More on the danger of GPS spoofing

Published 2 October 2008

The military version of GPS includes security features such as encryption, but civilian signals are transmitted in the clear, unencrypted; a suitcase-size transmitting device can easily fool a GPS receiver; the power grid may be disrupted, and ankle-bracelet-wearing criminals walk about freely

A week ago we wrote about a team of Cornell researchers who demonstrated how GPS was vulnerable to spoofing (24 September 2008 HS Daily Wire). This is a serious issue, as reliance on GPS is now common place. Technology Review’s Erica Naone offers more details on this unexpected and distressing problem.

The Global Positioning System (GPS) is at the center of an increasing number of technologies, from vehicle navigation systems to the power grid. The military version of GPS includes security features such as encryption, but civilian signals are transmitted in the clear, unencrypted. Now that researchers at Cornell University and Virginia Tech have demonstrated a relatively simple way to spoof ordinary GPS receivers into accepting bogus signals — using a briefcase-size transmitter — there is a need to rethink this approach.

Paul Kintner, a professor of electrical and computer engineering at Cornell, who worked on the project, warns that society is becoming dependent on GPS for an ever-broadening list of applications, including management of the power grid and tracking criminals under house arrest. “I’m just amazed at the way people are using these GPS systems,” Kintner says. “Ten years from now, there will be more ways that we just don’t know about — it migrates into our technological fabric, and we become dependent on it.”

Kintner and his group, which recently presented details of the spoofing attack at the Institute of Navigation’s Global Navigation Satellite Systems (GNSS) meeting in Savannah, Georgia, did not start out looking for a way to subvert GPS. They were working on a software-based GPS receiver to help them understand the effects of solar flares on GPS satellites. As their design progressed, however, Todd Humphreys, one of the researchers in the group, realized that the same system could be used to spoof ordinary GPS signals.

This is the way GPS works: roughly thirty satellites orbit the earth, broadcasting signals that can be picked up by a receiver virtually anywhere on the planet. By collecting signals from several satellites and measuring the time delay between each signal, GPS receivers can calculate their exact position and receive very precise time signals.

The software GPS device built at Cornell can receive and transmit any GPS signal. To attack a target receiver, the device need only be placed nearby. It would start out simply retransmitting ordinary satellite signals without any modifications. After a few seconds, the target receiver should focus on the signal