Identity-based authentication method for space-based network

Abstract

The invention discloses an identity-based authentication method for a space-based network, and aims to solve the problem of security authentication of a ground terminal and a satellite in the space-based network and improve the security of space-based network communication. According to the technical scheme, the method comprises the following steps: firstly, constructing an identity-based authentication system for a space-based network consisting of a ground terminal, a key generation center (KGC) and a low-orbit satellite; by an initialization calculation module of the KGC, calculating a system master key and public parameters; and by a private key calculation module of the KGC, calculating a corresponding private key and distributing the private key and the public parameters to the ground terminal and the satellite. When a terminal TEA gets access, bidirectional authentication and session key negotiation of a current overhead satellite LEOA and the TEA are carried out, then the LEOA and the TEA normally communicate with each other, if the LEOA determines that the LEOA is about to leave a current area at the end of service, inter-satellite switching authentication is carried out, if the LEOA determines that the LEOA is not about to leave the current area at the end of service, the LEOA and the TEA continue to communicate with each other. According to the invention, the size of the transmitted message is effectively reduced, and fast switching authentication and session key negotiation are realized while the security is ensured.

Description

technical field [0001] The invention relates to the field of space network security communication, in particular to an identity-based authentication method for a space-based network. Background technique [0002] As a powerful supplement to traditional terrestrial networks, space-based networks can provide access services to special areas such as deserts, achieving true global interconnection. However, due to the natural open environment of satellite communications, it is easy for malicious attackers to obtain communication data between satellites and ground or pretend to be legitimate users to issue malicious instructions. These behaviors pose a great challenge to the security of space-based networks. Therefore, the space-based network needs an authentication scheme to ensure its own operation security; authentication has two main functions: one is to identify the legitimacy of the ground terminal, to ensure that only legal terminals can send the acquired data to the satell...

AI Technical Summary

Problems solved by technology

[0005] (2) High network transmission delay

[0006] (3) Limited network bandwidth resources

[0007] (4) The computing and storage capacity of the ground terminal and on-board is limited

In this method, both communication parties need to send their own digital certificates to each other, and the overhead of communication and calculation is relatively large, which is not suitable for the current space-based network environment with limited communication bandwidth.

[0010] (2) The source authentication method based on the extended broadcast authentication protocol certificate refers to using the satellite as the authentication center to generate the extended broadcast authentication protocol certificate and run the source authentication protocol. This method reduces the overhead brought by the traditional digital certificate transmission, but High requirements for on-board computing and storage capacity, high cost, not conducive to promotion

But there is no public literature on the use of identity-based signature algorithm with message recovery function for mutual authentication and session key agreement between satellites and ground terminals in space-based networks

Images