What is OSNMA?

The OSNMA or Open Service Navigation Message Authentication is a security protocol to verify the authenticity of GNSS signals distributed from the Galileo satellite constellation system. It is based on the Time Efficient Stream Loss-tolerant Authentication (TESLA) protocol; another authentication mechanism which transmits message authentication codes along with the navigation data.

For any broadcast communication, securing the information is a necessary aspect to ensure that information transmitted has not been tampered or had not undergone any unauthorized modifications. The intent of such authorization protocols is to bring a standard and efficient way of verifying signal authenticity for public navigation purposes.

Initially, the Galileo System generates the Message Authentication Code (MAC or the OSNMA bits) and appends it to the navigation message. This is broadcast over the Galileo E1 band, and a key is sent with a delay to authenticate the particular MAC. The order of the generated key is reversed before sending the navigation message.

Once the GNSS receiver picks this signal, the navigation data is demodulated. Then the receiver has to retrieve the MAC from the navigation message and has to decode it to obtain the navigation coordinates. The decoding process requires the key sent by the Galileo system to be authenticated by the receiver. The authentication is done by referring the received key to a previous one which has already been verified or else it might refer to a root key to verify the same. Once verified, the receiver regenerates the MAC key with the data, which should match the original MAC. That is how the navigation coordinates are securely identified by OSNMA in the Galileo navigation system.