Privacy-preserving GNSS remote-processing technique
| 725 - Abstract: |
| This Global Navigation Satellite System (GNSS) remote-processing scheme based on a cryptographic and signal processing algorithm addresses the privacy interests from both the receiver and the remote server: the receiver does not wish to disclose its position, while the remote server does not wish to disclose the secret spreading codes used for determining a position. With the present invention, the data delivered by the user to the remote server is pre-processed in such a way that the server cannot glean information about the user location. ESA is looking for partners who would be interested implementing this invention by getting a license. |
Description:
In many civilian applications, there is the need to use GNSS signals to compute a position, in such way that the receiver has a relatively high assurance that the computed position is correct. To make a positional determination, the receiver uses the acquired navigation signal of a given satellite and a version of the spreading code for that satellite which is held or generated internally within the receiver.
In a civilian GNSS system, the spreading code sequences are disclosed to all receivers and in some cases, where it is desirable to restrict access to the positioning service, secret spreading code sequences are employed, that are only disclosed to a small set of authorized receivers.
However, the difficulties associated with acquiring and maintaining an authorized receiver, including the appropriate secured or tamper-proof signal-generation unit, are sometimes prohibitive. As an alternative to the use of an authorized receiver, the receiver may not perform the calculation of the position locally, but instead dispatch the signal processing function to a remote server.
The remote server may compute the location of the client receiver from the raw range measurements, and this location is then returned to the client receiver, or the raw range measurements may be returned to the client receiver which is then responsible for computing its location. However, in such an approach, the remote server also has access to the position of client receiver, which may be undesirable for various reasons, such as privacy and security of the operator of the client receiver.
The present invention relates to a method for processing GNSS signal as described in Figure 1, whereby the incoming signal is encrypted at the receiver using a homomorphic encryption scheme to form an encrypted signal which is then transmitted from the receiver to a remote server.
This approach allows a two-way secrecy ensuring that:
- the position of the receiver is not disclosed to the server;
- the secret ranging (spreading code) sequences are not disclosed to the client receiver.
Innovations and advantages:
- Requires no space infrastructure (already existing).
- Low overhead (cloud based processing).
- Retro-fit to existing remote processing systems.
Domain of application:
All market segments that make use of positioning have a vested interest in the positioning system being secure. Examples include:
- fleet-management,
- asset-tracking,
- pay-per-use road-tolls and auto-insurance;
- timing systems for infrastructure (electricity);
- timing for financial applications;
- regulatory applications such as digital tachography,
- route-compliance;
- fisheries applications, etc.