Iran GPS Spoofing and the RSA Cipher

Brian Gladman brg at
Fri Dec 23 08:03:51 GMT 2011

-----Original Message----- 
From: John Brazier
Sent: Friday, December 23, 2011 12:18 AM
To: 'UK Cryptography Policy Discussion Group'
Subject: RE: Iran GPS Spoofing and the RSA Cipher

Confused of Horsham:

As I understand it, between block cyphers/stream cyphers/PRNGs (all of which
seem to be different facets of the same thing) there is a wide range of
systems that can extremely efficiently produce a 'random' sequence of bits,
to any arbitrary level of 'randomness'.

Why would anyone use RSA to generate a random bit stream? Its asymmetry
gives benefits, but it's terribly inefficient. That's why it tends to be
used as a key exchange protocol, not a data encryption one.


I am NOT going to argue that this is the reason for using an RSA based 
keystream generator in this particular application but one potential 
advantage of such generators (see, for example, the Blum-Blum-Shub (BBS) 
generator) is that the n'th bit in the keystream can be calculated without 
having to run the generator up to this point.

If a key stream generator is going to be run for a very long time without 
any re-initialisation and an approximate count of the current bit number is 
known, a resynchronisation can be established by calculating a sequence 
around this bit number and then locating this sequence in the stream to get 
an accurate bit number.

    Brian Gladman

Happy to learn,

John B

-----Original Message-----
From: ukcrypto-bounces at
[mailto:ukcrypto-bounces at] On Behalf Of John Young
Sent: 22 December 2011 10:17 PM
To: UK Cryptography Policy Discussion Group
Subject: Re: Iran GPS Spoofing and the RSA Cipher

The article source responds:


PRNG means Pseudo-Random Number Generator.  Other sources that discuss GPS
say simply "RNG".  Another way of being equally ambiguous would be to call
it a "keystream."

Any cryptosystem can be used as a source PRNG.  The PRNG for M-code GPS is
RSA, tell this cryptographer that.  RSA is the RNG keystream, GPS data is
the plaintext, and the M code signal is the ciphertext.  To turn the M code
ciphertext into GPS plaintext you need to replicate independently the same
RNG sequence used by the satellite to derive the GPS plaintext, to do this
you use RSA in either symmetric or asymmetric mode (as per red-key or
black-key M-code modes, respectively).



At 09:04 PM 12/22/2011 +0000, you wrote:
>I do wish people would check their facts sometimes. The linked article
>asserts that "GPS (M-code) is protected against spoofing by the RSA
>cipher" - it is not, it's protected by a keyed PRNG. You don't have to
>be an ace cryptologist to figure this out, you just need to look up
>"GPS signal" on Wikipedia.
>On 22 Dec 2011, at 16:33, John Young wrote:
>> Iran GPS Spoofing and the RSA Cipher

More information about the ukcrypto mailing list