网络与信息安全学报 (Feb 2023)
Fusion of satellite-ground and inter-satellite AKA protocols for double-layer satellite networks
Abstract
With the characteristics of large space-time and satellite-ground network integration, the space integrated ground network has attracted much attention.Satellites can not only be used as emergency communication supplements, but also serve as air stations to expand the coverage of terrestrial networks, occupying an important position in both military and civilian scenarios.The entity authentication and key negotiation mechanism can prevent the malicious entities from joining the integrated network to steal users’ privacy, and guarantee network information security.In view of the characteristics of the high satellite-ground transmission delays, exposed links, limited processing capability and dynamic topology of the integrated network, a lightweight authentication scheme between satellites and ground suitable for double-layer satellite network was proposed to achieve a secure satellite networking architecture with session keys to protect data transmission.The scheme was based on symmetric cryptographic system, using lightweight cryptographic algorithms and introducing group key and hierarchical management mechanisms.The proposed scheme included three parts: inter-satellite authentication for geostationary earth orbit satellites, layer and inter-satellite authentication for same low earth orbit, and inter-satellite authentication for adjacent low earth orbit satellites.The group key and hierarchical management mechanism improved the efficiency of inter-group information transfer, reduced the authentication pressure on the ground control center, and enhanced the authentication security strength by realizing double verification in the three-entities authentication protocol.Different from the previous single scene authentication, the proposed authentication protocol took the form of multiplexing authentication parameters, which can realize the authentication requirements of dual scenes in one process.The results of Scyther, a protocol formal security simulation tool, show that the proposed scheme achieves secure access authentication.Compared with existing protocols, the proposed scheme improves authentication security and reduces communication and computational overhead.