[time-nuts] GPS Spoofing

Rob Kimberley robkimberley at btinternet.com
Sun Jul 28 15:49:42 EDT 2013 

I've just been catching up on this thread. 

The subject says GPS Spoofing, but most of the replies seem to revolve
around jamming. Not the same thing.

Just a thought...

Rob

-----Original Message-----
From: time-nuts-bounces at febo.com [mailto:time-nuts-bounces at febo.com] On
Behalf Of J. Forster
Sent: 28 July 2013 20:06
To: Discussion of precise time and frequency measurement
Subject: Re: [time-nuts] GPS Spoofing

The point about the duty cycle being low is correct. And, there are
commercial linear power amps, like the used ones made by ENI and others,
that can easily put out 1 kW plus narrow pulses.

Furthermore, the pulse generator is trivial to make with a Rb, 3 or more
Tektronix DD501s, a simple OR gate and a gated oscillator at about 100 kHz.
I've cobbled up that setup several times as a LORAN-A simulator.

The main difficulty is getting a reasonable match to an efficient antenna at
100 kHz.

-John

=================



> Hi
>
> Since it's a pulse system, and you get to position your pulse for 
> maximum effect, I don't see any reason to generate CW power. Simply 
> mimic the lowest power slave in the chain. There's very little 
> redundancy with Loran, so spoofing one station will mess it up. No 
> need to mask the entire chain. At most you would need to hit two low power
slaves.
>
> Math wise:
>
> Wavelength is 10,000 ft / 3,000M. Throw things off by ~10% of that and 
> you have problems in a harbor. You would need to play a bit to see 
> weather a pulse every so often does the trick or not. Is that 20 db 
> below the slave or not ? You'd have to play with it. It's in that 
> range. A spoof that says they are on the other side of the world isn't 
> going to work. One that says you are on the north side of the channel 
> (when you are on the south side) is what would work.
>
> Power within a pulse set at a  5:1 duty cycle. For a 50,000 us GRI you 
> have another 50:1. For longer GRI's you might add another 2:1. Net is 
> a peak to average ratio of 250-1000 to 1. Put another way, a 500W 
> pulse is ~
> 1 average.
>
> Power at 100 KHz = what's in a fairly cheap switching power supply. 
> Plug it into the wall. A couple hundred watts (or even KW) pulse is 
> cheap. Say you have 120W out of the wall (or a car battery). If the 
> math above is correct and you can run 80% efficiency, that's a pretty
powerful pulse.
> It's probably cheaper to generate something at 50:1 rather than the 
> whole
> > 200:1. A 5KW is a *lot* of RF, even into a simple antenna.
>
> Antenna - there's a couple ways to do that. All of them are tradeoffs 
> (size / cost / power). The cheap way is to use a wire that's already 
> there.. Since you don't need to propagate (near field), the antenna 
> efficiency could be higher than you would think for some antennas.
>
> Is it easier than that with some smarts involved in the pulse - 
> probably yes. Do the smarts raise the hardware cost significantly? - 
> you'd have to build a few and find out. What really drives this or 
> that Loran receiver nuts? I'm quite sure you could work that out with one
to play with.
>
> Am I gong into the Loran-C jammer business? No, so don't contact me 
> off list to buy one. The point is not *have* I built one, but could 
> one be built easily.
>
>
> Bob
>
>
> On Jul 28, 2013, at 1:29 PM, "Poul-Henning Kamp" <phk at phk.freebsd.dk>
> wrote:
>
>> In message <DAB33AEF-98EF-4503-89A7-657F0D25AC48 at rtty.us>, Bob Camp
>> writes:
>>
>>> I'm not talking about taking out Loran-C over the entire North 
>>> Atlantic.
>>> The target is a harbor sized area. For that, you certainly do not 
>>> need a 600' antenna or megawatts of power.
>>
>> No, you need about 600W (continuous) and a loop-antenna about 5m in 
>> diameter.
>>
>> Do the math, It's not as easy as you think.
>>
>> --
>> Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
>> phk at FreeBSD.ORG         | TCP/IP since RFC 956
>> FreeBSD committer       | BSD since 4.3-tahoe
>> Never attribute to malice what can adequately be explained by 
>> incompetence.
>
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com To unsubscribe, go to 
> https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.
>
>


_______________________________________________
time-nuts mailing list -- time-nuts at febo.com To unsubscribe, go to
https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
and follow the instructions there.

More information about the time-nuts mailing list