GPS satellites have been broadcasting military ciphertext on their public L1 frequency for nearly two decades, using Subframe 4, Page 17 as an unpublicized numbers station. This 176-bit field, transmitted every 12.5 minutes, carries encrypted messages intended for authorized military receivers with Secure Availability Anti-Spoofing Modules.

Researchers analyzed 12.16 million observations collected between 2007 and early 2026 using a Julia pipeline feeding into DuckDB. Statistical analysis revealed the payloads match random noise baselines, confirming true encryption rather than encoded text. However, they found deliberate test patterns of 0xAA bytes indicating empty fields, repeated 9-byte sequences suggesting protocol headers, and coordinated fleet-wide changes on May 26, 2011.

These broadcasts enable the U.S. Over-the-Air Distribution system, which pushes cryptographic keys to military GPS receivers without physical access. This solves a major logistical challenge but creates potential security risks for civilian infrastructure that relies on the same signals. The satellite fleet's behavior shifted again in December 2023, introducing a four-byte TEXT prefix on PRN 8.

The dataset represents a globally deployed cryptographic network accessible to anyone with software-defined GNSS receivers. Every GPS satellite passes overhead twice daily, broadcasting these encrypted payloads in plain sight. Security researchers can perform traffic analysis and structural cryptanalysis on this unprecedented real-world target using openly available tools and methodology.