On the achievable equivalent security of GNSS ranging code encryption

The threat of Global Navigation Satellite Systems (GNSS) signal spoofing has grown in recent years and has motivated the research community to develop anti-spoofing techniques. Different approaches were developed, from those operating at digital signal processing level to those based on cryptography. This work focus on the class of anti-spoofing mechanisms that aims at protecting the GNSS signal by encrypting, completely or partially, the ranging code. The goal of this approach is to force the attacker to estimate the secret chips rather than arbitrarily generate a spoofing signal based on the known spreading code. This work will analyse the effective security level offered by this class of security mechanism as a function of the clock uncertainty of the victim receiver, the C/N0 advantage of the attacker and its attack strategy. Finally, a framework that allows to derive the amount of secret chips that the receiver needs to accumulate in order to meet its security target is presented, together with example obtained with a GNSS software receiver.