UWB-Based Positioning Is Not Invulnerable from Spoofing Attacks: A Case Study of Crazyswarm ^†

Abstract

Spoofing attacks pose a threat to drones, which can lead to their crash or takeover. As a countermeasure, the European Space Agency has implemented the Timed Efficient Loss-tolerant Authentication (TESLA) broadcast protocol in the Galileo Open Service Navigation Message Authentication (OSNMA) to detect such events. This study explores the application of TESLA in detecting spoofing attacks targeted at drone swarms that rely on positioning systems utilizing ultra-wideband (UWB) technology. The results of our experiments reaffirm that UWB-based positioning systems are not automatically invulnerable from spoofing attacks and that cryptographic methods such as TESLA are required to provide a layer of protection against spoofing attacks to detect them effectively.

1. Introduction

Unmanned aerial vehicles (UAVs), or drones, have seen significant advancements in academia and industry due to technological improvements and reduced size and cost [1]. The Federal Aviation Administration predicts that the United States alone will have 3 million drones by 2028 [2]. Interest in drone swarms has grown due to their varied applications in entertainment, security, transportation, environmental monitoring, and aerial communication platforms. However, security threats such as spoofing attacks are also on the rise [3]. It is essential to tackle these spoofing threats to ensure the safety of navigation [4]. Signal spoofing in a Global Navigation Satellite System (GNSS) is a prominent example that threatens drones and communication networks [5]. Although GNSS signal spoofing has been well studied, spoofing attacks in GNSS-challenged environments, such as UAV swarms where GNSS signals may be unreliable or unavailable, have received less attention. Crazyswarm [6] is a framework for aerial swarms that enables the control of multiple Crazyflie (CF) drones. When operating in a UWB setting, drones use signals from station modules (anchors) for positioning via Loco Positioning System (LPS), with each anchor featuring a DWM1000-based transceiver module, allowing passive drones to calculate their positions using Time Difference of Arrival (TDoA). However, communication is susceptible to spoofing attacks due to the lack of mechanisms for drones to verify the authenticity of anchors [7]. In this paper, we demonstrate how an attacker can hijack a drone swarm by falsifying anchor positions and propose implementing a broadcast authentication protocol to allow the swarm to detect and resist such attacks.

2. Related Works

This section reviews the body of literature in order of publication. The research described in [8] presents an authentication scheme using message authentication code (MAC) to enable secure bidirectional time of arrival (ToA) positioning in UWB-based wireless sensor networks (WSNs); however, it does not discuss passive tags. In [9], a geoencryption strategy suitable for a long range navigation (LORAN) system is proposed, integrating the TESLA protocol in navigation. It shows that passive tags can authenticate signals and protect against spoofing, although it is limited to LORAN. Furthermore, in [10], suggestions for enhancing TESLA for navigation systems, particularly aimed at enhanced long range navigation (eLORAN), are discussed. The study in [11] introduces a security mechanism for WSN using elliptic curve cryptography (ECC) to safeguard ToA-based positioning, claiming to be effective even in the presence of malicious actors. However, this approach presumes a two-way communication framework among participants. In [12], a position estimation algorithm suitable for passive and active UWB nodes is proposed in the presence of spoofing attacks. However, the emphasis is on the accuracy of position estimation rather than the detection of such events; therefore, the lack of cryptographic primitives is evident. The research in [13] reveals a classification system intended to identify malicious vs. truthful nodes through signal features such as the received radio strength indicator (RSSI) in restricted settings; however, it assumes that cryptographic mechanisms already are in place and only adds a layer of location-based classification. In [14], a digital signature-based method is proposed for secure positioning in WSN; however, public-key cryptography (PKC) may not be suitable for high-frequency streams [15,16]. The study in [17] proposes sub-STS, a modification of the scrambled timestamp sequence (STS) in IEEE 802.15.4z. However, this technique does not fully address the TDoA case and requires that the sender and receivers agree on a shared key and initial vector before measuring ToA, a symmetry that could allow receivers to create authentic signals [18]. In [7], a simulated TESLA model is used for Crazyflie drones as a proof of concept, but this research has some drawbacks, such as having a single point of failure in the system and the static condition of the drones rather than being airborne. Finally, in [19] a method is proposed to mitigate spoofing events within the convex hull; however, it does not use cryptographic primitives.

3. Threat Model

In this section, we explore the interactions between the networks, highlighting the functions and communication strategies of anchors and tags. Furthermore, we describe possible threats, especially those related to spoofing attacks, as well as different scenarios and their effectiveness.

The symbols used in this paper are defined in

Table 1. Notations.

Symbol	Description
$\mathcal{A}$	UWB-based anchor
$\mathcal{T}$	UWB-based passive tag (e.g., a drone)
$𝒜$	An ordered subset of ${\mathbb{R}}^3$, indexed by $\mathcal{A}$ elements.
$\mathcal{T}$	An ordered subset of ${\mathbb{R}}^3$, indexed by $\mathcal{T}$ elements.
${\parallel .\parallel }_2$	${\ell }_2$-norm, i.e., the Euclidean distance
$h\left(x\right)$	Collision Resistant Hash Function with x as input of arbitrarily length
$K_i$	ith key in TESLA keychain
$HMAC(x,k)$	Message Authentication Code based on $h\left(x\right)$ with k as the key
‖	Concatenation operation
N	TESLA keychain size (i.e., number of keys)
s	TESLA keychain seed, a pseudorandom value
D	TESLA interval length, measured in seconds
d	TESLA key disclosure delay, measured in units of D
I	TESLA interval index with $0\le I<D\times N$

.

3.1. Network Model

We distinguish between trusted and untrusted networks in our model. A trusted network is a fixed set of a number of active nodes that want to broadcast navigation information to an untrusted network with a large number of passive nodes. We refer to such a node in the trusted network as an anchor, denoted by $\mathcal{A}$. We refer to a passive node in the untrusted network as a tag, denoted by $\mathcal{T}$. The goal of the trusted network is to provide continuous navigation information that the tags in the untrusted network need for self-positioning. We assume a broadcast-only communication model from the trusted network to the untrusted network. While in practice, bootstrapping a broadcast scheme can involve unicast communication, we mainly focus on the threats that may arise from the one-way communication phase. Although bidirectional unicast between $\mathcal{A}$ and $\mathcal{T}$ is common in wireless networks, it can be difficult to manage as the number of nodes in the network grows; specifically, the number of connections needed in a two-way setting would be equal to the number of edges in a complete bipartite graph.

3.2. Positioning

In the proposed network model, the time of flight (ToF) between an anchor $\mathcal{A}$ and a target $\mathcal{T}$ cannot be calculated directly. However, the time of arrival (ToA) at $\mathcal{T}$ can still be measured. Given the difference in ToA, denoted as $\delta \mathrm{ToA}$, for two synchronous signals from different anchors indexed by i and j, and their corresponding positions ${𝒜}_i=(x_i,y_i,z_i)\in {\mathbb{R}}^3$ and ${𝒜}_j=(x_j,y_j,z_j)\in {\mathbb{R}}^3$, the following equation can be formulated as a hyperboloid:

$$\begin{array}{cc}\hfill \delta \mathrm{ToA}\times c& =\parallel {\mathcal{T}}_{\ast }-{𝒜}_i{\parallel }_2-{\parallel {\mathcal{T}}_{\ast }-{𝒜}_j\parallel }_2\hfill \\ \hfill & =\sqrt{{(x-x_i)}^2+{(y-y_i)}^2+{(z-z_i)}^2}-\sqrt{{(x-x_j)}^2+{(y-y_j)}^2+{(z-z_j)}^2}\hfill \end{array}$$

(1)

where c is the speed of light and $\mathcal{T}\ast =(x,y,z)$ is the unknown position of $\mathcal{T}$. With four or more hyperboloids, $\mathcal{T}\ast$ can be estimated.

3.3. Attacker Model

We assume a computationally bounded active attacker in the network. The attacker has full access to the network channel and can manipulate the traffic in the network, for example, by eavesdropping, changing, replaying, or delaying messages. The attacker is assumed to be powerful, but does not possess unbounded resources. We also distinguish between an insider attacker and an outsider attacker. An insider attacker is part of the trusted network; it is considered a stronger notion that symmetric-key methods do not protect against [20]. The ideal goal of the attacker is to smoothly capture self-positioning tags undetected. As the attacker has full access to the network, it can block packets from arriving or being processed, for example, by jamming the signals. Furthermore, we assume that the attacker knows the true position of $\mathcal{T}$.

3.4. Spoofing Model

We define a spoofing attack as any RF-based [21] attempt by the attacker to influence the perceived position of the tags. In our model, the tags are drones, and as the drones cannot verify whether $\mathcal{A}$ originates from the trusted network, the attacker can send arbitrary positions and influence the swarm. To illustrate such a scenario, we consider a simple 2D example, as depicted in Figure 1, with three synchronous senders out of which two belong to the trusted network and one to the attacker. Each anchor broadcasts its position simultaneously with other anchors. The drones can then use these positions and TDoA measurements for positioning. However if the attacker changes the broadcast position of an anchor, it will result in a change in the perceived position of the swarm.

4. Requirements

This section describes the necessary criteria for configuring a system that aligns with our threat model.

4.1. TDoA Mode

So far, we have assumed that anchor transmissions are simultaneous; however, in reality, a sensor pairing algorithm should be implemented before determining the TDoA. There are two methods to achieve this: centralized or decentralized sensor pairing [22]. We focus on the decentralized method due to its scalability in order to find suitable TDoA measurements, as described in [23].

4.2. Spoofing Detection Method

We recognize two categories for detecting a spoofing attack: with and without cryptography. We emphasize that any spoofing detection method that does not use cryptographic primitives is limited and cannot be generalized to all situations. For example, in Figure 1, the attacker gradually changes its broadcast position, making it difficult—if not nearly impossible—to detect such an event without using cryptography, especially when the spoofed position remains inside the convex hull. On the other hand, we acknowledge that relying solely on cryptography for spoofing attack detection, although necessary, is not always sufficient. Building on top of our threat model, we focus only on a method based on cryptographic primitives in this work.

TESLA

The Time-Efficient Stream Loss-tolerant Authentication (TESLA) method is a formally verified broadcast authentication protocol that prioritizes low communication and computational overhead [24,25]. It assumes time synchronization between senders and receivers. The TESLA approach involves the iterative application of a cryptographic hash function h to a pseudorandom value s to generate a set of keys, known as a keychain. Specifically, for a keychain of size N, the keys are $K_N=h\left(s\right)$ and $K_i=h\left(K_{i+1}\right)$ for i, ranging from $N-1$ down to 0. As part of the bootstrapping, $K_0$ along with other parameters, is shared with receivers. The sender assigns each key to a time slot within a sequence of intervals, with D as the interval length. The sender uses the HMAC algorithm on the message $M_i$ to broadcast authenticated packets $P_i$. After broadcasting each packet, the receivers buffer safe packets until the sender releases the key after a delay d (measured in units of D). This enables recipients to verify the packets in the buffer. A packet is constructed as follows:

$$P_i=M_i \Vert i \Vert HMAC(M_i,K_i)\Vert K_{i-d}$$

(2)

Even if some packets are lost, key regeneration is possible using future packets.

Although TESLA is effective and appropriate for streaming applications, it exhibits several drawbacks compared with digital signature systems, including the need for synchronization between sender and receiver, it not being easy to implement in all use cases, memory requirements, susceptibility to delay and denial-of-service (DoS) attacks, and lag in authentication [26,27]. However, TESLA is still considered appropriate for the authentication of navigational broadcasts, such as in Galileo Open Service Navigation Message Authentication (OSNMA), due to the small size of the authentication messages, the resilience to message loss, and the simple key distribution mechanism [28].

5. Experiment

In this study, a constellation of 16 anchors was deployed in the laboratory and their relative positions were accurately determined using a total station theodolite, which produced the coordinate system, as shown in our experimental setup in Figure 2. All of the measurements in the rest of this paper are expressed in meters, unless otherwise indicated.

Due to space limitations, the experiment involved two drones with initial positions of ${\mathcal{T}}_1=(0,0,0.2)$ and ${\mathcal{T}}_2=(0,0.5,0.2)$, as depicted in Figure 3, which were controlled using the Crazyswarm2 Robot Operating System (ROS) package. All of the drones and anchors were configured to operate in a decentralized TDoA mode (referred to as TDoA3 in the firmware). We carried out two tests: one without authentication and another with authentication. Our findings from the first test demonstrate that drones can be moved to the desired location by broadcasting fake positions through the LPS, while the perceived position of the drones did not show this change. To differentiate between truthful and deceitful packets, the TESLA protocol was used.

5.1. Authentication Parameters

TESLA’s need for time synchronization to work, and the fact of operating in a broadcast setting, led us to implement a similar approach to the flooding time synchronization protocol (FTSP). With the DWM1000’s clock sensitivity at LSB/15.65 ps, implementing FTSP yielded a steady (root mean square error) RMSE of approximately 15 $\mathsf{\mu }$s by Crazyflie. For simplicity, we assign $N=200,D=d=1$, and use a standard cryptographic hash function with an output length of 128 bits for keys and truncated HMAC outputs of 64 bits for our TESLA implementation. The information about h and HMAC algorithms, and $K_0$ was pre-shared.

5.2. System Configuration

A motion capture system (MoCap) tracked each drone’s trajectory, sampling MoCap and UWB-based positions at 2.5 ms intervals. The drones used an Extended Kalman Filter (EKF) for estimation, the implementation details of which can be found in [29,30]. The presence of a remote switch in each LPS helped automate the experiment, allowing events triggered such as take-offs, attacks, and landings at predetermined times.

5.3. Algorithms

We implemented Algorithm 1 for anchors and Algorithm 2 for Crazyflies, and used a single shared keychain for improved authentication. The TESLA keychain generation in Algorithm 1 was previously discussed in Section 4. The attachAuthInfo() method was executed just before UWB packet transmission, specifically during the Loco Positioning Protocol (LPP) packet setup in LPS. In Algorithm 2, the drone runs bufferIfLegit() upon packet receipt. A timer periodically invokes timerCallback() every $d\times D$ seconds to check the authenticity of packets in the buffer and, if verified, pushes TDoA measurements for estimation.

Algorithm 1: TESLA keychain generation in $\mathcal{A}$ and its usage

Algorithm 2: Packet authentication in $\mathcal{T}$

6. Discussion

In this section, we will discuss the results of our experiment. Figure 4 shows how a swarm can be swayed away over time when $𝒜$ is fake. Although the drones were commanded to hover over their initial positions, and they believed they were, in reality, they ended up in different positions near (1, 1) on the xy plane based on the attacker’s data. After implementing the TESLA protocol, the drones were able to distinguish when the signals came from trusted anchors and remained over the initial positions at (0, 0) and (0, 0.5) as commanded. This was confirmed by the kernel density estimates (KDE) in Figure 5. When authentication was used, the RMSE values for the first Crazyflie drone (CF1) and the second Crazyflie drone (CF2) were approximately (x = 0.058, y = 0.111, z = 0.124) and (x = 0.061, y = 0.164, z = 0.149), respectively, consistent with the DWM1000 specifications. Without authentication, the RMSE values were (x = 0.563, y = 0.533, z = 0.139) and (x = 0.532, y = 0.521, z = 0.133), highlighting the impact of the spoofing attack. A demo is available in Supplementary Materials. Furthermore, distance difference measurements recorded during the experiments showed a noticeable change when the attack was initiated, as illustrated in the sample in Figure 6. In contrast, the position estimates remained statistically stable over the initial positions when authentication was used, as shown in Figure 5.

7. Conclusions

We demonstrated the importance of secure communication protocols in the operation of UAV swarms, particularly in environments where GNSS signals are not available. The deployment of the TESLA protocol, in conjunction with the use of UWB technology for positioning, has proven to be effective in mitigating the risks associated with spoofing attacks. Our experiments have shown that without robust authentication mechanisms, drones are vulnerable to spoofing, which can significantly alter their perceived positions and lead to operational failures. However, when authentication was used, it ensured that drones maintained an accurate position and resisted deceptive signals, demonstrated by stable RMSE values and consistent position estimations in our experiment.

Future research should explore larger UAV swarms, more complex scenarios, and evaluate lightweight digital signatures such as Ed25519 against TESLA.