Credible authentication system between ground network operation control center and satellite under environment of interconnection of mobile grids

A network operation and control center technology, applied in wireless communications, electrical components, security devices, etc., can solve problems such as lack of trusted authentication systems, and achieve the effect of resisting denial of service attacks, reducing resource consumption, and reducing the amount of calculation.

Inactive Publication Date: 2013-07-03
WUXI NANLIGONG TECH DEV
0 Cites 2 Cited by

AI-Extracted Technical Summary

Problems solved by technology

At present, there is still a lack of a trusted authentication syste...
View more

Method used

[0026] And the key forms a digital envelope along with the encrypted information and sends it to the satellite node. If the digital envelope is intercepted during transmission, the intercepted information is of no use to the interceptor: if you need to obtain the plaintext of the data, you need to know the encrypted sym...
View more

Abstract

Provided is a credible authentication system between a ground network operation control center and a satellite under the environment of interconnection of mobile grids. Whether a node requesting authentication is within a legitimate node area is judged in a Compressed Bloom Filter method, and only when the node passes the judgment can a certificate be verified. If the judgment is not firstly carried out, an illegal node may constantly send false certificates to the legitimate node, the legitimate node constantly carries out a large-number exponent arithmetic, and in terms of a satellite node with limited resources, paralysis of the satellite node is caused. Therefore, the credible authentication system can effectively defend attacks of denial of service in authentication.

Application Domain

Security arrangement

Technology Topic

Authentication systemSatellite +5

Image

  • Credible authentication system between ground network operation control center and satellite under environment of interconnection of mobile grids
  • Credible authentication system between ground network operation control center and satellite under environment of interconnection of mobile grids
  • Credible authentication system between ground network operation control center and satellite under environment of interconnection of mobile grids

Examples

  • Experimental program(1)

Example Embodiment

[0017] The present invention will be further described below in conjunction with the drawings and embodiments.
[0018] Such as figure 1 As shown, the security certification between the network operation control center and the satellite is mainly divided into three steps, which are described as follows:
[0019] Step 1: The party that needs to initiate communication. Since the communication process is equivalent and interchangeable, suppose the network operation control center initiates communication, and the network operation control center sends the pseudo name and certificate of the machine to the satellite for authentication;
[0020] Step 2: After receiving the message, the satellite first calculates the Compressed Bloom Filters value of the sender’s pseudonym, and performs preliminary authentication to see if the sender can be trusted. If the pseudonym verification fails, this authentication fails and ends Communication, if the authentication is successful, perform the third step, which can effectively prevent denial of service attacks during authentication;
[0021] Step 3: The satellite uses the public key of the highest domain to verify the sender’s certificate. If the verification fails, the authentication fails and the communication ends. If the authentication succeeds, the satellite sends its pseudonym and certificate as a reply;
[0022] Step 4: After receiving the information, the network operation control center also first calculates the Compressed Bloom Filters value of the sender’s pseudonym, and performs preliminary authentication to see if the sender can be trusted. If the pseudonym verification fails, this authentication If it fails, end the communication, if the authentication is successful, then execute the fifth step;
[0023] Step 5: The network operation control center uses the public key of the highest domain to verify the certificate of the satellite node. If the authentication fails, the authentication fails and the communication ends. If the authentication succeeds, both parties complete the security authentication and establish a trusted authentication.
[0024] Such as figure 2 As shown, at the beginning of the data encryption process, a key needs to be generated first, which will be used as the key of the symmetric encryption algorithm. The symmetric key is mainly used to encrypt the information exchanged by the communication double transmission. Due to the efficiency of the symmetric encryption algorithm, it can be known that the efficiency of the encryption process is acceptable. The transmission of the symmetric key can be solved by an asymmetric cryptographic algorithm.
[0025] In the security certification between the network operation control center and the satellite, the network operation control center and the satellite node have completed the certificate exchange, and the network operation control center obtains the public key used by the satellite node from the received satellite node certificate and uses it To encrypt a random symmetric key. Although the encryption efficiency of the asymmetric cryptosystem is not high, the size of the key is small because of the information that needs to be encrypted (this system uses DES symmetric encryption, the key is 128 bits), so the time efficiency is acceptable. The act of using the key of the asymmetric key algorithm to encrypt the key of the symmetric cryptographic algorithm is called key packaging.
[0026] The key forms a digital envelope along with the encrypted information and sends it to the satellite node. If the digital envelope is intercepted by someone during transmission, the intercepted information is of no use to the interceptor: if you need to obtain the plaintext of the data, you need to know the encrypted symmetric key, and the symmetric encryption key is used by the satellite node The public key of is encrypted. To obtain the symmetric key, you need to know the private key of the satellite node, and this is obviously impossible. A unique serial number can be added to the plaintext data to prevent replay attacks.
[0027] Such as image 3 As shown, the satellite node needs to decrypt after receiving the digital envelope. The decryption process
[0028] The first step: There is a digital envelope to obtain the encrypted information and the encrypted key;
[0029] Step 2: The satellite node uses its private key to decrypt the symmetric key;
[0030] Step 3: Use the symmetric key obtained in the previous step to decrypt the information key to obtain the plaintext data, determine whether the serial number has expired, if it expires, discard the data plaintext, if it does not expire, proceed to the next step;
[0031] The fourth step: the satellite node obtains the sending authority through the certificate check, and judges whether to perform the corresponding operation or modify the corresponding data according to the obtained result.

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.

Similar technology patents

Constructing method and terminal of iOS application

Owner:FUJIAN TIANQUAN EDUCATION TECH LTD

Differential relay protection communication device based on 5G communication, system and method

Owner:JINING POWER SUPPLY CO OF STATE GRID SHANDONG ELECTRIC POWER CO +1

Classification and recommendation of technical efficacy words

  • Reduce resource consumption

General purpose Portland cement based ultra-light physical foamed concrete

ActiveCN104774033AReduce raw material usageReduce resource consumption
Owner:SOUTHWEAT UNIV OF SCI & TECH

Method and system for freezing/thawing procedures

InactiveCN103744681AReduce resource consumptionPower saving system operating efficiency
Owner:GUANGZHOU JIUBANG DIGITAL TECH

Method and device for processing resource allocation as well as network service system

InactiveCN102143484AReduce resource consumptionReduce signaling processing pressure
Owner:HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products