面向卫星网络断续连通场景的接入和切换认证机制

石小平; 马如慧; 曹进; 李晖; 陈李兰; 李凤华

doi:10.11959/j.issn.2096-8930.2021028

您当前的位置：

首页 >

文章列表页 >

面向卫星网络断续连通场景的接入和切换认证机制

专题：天地一体化信息网络安全防护技术 | 更新时间：2024-06-03

- 面向卫星网络断续连通场景的接入和切换认证机制
- Access and Handover Authentication in Intermittent Connection Scenario of Satellite Network
- 天地一体化信息网络 2021年2卷第3期页码：24-34
- 作者机构：
  
  1. 西安电子科技大学网络与信息安全学院，陕西西安 710126
  2. 中国科学院信息工程研究所，北京 100093
  3. 中国科学院大学网络空间安全学院，北京 100049
- 作者简介：
  
  [ "石小平（1997-），女，西安电子科技大学网络与信息安全学院硕士生，主要研究方向为4G/5G网络、天地一体化信息网络安全认证机制研究等" ]
  [ "马如慧（1991-），女，博士，西安电子科技大学网络与信息安全学院讲师，主要研究方向为4G/5G网络、天地一体化信息网络安全认证机制研究等" ]
  [ "曹进（1985-），男，博士，西安电子科技大学网络与信息安全学院教授、博士生导师，主要研究方向为4G/5G网络、天地一体化信息网络安全性及认证协议设计与分析等" ]
  [ "李晖（1968-），男，博士，西安电子科技大学网络与信息安全学院教授、博士生导师，主要研究方向为密码学、无线网络安全、信息理论和网络编码等" ]
  [ "陈李兰（1997-），女，西安电子科技大学网络与信息安全学院硕士生，主要研究方向为天地一体化信息网络终端接入安全等" ]
  [ "李凤华（1966-），男，博士，中国科学院信息工程研究所教授、博士生导师，主要研究方向为网络与系统安全、隐私计算、密码应用等" ]
- 基金信息：
  
  国家自然科学基金面上项目;The National Natural Science Foundation of China(61772404);陕西省重点产业创新链（群）-工业领域项目;Shaanxi Province Key Industrial Innovation Chain (Group)-Industrial Field Project(2020ZDLGY08-08);国家自然科学基金资助项目;the National Natural Science Foundation of China(U1836203)
- DOI：10.11959/j.issn.2096-8930.2021028
  中图分类号： TN302
- 网络出版日期：2021-09，
  
  纸质出版日期：2021-09-20
- 稿件说明：
移动端阅览
石小平, 马如慧, 曹进, 等. 面向卫星网络断续连通场景的接入和切换认证机制[J]. 天地一体化信息网络, 2021,2(3):24-34.

Xiaoping SHI, Ruhui MA, Jin CAO, et al. Access and Handover Authentication in Intermittent Connection Scenario of Satellite Network[J]. Space-integrated-ground information networks, 2021, 2(3): 24-34.
石小平, 马如慧, 曹进, 等. 面向卫星网络断续连通场景的接入和切换认证机制[J]. 天地一体化信息网络, 2021,2(3):24-34. DOI： 10.11959/j.issn.2096-8930.2021028.

Xiaoping SHI, Ruhui MA, Jin CAO, et al. Access and Handover Authentication in Intermittent Connection Scenario of Satellite Network[J]. Space-integrated-ground information networks, 2021, 2(3): 24-34. DOI： 10.11959/j.issn.2096-8930.2021028.

摘要

针对低轨卫星网络链路断续连通的问题提出一种接入认证、通信恢复和卫星切换方案。该方案基于对称密码体制设计，采用单向散列算法、异或操作和时间戳保护机制，在实现安全接入认证的前提下，降低信令开销、带宽开销和计算开销。针对链路中断情况，该方案基于卫星网络和用户的当前会话密钥，快速安全地恢复通信，保障服务质量。通过轨道预测技术，根据当前会话密钥和随机数实现卫星接入点间安全切换，减少卫星切换过程中的通信成本。该方案还可实现用户身份匿名性，成功认证后刷新临时身份用于下一次认证。

Abstract

This article disclosed an authentication method for access and handover in a low-orbit satellite network intermittent connection scenario.The scheme was based on a symmetrical cryptographic system.Based on hash function

XOR operation and timestamp

the safe access of the terminal to the satellite network was ensured.It reduced signaling overhead

bandwidth overhead

and computing overhead as well.In view of the link interruption

the solution was based on the current session key between the user and satellites to quickly and safely resume communication to ensured the quality of service.Through the orbit prediction technology

according to the current session key between the user and satellites and random number

the safe switching between satellites was realized

and the communication cost during the satellite switching process was reduced.The scheme realized the anonymity of user identity

and refreshed the temporary identity for the next authentication after successful authentication.

关键词

Keywords

references

CRUICKSHANK H S , . A security system for satellite networks [C ] // Proceedings of Fifth International Conference on Satellite Systems for Mobile Communications and Navigation . Piscataway:IEEE Press , 1996 : 187 - 190 .

HWANG M S , YANG C C , SHIU C Y . An authentication scheme for mobile satellite communication systems [J ] . ACM SIGOPS Operating Systems Review , 2003 , 37 ( 4 ): 42 - 47 .

YANG G M , HUANG Q , WONG D S , et al . Universal authentication protocols for anonymous wireless communications [J ] . IEEE Transactions on Wireless Communications , 2010 , 9 ( 1 ): 168 - 174 .

HE D J , CHEN C , CHAN S , et al . Secure and efficient handover authentication based on bilinear pairing functions [J ] . IEEE Transactions on Wireless Communications , 2012 , 11 ( 1 ): 48 - 53 .

YAN J , LU Y , LIU Y L , et al . Research on Beidou-based inter-domain identity authentication for mobile object [C ] // Proceedings of 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA) . Piscataway:IEEE Press , 2014 : 923 - 926 .

JIANG S R , ZHU X Y , WANG L M . An efficient anonymous batch authentication scheme based on HMAC for VANETs [J ] . IEEE Transactions on Intelligent Transportation Systems , 2016 , 17 ( 8 ): 2193 - 2204 .

BAO Q R , HOU M B , CHOO K K R . A one-pass identitybased authentication and key agreement protocol for wireless roaming [C ] // Proceedings of 2016 Sixth International Conference on Information Science and Technology (ICIST) . Piscataway:IEEE Press , 2016 : 443 - 447 .

3rd Generation Partnership Project . Technical specification group services and system aspects,General Packet Radio Service(GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (EUTRAN) access (Rel 15):3GPP TS 23.401 v15.3.0 [S ] . 2018 .

CAO J , MA M D , LI H , et al . A survey on security aspects for LTE and LTE-A networks [J ] . IEEE Communications Surveys ＆Tutorials , 2014 , 16 ( 1 ): 283 - 302 .

KIM Y , REN W , JO J Y , et al . SFRIC:a secure fast roaming scheme in wireless LAN using ID-based cryptography [C ] // Proceedings of 2007 IEEE International Conference on Communications . Piscataway:IEEE Press , 2007 : 1570 - 1575 .

CHOI J , JUNG S . A handover authentication using credentials based on chameleon hashing [J ] . IEEE Communications Letters , 2010 , 14 ( 1 ): 54 - 56 .

QIU Y , MA M D , WANG X L . A proxy signature-based handover authentication scheme for LTE wireless networks [J ] . Journal of Network and Computer Applications , 2017 , 83 : 63 - 71 .

3rd Generation Partnership Project . Technical Specification Group Services and System Aspects; Security architecture and procedures for 5G system (Rel 15):3GPP TS 33.501 v15.3.1 [S ] . 2018 .

CREMERS C , MAUW S . Operational semantics [M ] . Semantics and Verification of Security Protocols . Berlin,Heidelberg : Springer Berlin Heidelberg , 2012 .

侯峻峰 . 安全协议形式化验证方法和安全协议设计研究 [D ] . 北京:清华大学 , 2004 .

HOU J F . Research on formal verification and design of security protocols [D ] . Beijing:Tsinghua University , 2004 .

韩旭 , 陆思奇 , 程庆丰 . 形式化工具Scyther优化与实例分析 [J ] . 信息安全研究 , 2016 , 2 ( 3 ): 272 - 279 .

HAN X , LU S Q , CHENG Q F . The improvement and instance analysis of the formal verification tool scyther [J ] . Journal of Information Security Research , 2016 , 2 ( 3 ): 272 - 279 .

ALTAF I , ARSLAN A M , MAHMOOD K , et al . A novel authentication and key-agreement scheme for satellite communication network [J ] . Transactions on Emerging Telecommunications Technologies , 2021 , 32 ( 7 ): e3894 .

CHANG C C , CHENG T F , WU H L . An authentication and key agreement protocol for satellite communications [J ] . International Journal of Communication Systems , 2014 , 27 ( 10 ): 1994 - 2006 .

ZHANG Y Y , CHEN J H , HUANG B J . An improved authentication scheme for mobile satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2015 , 33 ( 2 ): 135 - 146 .

QI M P , CHEN J H , CHEN Y T . A secure authentication with key agreement scheme using ECC for satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2019 , 37 ( 3 ): 234 - 244 .

MA R H , CAO J , FENG D G , et al . LAA:lattice-based access authentication scheme for IoT in space information networks [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 4 ): 2791 - 2805 .

浏览量

1484

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向多类型终端的天地一体化信息网络接入与切换认证机制研究

6G天地一体化信息网络内生安全技术

卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究

天地一体化信息网络高速传输协议设计与若干关键技术研究

面向6G的天地一体化信息网络架构研究