Researchers at University College London dissected a little‑known 176‑bit slot in every GPS L1 C/A navigation message. The field, Subframe 4 Page 17, has been transmitting encrypted data since 2007. By mining 12.16 million observations from the GFZ Potsdam archive, the team proved the payload matches the military Over‑the‑Air Distribution (OTAD) rekeying protocol, turning the civilian constellation into a global numbers station and shows it has been continuous.

Each GPS satellite emits roughly 3,700 of these special‑message payloads daily, amounting to about 12 % of Subframe 4 bandwidth. The researchers built a Julia‑based pipeline that converts NetCDF recordings to Apache Arrow, then parallel‑processes bits into DuckDB, shrinking a 19‑year extraction from hours to seconds on a laptop. This rapid query ability exposed 3,994 distinct 176‑bit messages, enabling near‑real‑time monitoring of global key traffic.

The finding matters for firmware engineers and signal analysts who assume GPS carries only civilian navigation data. The hidden OTAD stream reveals that military key updates travel openly on a public channel, accessible to any receiver that parses Subframe 4. Ignoring the field means missing a persistent, unencrypted side‑channel that could inform security audits and reverse‑engineering efforts for both civilian and defense stakeholders.