Inter-satellite networking authentication system and method suitable for double-layer satellite network

Abstract

The invention belongs to the technical field of information safety, and discloses an inter-satellite networking authentication system and method suitable for a double-layer satellite network. The system comprises a ground authentication server, a high-orbit satellite authentication client and a low-orbit satellite authentication client, wherein the ground authentication server is used for completing initialization of a satellite authentication system, namely generating and distributing identity information, a secret key and track parameters which are needed for authentication between the satellites; the high-orbit satellite authentication client and the low-orbit satellite authentication client are main bodies of inter-satellite networking authentication, and the inter-satellite identity authentication and key negotiation are realized through the interaction of authentication parameters. An authentication precomputation mechanism is designed by utilizing the characteristics that a satellite network clock is highly synchronous and a node operation trajectory can be predicted, so that the authentication efficiency between the satellites is effectively improved. According to the system and the method, safe and efficient identity authentication and secret key negotiation of a high-orbit satellite and a low-orbit satellite in a networking stage can be realized, and the system and the method can be applied to networking authentication between the high-orbit satellite and the low-orbit satellite.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an inter-satellite network authentication system and method suitable for a double-layer satellite network. It can be used to provide satellite identity authentication services for commercial satellite networks during satellite networking, and can realize trust establishment and secure communication between satellites without the participation of a trusted third party. Background technique [0002] At present, the existing technologies commonly used in the industry are as follows: [0003] Since the current satellite network contains a small number of satellites, such as Iridium (66) and GPS (24), the satellite network is mainly controlled by the ground station. Satellite network authentication usually adopts the way that the ground station directly assigns authentication parameters, session keys, etc. to the satellite. In this control structure, satelli...

AI Technical Summary

Problems solved by technology

[0009] (1) Inter-satellite identity authentication requires ground participation. Without the participation of trusted third parties such as ground stations, it is difficult to achieve independent and independent trust establishment and secure communication between satellites, which is not suitable for satellite network groups with massive nodes. network scene;

[0010] (2) Inter-satellite identity authentication does not protect its own identity information, so that attackers can use the intercepted plaintext identity information to forge access requests, thereby carrying out attacks such as denial of service and interfering with satellite networking;

[0011] (3) The calculation overhead of inter-satellite identity authentication will affect the authentication delay. Compared with the satellite network with a small number of nodes, in the satellite network with a large number of nodes, due to the more frequent network authentication, the inter-satellite network will be due to the satellite network. Authentication delay due to computer computing power problem

Images