浏览全部资源
扫码关注微信
空间信息网络中基于动态撤销机制的安全高效批量认证方案
Secure and efficient batch authentication scheme based on dynamic revocation mechanism in space information network
- 通信学报 2022年43卷第4期 页码:164-176
- 作者机构:
1. 西安邮电大学网络空间安全学院,陕西 西安 710121
2. 福建师范大学福建省网络安全与密码技术重点实验室,福建 福州 350007
3. 西安邮电大学无线网络安全技术国家工程实验室,陕西 西安 710121
4. 中国科学院信息工程研究所信息安全国家重点实验室,北京 100093
5. 卫士通摩石实验室,北京 100070
- 作者简介:
[ "张应辉(1985- ),男,陕西西安人,博士,西安邮电大学教授,主要研究方向为公钥密码学、云安全和无线网络安全" ]
[ "胡凌云(1998- ),女,安徽马鞍山人,西安邮电大学硕士生,主要研究方向为无线网络安全和通信协议安全" ]
[ "李艺昕(1996- ),女,陕西西安人,西安邮电大学硕士生,主要研究方向为云安全和无线网络安全" ]
[ "宁建廷(1988- ),男,浙江衢州人,博士,中国科学院教授,主要研究方向为公钥密码学和云安全" ]
[ "郑东(1964- ),男,山西临汾人,博士,西安邮电大学教授,主要研究方向为编码密码学和网络安全" ]
- 基金信息:国家自然科学基金资助项目(62072369);国家自然科学基金资助项目(62072371);国家自然科学基金资助项目(61972094);陕西省创新能力支持计划基金资助项目(2020KJXX-052);陕西省特支计划青年拔尖人才支持计划基金资助项目;陕西省重点研发计划基金资助项目(2021ZDLGY06-02);陕西省重点研发计划基金资助项目(2020ZDLGY08-04)
DOI:10.11959/j.issn.1000-436x.2022063
中图分类号: TP309-
网络出版日期:2022-04,
纸质出版日期:2022-04-25
- 稿件说明:
移动端阅览
张应辉, 胡凌云, 李艺昕, 等. 空间信息网络中基于动态撤销机制的安全高效批量认证方案[J]. 通信学报, 2022,43(4):164-176.
Yinghui ZHANG, Lingyun HU, Yixin LI, et al. Secure and efficient batch authentication scheme based on dynamic revocation mechanism in space information network[J]. Journal on communications, 2022, 43(4): 164-176.
张应辉, 胡凌云, 李艺昕, 等. 空间信息网络中基于动态撤销机制的安全高效批量认证方案[J]. 通信学报, 2022,43(4):164-176. DOI: 10.11959/j.issn.1000-436x.2022063.
Yinghui ZHANG, Lingyun HU, Yixin LI, et al. Secure and efficient batch authentication scheme based on dynamic revocation mechanism in space information network[J]. Journal on communications, 2022, 43(4): 164-176. DOI: 10.11959/j.issn.1000-436x.2022063.
摘要
针对空间信息网络中大量移动用户跨域认证问题,提出了一种基于动态撤销机制的安全高效的批量认证方案。所提方案通过对卫星行动轨迹的预测以及实时更新会话密钥,达到提前完成密钥协商的作用。同时,还设计了可供单个以及大量移动终端进行签名并验证的算法,有效减轻了卫星的计算负担,结合布谷鸟过滤器实现了移动终端动态撤销和恶意接入控制的功能。最后,在 Diffie-Hellman 假设下,基于随机预言机模型和自动化验证工具证明了所提方案可以抵抗重放以及中间人等攻击;方案实现了可追踪性、可撤销性等安全目标,与现有最优方案相比,传输和计算效率分别提高了80%和20%以上。
Abstract
A secure and efficient batch authentication scheme based on dynamic revocation mechanism was proposed for the problem of cross-domain authentication of a large number of mobile users in space information networks.Early key negotiation was achieved by predicting the satellite trajectory and updating the session key in real time.Algorithms were designed for a single as well as a large number of mobile terminals to perform signing and verification
which effectively reduce the computational burden of satellites.Cuckoo filters were adopted by the new scheme to achieve dynamic revocation and malicious access control of mobile terminals.Finally
under the Diffie-Hellman assumption
the proposed scheme was proved to be resistant to replay and man-in-the-middle attacks based on a random oracle model and automated validation of internet security protocols and applications.Security goals such as traceability and revocability were achieved by the scheme
thus improving the efficiency of transmission and computation by more than 80% and 20%
respectively
compared with the existing optimal scheme.
关键词
Keywords
references
李凤华 , 殷丽华 , 吴巍 , 等 . 天地一体化信息网络安全保障技术研究进展及发展趋势 [J ] . 通信学报 , 2016 , 37 ( 11 ): 156 - 168 .
LI F H , YIN L H , WU W , et al . Research status and development trends of security assurance for space-ground integration information network [J ] . Journal on Communications , 2016 , 37 ( 11 ): 156 - 168 .
KHALILI H , KHODASHENAS P S , SIDDIQUI S . On the orchestration of integrated satellite components in 5G networks and beyond [C ] // Proceedings of 2020 22nd International Conference on Transparent Optical Networks (ICTON) . Piscataway:IEEE Press , 2020 : 1 - 4 .
ZHANG J X , ZHANG X , WANG P , et al . Double-edge intelligent integrated satellite terrestrial networks [J ] . China Communications , 2020 , 17 ( 9 ): 128 - 146 .
薛开平 , 马永金 , 洪佳楠 , 等 . 天地一体化网络中基于令牌的安全高效漫游认证方案 [J ] . 通信学报 , 2018 , 39 ( 5 ): 48 - 58 .
XUE K P , MA Y J , HONG J N , et al . Secure and efficient token based roaming authentication scheme for space-earth integration network [J ] . Journal on Communications , 2018 , 39 ( 5 ): 48 - 58 .
LARCOM J A , LIU H . Modeling and characterization of GPS spoofing [C ] // Proceedings of 2013 IEEE International Conference on Technologies for Homeland Security . Piscataway:IEEE Press , 2013 : 729 - 734 .
SHENG J , CAI X Q , LI Q Y , et al . Space-air-ground integrated network development and applications in high-speed railways:a survey [J ] . IEEE Transactions on Intelligent Transportation Systems , 2021 , PP ( 99 ): 1 - 20 .
SCHRAML M G , SCHWARZ R T , KNOPP A . Multiuser MIMO concept for physical layer security in multibeam satellite systems [J ] . IEEE Transactions on Information Forensics and Security , 2021 , 16 : 1670 - 1680 .
KALANTARI A , ZHENG G , GAO Z , et al . Secrecy analysis on network coding in bidirectional multibeam satellite communications [J ] . IEEE Transactions on Information Forensics and Security , 2015 , 10 ( 9 ): 1862 - 1874 .
徐国愚 , 陈性元 , 杜学绘 . 一种新的基于上下文传递的临近空间安全切换机制 [J ] . 计算机科学 , 2013 , 40 ( 4 ): 160 - 163 .
XU G Y , CHEN X Y , DU X H . New near space security handoff scheme based on context transfer [J ] . Computer Science , 2013 , 40 ( 4 ): 160 - 163 .
SU K , DONG Q Z , ZHU W Q . Space information security and cyberspace defense technology [C ] // Proceedings of 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber,Physical and Social Computing . Piscataway:IEEE Press , 2013 : 1509 - 1511 .
DING X H , ZHANG Z L , LIU D P . Low-delay secure handover for space-air-ground integrated networks [C ] // Proceedings of 2020 IEEE 31st Annual International Symposium on Personal,Indoor and Mobile Radio Communications . Piscataway:IEEE Press , 2020 : 1 - 6 .
CRUICKSHANK H S , . A security system for satellite networks [C ] // Proceedings of the Fifth International Conference on Satellite Systems for the Mobile Communications and Navigation . London:IET , 1996 : 187 - 190 .
HWANG M S , YANG C C , SHIU C Y . An authentication scheme for mobile satellite communication systems [J ] . ACM SIGOPS Operating Systems Review , 2003 , 37 ( 4 ): 42 - 47 .
CHANG Y F , CHANG C C . An efficient authentication protocol for mobile satellite communication systems [J ] . ACM SIGOPS Operating Systems Review , 2005 , 39 ( 1 ): 70 - 84 .
WANG Y , ZHANG W F , WANG X M . A lightweight and secure authentication protocol for space-ground integrated network of railway [C ] // Proceedings of 2021 International Conference on Communications,Information System and Computer Engineering (CISCE) . Piscataway:IEEE Press , 2021 : 30 - 35 .
ZHANG Y H , DENG R H , BERTINO E , et al . Robust and universal seamless handover authentication in 5G HetNets [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 2 ): 858 - 874 .
XUE K P , MENG W , ZHOU H C , et al . A lightweight and secure group key based handover authentication protocol for the software-defined space information network [J ] . IEEE Transactions on Wireless Communications , 2020 , 19 ( 6 ): 3673 - 3684 .
周彦伟 , 杨波 , 张文政 . 异构无线网络可控匿名漫游认证协议 [J ] . 电子学报 , 2016 , 44 ( 5 ): 1117 - 1123 .
ZHOU Y W , YANG B , ZHANG W Z . Controllable and anonymous roaming protocol for heterogeneous wireless network [J ] . Acta Electronica Sinica , 2016 , 44 ( 5 ): 1117 - 1123 .
刘丹 , 石润华 , 张顺 , 等 . 无线网络中基于无证书聚合签名的高效匿名漫游认证方案 [J ] . 通信学报 , 2016 , 37 ( 7 ): 182 - 192 .
LIU D , SHI R H , ZHANG S , et al . Efficient anonymous roaming authentication scheme using certificateless aggregate signature in wireless network [J ] . Journal on Communications , 2016 , 37 ( 7 ): 182 - 192 .
许芷岩 , 吴黎兵 , 李莉 , 等 . 无线漫游认证中可证安全的无证书聚合签名方案 [J ] . 通信学报 , 2017 , 38 ( 7 ): 123 - 130 .
XU Z Y , WU L B , LI L , et al . Provably secure certificateless aggregate signature scheme in wireless roaming authentication [J ] . Journal on Communications , 2017 , 38 ( 7 ): 123 - 130 .
WANG L , ZHANG X J , ZHANG A Q , et al . EGIP:an efficient group identification protocol in roaming network [C ] // Proceedings of 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC) . Piscataway:IEEE Press , 2017 : 1280 - 1284 .
XUE K P , MENG W , LI S H , et al . A secure and efficient access and handover authentication protocol for Internet of things in space information networks [J ] . IEEE Internet of Things Journal , 2019 , 6 ( 3 ): 5485 - 5499 .
MENG W , XUE K P , XU J , et al . Low-latency authentication against satellite compromising for space information network [C ] // Proceedings of 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems . Piscataway:IEEE Press , 2018 : 237 - 244 .
IBRAHIM M H , KUMARI S , DAS A K , et al . Jamming resistant non-interactive anonymous and unlinkable authentication scheme for mobile satellite networks [J ] . Security and Communication Networks , 2016 , 9 ( 18 ): 5563 - 5580 .
GUO J Y , DU Y . A secure three-factor anonymous roaming authentication protocol using ECC for space information networks [J ] . Peer-to-Peer Networking and Applications , 2021 , 14 ( 2 ): 898 - 916 .
FAN B , ANDERSEN D G , KAMINSKY M , et al . Cuckoo filter:practically better than bloom [C ] // Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies . New York:ACM Press , 2014 : 75 - 88 .
唐郑熠 , 李祥 . Dolev-Yao 攻击者模型的形式化描述 [J ] . 计算机工程与科学 , 2010 , 32 ( 8 ): 36 - 38 , 45 .
TANG Z Y , LI X . The formalization description of the Dolev-Yao intruder model [J ] . Computer Engineering & Science , 2010 , 32 ( 8 ): 36 - 38 , 45 .
BLANCO V , GONZÁLEZ P , CABALEIRO J C , et al . AVISPA:visualizing the performance prediction of parallel iterative solvers [J ] . Future Generation Computer Systems , 2003 , 19 ( 5 ): 721 - 733 .
DE C A , IOVINO V . jPBC:Java pairing based cryptography [C ] // Proceedings of 2011 IEEE Symposium on Computers and Communications . Piscataway:IEEE Press , 2011 : 850 - 855 .
0
浏览量
453
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答
鸿云智能
中文
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:151733 今日访问量:2