卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究

卜秋雨; 曹进; 程利甫; 马如慧; 李晖

doi:10.11959/j.issn.2096-8930.2023017

您当前的位置：

首页 >

文章列表页 >

卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究

专题：卫星互联网安全技术 | 更新时间：2024-06-03

- 卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究
- Research on Access Authentication and Re-Authentication Mechanism of User Devices in Terrestrial Default Scenario in Satellite Internet
- 天地一体化信息网络 2023年4卷第2期页码：31-46
- 作者机构：
  
  1. 西安电子科技大学网络与信息安全学院，陕西西安 710126
  2. 上海航天电子技术研究所，上海 201109
- 作者简介：
  
  [ "卜秋雨（1998- ），女，西安电子科技大学网络与信息安全学院硕士生，主要研究方向为4G/5G网络、卫星互联网安全认证机制研究等" ]
  [ "曹进（1985- ），男，博士，西安电子科技大学网络与信息安全学院教授、博士生导师，主要研究方向为 4G/5G 网络、卫星互联网安全性及认证协议设计与分析等" ]
  [ "程利甫（1985- ），男，上海航天电子技术研究所高级工程师，主要研究方向为空间信息安全、高性能星载计算机等" ]
  [ "马如慧（1991- ），女，博士，西安电子科技大学网络与信息安全学院讲师，主要研究方向为 4G/5G 网络、卫星互联网安全认证机制研究等" ]
  [ "李晖（1968- ），男，博士，西安电子科技大学网络与信息安全学院教授、博士生导师，主要研究方向为密码学、无线网络安全、信息理论和网络编码等" ]
- 基金信息：
  
  国家自然科学基金面上项目;The National Natural Science Foundation of China(61772404)
- DOI：10.11959/j.issn.2096-8930.2023017
  中图分类号： TP302
- 网络出版日期：2023-06，
  
  纸质出版日期：2023-06-20
- 稿件说明：
移动端阅览
卜秋雨, 曹进, 程利甫, 等. 卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究[J]. 天地一体化信息网络, 2023,4(2):31-46.

Qiuyu BU, Jin CAO, Lifu CHENG, et al. Research on Access Authentication and Re-Authentication Mechanism of User Devices in Terrestrial Default Scenario in Satellite Internet[J]. Space-integrated-ground information networks, 2023, 4(2): 31-46.
卜秋雨, 曹进, 程利甫, 等. 卫星互联网地面缺省场景下用户设备的接入认证及重认证机制研究[J]. 天地一体化信息网络, 2023,4(2):31-46. DOI： 10.11959/j.issn.2096-8930.2023017.

Qiuyu BU, Jin CAO, Lifu CHENG, et al. Research on Access Authentication and Re-Authentication Mechanism of User Devices in Terrestrial Default Scenario in Satellite Internet[J]. Space-integrated-ground information networks, 2023, 4(2): 31-46. DOI： 10.11959/j.issn.2096-8930.2023017.

摘要

针对当前用户设备接入认证机制均需要地面参与带来较大的通信时延以及可扩展性差等问题，提出一种卫星互联网地面缺省场景下的用户设备接入认证及重认证协议，并进一步针对用户设备认证过程中可能发生断电重新连接和AV不同步等问题，提出一种断电重连场景下的用户设备快速认证机制和AV快速安全同步机制，确保用户可以安全地接入卫星网络并获取相关服务。在所提出的方案中，利用初次接入认证中生成的AV向量来辅助重认证过程完成实体之间的身份认证，无须网络控制中心的参与，保障了通信系统的容灾性。形式化验证工具 Scyther 表明，该协议可以抵抗常见的协议攻击，保障通信过程中的机密性和完整性，并且具有较小的计算、带宽以及存储开销，适用于卫星互联网。

Abstract

For the current user device access authentication mechanism requires ground participation to bring about large communication delays and poor scalability

a user device access authentication and re-authentication protocol in the ground default scenario in the space-ground integrated network was proposed

and further for the user device authentication process may occur in the power outage reconnection and AV asynchronization and other problems

a user device fast authentication mechanism and AV fast security synchronization mechanism under power failure reconnection scenario were proposed to ensured that users could safely accessed the satellite network and obtain related services.In the proposed scheme

the AV vector generated in the initial access authentication was used to assisted the re-authentication process to completed the authentication between entities without the involvement of the network control center

which guaranteed the communication system resilience.The formal verification tool Scyther showed that the proposed protocol was resistant to common protocol attacks

guaranteed the confidentiality and integrity of the communication process

and had a small signaling

computational

and bandwidth overhead

made it suitable for the satellite internet.

关键词

Keywords

references

ALSHARIF M H , KELECHI A H , ALBREEM M A , et al . Sixth generation (6G) wireless networks:vision,research activities,challenges and potential solutions [J ] . Symmetry , 2020 , 12 ( 4 ): 676 .

吴巍 . 天地一体化信息网络发展综述 [J ] . 天地一体化信息网络 , 2020 , 1 ( 1 ): 1 - 16 .

WU W . Survey on the development of space-integrated-ground information network [J ] . Space-Integrated-Ground Information Networks , 2020 , 1 ( 1 ): 1 - 16 .

SHENG M , ZHOU D , LIU R Z , et al . Resource mobility in space information networks:opportunities,challenges,and approaches [J ] . IEEE Network , 2019 , 33 ( 1 ): 128 - 135 .

李凤华 , 殷丽华 , 吴巍 , 等 . 天地一体化信息网络安全保障技术研究进展及发展趋势 [J ] . 通信学报 , 2016 , 37 ( 11 ): 156 - 168 .

LI F H , YIN L H , WU W , et al . Research status and development trends of security assurance for space-ground integration information network [J ] . Journal on Communications , 2016 , 37 ( 11 ): 156 - 168 .

曾勇 , 王驭 , 徐文斌 , 等 . 无线链路安全防护技术探讨 [J ] . 信息安全与通信保密 , 2020 , 18 ( 10 ): 100 - 106 .

ZENG Y , WANG Y , XU W B , et al . Discussion on the wireless link security protection technology of the space-ground integrated information network [J ] . Information Security and Communications Privacy , 2020 , 18 ( 10 ): 100 - 106 .

曹进 , 陈李兰 , 马如慧 , 等 . 面向多类型终端的天地一体化信息网络接入与切换认证机制研究 [J ] . 天地一体化信息网络 , 2021 ( 3 ): 2 - 14 .

CAO J , CHEN L L , MA R H , et al . Research on access and handover authentication mechanism of space-integrated-ground information network for multi-type terminals [J ] . Space-IntegratedGround Information Networks , 2021 ( 3 ): 2 - 14 .

CRUICKSHANK H S . A security system for satellite networks [C ] // Proceedings of Fifth International Conference on Satellite Systems for Mobile Communications and Navigation . London:IET , 2002 : 187 - 190 .

TZUNG-HER C , WEI-BIN L , HSING-BAI C . A self-verification authentication mechanism for mobile satellite communication systems [J ] . Computers ＆ Electrical Engineering , 2009 , 35 ( 1 ): 41 - 48 .

任方 , 马建峰 , 郝选文 . 空间信息网基于证书的混合式公钥基础设施 [J ] . 吉林大学学报(工学版) , 2012 , 42 ( 2 ): 440 - 445 .

REN F , MA J F , HAO X W . Certificate-based hybrid public key infrastructure for space information networks [J ] . Journal of Jilin University (Engineering and Technology Edition) , 2012 , 42 ( 2 ): 440 - 445 .

IBRAHIM M H , KUMARI S , DAS A K , et al . Jamming resistant non-interactive anonymous and unlinkable authentication scheme for mobile satellite networks [J ] . Security and Communication Networks , 2016 , 9 ( 18 ): 5563 - 5580 .

QI M P , CHEN J H , CHEN Y T . A secure authentication with key agreement scheme using ECC for satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2019 , 37 ( 3 ): 234 - 244 .

SEROUSSI G . Elliptic curve cryptography [C ] // Proceedings of 1999 Information Theory and Networking Workshop (Cat.No.99EX371) . Piscataway:IEEE Press , 2002 :41.

XUE K P , MENG W , LI S H , et al . A secure and efficient access and handover authentication protocol for Internet of Things in space information networks [J ] . IEEE Internet of Things Journal , 2019 , 6 ( 3 ): 5485 - 5499 .

MENG W , XUE K P , XU J , et al . Low-latency authentication against satellite compromising for space information network [C ] // Proceedings of 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS) . Piscataway:IEEE Press , 2018 : 237 - 244 .

LIU Y , NI L Q , PENG M G . A secure and efficient authentication protocol for satellite-terrestrial networks [J ] . IEEE Internet of Things Journal , 2023 , 10 ( 7 ): 5810 - 5822 .

MA R H , CAO J , FENG D G , et al . LAA:lattice-based access authentication scheme for IoT in space information networks [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 4 ): 2791 - 2805 .

HWANG M S , YANG C C , SHIU C Y . An authentication scheme for mobile satellite communication systems [J ] . ACM SIGOPS Operating Systems Review , 2003 , 37 ( 4 ): 42 - 47 .

LASC I , DOJEN R , COFFEY T . Countering jamming attacks against an authentication and key agreement protocol for mobile satellite communications [J ] . Computers ＆ Electrical Engineering , 2011 , 37 ( 2 ): 160 - 168 .

张子剑 , 周琪 , 张川 , 等 . 新的低轨星座组网认证与群组密钥协商协议 [J ] . 通信学报 , 2018 , 39 ( 6 ): 146 - 154 .

ZHANG Z J , ZHOU Q , ZHANG C , et al . New low-earth orbit satellites authentication and group key agreement protocol [J ] . Journal on Communications , 2018 , 39 ( 6 ): 146 - 154 .

朱辉 , 陈思宇 , 李凤华 , 等 . 面向低轨卫星网络的用户随遇接入认证协议 [J ] . 清华大学学报(自然科学版) , 2019 , 59 ( 1 ): 1 - 8 .

ZHU H , CHEN S Y , LI F H , et al . User random access authentication protocol for low earth orbit satellite networks [J ] . Journal of Tsinghua University (Science and Technology) , 2019 , 59 ( 1 ): 1 - 8 .

QI M P , CHEN J H . An enhanced authentication with key agreement scheme for satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2018 , 36 ( 3 ): 296 - 304 .

ALTAF I , ARSLAN A M , MAHMOOD K , et al . A novel authentication and key-agreement scheme for satellite communication network [J ] . Transactions on Emerging Telecommunications Technologies , 2021 , 32 ( 7 ): e3894 .

CHEN Y L , CHEN J H . An enhanced dynamic authentication scheme for mobile satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2021 , 39 ( 3 ): 250 - 262 .

KUMAR U , GARG M . A note on an enhanced dynamic authentication scheme for mobile satellite communication systems [J ] . International Journal of Satellite Communications and Networking , 2022 , 40 ( 5 ): 317 - 329 .

CASONI M , GRAZIA C , KLAPEZ M , et al . Integration of satellite and LTE for disaster recovery [J ] . IEEE Communications Magazine , 2015 , 53 ( 3 ): 47 - 53 .

韩旭 , 陆思奇 , 程庆丰 . 形式化工具Scyther优化与实例分析 [J ] . 信息安全研究 , 2016 , 2 ( 3 ): 272 - 279 .

HAN X , LU S Q , CHENG Q F . The improvement and instance analysis of the formal verification tool scyther [J ] . Journal of Information Security Research , 2016 , 2 ( 3 ): 272 - 279 .

陆思奇 , 杨忠霖 , 程庆丰 . 形式化分析工具 Scyther 性能研究 [C ] // 第十九届全国青年通信学术年会论文集 . [出版地不详,出版者不详] , 2014 : 217 - 224 .

LU S Q , YANG Z L , CHENG Q F , et al . The research of formal verification tool scyther [C ] // Proceedings of the 19th Annual National Youth Communication Academic Conference . [S.l:s.n] , 2014 : 217 - 224 .

BERINGER L , PETCHER A , YE K Q , et al . Verified correctness and security of OpenSSL HMAC [C ] // Proceedings of the 24th USENIX Conference on Security Symposium . New York:ACM , 2015 : 207 - 221 .

浏览量

548

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于移动目标防御的卫星互联网防御系统设计

面向高通量卫星网络的多基带系统载波统一调配技术

卫星互联网应用与挑战

基于低轨卫星互联网的双模通信终端技术

卫星互联网安全风险及应对措施分析