Abstract
Existing GNSS authentication schemes suffer from critical drawbacks such as high verification latency and prohibitive memory requirements, leaving time-sensitive applications vulnerable to spoofing. The core challenge is the inability to transmit strong, real-time cryptographic credentials through the bandwidth-limited GNSS signal. This paper introduces WAWA, a Wavelet Analysis-based Watermarking Authentication scheme that operates at the physical layer of the GNSS signal. The central innovation of WAWA is its use of the wavelet domain to achieve a high-capacity data channel, allowing a complete public-key digital signature to be embedded directly within the signal structure. This enables receivers to perform immediate, symbol-level authentication using a public key, which fundamentally removes the verification delay and reliance on time synchronization seen in conventional methods. Furthermore, it eliminates the need for large memory buffers, a critical barrier for resource-constrained devices. We present the complete design of the watermark generation, embedding, and extraction process, alongside a novel dual-path verification framework adaptable to both standalone and network-assisted receivers. Performance analysis shows that WAWA achieves immediate authentication while offering superior effective bandwidth and maintaining low memory overhead. Although it introduces a controllable signal correlation loss, validated through both theoretical modeling and simulation, WAWA presents an exceptional balance of security, immediacy, and resource efficiency, offering a promising new paradigm for ensuring trustworthy PNT sensor data in time-critical and resource-sensitive applications, particularly in large-scale sensor networks and autonomous systems.