, Switzerland depends on the major global powers and their GNSS constellations, particularly GPS (US) and Galileo (Europe).
For smaller products such as keyless entry systems, the current startup ecosystem can provide the expertise for secure positioning solutions and their integration into consumer products and other dependent systems.
3.1 Implementation Possibilities: Make or Buy
This section presents the pros and cons of buying or making secure localization products (Table 31.1).
3.2 Variations and Recommendation
We discuss three different options for secure localization. The differences between actors are relatively minor, particularly since control of crucial space-based global positioning and navigation technologies remains viable only for a handful of major state and supranational actors. The first option is the Timed Efficient Stream Loss-tolerant Authentication (TESLA) broadcast authentication protocol [3]. It has the advantage of being a practical option that can be fitted retroactively to GNSS. Nevertheless, on the other hand, it is costly and needs systemic changes. The second option is Distance Bounding [1, 2]. It has two main advantages for the military: flexible technology and proven applications. For civil society and the economy, it is available in consumer technology. On the other hand, it has the disadvantage of being primarily applicable for short distances. The last option is non-cryptographic solutions. The military they have the advantage (Table 31.2).
4 Conclusion
Secure positioning and localization is a comparatively small but essential part of the world of cryptographic applications. The integration of positioning in many embedded systems and using such methods in critical infrastructure and navigation systems make their security paramount. As of today, certainly in the civilian world, barely any secure localization methods are being employed. This is already changing in higher-end assets, where we see distance bounding used e.g. for keyless entry systems for expensive cars. We expect this will trickle down with falling costs and increased adoption.
Cryptographically-secure GNSS is available for the owners/operators of the different satellite constellations (e.g. the military version of GPS) and is trickling towards some of the civilian versions, as seen with Galileo. While technical developments in space can be slow and happen only over the long term, new consumer-oriented LEO constellations may change the pace significantly over the next few years.
Out of the scope of this analysis on cryptographic developments is the progress in non-cryptographic secure localization methods. Here, a quicker but more fragmented rollout can be expected in some critical areas as they can often be deployed independently and transparently. This is already the case in many military applications and may be seen in other vital assets.
References
Stefan Brands and David Chaum. Distance-Bounding Protocols. In Tor Helleseth, editor, Advances in Cryptology — EUROCRYPT ’93, Lecture Notes in Computer Science, pages 344–359, Berlin, Heidelberg, 1994. Springer.
Kasper Bonne Rasmussen and Srdjan Cǎpkun. Realization of RF Distance Bounding. page 13.
Adrian Perrig and J. D. Tygar. TESLA Broadcast Authentication. In Adrian Perrig and J. D. Tygar, editors, Secure Broadcast Communication: In Wired and Wireless Networks, pages 29–53. Springer US, Boston, MA, 2003.
Srdjan Čapkun. The Cyber Security Body of Knowledge v1.0, 2019. University of Bristol, 2019. Section: Physical Layer & Telecommunications Security.
The European Commission and The European Union Agency for the Space Programme. EUSPA EO and GNSS Market Report. Technical report, Luxembourg, 2022.
3db Access. https://www.3db-access.com/, August 2022.
SpaceX’s Starlink broadband satellites could be used for GPS navigation | Space. https://www.space.com/spacex-starlink-gps-navigation, August 2022.
Galileo Open Service Navigation Message Authentication - Navipedia. https://gssc.esa.int/navipedia/index.php/Galileo_Open_Service_Navigation_Message_Authentication, August 2022.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2023 The Author(s)
About this chapter
Cite this chapter
Strohmeier, M. (2023). Secure Positioning and Localization. In: Mulder, V., Mermoud, A., Lenders, V., Tellenbach, B. (eds) Trends in Data Protection and Encryption Technologies . Springer, Cham. https://doi.org/10.1007/978-3-031-33386-6_31
Download citation
DOI: https://doi.org/10.1007/978-3-031-33386-6_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33385-9
Online ISBN: 978-3-031-33386-6
eBook Packages: Computer ScienceComputer Science (R0)