空间信息网络中基于动态撤销机制的安全高效批量认证方案

doi:10.11959/j.issn.1000-436x.2022063

Abstract

Abstract:

A secure and efficient batch authentication scheme based on dynamic revocation mechanism was proposed for the problem of cross-domain authentication of a large number of mobile users in space information networks.Early key negotiation was achieved by predicting the satellite trajectory and updating the session key in real time.Algorithms were designed for a single as well as a large number of mobile terminals to perform signing and verification, which effectively reduce the computational burden of satellites.Cuckoo filters were adopted by the new scheme to achieve dynamic revocation and malicious access control of mobile terminals.Finally, under the Diffie-Hellman assumption, the proposed scheme was proved to be resistant to replay and man-in-the-middle attacks based on a random oracle model and automated validation of internet security protocols and applications.Security goals such as traceability and revocability were achieved by the scheme, thus improving the efficiency of transmission and computation by more than 80% and 20%, respectively, compared with the existing optimal scheme.

Key words: space information network, key agreement, dynamic revocation, batch authentication, AVISPA

CLC Number:

TP309

Yinghui ZHANG, Lingyun HU, Yixin LI, Jianting NING, Dong ZHENG. Secure and efficient batch authentication scheme based on dynamic revocation mechanism in space information network[J]. Journal on Communications, 2022, 43(4): 164-176.

Figures/Tables 10

References 29

[1]	李凤华, 殷丽华, 吴巍 ,等. 天地一体化信息网络安全保障技术研究进展及发展趋势[J]. 通信学报, 2016,37(11): 156-168.
	LI F H , YIN L H , WU W ,et al. Research status and development trends of security assurance for space-ground integration information network[J]. Journal on Communications, 2016,37(11): 156-168.
[2]	KHALILI H , KHODASHENAS P S , SIDDIQUI S . On the orchestration of integrated satellite components in 5G networks and beyond[C]// Proceedings of 2020 22nd International Conference on Transparent Optical Networks (ICTON). Piscataway:IEEE Press, 2020: 1-4.
[3]	ZHANG J X , ZHANG X , WANG P ,et al. Double-edge intelligent integrated satellite terrestrial networks[J]. China Communications, 2020,17(9): 128-146.
[4]	薛开平, 马永金, 洪佳楠 ,等. 天地一体化网络中基于令牌的安全高效漫游认证方案[J]. 通信学报, 2018,39(5): 48-58.
	XUE K P , MA Y J , HONG J N ,et al. Secure and efficient token based roaming authentication scheme for space-earth integration network[J]. Journal on Communications, 2018,39(5): 48-58.
[5]	LARCOM J A , LIU H . Modeling and characterization of GPS spoofing[C]// Proceedings of 2013 IEEE International Conference on Technologies for Homeland Security. Piscataway:IEEE Press, 2013: 729-734.
[6]	SHENG J , CAI X Q , LI Q Y ,et al. Space-air-ground integrated network development and applications in high-speed railways:a survey[J]. IEEE Transactions on Intelligent Transportation Systems, 2021,PP(99): 1-20.
[7]	SCHRAML M G , SCHWARZ R T , KNOPP A . Multiuser MIMO concept for physical layer security in multibeam satellite systems[J]. IEEE Transactions on Information Forensics and Security, 2021,16: 1670-1680.
[8]	KALANTARI A , ZHENG G , GAO Z ,et al. Secrecy analysis on network coding in bidirectional multibeam satellite communications[J]. IEEE Transactions on Information Forensics and Security, 2015,10(9): 1862-1874.
[9]	徐国愚, 陈性元, 杜学绘 . 一种新的基于上下文传递的临近空间安全切换机制[J]. 计算机科学, 2013,40(4): 160-163.
	XU G Y , CHEN X Y , DU X H . New near space security handoff scheme based on context transfer[J]. Computer Science, 2013,40(4): 160-163.
[10]	SU K , DONG Q Z , ZHU W Q . Space information security and cyberspace defense technology[C]// Proceedings of 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber,Physical and Social Computing. Piscataway:IEEE Press, 2013: 1509-1511.
[11]	DING X H , ZHANG Z L , LIU D P . Low-delay secure handover for space-air-ground integrated networks[C]// Proceedings of 2020 IEEE 31st Annual International Symposium on Personal,Indoor and Mobile Radio Communications. Piscataway:IEEE Press, 2020: 1-6.
[12]	CRUICKSHANK H S , . A security system for satellite networks[C]// Proceedings of the Fifth International Conference on Satellite Systems for the Mobile Communications and Navigation. London:IET, 1996: 187-190.
[13]	HWANG M S , YANG C C , SHIU C Y . An authentication scheme for mobile satellite communication systems[J]. ACM SIGOPS Operating Systems Review, 2003,37(4): 42-47.
[14]	CHANG Y F , CHANG C C . An efficient authentication protocol for mobile satellite communication systems[J]. ACM SIGOPS Operating Systems Review, 2005,39(1): 70-84.
[15]	WANG Y , ZHANG W F , WANG X M . A lightweight and secure authentication protocol for space-ground integrated network of railway[C]// Proceedings of 2021 International Conference on Communications,Information System and Computer Engineering (CISCE). Piscataway:IEEE Press, 2021: 30-35.
[16]	ZHANG Y H , DENG R H , BERTINO E ,et al. Robust and universal seamless handover authentication in 5G HetNets[J]. IEEE Transactions on Dependable and Secure Computing, 2021,18(2): 858-874.
[17]	XUE K P , MENG W , ZHOU H C ,et al. A lightweight and secure group key based handover authentication protocol for the software-defined space information network[J]. IEEE Transactions on Wireless Communications, 2020,19(6): 3673-3684.
[18]	周彦伟, 杨波, 张文政 . 异构无线网络可控匿名漫游认证协议[J]. 电子学报, 2016,44(5): 1117-1123.
	ZHOU Y W , YANG B , ZHANG W Z . Controllable and anonymous roaming protocol for heterogeneous wireless network[J]. Acta Electronica Sinica, 2016,44(5): 1117-1123.
[19]	刘丹, 石润华, 张顺 ,等. 无线网络中基于无证书聚合签名的高效匿名漫游认证方案[J]. 通信学报, 2016,37(7): 182-192.
	LIU D , SHI R H , ZHANG S ,et al. Efficient anonymous roaming authentication scheme using certificateless aggregate signature in wireless network[J]. Journal on Communications, 2016,37(7): 182-192.
[20]	许芷岩, 吴黎兵, 李莉 ,等. 无线漫游认证中可证安全的无证书聚合签名方案[J]. 通信学报, 2017,38(7): 123-130.
	XU Z Y , WU L B , LI L ,et al. Provably secure certificateless aggregate signature scheme in wireless roaming authentication[J]. Journal on Communications, 2017,38(7): 123-130.
[21]	WANG L , ZHANG X J , ZHANG A Q ,et al. EGIP:an efficient group identification protocol in roaming network[C]// Proceedings of 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC). Piscataway:IEEE Press, 2017: 1280-1284.
[22]	XUE K P , MENG W , LI S H ,et al. A secure and efficient access and handover authentication protocol for Internet of things in space information networks[J]. IEEE Internet of Things Journal, 2019,6(3): 5485-5499.
[23]	MENG W , XUE K P , XU J ,et al. Low-latency authentication against satellite compromising for space information network[C]// Proceedings of 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems. Piscataway:IEEE Press, 2018: 237-244.
[24]	IBRAHIM M H , KUMARI S , DAS A K ,et al. Jamming resistant non-interactive anonymous and unlinkable authentication scheme for mobile satellite networks[J]. Security and Communication Networks, 2016,9(18): 5563-5580.
[25]	GUO J Y , DU Y . A secure three-factor anonymous roaming authentication protocol using ECC for space information networks[J]. Peer-to-Peer Networking and Applications, 2021,14(2): 898-916.
[26]	FAN B , ANDERSEN D G , KAMINSKY M ,et al. Cuckoo filter:practically better than bloom[C]// Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies. New York:ACM Press, 2014: 75-88.
[27]	唐郑熠, 李祥 . Dolev-Yao 攻击者模型的形式化描述[J]. 计算机工程与科学, 2010,32(8): 36-38,45.
	TANG Z Y , LI X . The formalization description of the Dolev-Yao intruder model[J]. Computer Engineering ＆ Science, 2010,32(8): 36-38,45.
[28]	BLANCO V , GONZáLEZ P , CABALEIRO J C ,et al. AVISPA:visualizing the performance prediction of parallel iterative solvers[J]. Future Generation Computer Systems, 2003,19(5): 721-733.
[29]	DE C A , IOVINO V . jPBC:Java pairing based cryptography[C]// Proceedings of 2011 IEEE Symposium on Computers and Communications. Piscataway:IEEE Press, 2011: 850-855.

Metrics

Recommended 0

No Suggested Reading articles found!

符号	定义
G	椭圆曲线E_p的基点
n	基点G 的阶
H ₁,H₂,H₃	映射到椭圆曲线E_p上的哈希函数

方案	双向认证	匿名性	可追踪性	抗重放攻击	抗DoS攻击
文献[15]方案	√	×	√	√	×
文献[22]方案	√	√	√	√	×
文献[25]方案	√	√	×	√	√
本文方案	√	√	√	√	√

Secure and efficient batch authentication scheme based on dynamic revocation mechanism in space information network

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 29

Related Articles 15

Metrics

Recommended 0

[1]	Haibo ZHANG, Kai LAN, Zhou CHEN, Ruyan WANG, Can ZOU, Mingyue WANG. Ring-based efficient batch authentication and group key agreement protocol with anonymity in Internet of vehicles [J]. Journal on Communications, 2023, 44(6): 103-116.
[2]	Xuejiao LIU, Qiang ZHONG, Yingjie XIA. Efficient authentication scheme for cross-trust domain of IoV based on double-layer shard blockchain [J]. Journal on Communications, 2023, 44(5): 213-223.
[3]	Haibo ZHANG, Zhou CHEN, Hongwu HUANG, Xiaofan HE. Intra-group mutual authentication key agreement protocol based on Chinese remainder theorem in VANET system [J]. Journal on Communications, 2022, 43(1): 182-193.
[4]	Zhiqiang YAO, Zhirong ZHU, Guohua YE. Achieving resist against DHCP man-in-the-middle attack scheme based on key agreement [J]. Journal on Communications, 2021, 42(8): 103-110.
[5]	Qimei CUI, Wenjing ZHAO, Xiaoyang GU, Zengbao ZHU, Xiaoxuan ZHU, Xiaofeng TAO, Wei NI. Efficient handover authentication and secure key-updating mechanism for B5G networks [J]. Journal on Communications, 2021, 42(12): 96-108.
[6]	XUE Kaiping,ZHOU Huancheng,MENG Wei,LI Shaohua. Secure authentication enhancement scheme for seamless handover and roaming in space information network [J]. Journal on Communications, 2019, 40(6): 138-147.
[7]	You HE,Libo YAO,Zhengjie JIANG. Summary and future development of marine target surveillance based on spatial information network [J]. Journal on Communications, 2019, 40(4): 1-9.
[8]	Zijian ZHANG,Qi ZHOU,Chuan ZHANG,Xiaoyao TONG,Chunlei LI,Long WANG. New low-earth orbit satellites authentication and group key agreement protocol [J]. Journal on Communications, 2018, 39(6): 146-154.
[9]	Heng-zhi LI,Chun-feng WANG. Simulation and analysis of software defined cognitive frequency hopping multi beam satellite system [J]. Journal on Communications, 2017, 38(Z2): 51-55.
[10]	Shao-bo YU,Ling-da WU,Xi-tao ZHANG. Research on space information representation model based on formal concept analysis [J]. Journal on Communications, 2017, 38(Z2): 78-85.
[11]	Shao-bo YU,Ling-da WU,Xi-tao ZHANG. DaaC:an architecture modeling of space information network [J]. Journal on Communications, 2017, 38(Z1): 165-170.
[12]	Xin-ying MA,Zhi CHEN,Si MA,Jun FANG. The key technologies of millimeter wave MIMO communication system in space information network [J]. Journal on Communications, 2017, 38(Z1): 179-185.
[13]	Zhen WANG,Zhao-feng MA,Shou-shan LUO. Identity-based efficient authentication and key agreement protocol for mobile Internet [J]. Journal on Communications, 2017, 38(8): 19-27.
[14]	Xiao-wei LI,Deng-qi YANG,Ben-hui CHEN,Yu-qing ZHANG. Two-factor authenticated key agreement protocol based on biometric feature and password [J]. Journal on Communications, 2017, 38(7): 89-95.
[15]	Hang SU,Jian-wei LIU,Rui TAO. Hierarchical certificateless authenticated key agreement protocol [J]. Journal on Communications, 2016, 37(7): 161-171.