CN106411527A - Data authentication method in very-high-frequency data chain transmission - Google Patents
Data authentication method in very-high-frequency data chain transmission Download PDFInfo
- Publication number
- CN106411527A CN106411527A CN201610872571.3A CN201610872571A CN106411527A CN 106411527 A CN106411527 A CN 106411527A CN 201610872571 A CN201610872571 A CN 201610872571A CN 106411527 A CN106411527 A CN 106411527A
- Authority
- CN
- China
- Prior art keywords
- message
- data
- broadcaster
- signature
- ads
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Abstract
The invention discloses a data authentication method in very-high-frequency data chain transmission, which can be used for realizing an authentication process of VDL-4 mode data of an ADS-B type protocol in an aviation telecommunication network (ATN). The ADS-B is an operation monitoring technology based on a GPS system and an aircraft in ground/air and air/air data chain communication. A sender is a broadcaster in the data authentication method disclosed by the invention. An air traffic control centre is a key generation centre KGC, which is responsible for generating a private key for the broadcaster. The data authentication method comprises the following steps: the broadcaster equipped with an ADS-B system needs to register in the KGC to obtain the private key itself before broadcasting data to be processed; data processing operation of each part of a VDL-4 message to be processed is carried out by utilization of the private key, so that a result to be sent is generated; the data processing operation comprises data binary conversion and signature calculation; the calculated signature result is broadcasted through the ATN; and a receiver equipped with the ADS-B performs message verification and recovery of the result after receiving the signature result.
Description
Technical field
The present invention relates to data safety authentication techniques field, particularly one kind very-high-frequency PECVD be applied to ATN sends
Data security authentication method between end and transmission ends.
Background technology
Automatic dependent surveillance broadcast (ADS-B) is to increased transmission means on automatic dependent surveillance (ADS), mainly
Be based on GPS GPS and air-air, ground-air ,-the airborne vehicle operation monitoring technology of ground Data-Link communication.
In existing air communications technology, very-high-frequency PECVD pattern 4 (VDL-4) can provide the data of ADS-B agreement to lead to
Letter.Can the information such as the identity of periodic broadcasting aircraft, position, reach each aircraft in the air and understand mutually other side position and whereabouts, disobey
Bad ground radar part thing and control purpose.VDL-4 has the characteristics that data transfer rate is big compared with High Frequency Data Link (HF), with
Ultra-high-frequency data chain (UHF) is compared has the remote advantage of communication distance.
VDL-4 provides the communication protocol of two kinds of point-to-points:Long transmission and short transmission.Long host-host protocol is using transmission request
Remove request data and confirm that (RTS CTS DATA ACK) handshake mechanism guarantees the transmitting of data twice, is suitable for
Transmit larger data.Short transmission agreement enters row data communication using handshake mechanism of data validation (DATA ACK).Long
Data Transport Protocol is bigger on practical application scene impact meaning, so present invention primarily contemplates long host-host protocol.
In such a scenario, available data secure authentication technology is mainly:Broadcaster can be to described data to be sent
Sign after carrying out proper treatment, signature is broadcasted together with described message to be sent.Other of outfit ADS-B system fly
Machine or described earth station receive the data signature result from broadcaster, calculate the signature receiving message in result, and verify
Whether the signature result of this message is consistent with the signature receiving.
However, this certificate scheme transferring content is described data to be sent signing with it, increased the communication of former channel
Burden.Accordingly, it would be desirable to a kind of data content to optimize transmission for new data security authentication method, to avoid increasing communication channel
Burden.
Content of the invention
The present invention is based on the problems referred to above it is proposed that a kind of very-high-frequency PECVD transmission data authentication method, by setting
Put the function of the signature algorithm restorability to realize described data to be transmitted, the correctness of data transfer in ATN is guaranteed with this
And safety, and alleviate the burden of transmission channel.
In this technical scheme, the broadcaster (or recipient) being equipped with ADS-B system includes earth station and aircraft.
The present invention relates to VDL-4 data transmission system include three parts:Information generation section;Information switching part;
Report collects part (information authentication).
Airborne equipment obtains itself present position information, GNSS navigation data letter by avionic device input interface
Input information of breath, pressure altitude information or pilot etc..By corresponding message groups, die-filling piece carries out group to message to be sent
Dress and coding, obtain message format M waiting for transmission.
Need to carry out signature operation to it before information M is broadcasted.Its signature operation includes following several stages:
Initial phase:Air traffic control as key generation centre KGC, using security parameterGenerate described
The common parameter collection P of system and described system master keyThe common parameter collection P of system is open, system master key by
The secret preservation of KGC.
Private key generation phase:Broadcaster 1 is registered to KGC, by its identity ID1It is sent to KGC;KGC judges described wide
Effectively whether the identity of the person of broadcasting, if invalid, abandon, if effectively, continuing;Generate the private key corresponding to described broadcaster 1, and will
Described private keyDescribed broadcaster 1 is sent back to by a safe lane.
The signature stage:Before broadcaster 1 signs to described message M to be transmitted, first message transformation to be transmitted is entered for two
Bit String form m ∈ { 0,1 } processed*;Secondly define a function f1, operated using message m pending described in this function pair,
Guarantee that described message can recover from final signature;Signature T is calculated to described pending message m.
Signature result T is broadcasted with fixed frequency, is easy to other aircrafts or earth station can receive in real time,
Solve its accurate flight condition.
Other aircrafts or ground station reception, to after signature result T, calculate instrumental value t using hash function, and with being somebody's turn to do
Instrumental value recovers to described message m.After described message m is extracted by other aircrafts or earth station, using checking etc.
Whether formula checking signature is correct, if correctly, exports described message m, if incorrect, exports unsuccessfully.
After recovering message m, recipient is converted into message format M to be transmitted.Through decoder decoding and report
The process of summarizing module, obtains the initial data sending of airborne equipment.
Brief description
Fig. 1 shows information signature particular flow sheet according to an embodiment of the invention
Fig. 2 shows information authentication flow chart according to an embodiment of the invention
Specific embodiment
Features described above and advantage for making the present invention become apparent, with reference to specific embodiment and accompanying drawing to this
Bright data authentication method is described in further detail.
Data authentication method provided in an embodiment of the present invention, is for existing very-high-frequency PECVD transmission data authentication method
Channel seizure ratio problems of too, proposes a kind of data authentication method based on signature of optimization.
The embodiment of the present invention is to be described with VDL-4 mode data transmission.
VDL-4 Transmission system is produced part, message exchange component (transmission of VDL-4 message), is reported and collect part by message
Constitute.
ADS-B information generation section is by message generating module, message coding module and information signature module composition.
Information generation subsystem receives, by airborne equipment, the sail information that other airborne equipments of GNSS navigation data send,
The pressure altitude of collection current aircraft present position, direction, the climb rate, local state and pilot's input information etc..Through
Message assembling and signature operation, are generated signature result to be sent, are broadcasted by emitter.
Fig. 1 shows data signature flow chart according to an embodiment of the invention.
As shown in figure 1, being included according to embodiments of the invention data authentication method:When air traffic control centre, KGC receives broadcaster
Request when, air traffic control centre will follow the steps below an initialized process, that is, the common parameter of the system generating and
Main private key.
Step 101:Key generator KGC plays the part of in air traffic control centre, is responsible for generating systematic parameter in this stage.Setting
It is system security parameter, wherein q is a Big prime.Make G1,G2And GTIt is the cyclic group of q for three ranks,
e:G1×G2→GTIt is a bilinear map, g1And g2Represent cyclic group G respectively1And G2Generation unit, gTIt is crowd GTGenerate
Unit.Choose four crash-resistant hash functions Wherein r1And r2Meet relational expression r1+r2=| q |.System exports common parameter param=(G1,G2,
GT,g1,g2,gT,q,H1,H2,F1,F2,Y).
Randomly choose an integerAs the main private key of system, and this main private key is by secret the holding of KGC.Profit
With main private key x computing system public key Y=g2 x.
After air traffic control centre completes initialization, the broadcaster being equipped with ADS-B equipment registers to air traffic control centre.I.e. broadcaster will
The identity of oneself is sent to KGC, generates private key corresponding to this broadcaster's identity by KGC according to systematic parameter, wide for calculating
The signature of the person's of broadcasting message to be transmitted.
Step 102:Broadcaster A registers to KGC, will identity ID of oneselfAIt is sent to KGC, by KGC according to following steps
Generate corresponding to identity IDAPrivate key skA:KGC first verifies that whether the identity of broadcaster A is effective;If invalid, stop;If having
Effect, then calculate the private key of broadcaster A according to below equation
KGC passes through safe lane by skASend back to broadcaster A.
Step 103:Broadcaster carries out binary system conversion to each section of VDL-4 message to be transmitted.Part messages meet
Binary form then can omit this step.
Signature is followed the steps below to the binary bits form of message.
After broadcaster A receives private key, that is, according to following steps to message waiting for transmissionSigned:At random
Select an integerCalculate v=gT r.Defined function f is
Calculate l=H2(v)+f (modq) and V=(1+l r) skA, the signature of note message m is σ=(l, V).
Step 104:Result σ of signing is broadcasted by broadcaster.
Step 105:Recipient is recovered and is verified to the message in signature after receiving signature.
Fig. 2 shows message sink block diagram according to an embodiment of the invention.
As shown in Fig. 2 being included according to embodiments of the invention message sink and certification:Message extraction module, information authentication
Module, source codec module.
Step 201:By VDL-4 message receiver, receiver receives the signature information from broadcaster.Receiver receives
First message is cached after message.
Step 202:After recipient receives signature result σ=(l, V), calculateAnd calculate letter using U
Number
Step 203:Return extraction message m using function f,
Step 204:Verify whether this message is consistent with the signature receiving, that is, whether detection below equation is set up:
Step 205:If consistent, message is decoded, and by initial for the message conversion form sending, makes for recipient
With.
The technical method of the present invention is described in detail above in association with accompanying drawing it is considered in correlation technique, very-high-frequency PECVD passes
Defeated middle data authentication method is difficult to overcome channel seizure ratio problems of too.By the technical method of the present invention, new by proposing
Function signature does not increase the purpose of former channel capacity to reach.Both ensure that the safe transmission of data, the channel capacity again saved.
Claims (8)
1. a kind of very-high-frequency PECVD transmission data authentication method is it is characterised in that methods described includes:
The described broadcaster being equipped with ADS-B system, need to be private by obtaining oneself to KGC registration before pending data is broadcasted
Key;
Carry out data processing operation using the pending VDL-4 message each section of this private key pair, generate result to be sent, described
Data processing operation includes data Binary Conversion and signature calculation;
By aeronautical telecommunication network, the signature being calculated result is broadcasted;
After the recipient of outfit ADS-B receives described signature result, result this described is carried out with checking and the recovery of message.
2. method according to claim 1 is it is characterised in that methods described includes:
Air traffic control centre is responsible for described broadcaster and generates corresponding private key, and heretofore described broadcaster refers specifically to configure ADS-B
The aircraft of system or earth station;
Described broadcaster's identity is relatively stable, and broadcaster can complete offline to air traffic control centre's registration, does not affect described data processing
Efficiency.
3. according to claim 1 method it is characterised in that methods described also includes:
Described broadcaster 1 is registered to KGC, and its identity is sent to KGC;
Whether effectively KGC judges the identity of described broadcaster 1, if invalid, abandons, if effectively, proceeding next step;
Generate the private key corresponding to described broadcaster 1, and by described private keyDescribed broadcast is sent back to by a safe lane
Person 1.
4. according to claim 3 method it is characterised in that obtain the private key corresponding to its identity in described broadcaster 1
Afterwards, methods described includes:
Carry out data processing operation using pending VDL-4 message each section described in this private key pair, generate described to be sent
Result;
Before described broadcaster 1 is to described information signature to be transmitted, binary system conversion is carried out to described pending data, will be described
Message transformation to be transmitted is binary bits string form m ∈ { 0,1 }*;
Define a function f1, processed it is ensured that described message can be from final using message m pending described in this function pair
Recover in signature;
Signature T is calculated to described pending message m.
5. according to claim 1 method it is characterised in that methods described includes:
By aeronautical telecommunication network ATN, described signature result T recovering message is sent with the forms of broadcasting.
6. according to claim 1 method it is characterised in that methods described includes:
It is equipped with other aircrafts of ADS-B system or described earth station receives described signature result T, calculate auxiliary with hash function
Value t, and using this instrumental value, described signature T is operated, recover described message m.
7. according to claim 6 method it is characterised in that methods described includes:
It is equipped with other aircrafts of ADS-B system or after described message m extracts by described earth station, tested using checking equation
Whether signed certificate name is correct, if correctly, exports described message m, if incorrect, exports unsuccessfully.
8. according to claim 7 method it is characterised in that methods described also includes:
The described message m recovering is converted into original described pending VDL-4 form of message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610872571.3A CN106411527A (en) | 2016-09-30 | 2016-09-30 | Data authentication method in very-high-frequency data chain transmission |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610872571.3A CN106411527A (en) | 2016-09-30 | 2016-09-30 | Data authentication method in very-high-frequency data chain transmission |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106411527A true CN106411527A (en) | 2017-02-15 |
Family
ID=59228674
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610872571.3A Pending CN106411527A (en) | 2016-09-30 | 2016-09-30 | Data authentication method in very-high-frequency data chain transmission |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106411527A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106961329A (en) * | 2017-03-23 | 2017-07-18 | 电子科技大学 | A kind of solution for being directed to ADS B agreements confidentiality and integrality |
CN107171809A (en) * | 2017-06-23 | 2017-09-15 | 北京奇虎科技有限公司 | The method and device of unmanned plane broadcasting multisignatures, electronic equipment, storage medium |
CN112436910A (en) * | 2020-11-10 | 2021-03-02 | 中国人民解放军海军航空大学航空作战勤务学院 | Design method of data link channel occupation detection device for SPMA protocol |
CN112713949A (en) * | 2020-11-10 | 2021-04-27 | 中国人民解放军海军航空大学航空作战勤务学院 | TTNT data chain channel load statistical method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101064610A (en) * | 2007-05-25 | 2007-10-31 | 四川长虹电器股份有限公司 | Identity authentication process |
CN101261772A (en) * | 2008-04-17 | 2008-09-10 | 民航数据通信有限责任公司 | Secure transmission system for broadcast automatic monitoring information |
CN101917273A (en) * | 2010-08-26 | 2010-12-15 | 四川大学 | ECC certificate-based ADS-B data authentication method |
-
2016
- 2016-09-30 CN CN201610872571.3A patent/CN106411527A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101064610A (en) * | 2007-05-25 | 2007-10-31 | 四川长虹电器股份有限公司 | Identity authentication process |
CN101261772A (en) * | 2008-04-17 | 2008-09-10 | 民航数据通信有限责任公司 | Secure transmission system for broadcast automatic monitoring information |
CN101917273A (en) * | 2010-08-26 | 2010-12-15 | 四川大学 | ECC certificate-based ADS-B data authentication method |
Non-Patent Citations (1)
Title |
---|
赖欣,潘卫军: "基于单项陷门函数的ADS-B 消息认证方案", 《2010 INTERNATIONAL CONFERENCE ON SERVICES SCIENCE, MANAGEMENT AND ENGINEERING》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106961329A (en) * | 2017-03-23 | 2017-07-18 | 电子科技大学 | A kind of solution for being directed to ADS B agreements confidentiality and integrality |
CN106961329B (en) * | 2017-03-23 | 2020-02-14 | 电子科技大学 | Method for solving confidentiality and integrity of ADS-B protocol |
CN107171809A (en) * | 2017-06-23 | 2017-09-15 | 北京奇虎科技有限公司 | The method and device of unmanned plane broadcasting multisignatures, electronic equipment, storage medium |
CN107171809B (en) * | 2017-06-23 | 2020-05-19 | 北京奇虎科技有限公司 | Unmanned aerial vehicle signature broadcasting method and device, electronic equipment and storage medium |
CN112436910A (en) * | 2020-11-10 | 2021-03-02 | 中国人民解放军海军航空大学航空作战勤务学院 | Design method of data link channel occupation detection device for SPMA protocol |
CN112713949A (en) * | 2020-11-10 | 2021-04-27 | 中国人民解放军海军航空大学航空作战勤务学院 | TTNT data chain channel load statistical method |
CN112713949B (en) * | 2020-11-10 | 2022-04-26 | 中国人民解放军海军航空大学航空作战勤务学院 | TTNT data chain channel load statistical method |
CN112436910B (en) * | 2020-11-10 | 2023-05-12 | 中国人民解放军海军航空大学航空作战勤务学院 | Method for designing data link channel occupation detection device for SPMA protocol |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yang et al. | A practical and compatible cryptographic solution to ADS-B security | |
Yang et al. | A new ADS-B authentication framework based on efficient hierarchical identity-based signature with batch verification | |
CN105847235B (en) | The efficient anonymous batch of authentication method of identity-based under a kind of car networking environment | |
CN106411527A (en) | Data authentication method in very-high-frequency data chain transmission | |
US8509140B2 (en) | System and method for transmitting information using aircraft as transmission relays | |
Baek et al. | How to protect ADS-B: Confidentiality framework and efficient realization based on staged identity-based encryption | |
CN109257346B (en) | Concealed transmission system based on block chain | |
CN109639431A (en) | A kind of text authentication method, equipment, system and medium | |
CN113079016B (en) | Identity-based authentication method facing space-based network | |
CN106487504B (en) | Lightweight network secure two-way aircraft communication addressing and reporting system transmission | |
CN105792207A (en) | Vehicle networking authentication method facing vehicle differentiation | |
CN109067525A (en) | Message authentication method based on half credible administrative center in car networking | |
Pan et al. | ADS-B data authentication based on ECC and X. 509 certificate | |
Wu et al. | An ADS-B message authentication method based on certificateless short signature | |
US20200322041A1 (en) | Method to integrate blockchain and geographic information in distributed communication | |
Yang et al. | LHCSAS: A lightweight and highly-compatible solution for ADS-B security | |
CN109347829A (en) | A kind of intelligent perception network true value discovery method based on secret protection | |
CN103634788A (en) | Certificateless multi-proxy signcryption method with forward secrecy | |
CN110177002A (en) | ADS-B message authentication method based on no certificate short signature | |
CN106790239A (en) | A kind of car networking information transfer of anti-pollution attack and distribution method and system | |
Mäurer et al. | Evaluation of the LDACS cybersecurity implementation | |
CN114095521B (en) | Remote sensing data storage method, device, equipment and storage medium | |
KR101532024B1 (en) | Method and apparatus for message transmission in vehicle comminication | |
CN112162300A (en) | Satellite-based enhancement system and text authentication method based on same | |
Wang et al. | Fountain code enabled ads-b for aviation security and safety enhancement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20170215 |
|
WD01 | Invention patent application deemed withdrawn after publication |