|
|
|
|
|
|
by derefr
3147 days ago
|
|
|
Everything involved in GPS requires all the nodes (both the senders and the receivers) to have "extremely high precision clocks." That's the whole idea, really: you, the receiver, have a clock, and a map of where the various GPS satellites will be around the earth at given times. You "hear" the current time announced from three satellites (along with their station IDs), and compare those times to your clock to figure out the flight time of the data, and thus the distance to the satellites. Then you take the satellites' known positions on the map at the current time, plus the flight times, and triangulate your own position. If one of the three times you've received is a "lie", then its relative time will correspond to an impossible distance for that GPS satellite to be relative to where the map says it should be (e.g. over the horizon relative to you), and relative to where the other two satellites that you heard from are. (Theoretically you could receive such signals—using reflectors, like HAMs do—but GPS discounts this possibility and just considers it invalid data.) |
|
|
Except when you're measuring the time of flight of signals going close to the speed of light, 10ppm of clock slew gives you 3,000 m/s of clock slew.
That's why GPS receivers actually need to see 4 satellites to get an accurate fix; receivers actually calculate position in four dimensions - x, y, z and time.
Anyway, consequences:
1. The GPS receiver in your phone doesn't have an 'extremely high precision clock' by the standards of high precision clocks.
2. You could mount a replay attack against a receiver introducing error at up to 3km per second in such a way that it won't be readily detectable over other errors in the system.
3. Due to practical issues involved with such a replay attack, it'd probably be possible to crash a drone or misdirect it by a few hundred meters; but incredibly difficult to misdirect it to a distant country or anything like that.