CN117768885A - Method, device and system for accessing satellite network - Google Patents
Method, device and system for accessing satellite network Download PDFInfo
- Publication number
- CN117768885A CN117768885A CN202311828363.XA CN202311828363A CN117768885A CN 117768885 A CN117768885 A CN 117768885A CN 202311828363 A CN202311828363 A CN 202311828363A CN 117768885 A CN117768885 A CN 117768885A
- Authority
- CN
- China
- Prior art keywords
- satellite
- user
- parameter set
- access
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 230000004044 response Effects 0.000 claims abstract description 162
- 238000012795 verification Methods 0.000 claims abstract description 126
- 230000001960 triggered effect Effects 0.000 claims abstract description 23
- 238000004891 communication Methods 0.000 abstract description 10
- 238000005516 engineering process Methods 0.000 abstract description 3
- 230000008569 process Effects 0.000 description 28
- 238000010586 diagram Methods 0.000 description 23
- 230000006870 function Effects 0.000 description 18
- 230000032683 aging Effects 0.000 description 16
- 238000004590 computer program Methods 0.000 description 9
- 230000006399 behavior Effects 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 7
- 230000001976 improved effect Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000013507 mapping Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003190 augmentative effect Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 239000011261 inert gas Substances 0.000 description 2
- WFKWXMTUELFFGS-UHFFFAOYSA-N tungsten Chemical compound [W] WFKWXMTUELFFGS-UHFFFAOYSA-N 0.000 description 2
- 229910052721 tungsten Inorganic materials 0.000 description 2
- 239000010937 tungsten Substances 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 230000002431 foraging effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008093 supporting effect Effects 0.000 description 1
- 230000001550 time effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Landscapes
- Radio Relay Systems (AREA)
Abstract
The present invention relates to the field of network security communications technologies, and in particular, to a method, an apparatus, and a system for accessing a satellite network, which are used to implement a method for accessing a satellite network efficiently and reliably. Responding to access operation triggered by a target user to a satellite network, and acquiring a user access key corresponding to the target user after user login data input by the target user passes verification; determining a request parameter set based on a user access key, and sending an access request containing the request parameter set to a first satellite, so that after the first satellite determines that the request parameter set passes verification, determining a response parameter set based on a satellite access key corresponding to the first satellite and the request parameter set; and receiving an access response which is sent by the first satellite and contains the response parameter set, and carrying out session with the first satellite after the response parameter set passes verification based on the request parameter set.
Description
Technical Field
The present invention relates to the field of network security communications technologies, and in particular, to a method, an apparatus, and a system for accessing a satellite network.
Background
The satellite network integrates satellite nodes, high-altitude platforms and ground resources through inter-satellite links and inter-satellite links to form network resources which are used for acquiring and transmitting data in real time and are efficient and usable, and the defects that the signal coverage area of the ground cellular network is limited and is easily affected by disasters are overcome.
In the related art, after a target user triggers an access operation to a satellite network, a network control center needs to verify a terminal device and a satellite node respectively, and after the network control center determines that the terminal device and the satellite node pass the verification, a session is performed between the terminal device and the satellite node through the network control center.
On the one hand, the step of accessing the satellite network by the target user in the related technology is complicated, the response efficiency is reduced, and the access time delay of accessing the satellite network by the user is easily caused, so that the use experience of the target user is influenced.
On the other hand, if the network control center participates frequently, single point failure risk is easily caused, so that the whole system or the network cannot normally operate, and serious loss is caused.
Disclosure of Invention
The application provides a method, a device and a system for accessing a satellite network, which are used for realizing a high-efficiency and reliable method for accessing the satellite network.
In a first aspect, an embodiment of the present application provides a method for accessing a satellite network, applied to a terminal device, where the method includes:
responding to access operation triggered by a target user to a satellite network, and acquiring a user access key corresponding to the target user after user login data input by the target user passes verification;
Determining a request parameter set based on the user access key, and sending an access request containing the request parameter set to a first satellite, so that after the first satellite determines that the request parameter set passes verification, determining a response parameter set based on a satellite access key corresponding to the first satellite and the request parameter set;
and receiving an access response which is sent by the first satellite and contains the response parameter set, and carrying out session with the first satellite after the response parameter set is verified based on the request parameter set.
In some embodiments, the verifying the user login data input by the target user in response to the access operation triggered by the target user to the satellite network includes:
responding to the access operation of a target user to a satellite network, and acquiring user login data input by the target user; the user login data comprises at least one of biometric login data and password login data;
the user login data is verified based on a stored set of authentication parameters, which are determined when the terminal device registers a target user.
In some embodiments, before the user login data input by the target user is verified in response to the access operation of the target user to the satellite network, the method further comprises:
Responding to user registration operation triggered by the terminal equipment, and acquiring user identity data and user password data corresponding to the target user;
transmitting user registration data containing the user identity data to a network control center, and receiving a proxy user signing key corresponding to the target user, which is transmitted by the network control center and determined according to the user registration data;
determining the user access key based on the proxy user signing key after the proxy user signing key passes verification based on the user registration data; and determining the authentication parameter set based on the user registration data, the user access key and the user password data corresponding to the target user.
In some embodiments, after the validation of the response parameter set based on the request parameter set, the session with the first satellite includes:
determining a first session key based on the request parameter set and validating the response parameter set based on the first session key and the request parameter set; the response parameter set is determined according to the second session key after the first satellite determines the second session key based on the request parameter set;
When the response parameter set passes verification, determining that the first session key is consistent with the second session key, and constructing a corresponding target satellite-to-ground link based on the first session key and the first satellite;
session is conducted with the first satellite over the target satellite-to-ground link.
In some embodiments, after said session with said first satellite, further comprising:
determining the target user as a malicious user according to the indication of the network control center, and preventing the target user from accessing a satellite network;
the indication of the network control center is sent after the network control center determines the user identity data of the malicious user based on the user temporary identity data in the history access request of the malicious user.
In some embodiments, after said session with said first satellite, further comprising:
when a satellite switching request sent by a second satellite is received, verifying a switching request parameter set in the satellite switching request; the satellite switching request is determined by the second satellite based on a switching authentication parameter set sent by a first satellite, and the switching authentication parameter is determined by the first satellite based on a signal overlapping area between the first satellite and the second satellite after determining that the terminal equipment meets satellite switching conditions;
After the switching request parameter set is confirmed to pass verification, a switching response parameter set is confirmed based on the switching request parameter set, and the switching response parameter set is sent to the second satellite, so that the second satellite can carry out conversation with the target terminal after confirming that the switching response parameter set passes verification.
In a second aspect, an embodiment of the present application provides a method for accessing a satellite network, applied to a first satellite, where the method includes:
verifying a request parameter set based on an access request which is sent by terminal equipment and contains the request parameter set; the terminal equipment responds to the access operation triggered by the target user to the satellite network, determines that the user login data input by the target user passes verification, and determines based on the acquired user access key corresponding to the target user;
and after the request parameter set passes the verification, determining a response parameter set based on the satellite access key corresponding to the first satellite and the request parameter set, and sending an access response containing the response parameter set to the terminal equipment.
In a third aspect, an embodiment of the present application provides an apparatus for accessing a satellite network, where the apparatus includes:
The acquisition module is used for responding to the access operation of the target user to the satellite network trigger, and acquiring a user access key corresponding to the target user after the user login data input by the target user passes verification;
the sending module is used for determining a request parameter set based on the user access key, sending an access request containing the request parameter set to a first satellite, and determining a response parameter set based on a satellite access key corresponding to the first satellite after the first satellite determines that the request parameter set passes verification;
and the first verification module is used for receiving the access response which is sent by the first satellite and contains the response parameter set, and carrying out session with the first satellite after the response parameter set is verified to pass on the basis of the request parameter set.
In some embodiments, the acquiring means is specifically configured to:
responding to the access operation of a target user to a satellite network, and acquiring user login data input by the target user; the user login data comprises at least one of biometric login data and password login data;
the user login data is verified based on a stored set of authentication parameters, which are determined when the terminal device registers a target user.
In some embodiments, the acquiring means is further for:
responding to user registration operation triggered by the terminal equipment, and acquiring user identity data and user password data corresponding to the target user;
transmitting user registration data containing the user identity data to a network control center, and receiving a proxy user signing key corresponding to the target user, which is transmitted by the network control center and determined according to the user registration data;
determining the user access key based on the proxy user signing key after the proxy user signing key passes verification based on the user registration data; and determining the authentication parameter set based on the user registration data, the user access key and the user password data corresponding to the target user.
In some embodiments, the first verification module is specifically configured to:
determining a first session key based on the request parameter set and validating the response parameter set based on the first session key and the request parameter set; the response parameter set is determined according to the second session key after the first satellite determines the second session key based on the request parameter set;
When the response parameter set passes verification, determining that the first session key is consistent with the second session key, and constructing a corresponding target satellite-to-ground link based on the first session key and the first satellite;
session is conducted with the first satellite over the target satellite-to-ground link.
In some embodiments, the first verification module is further to:
determining the target user as a malicious user according to the indication of the network control center, and preventing the target user from accessing a satellite network;
the indication of the network control center is sent after the network control center determines the user identity data of the malicious user based on the user temporary identity data in the history access request of the malicious user.
In some embodiments, the first verification module is further to:
when a satellite switching request sent by a second satellite is received, verifying a switching request parameter set in the satellite switching request; the satellite switching request is determined by the second satellite based on a switching authentication parameter set sent by a first satellite, and the switching authentication parameter is determined by the first satellite based on a signal overlapping area between the first satellite and the second satellite after determining that the terminal equipment meets satellite switching conditions;
After the switching request parameter set is confirmed to pass verification, a switching response parameter set is confirmed based on the switching request parameter set, and the switching response parameter set is sent to the second satellite, so that the second satellite can carry out conversation with the target terminal after confirming that the switching response parameter set passes verification.
In a fourth aspect, an embodiment of the present application provides an apparatus for accessing a satellite network, where the apparatus includes:
verification means for verifying a request parameter set based on an access request including the request parameter set sent by a terminal device; the terminal equipment responds to the access operation triggered by the target user to the satellite network, determines that the user login data input by the target user passes verification, and determines based on the acquired user access key corresponding to the target user;
and the determining device is used for determining a response parameter set based on the satellite access key corresponding to the first satellite and the request parameter set after the request parameter set passes verification, and sending an access response containing the response parameter set to the terminal equipment.
In a fifth aspect, embodiments of the present application further provide an electronic device, where the electronic device includes at least a processor and a memory, where the processor is configured to implement the steps of the first aspect or the second aspect when executing a computer program stored in the memory.
In a sixth aspect, embodiments of the present invention also provide a computer readable storage medium storing a computer program which when executed by a processor implements the steps of the first or second aspects described above.
The beneficial effects of the embodiment of the application are that: in the embodiment of the application, the terminal equipment responds to the access operation triggered by the target user to the satellite network, after the user login data input by the target user passes verification, the user access key corresponding to the target user is obtained, the user access key is sent to the first satellite, after the user access key passes verification by the first satellite, the response parameter set is sent to the first satellite, and after the first satellite passes verification based on the response parameter set, the first satellite carries out a session with the first satellite. Therefore, the first satellite can verify the terminal equipment based on the user access key, the first satellite sends the determined response parameter set to the terminal equipment after the user access key is verified, the terminal equipment verifies based on the response parameter set, and the first satellite performs a session after the response parameter set is verified. Therefore, compared with the related art, the method and the device can verify the terminal equipment by the first satellite, verify the first satellite by the terminal equipment, improve response efficiency, avoid causing access time delay of a user accessing the satellite network, and improve use experience of a target user.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, and it is obvious that the drawings that are described below are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a system scene diagram of an access satellite network according to an embodiment of the present application;
fig. 2 is a flowchart of an implementation of initializing a network control center according to an embodiment of the present application;
FIG. 3 is a flowchart of an embodiment of registering a first satellite according to an embodiment of the present application;
fig. 4 is a schematic diagram of registering a first satellite according to an embodiment of the present application;
FIG. 5 is a flowchart of an implementation of registering a target user according to an embodiment of the present application;
Fig. 6 is a schematic diagram of a registered target user according to an embodiment of the present application;
fig. 7 is a flowchart of a method for accessing a satellite network according to an embodiment of the present application;
fig. 8 is a schematic diagram of verifying user login data according to an embodiment of the present application;
fig. 9 is a schematic diagram of an access authentication phase of a terminal device and a first satellite according to an embodiment of the present application;
fig. 10 is a schematic diagram of updating a user target authentication parameter set of a target user according to an embodiment of the present application;
FIG. 11 is a flow chart of a satellite switching implementation provided in an embodiment of the present application;
fig. 12 is a schematic diagram of a signal overlapping area between a first satellite and a second satellite according to an embodiment of the present disclosure;
fig. 13 is a schematic diagram of a satellite switching process according to an embodiment of the present application;
fig. 14 is a schematic diagram of an apparatus for accessing a satellite network according to an embodiment of the present application;
fig. 15 is a schematic diagram of an apparatus for accessing a satellite network according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. Wherein the described embodiments are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Also, in the description of the embodiments of the present application, "/" means or, unless otherwise indicated, for example, a/B may represent a or B; the text "and/or" is merely an association relation describing the associated object, and indicates that three relations may exist, for example, a and/or B may indicate: the three cases where a exists alone, a and B exist together, and B exists alone, and in addition, in the description of the embodiments of the present application, "plural" means two or more than two.
The terms "first," "second," and the like, are used below for descriptive purposes only and are not to be construed as implying or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", or the like may explicitly or implicitly include one or more such feature, and in the description of embodiments of the present application, unless otherwise indicated, the meaning of "a plurality" is two or more.
In the following, some terms in the embodiments of the present application are explained for easy understanding by those skilled in the art.
1) SM2: an asymmetric cryptographic algorithm based on elliptic curve issued by China national institutes of ciphers is used for realizing digital signature, key exchange and public key encryption and aims at protecting national information security and information security.
2) Inter-satellite handover: in satellite communication systems, there are typically a plurality of satellites that make up a satellite constellation to achieve worldwide communication coverage. Because of the high-speed mobility of the satellite, when the satellite service area gradually gets far away from the user equipment, an inter-satellite handover is required, and the service is continuously provided for the user equipment by another satellite with stronger service signal, so as to ensure the stability and the service quality of communication.
3) Terminal equipment: a device that may provide voice and/or data connectivity to a user. For example, the terminal device includes a handheld device having a wireless connection function, an in-vehicle device, and the like. Currently, the terminal device may be: a mobile phone), a tablet, a notebook, a palm, a mobile internet device (mobile internet device, MID), a wearable device, a Virtual Reality (VR) device, an augmented reality (augmented reality, AR) device, a wireless terminal in industrial control (industrial control), a wireless terminal in unmanned (self driving), a wireless terminal in smart grid (smart grid), a wireless terminal in transportation safety (transportation safety), a wireless terminal in smart city (smart city), or a wireless terminal in smart home (smart home), and the like.
As shown in fig. 1, a system scenario diagram of an access satellite network according to an embodiment of the present application. The system for accessing the satellite network mainly comprises three entities: network control center (Network Control Center, NCC), terminal equipment, low Earth Orbit (LEO).
The function and function of each entity are briefly described below:
the network control center: the system is a trusted manager of the satellite network, provides registration service for satellites and users, and is responsible for managing and controlling a satellite communication system. When a legal entity in the system sends false information or implements malicious behavior, the NCC can reveal the true identity of the entity and perform responsibility following.
Low-orbit satellites: after verifying the validity of the user, the user is provided with low-overhead subscription services, such as positioning, navigation, time service, communication and the like.
Terminal equipment: the user holds an intelligent device capable of bidirectionally communicating with the satellite node, and responds to the access operation triggered by the user to the satellite network to request access and acquire the subscription service of the LEO satellite.
It should be noted that, there are multiple users triggering access operations to the low orbit satellite to access the satellite network, and the application is applicable to any user, and the application takes any user as the target user.
In implementation, before the target user triggers the access operation to the satellite network, the terminal device, the low-orbit satellite and the network control center need to be preprocessed respectively, which specifically includes: the network control center is initialized, satellite registration and user registration are performed.
As shown in fig. 2, a flowchart of initializing a network control center according to an embodiment of the present application includes the following specific steps:
step S201, the network control center determines an elliptic curve to be used and a base point of the elliptic curve based on an SM2 algorithm.
Illustratively, the elliptic curve is: e (E) p (a,b):y 2 =x 3 +ax+b, the base point of the elliptic curve is denoted as P.
Wherein P is a large prime number, n is the order of the base point P, E p (a) the process of (a), scalar multiplication formula on b) n·p=p+p+p+ … +p, P is accumulated n times.
The base point of the elliptic curve is a preselected point.
Step S202, the network control center randomly selects one from a predetermined private key set as a main private key, and determines a main public key based on the main private key.
Optionally, embodiments of the present application determine the master public key based on equation one:
PK ncc =sk ncc p-equation one
Wherein PK ncc Representing a master public key; sk (sk) ncc Represents the master private key, sk ncc ∈Z p ,Z p Representing a private key set; p represents a base point.
Alternatively, embodiments of the present application may determine a private key set based on a base point, e.g., based on an integer between a number zero and a value corresponding to the base point.
Step S203, the network control center selects a hash function.
Illustratively, the network control center may select a one-way hash function as shown below: h 1 :{0,1} * →Z p 、
Wherein l 1 Length, l of identity ID 2 For message digest length, l 3 Is the session key length.
Step S204, the network control center selects a biological feature fuzzy extraction function.
Illustratively, the biometric blur extraction function is selected as: gen (. Cndot.) Rep (. Cndot.).
Wherein, gen (·) represents a biological feature probability generating function, when in use, the biological feature bio is input, and a uniform random biological feature key sigma and a public auxiliary character string v are output; rep (·) represents that the reconstruction function, when in use, inputs the biometric bio' and the public helper string v, outputting the biometric key σ.
Step S205, the network control center stores the master private key, and forms a public parameter set based on the data determined in the steps S201-S204 and issues the public parameter set.
Illustratively, the public parameter set may be: params= { E p(a,b) ,P,n,H 1 ,H 2 ,H 3 ,H 4 ,Gen(·),Rep(·),PK ncc }. The parameters included in the public parameter set are described above and are not described in detail herein.
It should be noted that, after the network control center issues the disclosure parameter set, the disclosure parameter is in a disclosure state.
Based on the above process, after initializing the network control center, the present application obtains the main private key from the network control center and issues the public parameter set.
In the embodiment of the present application, each low-orbit satellite is registered, and the process of registering any low-orbit satellite (for example, the first satellite) is described as follows:
as shown in fig. 3, a flowchart of an implementation of registering a first satellite according to an embodiment of the present application includes the following specific steps:
step 301, a first satellite sends satellite registration data containing first satellite identity data to a network control center;
it should be noted that, since the registered satellite is known to be the first satellite when the first satellite is registered, the first satellite identification data ID j Is available.
In an implementation, the satellite registration data further includes a first satellite public key.
Optionally, the first satellite randomly selects one from a predetermined set of private keys as the first satellite private key, and determines the first satellite public key based on the first satellite private key. For example, PK j =k j ·P,k j ∈Z p 。
Wherein PK j Representing a first satellite public key; k (k) j Representing a first satellite private key, and P represents a cardinal number.
The satellite registration data is { ID } j ,PK j }。
Alternatively, the first satellite may send the satellite registration data to the network control center via a secure channel in the registration phase, where the satellite registration data may be sent to the network control center in a first satellite registration request.
Step S302, the network control center determines a proxy satellite signature key corresponding to the first satellite based on satellite registration data;
alternatively, embodiments of the present application determine a proxy satellite signing key based on equation one:
wherein s is ncc-j Representing a proxy satellite signing key; k (k) ncc-j Is from a predetermined set of private keys Z p Is selected randomly (k) ncc-j ∈Z p ),sk ncc For disclosing a main private key corresponding to a network control center in the parameter set, n is the order of a base point P,
r ncc-j =x 1 mod n, where (x) 1 ,y 1 )=PK ncc-j ,(x 1 ,y 1 ) Is PK ncc-j X-axis and Y-axis coordinates, PK ncc-j PK representing the primary public key of a first satellite ncc-j =k ncc-j ·PK j ,k ncc-j Is from a predetermined set of private keys Z p Is selected randomly (k) ncc-j ∈Z p ),PK j The first satellite public key corresponding to the first satellite is shown, and it should be noted that, due to PK ncc-j Is a point on the elliptic curve, and the coordinates of the X axis and the Y axis corresponding to the point can be obtained;
e ncc-j =H 1 (ID j ,r ncc-j ,PK j ,PK ncc-j ) Wherein, ID j First satellite identity data corresponding to a first satellite is represented; h 1 A one-way hash function selected for the network control center in step S203; other parameters are described in the foregoing, and are not described in detail herein.
Based on the above procedure, the network control center determines a proxy satellite signing key corresponding to the first satellite, and transmits the proxy satellite signing key to the first satellite.
Step S303, the network control center sends the determined proxy satellite signature key corresponding to the first satellite;
optionally, the present application may also send a proxy satellite verification key R to the first satellite for verifying the proxy satellite signature key ncc-j And a primary public key PK of a first satellite ncc-j 。
Wherein R is ncc-j =k ncc-j ·P,PK ncc-j =k ncc-j ·PK j 。
Optionally, the network control center may further send a public parameter set to the first satellite, where the public parameter set is determined after the network control center completes initialization.
Alternatively, the present application is based on a proxy satellite signing key s ncc-j Proxy satellite authentication key R ncc-j Main public key PK of first satellite ncc-j And public parameter sets params form a first satellite registration response parameter set { params, R ncc-j ,PK ncc-j ,s ncc-j And the first satellite registration response parameter set is carried in the first satellite registration response and is sent to the first satellite.
Step S304, the first satellite determines a proxy satellite signature key based on the first satellite registration data, and determines a first satellite access key based on the proxy satellite signature key after the verification is passed; an authentication parameter set is determined based on the first satellite registration data, the first satellite access key.
Optionally, after receiving, by the first satellite in the embodiment of the present application, the proxy satellite signing key corresponding to the first satellite determined according to the first satellite registration data sent by the network control center, verifying the proxy satellite signing key based on the satellite registration data, the proxy satellite verification key and the public parameter set.
Alternatively, embodiments of the present application determine that the proxy satellite signing key passes verification based on equation two:
s ncc-j ·R ncc-j =e′ ncc-j ·P+r ncc-j ·PK ncc formula II
Wherein s is ncc-j Representing proxy satellite signing key, R ncc-j Represented as proxy satellite verification key among proxy satellite verification keys, P represents a base point, PK ncc A master public key representing a network control center, contained in a public parameter set;
r is as follows ncc-j May be carried by the network control center in the satellite registration reply parameter set for transmission to the first satellite, or may be carried in the acquisition of PK from the registration reply parameter set ncc-j After that, it can pass through (x 1 ,y 1 )=PK ncc-j ,r ncc-j =x 1 mod n determines r ncc-j 。
e′ ncc-j =H 1 (ID j ,r ncc-j ,PK j ,PK ncc-j ),ID j And PK j The other parameters determined in step S201 are described in the above Wen Jun and are not described herein.
Alternatively, the present application may construct equation two based on the elliptic curve discrete logarithm problem ECDLP.
Illustratively, the present application is presented below with respect to the principles of equation two:
Because of the difficulty of ECDLP problem, an attacker is not having the key sk ncc In the case of (a), s cannot be constructed ncc-j The above equation is established. Then when the first satellite receives the registration reply parameter set, e 'is calculated' ncc-j And the above formula can be established, the registration response can be proved to be complete and effective, and the registration response is indeed from the network control center.
It should be noted that, if the equation II is not satisfied, the proxy satellite signing key is not verified, and the first satellite registration response is incomplete or invalid, and the first satellite terminates registration.
Optionally, the embodiment of the present application determines the first satellite access key based on formula three:
wherein sk j Representing a first satellite access key s ncc-j Representing proxy satellite signing key, k j Is from a predetermined set of private keys Z p Is selected randomly (k) j ∈Z p ) N is the order of the base point P.
After determining the first satellite access key, the first satellite determines an authentication parameter set based on the first satellite registration data, the first satellite access key.
Optionally, embodiments of the present application are based on the first satellite public key PK in the first satellite registration data j First satellite access key sk j To (1)Primary public key PK of a first satellite ncc-j The first set of satellite authentication parameters may be composed, the first set of satellite authentication parameters may include: { PK j ,PK ncc-j ,sk j }。
Optionally, after determining the authentication parameter set, the embodiment of the present application may further locally store the authentication parameter set and a public parameter set params sent from the network control center.
The registration process for the first satellite is completed based on the above process, and an authentication parameter set disclosure parameter set is stored locally at the first satellite.
Based on the flowchart shown in fig. 3, an embodiment of the present application is a schematic diagram for registering a first satellite as shown in fig. 4. Wherein L is j Representing the first satellite, the NCC is the network control center.
In the embodiment of the application, each user is registered, and the following description is given to the registration process of any user:
as shown in fig. 5, a flowchart of implementation of a registration target user according to an embodiment of the present application includes the following specific steps:
step S501, the terminal equipment responds to user registration operation triggered by the terminal equipment to acquire user identity data and user password data corresponding to a target user;
wherein the user identity data is data representing the true identity of the target user; the user password data is used for verifying whether the current user is the target user or not, and providing reference data for verifying the target user.
Optionally, the user identity data ID i Data identifying the identity of the target user may be for identity document numbering or the like; the user password data includes password reference data PW i And biometric reference data BIO i 。
It should be noted that, the password reference data may be determined according to at least one of common password forms such as a digital password and a gesture password (i.e. a graphic password composed of a 3×3 lattice); the biometric reference data may be determined from at least one of facial features, fingerprint features, and the like, as not limited in this application.
Step S502, the terminal equipment sends the user registration data containing the user identity data to a network control center;
in an implementation, the user registration data further includes a user public key.
Optionally, the terminal device randomly selects one from a predetermined private key set as the user private key, and determines the user public key based on the user private key. For example, PK i =k i ·P,k i ∈Z p 。
Wherein PK i Representing the user public key, k i Represent user private key, Z p Representing the private key set, and P represents the base point of the elliptic curve.
The user registration data is { ID } i ,PK i }。
Optionally, in the embodiment of the present application, the terminal device may send user registration data to the network control center through a secure channel, where the user registration data may be sent to the network control center in a user registration request.
Step S503, the network control center determines the proxy user signature key corresponding to the target user based on the user registration data;
optionally, embodiments of the present application determine the proxy user signing key based on equation four:
wherein s is ncc-i Representing a proxy user signing key; k (k) ncc-i Is from a predetermined set of private keys Z p Is selected randomly (k) ncc-i ∈Z p ),sk ncc For disclosing a main private key corresponding to a network control center in the parameter set, n is the order of a base point P,
r ncc-i =x 2 mod n, where (x) 2 ,y 2 )=PK ncc-i ,(x 2 ,y 2 ) Is PK ncc-i X-axis and Y-axis coordinates, PK ncc-i Representing the master public key, PK, of a target user ncc-i =k ncc-i ·PK i ,k ncc-i Is from a predetermined set of private keys Z p Is selected randomly (k) ncc-i ∈Z p ),PK i Representing a user public key corresponding to the target user;
e ncc-i =H 1 (ID i ,r ncc-i ,PK i ,PK ncc-i ) Wherein, ID i User identity data corresponding to a target user is represented; h 1 A one-way hash function selected for the network control center in step S203; other parameters are described in the foregoing, and are not described in detail herein.
Based on the above procedure, the network control center determines the proxy user signing key corresponding to the target user, and transmits the proxy user signing key to the terminal device.
Step S504, the network control center sends the determined proxy user signature key corresponding to the target user to the terminal equipment;
optionally, the application may also send a proxy user authentication key R for authenticating the proxy user signing key to the terminal device ncc-i And the master public key PK of the target user ncc-i 。
Wherein PK ncc-i =k ncc-i ·PK i ;R ncc-i Representing a second proxy user authentication key, R ncc-i =k ncc-i The other parameters are described in the foregoing, and are not described in detail herein.
Optionally, the network control center may further send a public parameter set to the terminal device, where the public parameter set is determined after the network control center completes initialization.
Alternatively, the present application is based on a proxy user signing key s ncc-i Proxy user authentication key R ncc-i Main public key PK of target user ncc-i And public parameter set params constitute user registration response parameter set { params, R ncc-i ,PK ncc-i ,s ncc-i And the user registration response parameter set is carried in the user registration response and is sent to the terminal equipment.
Step S505, after the terminal equipment determines that the proxy user signing key passes the verification based on the user registration data, the terminal equipment determines a user access key based on the proxy user signing key; and determining an authentication parameter set based on the user registration data, the user access key and the user login data corresponding to the target user.
Optionally, after receiving the proxy user signing key corresponding to the target user determined according to the user registration data and sent by the network control center, the terminal device in the embodiment of the present application verifies the proxy user signing key based on the user registration data, the proxy user verification key and the public parameter set.
Optionally, the embodiment of the present application determines that the proxy user signing key passes verification based on formula five:
s ncc-i ·R ncc-i =e′ ncc-i ·P+r ncc-i ·PK ncc formula five
Wherein s is ncc-i Representing a proxy user signing key, R ncc-i Representing a proxy user authentication key, P representing a base point, PK ncc A master public key representing a network control center, contained in a public parameter set;
r is as follows ncc-i Can be carried by the network control center and sent to the terminal equipment in the user registration response parameter set, or the PK can be obtained from the registration response parameter set ncc-i After that, it can pass through (x 2 ,y 2 )=PK ncc-i ,r ncc-i =x 2 mod n determines r ncc-i 。
e′ ncc-i =H 1 (ID i ,r ncc-i ,PK i ,PK ncc-i ),ID i Is determined in step S501, PK i The other parameters determined in step S502 are described in the above Wen Jun and are not described herein.
It should be noted that, if the fifth equation of the formula is not satisfied, the proxy user signing key is not verified, and the user registration response is incomplete or invalid, and the target user terminates the registration.
Optionally, the embodiment of the present application determines the user access key based on formula six:
wherein sk i Representing a user access key s ncc-i Representing proxy user signing key, k i Indicating that the user private key is from a predetermined private key set Z p Is selected randomly (k) i ∈Z p ) N is the order of the base point P.
After determining the user access key, the terminal device determines a user authentication parameter set based on the user registration data, the user access key and the user login data corresponding to the target user.
Optionally, the user authentication parameter set in the embodiment of the present application may include at least one user authentication parameter: { DID i ,DK i ,DSK i ,v i ,ver i }。
Optionally, at least one user authentication parameter in the embodiments of the present application may be determined by the following formula:
(1)、(σ i ,v i )=Gen(BIO i ) Wherein σ is i For the target user U i Reference biometric key, v i BIO for reconstructing helper strings required for reference biometric keys i Representing biometric reference data, gen (·) represents a biometric probability generation function.
(2)、Wherein, ID i User identity data corresponding to a target user is represented; RPW (resilient force-variable weight) i =H 2 (PW i ,σ i ,v i ),PW i Representing password reference data, H 2 Is the one-way hash function selected in step S203.
(3)、Wherein k is i Representing the user's private key, is from a predetermined set of private keys Z p Is selected randomly (k) i ∈Z p )。
(4)、Wherein sk i Representing the user access key.
(5)、ver i =H 3 (ID i ,k i ,sk i ,params,v i ,PK i ,PK ncc-i ) Wherein sk i Representing user access key, params representing public parameter set, PK i Representing user public key, PK i =k i ·P,k i ∈Z p ,PK ncc-i Representing the master public key of the target user.
Optionally, in the embodiment of the present application, the user authentication parameter set may further include: user public key PK corresponding to target user i And a master public key PK of a target user included in the user registration reply parameter set ncc-i 。
The user authentication parameter set in the embodiment of the present application includes: { PK i ,PK ncc-i ,DID i ,DK i ,DSK i ,v i ,ver i }。
Optionally, after determining the authentication parameter set, the embodiment of the present application may further locally store the authentication parameter set and a public parameter set params sent from the network control center.
The registration process for the target user is completed based on the above process, and the authentication parameter set disclosure parameter set is stored locally in the terminal device.
Based on the implementation flowchart shown in fig. 5, an embodiment of the present application is a schematic diagram of registering a target user as shown in fig. 6. Wherein U is i Indicating the target user, the NCC is the network control center.
Based on the above process, the present application completes the registration process of the first satellite and the registration process of the target user, and then after the target user triggers the operation of accessing the satellite network on the terminal device, the present application accesses the terminal device to the satellite network.
As shown in fig. 7, a flowchart of a method for accessing a satellite network according to an embodiment of the present application includes the following specific steps:
step 701, the terminal equipment responds to the access operation triggered by the target user to the satellite network, and after the user login data input by the target user passes verification, a user access key corresponding to the target user is obtained;
in implementation, when the target user triggers an acquisition operation for a subscription service that needs to be accessed to the satellite network, it is determined that the target user triggers an access operation for the satellite network.
Optionally, the present application verifies the user login data through steps A1-A2:
a1, a terminal device responds to the access operation of a target user to a satellite network, and user login data input by the target user are obtained;
wherein the user login data comprises biometric login data BIO' i And password login data PW' i At least one of (a) and (b);
in implementation, the application acquires user login data input by a target user through the terminal equipment.
A2, the terminal equipment verifies the user login data based on the stored user authentication parameter set;
wherein the set of user authentication parameters is determined when the terminal device registers the target user.
Exemplary, the user authentication parameter set includes: { PK i ,PK ncc-i ,DID i ,DK i ,DSK i ,v i ,ver i }。
Optionally, the present application determines the login verification parameter set based on the user login data and the user authentication parameter set.
The login verification parameter set in the embodiment of the present application may include at least one login verification parameter: { ID' i ,k′ i ,sk′ i }。
Optionally, the at least one login verification parameter may be determined by the following formula:
(1)、wherein RPW' i =H 2 (PW′ i ,σ′ i ),PW′ i Representing password login data, sigma' i =Rep(BIO′ i ,v i ),BIO′ i Representing biometric login data, DID i And v i Is a user authentication parameter in the user authentication parameter set.
(2)、Wherein DK is i Is a user authentication parameter in the user authentication parameter set.
(3)、Wherein DSK i Is a user authentication parameter in the user authentication parameter set.
In practice, user login data is verified based on a stored user authentication parameter set, a public parameter set, and a login verification parameter set.
Optionally, the present application determines that the login data of the user passes the verification based on the formula seven:
ver i =H 3 (ID′ i ,k′ i ′,sk′ i ,params,v i ,PK i ,PK ncc-i ) Formula seven
Wherein, ID' i ,k′ i ,sk′ i Representing login verification parameters in a login verification parameter set, params representing a public parameter set, PK i PK representing a user public key in a user authentication parameter set ncc-i Representing the master public key of the target user in the user authentication parameter set.
The embodiment of the application is based on the same principle as the formula (5) in step S504, and if the formula seven is established, it is determined that the user login data passes the verification.
If the user login data passes the verification, it is determined that the user login data inputted by the user is correct (BIO' i With BIO i Error value of less than tau) and the holder of the terminal deviceValidity of user authentication parameter set and parameters in public parameter set stored in terminal device (e.g., { params, PK i ,PK ncc-i ,DID i ,DK i ,DSK i ,v i ,ver i }) is complete, valid, and not tampered with.
Wherein the error value between the biological features (e.g., BIO' i With BIO i Error values of (c) may be measured by huffman distance, difference set, edit distance, etc., and are not described in detail herein.
Based on the above process, the target user U i And (5) finishing login verification.
Optionally, after determining that the user login data is verified, the application may determine sk 'in the login verification data set' i User access key sk determined in association with user registration phase i Identical, and determines k 'in the login authentication dataset' i And the user private key k selected in step S502 i If the user login data is the same, the user access key sk can be obtained after the user login data is confirmed to pass verification i And user private key k i 。
Based on step S701, an embodiment of the present application is a schematic diagram for verifying user login data as shown in fig. 8. Wherein U is i Representing the target user, smart Device represents the terminal Device.
Step S702, terminal equipment determines a request parameter set based on a user access key, and sends an access request containing the request parameter set to a first satellite;
in practice, the embodiments of the present application are based on the user access key sk i And user private key k i A request parameter set is determined.
Wherein the request parameter set includes at least one request parameter, and the embodiments of the present application may be respectively determined by the following formulas:
(1)、PKK i-j =k i-j P, where k i-j Is from a predetermined set of private keys Z p Is selected randomly (k) i-j ∈Z p ) P represents the base point of the elliptic curve.
(2)、Wherein the TID i Representing the temporary identity, ID, of the user i Representing user identity data, k, corresponding to a target user i Representing user private key, PK ncc Representing the master public key, ID, of the network control center j Representing first satellite identity data corresponding to a first satellite, T 1 A time stamp indicating when the target user triggered an access operation to the satellite network;
note that, when the formula seven is established, it indicates the login verification parameter ID 'in the login verification parameter set' i User identity data ID corresponding to a target user acquired when registering the target user i If they are consistent, then determine ID i 。
Wherein PK ncc Is obtained from a locally stored public parameter set; since the operation state of the satellite is known, the satellite which is in conversation with the terminal equipment can be determined, the identity data corresponding to the satellite can be obtained, the satellite which is in conversation with the terminal equipment is called as a first satellite, and the first satellite identity data ID corresponding to the first satellite can be obtained j 。
It should be noted that, each time the user triggers an access operation to the satellite network, the temporary identity of the determined target user is different.
(3)、r i-j =(e i-j +x 3 mod n) mod n, where e i-j =H 1 (TID i ,ID j ,PKK i-j ,PK ncc-i ,T 1 ),TID i Representing the temporary identity, ID, of the user j Representing first satellite identity data corresponding to a first satellite, PKK i-j =k i-j ·P,k i-j ∈Z p ,PK ncc-i Representing the target user's primary public key, T 1 A time stamp indicating when the target user triggered an access operation to the satellite network; (x) 3 ,y 3 )=PKK i-j And (x) 3 ,y 3 ) Is PK ncc-j X-axis and Y-axis coordinates of (a);
(4)、s i-j =(1+sk i ) -1 (k i-j -r i-j sk i ) Wherein sk i Representing the user access key.
Based on the determined request parameters, a request parameter set { TID } i ,PKK i-j ,r i-j ,s i-j }。
In practice, the request parameter set may further include user identity data ID corresponding to the target user j Main public key PK of target user corresponding to user ncc-i ,
Alternatively, the terminal device may be connected to the first satellite L via a satellite-to-ground link j Send request parameter set { TID i ,ID j ,PKK i-j ,PK ncc-i ,r i-j ,s i-j ,T 1 And a request parameter set, wherein the request parameter set may be carried in an access request sent to the first satellite.
In the embodiment of the application, the terminal device can generate and send the access request to the first satellite based on the signature mechanism of the SM 2.
Step S703, the first satellite verifies the request parameter set based on the access request including the request parameter set sent by the terminal device;
optionally, after the first satellite receives the access request, it is a priori verified whether the access request meets the aging condition.
The embodiment of the application can be based on the time stamp T when the target user carried in the access request triggers the access operation of the access satellite network 1 And verifying whether the access request meets the aging condition.
Illustratively, the first satellite, upon receiving the access request, determines a timestamp T 'of receipt of the access request' 1 By determining |T' 1 -T 1 Whether the i is less than the error threshold Δt determines whether the access request meets timeliness.
And if the access request is smaller than the error threshold, determining that the access request meets timeliness, and determining that the access request passes timeliness verification.
After determining that the aging verification is passed, verifying a request parameter set in the access request.
Optionally, the application determines, based on the formula eight, that the request parameter set in the access request passes the verification:
r i-j =(e′ i-j +x′ 3 mod n) mod n-equation eight
Wherein r is i-j Request parameters in the request parameter set;
e′ i-j =H 1 (TID i ,ID j ,PKK i-j ,PK ncc-i ,T 1 ) Wherein, TID i ,ID j ,PKK i-j ,PK ncc-i ,T 1 All are request parameters included in the request parameter set;
(x′ 3 ,y′ 3 )=s i-j ·PK ncc-i +t i-j e′ i-j ·P+t i-j r′ ncc-i ·PK ncc wherein t is i-j =(r i-j +s i-j )mod n;r′ ncc-i =x′ 2 mod n,(x′ 2 ,y′ 2 )=PK ncc-i I.e. (x' 2 ,y′ 2 ) Is PK ncc-i X-axis and Y-axis coordinates s i-j For request parameters PK in a request parameter set ncc-i PK for the primary public key of the target user ncc The public key is a main public key of a public parameter set network control center.
Illustratively, the following description is given to the principle of verifying the request parameter set in the formula eight:
based on s i-j =(1+sk i ) -1 (k i-j -r i-j sk i ),t i-j =(r i-j +s i-j ) mod n, can be given by formula nine.1:
k i-j =s i-j +(s i-j +r i-j )sk i =s i-j +t i-j sk i formula nine.1
PK-based ncc =SK ncc ·P、PKK i-j =k i-j ·PK ncc-i 、PK ncc-i =k ncc-i ·PK i =k ncc-i k i ·P、The following adjustment is performed on the formula nine.1 to obtain a formula nine.2:
due to PKK i-j =k i-j ·PK ncc-i ,(x 3 ,y 3 ) For PKK i-j According to formula nine.2, the X-axis and Y-axis coordinates of (a) can be found as formula nine.3:
(e i-j +x 3 mod n)mod n=r i-j formula nine.3
Then equation eight can be derived by referring to the reasoning principle described above and the request parameter set is validated using equation eight.
It should be noted that, if the first satellite determining formula eight is established, determining that the request parameter set passes verification, which indicates that the access request is not tampered and not forged in the open satellite-earth link; otherwise, the first satellite terminates the access authentication procedure of the terminal device, indicating that the access request is tampered with or falsified in the open satellite-to-ground link.
The process of verifying the request parameter set of the target user by the first satellite can be realized based on the above process, but in the implementation process, the first satellite receives the request parameter set sent when the plurality of users trigger the access operation, so that the method for verifying the plurality of request parameter sets in batches is implemented after the first satellite receives the request parameter sets sent by the plurality of terminal devices.
Optionally, the application can implement batch verification on multiple request parameter sets based on an efficient batch verification mechanism of SM 2.
The plurality of request parameter sets are respectively carried in corresponding access requests and sent to the first satellite.
Optionally, the present application is directed to multiple users { U } 1 ,U 2 ,U 3 ,…,U k An access request including a request parameter set, in determining a plurality of access requestsAfter ageing verification is carried out respectively, unified verification is carried out on the request parameter sets passing the ageing verification.
The method comprises the steps of A1-A3, performing batch verification on a plurality of received request parameter sets:
a1, verifying whether each access request meets an aging condition;
in practice, a first satellite receives a plurality of access requests { AAR } 1 ,AAR 2 ,AAR 3 ,…,AAR k Each access request carrying a respective set of request parameters, e.g. AAR i ={TID i ,ID j ,PKK i-j ,PK ncc-i ,r i-j ,s i-j ,T i,1 The process of determining the request parameter set refers to step S702.
Optionally, the present application is based on a timestamp T when the corresponding user carried in each access request triggers an access operation to access the satellite network i,1 And verifying whether the access request meets the aging condition.
The first satellite, upon receiving each respective access request, illustratively determines a timestamp T 'of receipt of the respective access request' i,1 By determining |T' i,1 -T i,1 Whether the i is less than the error threshold Δt determines whether the corresponding access request meets timeliness.
A2, verifying a request parameter set for the access request meeting the aging condition;
optionally, the present application determines, based on formula ten, that the request parameter set in all access requests meeting the aging condition passes the verification:
(∑e′ i-j +x mod n)mod n=∑r i-j formula ten
Wherein Σe' i-j Representing e 'determined separately on the basis of a request parameter set for each access request' i-j Sum, e' i-j =H 1 (TID i ,ID j ,PKK i-j ,PK ncc-i ,T i,1 ) Wherein, TID i ,ID j ,PKK i-j ,PK ncc-i ,T 1 Are all request parameters included in each request parameter set;(x,y)=∑(s i-j ·PK ncc-i )+∑(t i-j e′ i-j )·P+∑(t i-j r ncc-i )·PK ncc (X, Y) is the coordinate value of X-axis and Y-axis, t i-j =(r i-j +s i-j )mod n,s i-j For request parameters PK in a request parameter set ncc-i PK for the primary public key of the target user ncc The public key is a main public key of a public parameter set network control center.
Illustratively, for the principle of batch verification of the request parameter set in the formula ten, the following description is provided in this application:
k-based i-j =s i-j +(s i-j +r i-j )sk i =s i-j +t i-j sk i ,PK ncc =SK ncc ·P,PKK j-i =k j-i ·PK ncc-j ,PK ncc-j =k ncc-j ·PK j =k ncc-j k j ·P,sk j = The formula eleven.1 can be obtained:
due to PKK i-j =k i-j ·PK ncc-i ,(x 3 ,y 3 ) For PKK i-j According to formula eleven.1, the X-axis and Y-axis coordinates of (a) can be found as formula eleven.2:
∑(e i-j +x 3 mod n)mod n=∑r i-j formula eleven.2
Then the above reasoning principle is referred to obtain the formula ten, and each request parameter set meeting the aging condition is verified by using the formula ten.
If the first satellite determination formula is ten, each symbol is determinedThe request parameter set eligible for verification indicates that each access request eligible for aging is complete and valid and determines the user { U } to which each access request responds 1 ,U 2 ,U 3 ,…,U k Legitimacy passing; otherwise, it means that there is an access request that is tampered with or forged in the open star-to-ground link.
In implementation, the SM 2-based efficient batch verification mechanism enables the first satellite to verify the validity and the integrity of a large number of access requests in batches with low cost, and reduces the calculation bottleneck risk during the verification of the first satellite.
Step S704, after the first satellite determines that the request parameter set passes verification, determining a response parameter set based on the satellite access key corresponding to the first satellite and the request parameter set;
optionally, the response parameter set is determined by the first satellite based on the request parameter set according to the second session key, the satellite access key corresponding to the first satellite, and the request parameter set after the first satellite determines the second session key;
optionally, the present application determines the second session key by formula twelve:
Key j-i =H 4 (k j-i ·PKK i-j ,TID i ,ID j ,PKK j-i ,T 1 ,T 2 ) Formula twelve
Wherein PKK i-j To request parameters in the request parameter set, T 2 A time stamp when the request parameter set passes verification;
in implementation, the response parameter includes at least one response parameter, which may be determined by the following formulas:
(1)、PKK j-i =k j-i ·PK ncc-j wherein k is j-i Is from a predetermined set of private keys Z p Is selected randomly (k) j-i ∈Z p ),PK ncc-j A master public key of the first satellite in a first satellite authentication parameter set determined for the time of registration of the first satellite;
(2)、PPK j-i =k j-i ·PK ncc-i wherein,PK ncc-i A master public key representing a target user, contained in the access request parameter set;
(3)、r j-i =(e j-i +x′ 4 mod n) mod n, where e j-i =H 1 (TID i ,ID j ,PK ncc-i ,PK ncc-j ,PPK j-i ,Key j-i ,T 2 ),TID i ,ID j ,PK ncc-i Key for request parameters in request parameter set j-i Representing a second session key;
(4)、s j-i =(1+sk j ) -1 (k j-i -r j-i sk j ) Wherein sk j Representing a first satellite access key that is stored locally at the first satellite when the first satellite is registered;
composing a response parameter set { PKK based on the above-determined response parameters j-i ,PPK j-i ,r j-i ,s j-i }。
Optionally, a first satellite L j An access response may be sent to the terminal device over the star-to-ground link.
In practice, the reply parameter set may also include the primary public key PK of the first satellite ncc-j Timestamp T when a request parameter set passes verification 2 。
Step 705, the first satellite sends an access response containing a response parameter set to the terminal device;
optionally, a first satellite L j Transmitting the response parameter set { PKK over a star-to-ground link to the terminal device j-i ,PK ncc-j ,PPK j-i ,r j-i ,s j-i ,T 2 And the access response set can be carried in the access response and sent to the terminal equipment.
In the embodiment of the application, the first satellite can generate and access the response based on the signature mechanism of the SM2 and send the response to the terminal equipment.
Step S706, the terminal equipment receives the access response which is sent by the first satellite and contains the response parameter set, and performs a session with the first satellite after the response parameter set is verified based on the request parameter set.
Optionally, after the terminal device receives the access request, it is a priori verified whether the access response meets the aging condition.
The embodiment of the application can be based on the timestamp T when the request parameter set carried in the access request passes verification 2 And verifying whether the access response meets the aging condition.
The terminal device, upon receiving an access response, determines, for example, a timestamp T 'of the receipt of the access response' 2 By determining |T' 2 -T 2 Whether the I is less than the error threshold DeltaT to determine whether the access response meets timeliness.
And if the access response is smaller than the error threshold, determining that the access response meets timeliness, and determining that the access response passes timeliness verification.
And after the terminal equipment determines that the time-effect verification is passed, verifying the response parameter set in the access response.
In practice, embodiments of the present application verify the response parameter set based on the first session key and the request parameter set after determining the first session key based on the request parameter set.
Alternatively, the present application determines the first session key by the formula thirteen:
Key i-j =H 4 (k i-j ·PPK j-i ,TID i ,ID j ,PKK i-j ,T 1 ,T 2 ) Formula thirteen
Wherein Key i-j Representing a first session key, PKK i-j To request parameters in the request parameter set, T 1 Time stamp indicating when target user triggers access operation to satellite network, PPK j-i Response parameters in the response parameter set; TID (tungsten inert gas) i Representing the temporary identity, ID, of the user j For the first satellite identity data, TID i And ID j Are all request parameters in the request parameter set.
Optionally, the present application determines, based on formula fourteen, that the response parameter set in the access response passes the verification:
r j-i =(e′ j-i +x′ 4 mod n) mod n-formula fourteen
Wherein r is j-i Validating parameters for the response in the set of response parameters;
e′ j-i =H 1 (TID i ,ID j ,PK ncc-i ,PK ncc-j ,PPK j-i ,Key i-j ,T 2 ) Wherein PK ncc-j ,PPK j-i Are response parameters in the response parameter set; TID (tungsten inert gas) i ,ID j ,PK ncc-i Request parameters in the request parameter set; key (Key) i-j Representing a first session key;
(x′ 4 ,y′ 4 )=s j-i ·PK ncc-j +t j-i e′ j-i ·P+t j-i r′ ncc-j ·PK ncc wherein t is j-i =(r j-i +s j-i )mod n,r′ ncc-j =x′ 1 mod n,(x′ 1 ,y′ 1 )=PK ncc-j I.e. (x' 1 ,y′ 1 ) PK respectively ncc-j X-axis and Y-axis coordinates of (c).
Illustratively, the following description is given to the principle of verifying the corresponding parameter set in the formula fourteen:
based on s j-i =(1+sk j ) -1 (k j-i -r j-i sk j )、t j-i =(r j-i +s j-i ) mod n, can be found as the formula fifteen.1:
k j-i =s j-i +(s j-i +r j-i )sk j =s j-i +t j-i sk j formula fifteen.1
PK-based ncc =SK ncc ·P、PKK j-i =k j-i ·PK ncc-j 、PK ncc-j =k ncc-j ·PK j =k ncc-j k j ·P、 For the formula fifteen.1The following adjustment is performed to obtain the formula fifteen.2: />
Due to PKK j-i =k j-i ·PK ncc-j ,(x 4 ,y 4 ) For PKK j-i According to the formula fifteen.2, the formula fifteen.3 can be derived:
(e j-i +x 4 mod n)mod n=r j-i Formula fifteen.3
Then equation fourteen can be obtained by referring to the reasoning principle described above, and the request parameter set is verified using equation fourteen.
If the terminal device determines that the formula fourteen is satisfied, determining that the switching request parameter set passes verification, which indicates that the access response is not tampered in the open star-earth link and not forged; otherwise, the access response is tampered or falsified in the open star-ground link, and the terminal device terminates the access authentication process.
In implementation, the method and the device for verifying the security of the satellite subscription service have the advantages that integrity and validity verification are carried out on password data of the target user, biological characteristic data and user authentication parameters stored locally in the terminal device, the situation that an attacker steals the terminal device of the target user and directly impersonates legal users to access and acquire the satellite subscription service is avoided, secret parameters such as user private keys and the like are extracted from the terminal device in the modes of side channel attack, power analysis attack and the like are effectively prevented, and the security of the terminal device is improved.
And if the response parameter set is confirmed to pass verification based on the process, the terminal equipment carries out session with the first satellite.
After the response parameter set passes the verification, it is determined that the first session key is consistent with the second session key, and then a corresponding target satellite-to-ground link is constructed with the first satellite based on the first session key and the second session key, and a session is performed with the first satellite through the target satellite-to-ground link.
Wherein, since the first session key used by the terminal equipment and the first satellite for each session is based on the randomly selected private key k i-j The second session key is determined based on a randomly selected private key k j-i And if the session key of one session is revealed, the contents of other sessions are easily traced.
Based on the above procedure, the terminal device successfully accesses the satellite network.
In implementation, the satellite network access authentication mechanism based on SM2 can enable the target user and the first satellite to realize bidirectional authentication, thereby preventing unauthorized users and malicious nodes from accessing the satellite network and acquiring satellite subscription services, and legal users can acquire the trusted satellite subscription services, so that false and fake satellite subscription data are prevented from being received.
In addition, under the satellite network access scene, the target user and the first satellite realize mutual trust based on an SM2 signature mechanism, and the target user and the first satellite negotiate a session key with forward/backward security together based on an elliptic curve cryptosystem, public parameters and a one-way hash function, so that the user is ensured to access and acquire a trusted satellite subscription service, and the reliability of the satellite network service is improved.
On the other hand, the access authentication stage in the application does not need to be participated by a ground network control center, so that the transmission times of authentication messages in a satellite-to-ground link with higher transmission time delay are reduced, single point failure of NCC caused by frequent participation of NCC in access authentication of a large number of users is avoided, and the instantaneity of establishing trusted connection between the users and a satellite network and the reliability of the satellite network are improved.
Based on the implementation flowchart shown in fig. 7, an embodiment of the present application is a schematic diagram of an access authentication phase between a terminal device and a first satellite shown in fig. 9.
Optionally, in the embodiment of the present application, when the terminal device performs a session with the first satellite, the first satellite detects session content, and when determining that a malicious behavior exists in the session content, the first satellite reports to the network control center, and the network control center determines user identity data corresponding to a user having the malicious behavior.
It should be noted that, because the request parameter set in the access request sent by the user to the first satellite carries the temporary identity data of the user, the anonymity and the unlinkability of the user are ensured, after determining that the user has malicious behaviors, the network control center needs to determine the user identity data of the user.
Optionally, the embodiments of the present application determine that a malicious behavior exists for a user in several ways:
in an alternative implementation manner, the first satellite determines suspicious users based on received session contents, sends the session contents between the suspicious users to the network control center, and the network control center detects the session contents corresponding to the suspicious users to determine malicious users;
in another alternative embodiment, the first satellite determines a malicious user based on the received session content.
If the user is detected to have the behavior of sending false information or implementing malicious attack, the user is determined to be a malicious user.
Optionally, steps B1 to B2 in the embodiments of the present application determine user identity data of the user:
step B1, the network control center determines a user public key PK corresponding to a malicious user of the malicious user based on a historical access request of the malicious user i ”;
In implementation, the historical access request in the embodiment of the application is an access request sent by the user when the session is established.
Optionally, in the embodiment of the present application, the network control center is based on a master public key PK of the target user carried in the historical access request ncc-i "for PK stored in local database ncc-i "AND PK i "mapping relation between the PKs" is searched to determine the PK ncc-i "corresponding PK i ”。
Incidentally, PK ncc-i "AND PK i "the mapping relationship between the two is stored in the network control center when each user is registered.
Step B2, based on user public key PK i "determining user identity data of the malicious user with the historical access request;
optionally, the present application sixteen determines the user identity data of the malicious user through the formula:
wherein, ID i "indicates user identity data corresponding to malicious user, TID i "represents temporary identity data, PK, corresponding to malicious user i "represents the user public key corresponding to the malicious user in the history authentication parameter set in the history access request.
Optionally, after the network control center determines the user identity data corresponding to the malicious user, the embodiment of the application ID of the user identity data corresponding to the malicious user i ", user public key PK i "Main public Key PK of target user ncc-i "blacklist and disclose to all terminal devices and satellites.
The network control center can also base on the proxy user signing key s corresponding to the malicious user stored in the local database ncc-i "AND PK i "mapping relation between the malicious users, obtain the proxy user signature key s corresponding to the malicious users ncc-i ", and will s ncc-i "blacklist and disclose to all terminal devices and satellites.
Optionally, in the embodiment of the present application, after determining, based on the user temporary identity data in the history access request of the malicious user, the network control center may send an indication to the terminal device, so that the terminal device determines that the target user is a malicious user, and prevents the target user from accessing the satellite network.
In an alternative embodiment, the indication sent by the network control center to the target user carries user public data corresponding to the malicious user (for example, { ID } "; ii ,s ncc-i ”,PK i ”,PK ncc-i "}) the terminal device based on the user public data and the locally stored authentication parameter set { PK } of the target user i ,PK ncc-i ,DID i ,DK i ,DSK i ,v i ,ver i Comparing, and preventing the target user from accessing the satellite network after determining the target user as the malicious user;
in another optional implementation manner, after the network control center determines that the malicious user is the target user based on the user public data corresponding to the malicious user, the network control center sends an instruction to the terminal device, and the terminal device determines that the target user is the malicious user based on the instruction of the network control center, so that the target user is prevented from accessing the satellite network.
Optionally, in the embodiment of the present application, after determining the user public data corresponding to the malicious user based on the user temporary identity data in the historical access request of the malicious user, the network control center may send an instruction to the satellite, so that the satellite prevents the target user from accessing the satellite network.
In an alternative embodiment, the indication sent by the network control center to the satellite carries user public data corresponding to the malicious user (for example, { ID } "; ii ,s ncc-i ”,PK i ”,PK ncc-i "}) when the target user accesses the satellite network, the satellite is based on the master public key PK of the target user carried in the access request of the target user ncc-i Comparing the PK public data corresponding to the malicious user, and when determining the PK in the public data ncc-i "AND PK ncc-i And after the request parameter sets in the access request are confirmed to pass verification through the formula eight, the satellite confirms that the target user is a malicious user and prevents the target user from accessing the satellite network.
In another optional implementation manner, after the network control center determines that the malicious user is the target user based on the user public data corresponding to the malicious user, the indication is sent to the satellite, and the satellite determines that the target user is the malicious user based on the indication of the network control center, so that the target user is prevented from accessing the satellite network.
Based on the above process, the embodiment of the application obtains the user identity data corresponding to the malicious user aiming at the malicious user with malicious behavior in the session process, and discloses the user identity data to the whole system.
In implementation, in the access authentication stage and the inter-satellite switching authentication stage, a user uses a dynamic user temporary identity to replace real user identity data of the user to access, an attacker and a satellite node cannot know the real identity of a target user, and when the target user sends false information or carries out malicious attack, NCC can reveal the real user identity data of the target user according to the user temporary identity, related information of a registration stage and a public parameter set and add a blacklist, so that the security and the liability of a satellite network are improved.
Optionally, in the embodiment of the present application, in response to an update operation triggered by a target user to update user password data, updated user target password data is determined, an updated user target authentication parameter set is determined based on the updated user target password data, and the updated user target authentication parameter set is stored.
Illustratively, the present application determines the updated target authentication parameter set through steps C1-C4:
Step C1, the terminal equipment responds to the updating operation of updating the user password data triggered by the target user, and the password data input by the target user is obtained;
wherein the password data input by the user comprises password data PW i "and biometric data BIO i ”。
Step C2, the terminal equipment verifies the password data input by the target user;
optionally, the present application determines, based on formula seventeen, that the password data input by the target user passes verification:
ver i =H 3 (ID” i ,k” i ,sk” i ,params,v i ,PK i ,PK ncc-i ) Formula seventeen
Wherein params is a locally stored public parameter set, PK i ,PK ncc-i User authentication parameters in a locally stored user authentication parameter set;
wherein RPW' i =H 2 (PW i ”,σ” i ),σ” i =Rep(BIO“ i ,v i ),DID i ,v i User authentication parameters in a locally stored user authentication parameter set;
wherein DK is i User authentication parameters in a locally stored user authentication parameter set;
wherein DSK i Is a user authentication parameter in a locally stored user authentication parameter set.
Based on the formula seventeen, after determining that the formula seventeen is established, determining the password data PW input by the target user i "and BIO i "correct, i.e. biometric data BIO i "biological feature reference data BIO in user password data input at user registration time i The error value between is smaller than the error threshold τ.
And C3, the terminal equipment acquires user target password data corresponding to the target user, determines an updated user target authentication parameter set based on the user target password data, and stores the updated user target authentication parameter set.
In the implementation, the user target password data corresponding to the target user acquired by the terminal equipment comprises password target dataAnd biometric target data->/>
Note that, the password target data may be the same as or different from the password form corresponding to the password reference data, and the biometric target data may be the same as or different from the physical feature corresponding to the biometric reference data, which is not limited in this application.
Optionally, the user target authentication parameter set in the embodiment of the present application may include at least one user target authentication parameter:
optionally, at least one user target authentication parameter in the embodiments of the present application may be determined by the following formula:
(1)、wherein (1)>
(2)、Wherein,
(3)、
(4)、
after the user target authentication parameters are determined, the locally stored user authentication parameter set is updated based on the user target authentication parameter set.
Based on steps C1-C4, an embodiment of the present application updates a user target authentication parameter set of a target user as shown in fig. 10.
Optionally, the application proposes an inter-satellite switching authentication mechanism supporting seamless switching aiming at an inter-satellite switching scene existing in a high dynamic topology satellite network.
It should be noted that, due to the high-speed mobility of the satellites, the service area of the first satellite pLEO gradually gets far from the target user U i When the inter-satellite handover is needed, the second satellite nLEO with stronger service signal is continued to be the target user U i Satellite subscription services are provided to ensure stability and quality of service for communications.
Alternatively, the present application may predict that the next target user U can be through satellite network ephemeris i A second satellite nLEO providing high quality satellite subscription services.
As shown in fig. 11. The embodiment of the application provides a satellite switching implementation flow chart, which comprises the following specific steps:
step 1101, after the first satellite determines that the terminal device meets the satellite switching condition based on the signal overlapping area between the first satellite and the second satellite, determining a switching authentication parameter set based on the historical access request of the terminal device;
optionally, in the embodiment of the present application, when the first satellite pLEO detects that a signal overlapping area exists between the first satellite pLEO and the second satellite nLEO, and it is determined that satellite-to-ground link signals between a plurality of terminal devices in the current overlapping area are weakened, it is determined that satellite switching conditions are met.
Exemplary, a schematic diagram of a signal overlap region between a first satellite and a second satellite is shown in fig. 12. Where pLEO denotes a first satellite, nLEO denotes a second satellite, and an arrow denotes a moving direction of the first satellite.
The historical access request of the terminal device may be an access request sent by the terminal device last time.
In order to distinguish the parameters of the first satellite from the parameters of the second satellite, the present application uses pLEO for the parameters corresponding to the first satellite and nLEO for the parameters corresponding to the second satellite.
In implementation, the embodiments of the present application may determine a handover authentication parameter set based on historical access requests of a terminal device.
In implementation, the handover authentication parameter set sent by the present application may include an inter-satellite handover vector av and an authentication verification parameter xres.
Optionally, the present application determines inter-satellite handover vector av by equation eighteen:
av=H 3 (rand,TID i ,ID pLEO ,ID nLEO ,PK ncc-i ,PKK i-pLEO ,Key i-pLEO ) Formula eighteen
Where av represents an inter-satellite handover vector and rand is from a predetermined set of private keys Z p Random (rand. Epsilon. Z) p ),ID pLEO First satellite identity data (equal to the ID in the foregoing) representing the first satellite correspondence j ),ID nLEO Representing second satellite identity data corresponding to the second satellite, the second satellite identity data of the second satellite being available, PKK, since the operational state of the satellite is known i-pLEO For authentication parameters in historical access requests (equal to PKK in the foregoing i-j ),Key i-pLEO Representing a session Key between the first satellite and the terminal device (equal to the first session Key in the foregoing i-j And a second session Key Key j-i )。
Optionally, the present application determines the authentication verification parameter xres through the formula nineteenth:
xres=H 3 (rand,av,Key i-pLEO ) Formula nineteen
Wherein xres represents authentication verification parameters, and other parameters are described in the foregoing, and are not described herein.
In practice, the handover authentication parameter set in the embodiments of the present application includes TID i ,PK ncc-i And rand.
Based on the above procedure, the handover authentication parameter set determined in the embodiments of the present application may be { TID } i ,PK ncc-i ,rand,av,xres}。
Step 1102, the first satellite sends the switching authentication parameter set to the second satellite;
alternatively, embodiments of the present application may send the handoff authentication parameter set to the second satellite over an inter-satellite secure link.
Step S1103, the second satellite determines a satellite switching request based on the switching authentication parameter set sent by the first satellite;
optionally, the present application determines that the handover authentication parameter set passes verification based on formula twenty:
auth=H 3 (rand,av′,PPK nLEO-i ,Key nLEO-i ,T 3 ) Formula twenty
Wherein auth represents authentication and authorization value, PPK nLEO-i =k nLEO-i ·PK ncc-i ,k nLEO-i Is from a predetermined set of private keys Z p Is selected randomly (k) nLEO-i ∈Z p ),Key nLEO-i =H 4 (k nLEO-i ·PKK i-pLEO ,TID i ,ID pLEO ,ID nLEO ,T 3 );
In practice, the present application determines the handover request parameter set { rand, ID after determining that the handover authentication parameter set is verified nLEO ,PPK nLEO ,auth,T 3 }。
Step S1104, the second satellite sends a satellite switching request to the terminal equipment;
in practice, the present application sends a satellite handoff request comprising a handoff request parameter set to a terminal device.
Optionally, in the embodiment of the present application, the second satellite sends the satellite switching request to the terminal device through a satellite-ground public channel.
The terminal device is a device that meets the handover condition.
Optionally, in the embodiment of the present application, the switching condition is: the satellite-to-earth link communication signal between the first satellite and the second satellite is weaker and the satellite-to-earth link communication signal between the second satellite is stronger.
Step S1105, when receiving a satellite switching request sent by a second satellite, the terminal equipment verifies a switching request parameter set in the satellite switching request;
optionally, after receiving the satellite switching request, the terminal device verifies whether the switching request parameter set meets the aging condition.
The embodiment of the application can be based on the time stamp T when the switching request parameter set carried in the satellite switching request passes verification 3 And verifying whether the satellite switching request meets the aging condition.
The terminal device, upon receiving a satellite handoff request, illustratively determines a time stamp T 'of the satellite handoff request' 3 By determining |T' 3 -T 3 Judging whether the time stamp T is smaller than the error threshold DeltaT 3 Whether or not timeliness is met.
Optionally, the present application determines that the handover request parameter set passes verification based on the formula twenty-one:
auth=H 3 (rand,av′,PPK nLEO-i ,Key i-nLEO ,T 3 ) Formula twenty-one
Where av 'represents an inter-satellite handover verification vector, av' =h 3 (rand,TID i ,ID pLEO ,ID nLEO ,PK ncc-i ,PKK i-pLEO ,Key i-pLEO ),Key i-nLEO Representing a third session Key, key i-nLEO =H 4 (k i-pLEO ·PKK nLEO-i ,TID i ,ID pLEO ,ID nLEO ,T 3 )。
If the terminal equipment determines that the formula twenty-one is satisfied, determining that the switching request parameter set passes verification, wherein the satellite switching request is not tampered in an open star-earth link and is not forged; otherwise, the satellite switching request is tampered or falsified in the open satellite-ground link, and the terminal equipment terminates the access authentication process.
Step S1106, after the terminal equipment determines that the switching request parameter set passes the verification, determining a switching response parameter set based on the switching request parameter set;
optionally, the handover response parameter set in the embodiment of the present application may include a handover response parameter: { res }.
Optionally, the present application determines the handover response parameter by the formula twenty-two:
res=H 3 (rand,xres′,Key i-nLEO ,T 4 ) Formula twenty-two
Wherein res represents a switching response parameter, xres 'represents a switching verification parameter, xres' =h 3 (rand,av′,Key i-pLEO ),Key i-nLEO Representing a third session key, T 4 Indicating a time stamp when the handover response parameter was determined.
In practice, the handover response parameter set in the present application may further include T 4 The handover response parameter set includes: { res, T 4 }。
Step S1107, the terminal equipment sends the switching response parameter set to a second satellite;
alternatively, the terminal device in the present application may send the handover response parameter set to the second satellite through a star-to-ground public channel.
And step S1108, after the second satellite determines that the switching response parameter set passes the verification, the second satellite performs a session with the target user.
Optionally, after the second satellite receives the switching response parameter set, it is a priori verified whether the switching response parameter set meets the aging condition.
Wherein, the embodiment of the application can be based on T in the switching response parameter set 4 And verifying whether the access response meets the aging condition.
The second satellite, upon receiving the handoff response parameter set, determines a timestamp T 'of receipt of the handoff response parameter set' 4 By determining |T' 4 -T 4 Whether the I is smaller than the error threshold DeltaT or not is used for judging whether the switching response parameter set accords with timeliness or not.
And if the switching response parameter set is smaller than the error threshold value, determining that the switching response parameter set accords with the timeliness, and determining that the switching response parameter set is subjected to the timeliness verification.
And after the second satellite determines that the time-lapse verification is passed, verifying the switching response parameter set.
Optionally, the application determines that the handover response parameter set passes verification based on the twenty-third formula:
res=H 3 (rand,xres,Key nLEO-i ,T 4 ) Formula twenty-three
Wherein xres represents authentication verification parameters, which are determined by a first satellite through a formula nineteenth, and Key nLEO-i Representing a fourth session Key, key nLEO-i =H 4 (k nLEO-i ·PKK i-pLEO ,TID i ,ID pLEO ,ID nLEO ,T 3 )。
If the second satellite determining formula twenty-three is established, determining that the switching response parameter set passes verification, wherein the switching response parameter set is not tampered in the open star-earth link and not forged; otherwise, indicating that the handover response parameter set is tampered or falsified in the open satellite-to-ground link, the second satellite terminates the access authentication procedure.
In practice, after the second satellite determines that the switching response parameter data passes the verification, the third session Key is determined i-nLEO Equal to the fourth session Key Key nLEO-i . The second satellite establishes a corresponding target satellite-to-ground link with the terminal device based on the third session key and the fourth session key, and performs a session with the terminal device through the target satellite-to-ground link.
Based on the above process, the embodiment of the application realizes the identity mutual trust process between the terminal device and the second satellite based on rand, av and xres, and negotiates a session key (a third session key and a fourth session key) together, so as to determine the security of the second satellite providing the satellite subscription service for the target user.
After the satellite switching process is completed, the target user can switch from the first satellite to the second satellite with stronger service signal, and continuously obtain satellite network service.
As shown in fig. 13, a satellite switching process is schematically illustrated in an embodiment of the present application. Wherein U is i Representing the target user, pLEO representing the first satellite, nLEO representing the second satellite, and the identity mutual trust process may be performed by securityFull channel secure channel transmits.
Based on the same technical concept, fig. 14 is a schematic diagram schematically illustrating an apparatus for accessing a satellite network according to an embodiment of the present application, and as shown in fig. 14, the apparatus specifically includes:
an obtaining module 1401, configured to respond to an access operation triggered by a target user to a satellite network, and obtain a user access key corresponding to the target user after user login data input by the target user passes verification;
a sending module 1402, configured to determine a request parameter set based on the user access key, and send an access request including the request parameter set to a first satellite, so that after the first satellite determines that the request parameter set passes verification, determine a response parameter set based on a satellite access key corresponding to the first satellite and the request parameter set;
A first verification module 1403 is configured to receive an access response sent by the first satellite and including the response parameter set, and perform a session with the first satellite after verifying the response parameter set based on the request parameter set.
In some embodiments, the acquiring device 1401 is specifically configured to:
responding to the access operation of a target user to a satellite network, and acquiring user login data input by the target user; the user login data comprises at least one of biometric login data and password login data;
the user login data is verified based on a stored set of authentication parameters, which are determined when the terminal device registers a target user.
In some embodiments, the acquisition device 1401 is further configured to:
responding to user registration operation triggered by the terminal equipment, and acquiring user identity data and user password data corresponding to the target user;
transmitting user registration data containing the user identity data to a network control center, and receiving a proxy user signing key corresponding to the target user, which is transmitted by the network control center and determined according to the user registration data;
Determining the user access key based on the proxy user signing key after the proxy user signing key passes verification based on the user registration data; and determining the authentication parameter set based on the user registration data, the user access key and the user password data corresponding to the target user.
In some embodiments, the first verification module 1403 is specifically configured to:
determining a first session key based on the request parameter set and validating the response parameter set based on the first session key and the request parameter set; the response parameter set is determined according to the second session key after the first satellite determines the second session key based on the request parameter set;
when the response parameter set passes verification, determining that the first session key is consistent with the second session key, and constructing a corresponding target satellite-to-ground link based on the first session key and the first satellite;
session is conducted with the first satellite over the target satellite-to-ground link.
In some embodiments, the first verification module 1403 is further configured to:
determining the target user as a malicious user according to the indication of the network control center, and preventing the target user from accessing a satellite network;
The indication of the network control center is sent after the network control center determines the user identity data of the malicious user based on the user temporary identity data in the history access request of the malicious user.
In some embodiments, the first verification module 1403 is further configured to:
when a satellite switching request sent by a second satellite is received, verifying a switching request parameter set in the satellite switching request; the satellite switching request is determined by the second satellite based on a switching authentication parameter set sent by a first satellite, and the switching authentication parameter is determined by the first satellite based on a signal overlapping area between the first satellite and the second satellite after determining that the terminal equipment meets satellite switching conditions;
after the switching request parameter set is confirmed to pass verification, a switching response parameter set is confirmed based on the switching request parameter set, and the switching response parameter set is sent to the second satellite, so that the second satellite can carry out conversation with the target terminal after confirming that the switching response parameter set passes verification.
Based on the same technical concept, fig. 15 schematically illustrates a device for accessing a satellite network according to an embodiment of the present application, as shown in fig. 15, where the device specifically includes:
A verification module 1501, configured to verify a request parameter set based on an access request including the request parameter set sent by a terminal device; the terminal equipment responds to the access operation triggered by the target user to the satellite network, determines that the user login data input by the target user passes verification, and determines based on the acquired user access key corresponding to the target user;
a determining module 1502, configured to determine, after the request parameter set passes the verification, a response parameter set based on a satellite access key corresponding to the first satellite and the request parameter set, and send an access response including the response parameter set to the terminal device.
Based on the same technical concept, the embodiment of the invention further provides a computer device, including:
a memory for storing program instructions;
and the processor is used for calling the program instructions stored in the memory and executing the method for accessing the satellite network according to the obtained program.
Based on the same technical concept, the embodiment of the invention further provides a computer readable storage medium storing computer executable instructions for causing a computer to execute the method for accessing a satellite network.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
Claims (10)
1. A method for accessing a satellite network, applied to a terminal device, the method comprising:
responding to access operation triggered by a target user to a satellite network, and acquiring a user access key corresponding to the target user after user login data input by the target user passes verification;
determining a request parameter set based on the user access key, and sending an access request containing the request parameter set to a first satellite, so that after the first satellite determines that the request parameter set passes verification, determining a response parameter set based on a satellite access key corresponding to the first satellite and the request parameter set;
and receiving an access response which is sent by the first satellite and contains the response parameter set, and carrying out session with the first satellite after the response parameter set is verified based on the request parameter set.
2. The method of claim 1, wherein authenticating the user login data entered by the target user in response to the target user's access operation to the satellite network trigger comprises:
responding to the access operation of a target user to a satellite network, and acquiring user login data input by the target user; the user login data comprises at least one of biometric login data and password login data;
The user login data is verified based on a stored set of authentication parameters, which are determined when the terminal device registers a target user.
3. The method of claim 2, further comprising, prior to said authenticating user login data entered by the target user in response to the target user's access operation to the satellite network:
responding to user registration operation triggered by the terminal equipment, and acquiring user identity data and user password data corresponding to the target user;
transmitting user registration data containing the user identity data to a network control center, and receiving a proxy user signing key corresponding to the target user, which is transmitted by the network control center and determined according to the user registration data;
determining the user access key based on the proxy user signing key after the proxy user signing key passes verification based on the user registration data; and determining the authentication parameter set based on the user registration data, the user access key and the user password data corresponding to the target user.
4. The method of claim 1, wherein said conducting a session with said first satellite after said validating said response parameter set based on said request parameter set comprises:
Determining a first session key based on the request parameter set and validating the response parameter set based on the first session key and the request parameter set; the response parameter set is determined according to the second session key after the first satellite determines the second session key based on the request parameter set;
when the response parameter set passes verification, determining that the first session key is consistent with the second session key, and constructing a corresponding target satellite-to-ground link based on the first session key and the first satellite;
session is conducted with the first satellite over the target satellite-to-ground link.
5. The method of claim 1, further comprising, after said session with said first satellite:
determining the target user as a malicious user according to the indication of the network control center, and preventing the target user from accessing a satellite network;
the indication of the network control center is sent after the network control center determines the user identity data of the malicious user based on the user temporary identity data in the history access request of the malicious user.
6. The method of any of claims 1-5, further comprising, after the session with the first satellite:
When a satellite switching request sent by a second satellite is received, verifying a switching request parameter set in the satellite switching request; the satellite switching request is determined by the second satellite based on a switching authentication parameter set sent by a first satellite, and the switching authentication parameter is determined by the first satellite based on a signal overlapping area between the first satellite and the second satellite after determining that the terminal equipment meets satellite switching conditions;
after the switching request parameter set is confirmed to pass verification, a switching response parameter set is confirmed based on the switching request parameter set, and the switching response parameter set is sent to the second satellite, so that the second satellite can carry out conversation with the target terminal after confirming that the switching response parameter set passes verification.
7. A method of accessing a satellite network for use with a first satellite, the method comprising:
verifying a request parameter set based on an access request which is sent by terminal equipment and contains the request parameter set; the terminal equipment responds to the access operation triggered by the target user to the satellite network, determines that the user login data input by the target user passes verification, and determines based on the acquired user access key corresponding to the target user;
And after the request parameter set passes the verification, determining a response parameter set based on the satellite access key corresponding to the first satellite and the request parameter set, and sending an access response containing the response parameter set to the terminal equipment.
8. An apparatus for accessing a satellite network, the apparatus comprising:
the acquisition module is used for responding to the access operation of the target user to the satellite network trigger, and acquiring a user access key corresponding to the target user after the user login data input by the target user passes verification;
the sending module is used for determining a request parameter set based on the user access key, sending an access request containing the request parameter set to a first satellite, and determining a response parameter set based on a satellite access key corresponding to the first satellite after the first satellite determines that the request parameter set passes verification;
and the first verification module is used for receiving the access response which is sent by the first satellite and contains the response parameter set, and carrying out session with the first satellite after the response parameter set is verified to pass on the basis of the request parameter set.
9. An apparatus for accessing a satellite network, the apparatus comprising:
the second verification module is used for verifying the request parameter set based on an access request which is sent by the terminal equipment and contains the request parameter set; the terminal equipment responds to the access operation triggered by the target user to the satellite network, determines that the user login data input by the target user passes verification, and determines based on the acquired user access key corresponding to the target user;
and the determining module is used for determining a response parameter set based on the satellite access key corresponding to the first satellite and the request parameter set after the request parameter set passes verification, and sending an access response containing the response parameter set to the terminal equipment.
10. A system for accessing a satellite network, the system comprising a terminal device and a first satellite;
the terminal equipment is used for responding to the access operation triggered by the satellite network, and acquiring a user access key corresponding to a target user after user login data input by the target user passes verification; determining a request parameter set based on the user access key, and sending an access request containing the request parameter set to a first satellite; receiving an access response which is sent by the first satellite and contains the response parameter set, and carrying out a session with the first satellite after verifying that the response parameter set passes on the basis of the request parameter set;
The first satellite is configured to determine a response parameter set based on a satellite access key corresponding to the first satellite after the request parameter set in the access request is verified, and send an access response including the response parameter set to the terminal device; wherein the satellite access key is determined when the first satellite is registered.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311828363.XA CN117768885A (en) | 2023-12-27 | 2023-12-27 | Method, device and system for accessing satellite network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311828363.XA CN117768885A (en) | 2023-12-27 | 2023-12-27 | Method, device and system for accessing satellite network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117768885A true CN117768885A (en) | 2024-03-26 |
Family
ID=90323661
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311828363.XA Pending CN117768885A (en) | 2023-12-27 | 2023-12-27 | Method, device and system for accessing satellite network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117768885A (en) |
-
2023
- 2023-12-27 CN CN202311828363.XA patent/CN117768885A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111639361B (en) | Block chain key management method, multi-person common signature method and electronic device | |
| CN109714167B (en) | Identity authentication and key agreement method and equipment suitable for mobile application signature | |
| KR101095239B1 (en) | Secure communications | |
| KR101486782B1 (en) | One-time password authentication with infinite nested hash chains | |
| US8543822B2 (en) | Device authentication | |
| AU2005201782B2 (en) | Device authentication | |
| KR20210139344A (en) | Methods and devices for performing data-driven activities | |
| CN112436938B (en) | Digital signature generation method and device and server | |
| US8433918B2 (en) | Methods and systems for improving the security of password-based authentication protocols for IEEE 802.11 networks | |
| CN111654481B (en) | Identity authentication method, identity authentication device and storage medium | |
| US20100306543A1 (en) | Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens | |
| CN115174104A (en) | Attribute-based online/offline signature method and system based on secret SM9 | |
| US20230041237A1 (en) | Key generation and pace with protection against side channel attacks | |
| CN116170144B (en) | Smart power grid anonymous authentication method, electronic equipment and storage medium | |
| CN111191262B (en) | Block chain wallet client private key protection method based on two-party signature | |
| CN110784318B (en) | Group key updating method, device, electronic equipment, storage medium and communication system | |
| CN117768885A (en) | Method, device and system for accessing satellite network | |
| US8572383B2 (en) | Key exchange device, key exchange processing system, key exchange method, and program | |
| US11223954B2 (en) | Network authentication method, device, and system | |
| US11399279B2 (en) | Security credentials recovery in Bluetooth mesh network | |
| CN116318636A (en) | SM 2-based threshold signature method | |
| CN111754233A (en) | Electronic payment method and system based on multi-party signature | |
| Huang et al. | A secure and efficient WSN by employing symmetric key matrix and rectangular frame scheme | |
| Saqib et al. | Computer and Information Sciences | |
| US20180203686A1 (en) | Method for configuring a cryptographic program to be executed by a terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |