KR101669481B1 - Apparatus and method for operating sub-network from trctical datalink system - Google Patents

Apparatus and method for operating sub-network from trctical datalink system Download PDF

Info

Publication number
KR101669481B1
KR101669481B1 KR1020160041765A KR20160041765A KR101669481B1 KR 101669481 B1 KR101669481 B1 KR 101669481B1 KR 1020160041765 A KR1020160041765 A KR 1020160041765A KR 20160041765 A KR20160041765 A KR 20160041765A KR 101669481 B1 KR101669481 B1 KR 101669481B1
Authority
KR
South Korea
Prior art keywords
data link
tactical data
message
tactical
group
Prior art date
Application number
KR1020160041765A
Other languages
Korean (ko)
Inventor
지승배
진철
박경미
박헌제
안정현
Original Assignee
국방과학연구소
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 국방과학연구소 filed Critical 국방과학연구소
Priority to KR1020160041765A priority Critical patent/KR101669481B1/en
Application granted granted Critical
Publication of KR101669481B1 publication Critical patent/KR101669481B1/en

Links

Images

Classifications

    • H04L29/06734
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/004Arrangements for detecting or preventing errors in the information received by using forward error control
    • H04L1/0045Arrangements at the receiver end
    • H04L1/0046Code rate detection or code type detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Abstract

The present invention relates to an apparatus and method for operating a subnetwork in a tactical data link system, and more particularly, to a system and method for operating a subnetwork in a tactical data link system, which includes receiving tactical information transmitted from a host and converting the received tactical data link message into a tactical data link message, And transmitting the encrypted tactical data link message to the other nodes using the same tactical data link network, and an encrypted tactical data link message transmitted from another node, And decodes the received message.

Description

[0001] APPARATUS AND METHOD FOR OPERATING SUB-NETWORK FROM TRCTICAL DATALINK SYSTEM [0002]

The present invention relates to an apparatus and method for operating a subnetwork in a tactical data link system, and more particularly, to a system and method for operating a subnetwork in a tactical data link system, To a subnetwork operating apparatus and method in a tactical data link scheme that processes link messages.

Tactical Data Link provides common situation awareness and simultaneous decision making power through real-time information sharing to all warfighters. Data fusion of shared tactical information provides monitoring / hitting and command control It provides a function to perform tactical operations such as inter-system engagement control. This has become an indispensable element for the sharing of real-time intelligence, surveillance and reconnaissance (ISR) data of modern military power systems.

The tactical data link is generally composed of separate elements such as a host computer, a data link processor, a cryptographic device, a data link terminal device, and a communication device as shown in FIG. 1 for transmitting and receiving tactical information. And shares tactical information in a broadcast manner using wireless and satellite communication networks. At this time, the tactical information transmitted by one node is structured to be received by all nodes, which is very vulnerable to security.

In order to overcome this problem, a technology for forming subscribers by groups has been developed, but the existing wireless and satellite modems need to be modified or replaced, resulting in excessive hardware replacement costs and operational limitations.

In this regard, Korean Patent Publication No. 2012-0077604 discloses "Data relaying apparatus and method in a multi-tactical data link system, and multi-tactical data link system including the same.

The present invention has been made to solve the above problems, and it is an object of the present invention to provide a method and apparatus for grouping nodes constituting a tactical data link network and generating a group key for each group by combining a unique group number assigned to each group and an arbitrary set number The purpose of the tactical data link system is to provide a subnetwork operating device.

Also, the node according to the present invention encrypts and transmits the tactical data link message based on the generated group key, and only the nodes belonging to the same group among other nodes receiving the tactical data link message decrypt and process the encrypted tactical data link message Link system to provide a sub-network operating device.

According to an aspect of the present invention, there is provided a tactical data link system comprising: a tactical information receiving unit for receiving tactical information transmitted from a host; A message conversion unit for converting the transmitted tactical information into a tactical data link message; A first encryption unit encrypting the converted tactical data link message using a group key distributed from a subnetwork constituent unit; A message transmission processing unit for transmitting the encrypted tactical data link message to other nodes using the same tactical data link network; A message reception processing unit for receiving an encrypted tactical data link message transmitted from another node; A decryption unit for decrypting the received encrypted tactical data link message using the group key; And a message processing unit for processing the tactical data link message based on the decoding result.

The apparatus may further include a second encryption unit for encrypting the tactical data link message encrypted by the first encryption unit.

In addition, if the group key used in the received encrypted tactical data link message and the group key used for decryption are the same, the message processing unit processes the received tactical data link message with decryption succeeded, When the group key used in the link message differs from the group key used in the decryption, decoding fails and the received tactical data link message can not be processed.

In addition, the sub-network configuration unit may include a group number unit for grouping a plurality of nodes constituting the tactical data link network by operations or tasks and assigning a unique group number to each group; A group key generation unit for generating a group key for each group by combining an assigned group number and an arbitrary set number; And a group key distribution unit for distributing the generated group key to the nodes.

In addition, the group key generation unit may generate a group key for each group through Exclusive OR (EOR) operation between the assigned group number and an arbitrary set number.

According to another aspect of the present invention, there is provided a method of operating a sub-network in a tactical data link system, the method comprising: receiving tactical information transmitted from a host by a transmission information receiver; Converting the transmitted tactical information into a tactical data link message by the message conversion unit; Encrypting the converted tactical data link message using the group key distributed from the subnetwork configuration unit by the first encryption unit; Transmitting an encrypted tactical data link message to other nodes using the same tactical data link network by a message transmission processing unit; Receiving, by the message reception processing unit, an encrypted tactical data link message transmitted from another node; Decrypting the received encrypted tactical data link message using the group key by the decryption unit; And processing the tactical data link message based on the decoding result by the message processing unit.

If the group key used in the received encrypted tactical data link message and the group key used for decryption are the same, the step of processing the tactical data link message based on the decryption result may include: And when the group key used in the received encrypted tactical data link message differs from the group key used in decryption, decoding fails and processing of the received tactical data link message is impossible.

An apparatus and method for operating a sub-network in a tactical data link system according to the present invention having the above-described structure are characterized by grouping nodes constituting a tactical data link network, combining a unique group number assigned to each group and an arbitrary set number By creating a group key for each group, it is possible to configure and utilize subnetworks according to operational tasks and operational functions, and to reduce hardware modification or replacement costs.

The node according to the present invention encrypts and transmits the tactical data link message based on the generated group key, and only the nodes belonging to the same group among other nodes receiving the decrypted data link message decrypt and process the encrypted tactical data link message, There is an effect that the sub-network configuration becomes possible.

1 is a diagram for explaining an operation example of a conventional tactical data link system.
2 is a diagram for explaining a configuration of a tactical data link system according to the present invention.
3 is a diagram for explaining a detailed configuration of a sub-network configuration unit according to the present invention.
4 is a diagram illustrating a configuration of a subnetwork operating apparatus in a tactical data link scheme according to the present invention.
5 is a diagram for explaining an operation example of a tactical data link system according to the present invention.
6 is a flowchart illustrating a procedure for transmitting an encrypted tactical data link message in a subnetwork operating method in a tactical data link scheme according to the present invention.
7 is a flowchart illustrating a procedure for receiving an encrypted tactical data link message in a subnetwork operating method in a tactical data link scheme according to the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings in order to facilitate a person skilled in the art to easily carry out the technical idea of the present invention. . First, in adding reference numerals to the constituents of the drawings, it is to be noted that the same constituents are denoted by the same reference symbols as possible even if they are displayed on different drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

2 is a diagram for explaining a configuration of a tactical data link system according to the present invention.

Referring to FIG. 2, the tactical data link system is a communication system that exchanges tactical information in the form of a specific standard message such as LINK-11, 16, K, VMF, etc. using a satellite, wireless and wired communication network System. At this time, the tactical data link network allows tactical information exchange in a broadcast manner using a communication environment such as satellite and radio.

The tactical data link system according to the present invention may be composed of a host, a subnetwork constituent unit and a node.

The host sends tactical information to the associated node.

The sub-network configuration unit groups a plurality of nodes constituting the tactical data link network, generates a group key for each group, and distributes the group key to the nodes through the tactical data link network. The configuration of the sub-network constituent unit will be described later in detail with reference to FIG.

The node may include a weapon system, or a harness, or the like, that is equipped with a tactical data link.

The node may include a sub-network operating device (hereinafter, a working device), a data link terminal, and a communication device in a tactical data link scheme connected to a plurality of nodes connected to a tactical data link network.

The operating device can decrypt the tactical information based on the group key distributed through the sub-network constituent part when receiving and transmitting the tactical information. In this case, when the tactical information is decoded according to the group key distributed by the group, the operating device can decode and process the tactical information when the nodes which are opposed to the tactical information are the same group, If it is not a group, the tactical information can not be decoded and can not be processed.

At this time, the encrypted tactical information is transmitted to the data link terminal, and can be transmitted to other nodes using the military communication equipment through signal conversion and protocol control.

3 is a diagram for explaining a detailed configuration of a sub-network configuration unit according to the present invention.

Referring to FIG. 3, the sub-network configuration unit according to the present invention groups a plurality of nodes constituting the tactical data link network, generates a group key for each group, and distributes the group key to the nodes through the tactical data link network.

To this end, the subnetwork configuration unit includes a group number portion, a group key generation portion, and a group key distribution portion.

The group number part groups a plurality of nodes constituting the tactical data link network by operations or tasks and assigns a unique group number to each group.

The group key generation unit generates a group key for each group by combining the assigned group number and an arbitrary set number.

The group key generation unit generates an identical group key for each group through exclusive OR (EOR) operation between the assigned group number and an arbitrary set number.

The group key distribution unit distributes the generated group key to the nodes.

FIG. 4 is a view for explaining a configuration of a subnetwork operating apparatus in a tactical data link system according to the present invention, and FIG. 5 is a view for explaining an operation example of a tactical data link system according to the present invention.

Referring to FIG. 4, in the tactical data link system according to the present invention, a subnetwork operating apparatus is provided for each node and includes a tactical information receiving unit, a message converting unit, a first encrypting unit, a second encrypting unit, A message reception processing unit, a decoding unit, and a message processing unit.

The tactical information receiving unit receives the tactical information transmitted from the host.

The message conversion unit converts the transmitted tactical information into a tactical data link message.

The message conversion unit converts the tactical information into a plaintext tactical data link message.

The first encryption unit encrypts the converted tactical data link message using the group key distributed from the subnetwork configuration unit. At this time, the first encryption unit can encrypt using a technique such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), and RSA (Rivest Shamir Adleman).

The second encryption unit may encrypt the tactical data link message encrypted by the first encryption unit.

The message transmission processing unit transmits the encrypted tactical data link message to other nodes using the same tactical data link network.

The message reception processing unit receives an encrypted tactical data link message transmitted from another node.

The decryption unit decrypts the received encrypted tactical data link message using the group key.

The message processing unit processes the tactical data link message based on the decoding result.

In more detail, if the group key used in the received encrypted tactical data link message and the group key used for decryption are the same, the message processing unit processes the received tactical data link message after decoding succeeds.

In addition, if the group key used in the received encrypted tactical data link message differs from the group key used in the decryption, the message processing unit can not process the received tactical data link message because decoding fails.

5, when node 10, node 20 are subscribed to group 1, and node 30 and node 40 are subscribed to group 2, encrypted tactical data generated and transmitted at node 10 of group 1 The node 30 and the node 40, which are the other groups, receive the encrypted tactical data link message. However, in the case where the group key is different, the encrypted tactical data link The processing of the message becomes impossible.

6 is a flowchart illustrating a procedure for transmitting an encrypted tactical data link message in a subnetwork operating method in a tactical data link scheme according to the present invention.

Referring to FIG. 6, in the tactical data link scheme according to the present invention, a procedure for transmitting the encrypted tactical data link message in the subnetwork operation method uses a subnetwork operating device in the tactical data link scheme described above, A description thereof will be omitted.

First, the tactical information transmitted from the host is received (S100).

Next, the received tactical information is converted into a tactical data link message (S110).

Next, the converted tactical data link message is encrypted using the group key distributed from the subnetwork configuration unit (S120). At this time, the group key is a group key generated and distributed for each group by combining a unique group number assigned to each group and an arbitrary set number. In step S120, encryption can be performed using techniques such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), and RSA (Rivest Shamir Adleman). Further, after step S120, the step of encrypting the encrypted tactical data link message may further include a step of encrypting the encrypted tactical data link message.

Next, the encrypted tactical data link message is transmitted to other nodes using the same tactical data link network (S130).

7 is a flowchart illustrating a procedure for receiving an encrypted tactical data link message in a subnetwork operating method in a tactical data link scheme according to the present invention.

Referring to FIG. 7, the procedure for receiving the encrypted tactical data link message in the subnetwork operating method in the tactical data link scheme according to the present invention uses the subnetwork operating apparatus in the above-described tactical data link scheme, A description thereof will be omitted.

First, an encrypted tactical data link message transmitted from another node is received (S200).

Next, the received encrypted tactical data link message is decrypted using the group key (S210).

Next, it is determined whether decoding is successful (S220).

In step S220, if the decoding is successful, the decoded transmission data link message is processed (S230). In step S230, since the node transmitting the encrypted tactical data link message and the current node are the same group having the same group key, decryption succeeds.

On the other hand, if the decoding fails in step S220, the compressed transmission data link message can not be processed (S240). In step S240, since the node that transmitted the encrypted tactical data link message and the current node are different groups having different group keys, decryption has failed.

As described above, in the tactical data link system according to the present invention, an apparatus and method for operating a sub-network can group nodes constituting a tactical data link network, combine a unique group number assigned to each group and an arbitrary set number, It is possible to configure and utilize subnetworks according to operational tasks and operational functions, thereby reducing hardware modification or replacement costs.

The node according to the present invention encrypts and transmits the tactical data link message based on the generated group key, and only the nodes belonging to the same group among other nodes receiving the decrypted data link message decrypt and process the encrypted tactical data link message, The sub-network configuration becomes possible.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is evident that many alternatives, modifications, and variations will be apparent to those skilled in the art without departing from the scope of the appended claims. As will be understood by those skilled in the art.

Claims (7)

Receives the tactical information transmitted from the host in a broadcast manner, converts the received tactical data link message into a tactical data link message, encrypts the converted tactical data link message using the group key distributed from the subnetwork configuration unit, A message transmission processing unit for transmitting a message to other nodes using the same tactical data link network; And
And a message reception processor for receiving an encrypted tactical data link message transmitted from another node and decrypting the encrypted tactical data link message using the group key,
The sub-
A group number part for grouping a plurality of nodes constituting the tactical data link network by operations or tasks and assigning a unique group number to each group;
A group key generation unit for generating a group key for each group by combining an assigned group number and an arbitrary set number; And
And a group key distribution unit for distributing the generated group key to the nodes,
Wherein only the nodes belonging to the same group receive the encrypted tactical data link message. The method according to claim 1,
The message transmission processing unit,
A tactical information receiving unit for receiving tactical information transmitted from a host;
A message conversion unit for converting the received tactical information into a tactical data link message;
A first encryption unit encrypting the converted tactical data link message using a group key distributed from a subnetwork constituent unit;
A second encryption unit for encrypting the tactical data link message encrypted by the first encryption unit; And
A message transmission unit transmitting an encrypted tactical data link message to other nodes using the same tactical data link network;
Wherein the sub-network operating device is a sub-network operating device in a tactical data link scheme. The method according to claim 1,
The message reception processing unit,
A message receiving unit for receiving an encrypted tactical data link message transmitted from another node;
A decryption unit for decrypting the received encrypted tactical data link message using the group key; And
A message processor for processing the tactical data link message based on the decoding result;
Wherein the sub-network operating device is a sub-network operating device in a tactical data link scheme. The method of claim 3,
If the group key used in the received encrypted tactical data link message and the group key used for decryption are the same, the message processing unit processes the received tactical data link message after the decryption is successful, and the received encrypted tactical data link message When a group key used for decryption is different from a group key used for decryption, decryption fails and processing of the received tactical data link message is impossible. delete The method according to claim 1,
Wherein the group key generation unit generates a group key for each group through exclusive OR (EOR) operation between the assigned group number and an arbitrary set number. Receiving, by a message transmission processing unit, tactical information transmitted from a host in a broadcasting system;
Converting the received tactical information into a tactical data link message by the message transmission processing unit;
Encrypting the converted tactical data link message by the message transmission processing unit using a group key distributed from a subnetwork constituent unit;
Transmitting the encrypted tactical data link message to other nodes using the same tactical data link network by the message transmission processing unit;
Receiving, by the message reception processing unit, an encrypted tactical data link message transmitted from another node; And
And decrypting and processing the received encrypted tactical data link message using the group key by the message reception processing unit,
A plurality of nodes constituting the tactical data link network are grouped by operations or tasks, a unique group number is assigned to each group, a group key is generated for each group by combining an assigned group number and an arbitrary set number, Wherein the group key is distributed to the nodes and only the nodes belonging to the same group receive the encrypted tactical data link message.
KR1020160041765A 2016-04-05 2016-04-05 Apparatus and method for operating sub-network from trctical datalink system KR101669481B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160041765A KR101669481B1 (en) 2016-04-05 2016-04-05 Apparatus and method for operating sub-network from trctical datalink system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160041765A KR101669481B1 (en) 2016-04-05 2016-04-05 Apparatus and method for operating sub-network from trctical datalink system

Publications (1)

Publication Number Publication Date
KR101669481B1 true KR101669481B1 (en) 2016-10-26

Family

ID=57251813

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160041765A KR101669481B1 (en) 2016-04-05 2016-04-05 Apparatus and method for operating sub-network from trctical datalink system

Country Status (1)

Country Link
KR (1) KR101669481B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102613932B1 (en) * 2023-08-28 2023-12-15 한화시스템(주) Combat system communication security system and its method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060099455A (en) * 2005-03-10 2006-09-19 한국전자통신연구원 Encryption and decryption device in wireless portable internet system, and method thereof
KR20110101034A (en) * 2010-03-05 2011-09-15 한국전자통신연구원 Digital right management method for archiving content

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060099455A (en) * 2005-03-10 2006-09-19 한국전자통신연구원 Encryption and decryption device in wireless portable internet system, and method thereof
KR20110101034A (en) * 2010-03-05 2011-09-15 한국전자통신연구원 Digital right management method for archiving content

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102613932B1 (en) * 2023-08-28 2023-12-15 한화시스템(주) Combat system communication security system and its method

Similar Documents

Publication Publication Date Title
KR100782865B1 (en) Data transmission controlling method and data transmission system
EP3487146B1 (en) Method of performing device to device communication between user equipments
CN109379772B (en) Network channel switching method, device, equipment and storage medium
WO2001045317A3 (en) Methods and apparatus for selective encryption and decryption of point to multi-point messages
US7107051B1 (en) Technique to establish wireless session keys suitable for roaming
KR20160087768A (en) Method and system for establishing a secure communication between remote ue and relay ue in a device to device communication network
JP2005117511A (en) Quantum cipher communication system and quantum cipher key distributing method used therefor
CN108075879B (en) Data encryption and decryption method, device and system
WO2018104822A1 (en) Establishing a secure uplink channel by transmitting a secret word over a secure downlink channel
CN105792190B (en) Data encryption, decryption and transmission method in communication system
CN110855438B (en) Quantum key distribution method and system based on annular QKD network
CN107852406B (en) Method and apparatus for controlling encrypted multicast transmission of packet data
CN105101190B (en) key updating method and system
CN114375560A (en) Quantum key distribution method, device and system
CN107623682B (en) Instruction transmission system based on double channels
KR101669481B1 (en) Apparatus and method for operating sub-network from trctical datalink system
US8311217B2 (en) Data transmission method and terminal
US20100158243A1 (en) Method of encryption in networked embedded systems
KR101789264B1 (en) Authentication system of IoT devices and Method using the same
WO2007061178A1 (en) Method and system for protecting broadcast frame
JP7317339B2 (en) wireless mesh network
CN111277802A (en) Video code stream processing method, device, equipment and storage medium
JP2002152189A (en) Open key distributing method, and open key transmitting device and open key receiving device used for the same method
CN112566123A (en) Method and device for determining abnormal network node
JP2000059352A (en) Encryption communication system

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191002

Year of fee payment: 4