CN115134123A - Civil aviation ACARS ground-air data link anonymous secure session method and device - Google Patents
Civil aviation ACARS ground-air data link anonymous secure session method and device Download PDFInfo
- Publication number
- CN115134123A CN115134123A CN202210617103.7A CN202210617103A CN115134123A CN 115134123 A CN115134123 A CN 115134123A CN 202210617103 A CN202210617103 A CN 202210617103A CN 115134123 A CN115134123 A CN 115134123A
- Authority
- CN
- China
- Prior art keywords
- message
- ground station
- anonymous
- identity
- aircraft
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/185—Space-based or airborne stations; Stations for satellite systems
- H04B7/18502—Airborne stations
- H04B7/18506—Communications with or from aircraft, i.e. aeronautical mobile service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Astronomy & Astrophysics (AREA)
- Aviation & Aerospace Engineering (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本申请公开了一种民航ACARS地空数据链匿名安全会话方法和装置,其中,该方法包括:接收地面站广播的地面站身份消息;基于所述地面站身份消息通过非对称密钥机制向所述地面站发送第一消息,其中,所述第一消息包括第一初始向量;接收所述地面站发送的第二消息;验证所述第二消息,在验证通过的情况下,根据所述第一初始向量生成匿名身份库,其中,所述匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;基于所述匿名身份库与所述地面站开展会话。本申请能够有效保障民航ACARS消息的保密性、隐私性和认证性。
The present application discloses a civil aviation ACARS ground-air data link anonymous security session method and device, wherein the method includes: receiving a ground station identity message broadcast by a ground station; sending a first message by the ground station, wherein the first message includes a first initial vector; receiving a second message sent by the ground station; verifying the second message, in the case of passing the verification, according to the first An initial vector is used to generate an anonymous identity database, wherein the anonymous identity database includes N first anonymous identities, where N is a positive integer greater than or equal to 1; a session is conducted with the ground station based on the anonymous identity database. This application can effectively guarantee the confidentiality, privacy and authentication of civil aviation ACARS messages.
Description
技术领域technical field
本申请涉及信息安全领域,尤其涉及一种民航ACARS地空数据链匿名安全会话方法和装置。The present application relates to the field of information security, and in particular, to a method and device for an anonymous secure session of a civil aviation ACARS ground-air data link.
背景技术Background technique
ACARS系统(Aircrat Communications Addressing and Reporting System,飞机通信寻址与报告系统)是一种在航空器和地面站之间通过无线电或卫星传输短报文的数据链通信系统,是目前全球范围内使用最广泛的民航通信系统。世界上绝大多数国家,包括我国在内,采用的ACARS系统所采用的协议是ARINC-618协议(甚高频通信空地协议)。在空气信道中,通过任何没有任何加密和认证机制的协议传输,民航数据链信息的保密性、完整性和不可否认性无法得到保证,民航数据链容易受到窃听、欺骗、伪装、信息篡改、重放等攻击的威胁。这些可能存在的攻击会窃取民航系统从业者、使用者的隐私和机密,甚至破坏民航系统的正常运行,造成重大的人员和财产损失。因此,保护民航数据链安全的重要性不容忽视。ACARS (Aircrat Communications Addressing and Reporting System) is a data link communication system that transmits short messages by radio or satellite between aircraft and ground stations. It is currently the most widely used worldwide. civil aviation communication system. The vast majority of countries in the world, including my country, adopt the protocol used by the ACARS system is the ARINC-618 protocol (VHF communication air-ground protocol). In the air channel, through any protocol transmission without any encryption and authentication mechanism, the confidentiality, integrity and non-repudiation of the civil aviation data link information cannot be guaranteed, and the civil aviation data link is vulnerable to eavesdropping, deception, disguise, information tampering, replay Threat of waiting for attack. These possible attacks will steal the privacy and confidentiality of civil aviation system practitioners and users, and even destroy the normal operation of the civil aviation system, resulting in significant loss of personnel and property. Therefore, the importance of protecting the security of civil aviation data links cannot be ignored.
ACARS地空数据链消息的安全问题正在逐步受到重视,一些研究利用对称密码体制对报文Text字段加密以实现消息的保密性,并通过非对称密码体制保护消息的不可否认性(认证性)。其中最具代表性的是ARINC公司(Aeronautical Radio Inc.,航空无线电通信公司)在ARINC-823P1标准中提出的保护消息机密性和身份认证的ACARS消息安全(ACARSMessage Security,AMS)系统。The security of ACARS ground-air data link messages is gradually receiving attention. Some researches use symmetric cryptosystem to encrypt the text field of the message to achieve message confidentiality, and use asymmetric cryptosystem to protect the non-repudiation (authentication) of the message. One of the most representative is the ACARS Message Security (ACARS Message Security, AMS) system proposed in the ARINC-823P1 standard by ARINC (Aeronautical Radio Inc., aeronautical radio communication company) to protect message confidentiality and identity authentication.
ACARS等地空数据链消息中民航身份的隐私性同样受到关注。保形加密是一类特殊对称加密算法,它可以保证加密后的密文格式与加密前的明文格式完全相同,从而具有无需更改数据库范式以及对上层应用透明的优势,因此部分研究希望将保形加密用于另一种地空通信链路ADS-B(Automatic dependent surveillance-broadcast,广播式自动相关监视)中。The privacy of civil aviation identities in air-to-ground data link messages such as ACARS has also received attention. Conformal encryption is a special kind of symmetric encryption algorithm, which can ensure that the encrypted ciphertext format is exactly the same as the plaintext format before encryption, so it has the advantages of not needing to change the database paradigm and being transparent to upper-layer applications. Encryption is used in another ground-to-air communication link, ADS-B (Automatic dependent surveillance-broadcast).
ACARS报文中有ARN(Aircraft Registration Number,飞机注册码)和Text(报文)两个需要进行保护的字段。控制字段中的ARN是7位飞机注册码,是飞机唯一的身份标识;报文Text字段可载荷不超过220字符的文本信息,信息的格式可以使用规定的模板,也可以自由定义。下行链路Text字段被分为消息序列号MSN、飞机身份Flight ID、自由报文FreeText三个子字段,其中Flight ID和Free Text需要进行保护。In the ACARS message, there are two fields that need to be protected, ARN (Aircraft Registration Number, aircraft registration number) and Text (message). The ARN in the control field is the 7-digit aircraft registration code, which is the unique identification of the aircraft; the text field of the message can carry text information of no more than 220 characters, and the format of the information can use the prescribed template or can be freely defined. The downlink Text field is divided into three subfields: the message serial number MSN, the aircraft identity Flight ID, and the free message FreeText. The Flight ID and Free Text need to be protected.
以AMS系统为代表的对Text字段进行安全保护的方案并不能保护飞机身份的隐私性。尽管对报文内容进行了加密,攻击者仍可以根据当前空域飞机的身份推知飞机的航行信息,甚至窥探出其中的政治或商业机密。The security protection scheme of Text field represented by AMS system cannot protect the privacy of aircraft identity. Although the content of the message is encrypted, the attacker can still infer the flight information of the aircraft based on the identity of the aircraft in the current airspace, and even spy on the political or commercial secrets in it.
将保形加密用于地空数据链路能够在一定程度上保护飞机隐私,但是当飞机与地面站进行较多的会话,攻击者掌握其统计特征后,仍然可以推测飞机的行为规律,对民航安全造成威胁。The use of conformal encryption for ground-air data links can protect aircraft privacy to a certain extent, but when the aircraft has many conversations with the ground station, after the attacker has mastered its statistical characteristics, he can still speculate on the behavior of the aircraft, which is very important for civil aviation. security poses a threat.
综上所述,现有技术中,民航ACARS消息的保密性、隐私性和认证性无法得到有效的保障。To sum up, in the prior art, the confidentiality, privacy and authentication of civil aviation ACARS messages cannot be effectively guaranteed.
申请内容Application content
本申请旨在至少在一定程度上解决相关技术中的技术问题之一。The present application aims to solve one of the technical problems in the related art at least to a certain extent.
为此,本申请的目的在于解决现有技术中民航ACARS消息的保密性、隐私性和认证性无法得到有效的保障的问题,提出了一种民航ACARS地空数据链匿名安全会话方法。Therefore, the purpose of this application is to solve the problem that the confidentiality, privacy and authentication of civil aviation ACARS messages cannot be effectively guaranteed in the prior art, and proposes an anonymous secure session method for civil aviation ACARS ground-air data link.
本申请的另一个目的在于提出一种民航ACARS地空数据链匿名安全会话装置。Another object of the present application is to propose an anonymous secure session device for civil aviation ACARS ground-air data link.
为达上述目的,本申请一方面提出了一种民航ACARS地空数据链匿名安全会话方法,包括以下步骤:In order to achieve the above purpose, on the one hand, the present application proposes a method for an anonymous secure session of the civil aviation ACARS ground-air data link, which includes the following steps:
接收地面站广播的地面站身份消息;Receive the ground station identity message broadcast by the ground station;
基于所述地面站身份消息通过非对称密钥机制向所述地面站发送第一消息,其中,所述第一消息包括第一初始向量;Sending a first message to the ground station through an asymmetric key mechanism based on the ground station identity message, wherein the first message includes a first initial vector;
接收所述地面站发送的第二消息;receiving a second message sent by the ground station;
验证所述第二消息,在验证通过的情况下,根据所述第一初始向量生成匿名身份库,其中,所述匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;Verifying the second message, in the case of passing the verification, generating an anonymous identity database according to the first initial vector, wherein the anonymous identity database includes N first anonymous identities, and N is a positive integer greater than or equal to 1;
基于所述匿名身份库与所述地面站开展会话。A session is conducted with the ground station based on the anonymous identity repository.
在一些可能的实施例中,所述基于所述地面站身份信息通过非对称密钥机制向所述地面站发送第一消息,包括:In some possible embodiments, the sending the first message to the ground station through an asymmetric key mechanism based on the ground station identity information includes:
根据所述地面站身份信息确定所述地面站的公钥;Determine the public key of the ground station according to the identity information of the ground station;
生成所述第一初始向量、会话密钥,并记录当前时间的时间戳;generating the first initial vector, the session key, and recording the timestamp of the current time;
根据飞机注册号和所述会话密钥通过所述地面站的公钥生成所述飞机的第二匿名身份;generating a second anonymous identity of the aircraft through the public key of the ground station according to the aircraft registration number and the session key;
根据所述第一初始向量、所述会话密钥、所述时间戳和所述飞机注册号通过所述飞机的私钥生成第一签名;generating a first signature through the private key of the aircraft according to the first initial vector, the session key, the timestamp and the aircraft registration number;
根据所述第一初始向量、所述会话密钥、所述时间戳和所述第一签名通过所述地面站的公钥生成第一密文;generating a first ciphertext through the public key of the ground station according to the first initial vector, the session key, the timestamp and the first signature;
将所述第一消息中的所述飞机注册号替换为所述飞机的第二匿名身份,以及将所述第一消息中的报文段填充成所述第一密文后,向所述地面站发送所述第一消息。Replacing the aircraft registration number in the first message with the second anonymous identity of the aircraft, and after filling the message segment in the first message with the first ciphertext, send a message to the ground The station sends the first message.
在一些可能的实施例中,所述验证所述第二消息,包括:In some possible embodiments, the verifying the second message includes:
通过所述第二消息获取第二签名;Obtain a second signature through the second message;
通过所述地面站的公钥对所述第二签名进行验证。The second signature is verified by the public key of the ground station.
在一些可能的实施例中,所述在验证通过的情况下,根据所述第一初始向量生成匿名身份库,包括:In some possible embodiments, when the verification is passed, generating an anonymous identity database according to the first initial vector includes:
将所述第一初始向量依次加一生成N个身份向量,其中,N为大于等于1的正整数;Add one to the first initial vector in turn to generate N identity vectors, where N is a positive integer greater than or equal to 1;
根据所述飞机注册号、所述会话密钥和所述N个身份向量生成所述飞机的所述N个第一匿名身份;generating the N first anonymous identities of the aircraft according to the aircraft registration number, the session key and the N identity vectors;
基于所述N个第一匿名身份形成所述匿名身份库。The anonymous identity database is formed based on the N first anonymous identities.
在一些可能的实施例中,所述基于所述匿名身份库与所述地面站开展会话,包括:In some possible embodiments, conducting a session with the ground station based on the anonymous identity database includes:
基于所述匿名身份库生成第三消息;generating a third message based on the anonymous identity repository;
向所述地面站发送所述第三消息;sending the third message to the ground station;
接收所述地面站发送的第四消息。A fourth message sent by the ground station is received.
在一些可能的实施例中,所述基于所述匿名身份库生成第三消息,包括:In some possible embodiments, the generating the third message based on the anonymous identity repository includes:
生成第一明文和第一消息序列号,并计算所述第一明文和所述第一消息序列号的第一哈希值;generating a first plaintext and a first message sequence number, and calculating a first hash value of the first plaintext and the first message sequence number;
根据所述第一消息序列号和所述第一初始向量计算所述第三消息的第二初始向量;Calculate a second initial vector of the third message according to the first message sequence number and the first initial vector;
根据所述第一明文、所述第一哈希值和所述第二初始向量通过所述会话密钥生成第二密文;generating a second ciphertext by using the session key according to the first plaintext, the first hash value and the second initial vector;
在所述匿名身份库中通过随机数算法选择第三匿名身份;Selecting a third anonymous identity through a random number algorithm in the anonymous identity database;
将所述第三消息中的所述飞机注册号替换为第三匿名身份,以及将所述第三消息中的报文段填充成所述第二密文后,向所述地面站发送所述第三消息。Replacing the aircraft registration number in the third message with a third anonymous identity, and after filling the segment in the third message with the second ciphertext, sending the ground station the Third message.
在一些可能的实施例中,所述接收所述地面站发送的第四消息,包括:In some possible embodiments, the receiving the fourth message sent by the ground station includes:
获取所述第四消息中第四匿名身份;obtaining a fourth anonymous identity in the fourth message;
在所述匿名身份库中查找所述第四匿名身份;looking up the fourth anonymous identity in the anonymous identity repository;
在所述匿名身份库中查找到所述第四匿名身份的情况下,查询所述第四匿名身份对应的所述第一初始向量和所述会话密钥;In the case that the fourth anonymous identity is found in the anonymous identity database, query the first initial vector and the session key corresponding to the fourth anonymous identity;
获取所述第四消息中的所述第二消息序列号;obtaining the sequence number of the second message in the fourth message;
根据所述第四匿名身份对应的所述第一初始向量和所述第二消息序列号计算所述第四消息的第三初始向量;Calculate the third initial vector of the fourth message according to the first initial vector corresponding to the fourth anonymous identity and the second message sequence number;
获取所述第四消息中的第三密文,根据所述会话密钥和所述第三初始向量解密所述第三密文,获得第二明文和第二哈希值;Obtain the third ciphertext in the fourth message, decrypt the third ciphertext according to the session key and the third initial vector, and obtain the second plaintext and the second hash value;
计算所述第二明文和所述第二消息序列号的第三哈希值;calculating a third hash value of the second plaintext and the second message sequence number;
验证所述第三哈希值是否等于所述第二哈希值;verifying that the third hash value is equal to the second hash value;
在所述第三哈希值等于所述第二哈希值的情况下,对所述第二明文进行处理,在所述第三哈希值不等于所述第二哈希值的情况下,丢弃所述第四消息。In the case that the third hash value is equal to the second hash value, the second plaintext is processed, and in the case that the third hash value is not equal to the second hash value, The fourth message is discarded.
在一些可能的实施例中,所述在所述匿名身份库中查找所述第四匿名身份之后,还包括:In some possible embodiments, after searching the fourth anonymous identity in the anonymous identity database, the method further includes:
在所述匿名身份库中查找不到所述第四匿名身份的情况下,丢弃所述第四消息。If the fourth anonymous identity cannot be found in the anonymous identity database, the fourth message is discarded.
在一些可能的实施例中,在根据所述地面站身份信息确定所述地面站的公钥之前,包括:In some possible embodiments, before determining the public key of the ground station according to the identity information of the ground station, the method includes:
通过认证中心获取所述飞机的航线经过的地面站身份信息和与地面站身份信息对应的公钥。The identity information of the ground station and the public key corresponding to the identity information of the ground station are obtained through the certification center.
为达到上述目的,本申请另一方面提出了一种民航ACARS地空数据链匿名安全会话装置,包括:In order to achieve the above-mentioned purpose, the present application proposes, on the other hand, an anonymous security session device for civil aviation ACARS ground-air data link, including:
第一接收模块,用于接收地面站广播的地面站身份消息;a first receiving module, configured to receive the ground station identity message broadcast by the ground station;
发送模块,用于基于所述地面站身份消息通过非对称密钥机制向所述地面站发送第一消息,其中,所述第一消息包括第一初始向量;a sending module, configured to send a first message to the ground station through an asymmetric key mechanism based on the ground station identity message, wherein the first message includes a first initial vector;
第二接收模块,用于接收所述地面站发送的第二消息;a second receiving module, configured to receive the second message sent by the ground station;
验证模块,用于验证所述第二消息,在验证通过的情况下,根据所述第一初始向量生成匿名身份库,其中,所述匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;A verification module, configured to verify the second message, and in the case of passing the verification, generate an anonymous identity database according to the first initial vector, wherein the anonymous identity database includes N first anonymous identities, and N is greater than or equal to a positive integer of 1;
会话模块,用于基于所述匿名身份库与所述地面站开展会话。A session module, configured to conduct a session with the ground station based on the anonymous identity database.
本申请的有益效果:Beneficial effects of this application:
根据本申请实施例的民航ACARS地空数据链匿名安全会话方法,通过接收地面站广播的地面站身份消息;基于地面站身份消息通过非对称密钥机制向地面站发送第一消息,其中,第一消息包括第一初始向量;接收地面站发送的第二消息;验证第二消息,在验证通过的情况下,根据第一初始向量生成匿名身份库,其中,匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;基于匿名身份库与地面站开展会话。本申请能够有效保障民航ACARS消息的保密性、隐私性和认证性。According to the civil aviation ACARS ground-air data link anonymous security session method according to the embodiment of the present application, the ground station identity message broadcasted by the ground station is received; the first message is sent to the ground station through the asymmetric key mechanism based on the ground station identity message, wherein the first message is a message including a first initial vector; receiving a second message sent by the ground station; verifying the second message, and in the case of passing the verification, generating an anonymous identity database according to the first initial vector, wherein the anonymous identity database includes N first anonymous Identity, N is a positive integer greater than or equal to 1; conducts a conversation with the ground station based on the anonymous identity database. This application can effectively guarantee the confidentiality, privacy and authentication of civil aviation ACARS messages.
本申请附加的方面和优点将在下面的描述中部分给出,部分将从下面的描述中变得明显,或通过本申请的实践了解到。Additional aspects and advantages of the present application will be set forth, in part, in the following description, and in part will be apparent from the following description, or learned by practice of the present application.
附图说明Description of drawings
本申请上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解,其中:The above and/or additional aspects and advantages of the present application will become apparent and readily understood from the following description of embodiments taken in conjunction with the accompanying drawings, wherein:
图1为根据本申请实施例的民航ACARS地空数据链匿名安全会话方法的流程图;FIG. 1 is a flowchart of a method for an anonymous secure session of civil aviation ACARS ground-air data link according to an embodiment of the present application;
图2为根据本申请实施例的会话建立的示意图;FIG. 2 is a schematic diagram of session establishment according to an embodiment of the present application;
图3为根据本申请实施例的飞机匿名身份库生成过程的示意图;3 is a schematic diagram of an aircraft anonymous identity database generation process according to an embodiment of the present application;
图4为根据本申请实施例的ACARS匿名安全会话协议下行链路的示意图;FIG. 4 is a schematic diagram of an ACARS anonymous secure session protocol downlink according to an embodiment of the present application;
图5为根据本申请实施例的ACARS匿名安全会话协议上行链路的示意图;5 is a schematic diagram of an ACARS anonymous secure session protocol uplink according to an embodiment of the present application;
图6为根据本申请实施例的ACARS地空数据安全模型的示意图;6 is a schematic diagram of an ACARS ground-air data security model according to an embodiment of the present application;
图7为根据本申请实施例的民航ACARS地空数据链匿名安全会话装置的结构示意图。FIG. 7 is a schematic structural diagram of a civil aviation ACARS ground-air data link anonymous security session device according to an embodiment of the present application.
具体实施方式Detailed ways
需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。下面将参考附图并结合实施例来详细说明本申请。It should be noted that the embodiments in the present application and the features of the embodiments may be combined with each other in the case of no conflict. The present application will be described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
为了使本技术领域的人员更好地理解本申请方案,下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分的实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本申请保护的范围。In order to make those skilled in the art better understand the solutions of the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are only The embodiments are part of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the scope of protection of the present application.
下面参照附图描述根据本申请实施例提出的民航ACARS地空数据链匿名安全会话方法及装置,首先将参照附图描述根据本申请实施例提出的民航ACARS地空数据链匿名安全会话方法。The following describes the method and device for anonymous security session of civil aviation ACARS ground-air data link proposed according to the embodiments of the present application with reference to the accompanying drawings.
需要说明的是,民航ACARS地空数据链匿名安全会话方法中可能用到的符号和函数符号如表1所示:It should be noted that the symbols and function symbols that may be used in the anonymous secure session method of the civil aviation ACARS ground-air data link are shown in Table 1:
表1符号和函数符号定义Table 1 Symbol and function symbol definitions
图1是本申请一个实施例的民航ACARS地空数据链匿名安全会话方法的流程图。FIG. 1 is a flowchart of a method for an anonymous secure session of a civil aviation ACARS ground-air data link according to an embodiment of the present application.
如图1所示,该民航ACARS地空数据链匿名安全会话方法包括以下步骤:As shown in Figure 1, the method for anonymous secure session of the civil aviation ACARS ground-air data link includes the following steps:
步骤S110,接收地面站广播的地面站身份消息。Step S110, receiving the ground station identity message broadcast by the ground station.
在本申请实施例中,如图2所示,飞机进入地面站覆盖的空域后,可以接收地面站广播的地面站身份消息,地面站身份消息是地面站根据ARINC618标准的规定,以固定的时间间隔向其覆盖的空域广播的,可以如下式表示:In the embodiment of this application, as shown in Figure 2, after the aircraft enters the airspace covered by the ground station, it can receive the ground station identity message broadcast by the ground station. The interval broadcast to the airspace it covers can be expressed as follows:
Message1:G→F:IDG Message1:G→F:ID G
其中,Message1表示地面站身份消息,G表示地面站,F表示飞机,IDG表示地面站身份,G→F:IDG表示地面站向飞机发送地面站身份。Among them, Message1 represents the identity message of the ground station, G represents the ground station, F represents the aircraft, ID G represents the identity of the ground station, and G→F:ID G represents the identity of the ground station sent by the ground station to the aircraft.
步骤S120,基于地面站身份消息通过非对称密钥机制向地面站发送第一消息。Step S120, sending a first message to the ground station through an asymmetric key mechanism based on the ground station identity message.
其中,所述第一消息包括第一初始向量iv0,第一消息Message2可以是飞机接收到地面站身份消息后,根据地面站身份消息向地面站发送的会话建立请求消息,第一初始向量可以是包含在第一消息中的初始向量。The first message includes a first initial vector iv 0 , the first message Message2 may be a session establishment request message sent by the aircraft to the ground station according to the ground station identity message after the aircraft receives the ground station identity message, and the first initial vector may be is the initial vector contained in the first message.
在本申请实施例中,飞机接收到地面站广播的地面身份消息之后,可以基于地面站身份消息通过非对称密钥机制向地面站发送第一消息,第一消息用于向地面站请求建立会话。In this embodiment of the present application, after receiving the ground identity message broadcast by the ground station, the aircraft may send a first message to the ground station through an asymmetric key mechanism based on the ground station identity message, where the first message is used to request the ground station to establish a session .
步骤S130,接收地面站发送的第二消息。Step S130, receiving the second message sent by the ground station.
其中,第二消息Message3可以是地面站接收到飞机发送的第一消息后,向飞机发送的会话建立反馈消息,用于指示飞机地面站已经做好会话准备。The second message Message3 may be a session establishment feedback message sent by the ground station to the aircraft after receiving the first message sent by the aircraft, and used to indicate that the aircraft ground station is ready for a session.
在本申请实施例中,飞机在向地面站发送第一消息之后,可以接收地面站发送的第二消息,飞机根据第二消息可以获知地面站是否已经做好会话准备。In this embodiment of the present application, after sending the first message to the ground station, the aircraft may receive the second message sent by the ground station, and the aircraft may learn whether the ground station is ready for a session according to the second message.
步骤S140,验证第二消息,在验证通过的情况下,根据第一初始向量生成匿名身份库。Step S140, verifying the second message, and in the case of passing the verification, generating an anonymous identity database according to the first initial vector.
其中,匿名身份库包括N个第一匿名身份AID1,N为大于等于1的正整数,第一匿名身份是飞机根据第一初始向量生成的匿名身份,用于在会话过程中隐藏自身的真实身份。The anonymous identity database includes N first anonymous identities AID 1 , where N is a positive integer greater than or equal to 1, and the first anonymous identity is an anonymous identity generated by the aircraft according to the first initial vector, which is used to hide its real identity during the session. identity.
在本申请实施例中,飞机接收到地面站发送的第二消息后,可以验证第二消息,在验证通过的情况下,可以认为地面站已经做好会话准备,并根据第一初始向量生成匿名身份库,匿名身份库包括N个第一匿名身份,飞机可以在接下来的每次会话中使用第一匿名身份用于隐藏自身的真实身份,保障自身真实身份的隐私性。In this embodiment of the present application, after the aircraft receives the second message sent by the ground station, it can verify the second message, and if the verification is passed, it can be considered that the ground station is ready for a session, and generates an anonymous message according to the first initial vector. Identity database. The anonymous identity database includes N first anonymous identities. The aircraft can use the first anonymous identity in each subsequent session to hide its true identity and ensure the privacy of its true identity.
步骤S150,基于匿名身份库与地面站开展会话。Step S150, start a session with the ground station based on the anonymous identity database.
在本申请实施例中,飞机在根据第一初始向量生成匿名身份库后,可以基于匿名身份库与地面站开展会话,飞机可以将当前飞行高度、飞行状态等飞行信息通过会话过程告知地面站,地面站可以通过会话过程将飞机的飞行信息记录下来。In the embodiment of the present application, after the aircraft generates an anonymous identity database according to the first initial vector, it can conduct a session with the ground station based on the anonymous identity database, and the aircraft can inform the ground station of flight information such as the current flight altitude and flight status through the session process, The ground station can record the flight information of the aircraft through the session process.
根据本申请实施例的民航ACARS地空数据链匿名安全会话方法,通过接收地面站广播的地面站身份消息;基于地面站身份消息通过非对称密钥机制向地面站发送第一消息,其中,第一消息包括第一初始向量;接收地面站发送的第二消息;验证第二消息,在验证通过的情况下,根据第一初始向量生成匿名身份库,其中,匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;基于匿名身份库与地面站开展会话。本申请能够有效保障民航ACARS消息的保密性、隐私性和认证性。According to the civil aviation ACARS ground-air data link anonymous security session method according to the embodiment of the present application, the ground station identity message broadcasted by the ground station is received; the first message is sent to the ground station through the asymmetric key mechanism based on the ground station identity message, wherein the first message is a message including a first initial vector; receiving a second message sent by the ground station; verifying the second message, and in the case of passing the verification, generating an anonymous identity database according to the first initial vector, wherein the anonymous identity database includes N first anonymous Identity, N is a positive integer greater than or equal to 1; conducts a conversation with the ground station based on the anonymous identity database. This application can effectively guarantee the confidentiality, privacy and authentication of civil aviation ACARS messages.
在一些可能的实施例中,基于地面站身份信息通过非对称密钥机制向地面站发送第一消息,包括:In some possible embodiments, the first message is sent to the ground station through an asymmetric key mechanism based on the ground station identity information, including:
根据地面站身份信息确定地面站的公钥;Determine the public key of the ground station according to the identity information of the ground station;
生成第一初始向量、会话密钥,并记录当前时间的时间戳;Generate the first initial vector, the session key, and record the timestamp of the current time;
根据飞机注册号和会话密钥通过地面站的公钥生成飞机的第二匿名身份;Generate the second anonymous identity of the aircraft through the public key of the ground station according to the aircraft registration number and the session key;
根据第一初始向量、会话密钥、时间戳和飞机注册号通过飞机的私钥生成第一签名;Generate a first signature through the private key of the aircraft according to the first initial vector, the session key, the timestamp and the aircraft registration number;
根据第一初始向量、会话密钥、时间戳和第一签名通过地面站的公钥生成第一密文;Generate the first ciphertext through the public key of the ground station according to the first initial vector, the session key, the timestamp and the first signature;
将第一消息中的飞机注册号替换为飞机的第二匿名身份,以及将第一消息中的报文段填充成第一密文后,向地面站发送第一消息。After replacing the aircraft registration number in the first message with the second anonymous identity of the aircraft, and after filling the message segment in the first message into the first ciphertext, the first message is sent to the ground station.
其中,第二匿名身份可以是飞机根据飞机注册号和会话密钥通过地面站的公钥生成的匿名身份,用于在会话建立以前隐藏飞机自身的身份信息,第一签名可以是飞机根据第一初始向量、会话密钥、时间戳和飞机注册号通过飞机的私钥生成的签名,本质上是一种数字签名,用于供地面站进行签名验证,进而确认接收的消息是否被篡改,第一密文可以是飞机根据第一初始向量、会话密钥、时间戳和第一签名通过地面站的公钥生成的密文,密文在被地面站接收之后可以进行解密,从而获取飞机生成的第一初始向量、会话密钥、时间戳和第一签名。Wherein, the second anonymous identity may be an anonymous identity generated by the aircraft through the public key of the ground station according to the aircraft registration number and the session key, which is used to hide the identity information of the aircraft itself before the session is established, and the first signature may be the The signature generated by the initial vector, session key, timestamp and aircraft registration number through the aircraft's private key is essentially a digital signature, which is used for signature verification by the ground station to confirm whether the received message has been tampered with. The ciphertext can be the ciphertext generated by the aircraft through the public key of the ground station according to the first initial vector, session key, timestamp and first signature. After the ciphertext is received by the ground station, it can be decrypted to obtain the first An initial vector, session key, timestamp and first signature.
在本申请实施例中,仍如图2所示,飞机进入地面站的空域,接收到地面站广播的地面站身份信息后,可以根据地面站身份信息IDG确定地面站的公钥pkG,并为会话生成第一初始向量iv0、会话密钥kd和记录当前时间的时间戳t,基于公钥加密算法根据飞机注册号ARN和生成的会话密钥kd通过地面站的公钥pkG可以生成飞机的第二匿名身份AID2,即AID2=ENC(ARN,kd),还可以根据第一初始向量iv0、会话密钥kd、时间戳t和飞机注册号ARN通过飞机的私钥skF生成第一签名,即Γ1=SIG(iv0||kd||t||ARN,skF),之后可以根据第一初始向量iv0、会话密钥kd、时间戳t和第一签名Γ1通过地面站的公钥pkG生成第一密文C1,即C1=ENC(iv0||kd||t||Γ1,pkG),将第一消息中的飞机注册号替换为飞机的第二匿名身份,以及将第一消息中的报文段填充成第一密文后,生成完整的第一消息Message2,从而可以向地面站发送第一消息,上述过程可以简单表示为:In the embodiment of the present application, as shown in FIG. 2 , the aircraft enters the airspace of the ground station, and after receiving the ground station identity information broadcast by the ground station, the public key pk G of the ground station can be determined according to the ground station identity information ID G , And generate the first initial vector iv 0 , the session key k d and the timestamp t recording the current time for the session, and pass the public key pk of the ground station according to the aircraft registration number ARN and the generated session key k d based on the public key encryption algorithm. G can generate the second anonymous identity AID 2 of the aircraft, ie AID 2 =ENC(ARN, k d ), and can also pass the aircraft through the aircraft according to the first initial vector iv 0 , the session key k d , the timestamp t and the aircraft registration number ARN The first signature is generated from the private key sk F of
Message2:
在一些可能的实施例中,验证第二消息,包括:In some possible embodiments, verifying the second message includes:
通过第二消息获取第二签名;Obtain the second signature through the second message;
通过地面站的公钥对第二签名进行验证。The second signature is verified by the public key of the ground station.
其中,第二签名可以是地面站基于签名算法对第二消息进行的签名,飞机根据第二签名的验证结果可以获知第二消息是否被篡改。The second signature may be a signature performed by the ground station on the second message based on a signature algorithm, and the aircraft may learn whether the second message has been tampered with according to the verification result of the second signature.
在本申请实施例中,仍如图2所示,飞机接收到地面站发送的第二消息后,可以通过第二消息获取第二签名Γ2,再基于验签算法通过地面站的公钥pkG对第二签名进行验证,即VER(t||ARN||iv0||kd,pkG),在验证通过的情况下,飞机可以确定地面站已经做好会话准备,并可以根据第一初始向量生成匿名身份库,在验证不通过的情况下,飞机可以认为存在攻击者篡改了第二消息,从而可以丢弃第二消息。In the embodiment of the present application, as shown in FIG. 2 , after the aircraft receives the second message sent by the ground station, it can obtain the second signature Γ 2 through the second message, and then use the public key pk of the ground station based on the signature verification algorithm. G verifies the second signature, namely VER(t||ARN||iv 0 ||k d ,pk G ). If the verification is passed, the aircraft can determine that the ground station is ready for a session and can An initial vector generates an anonymous identity database. If the verification fails, the aircraft can consider that an attacker has tampered with the second message, so that the second message can be discarded.
需要说明的是,仍如图2所示,地面站在接收到飞机发送的第一消息后,可以用自身地面站的私钥skG解密其中的第一密文C1,获得第一初始向量iv0、会话密钥kd、时间戳t和第一签名Γ1,即DEC(C1,skG),还可以从控制字段取出AID2,通过会话密钥解密获得飞机注册号,即ARN=DEC(AID,kd),地面站获取飞机注册号后,根据飞机注册号查询获取飞机对应的飞机公钥pkF,再基于验签算法通过飞机公钥对第一签名进行验证,即VER(iv0||kd||t||ARN,Γ1,pkF),在验证成功的情况下,地面站可以确定第一消息不存在攻击者篡改,从而确定飞机的会话密钥、时间戳和飞机注册号,在验证不成功的情况下,地面站可以丢弃第一消息。在地面站对第一签名验证成功,确定飞机的会话密钥、时间戳和时间注册号后,地面站可以验证时间戳的新鲜性,通过比较确定的时间戳和当前时刻的时间戳之间的延迟是否在合理的范围内,若延迟在合理的范围内,则进行下一步的处理,若延迟不在合理的范围内,可以丢弃第一消息,等待飞机发送更新的第一消息。确定延迟在合理的范围后,地面站可以基于数字签名算法通过地面站私钥对时间戳t、飞机注册号ARN、第一初始向量iv0和会话密钥kd进行签名得到第二签名Γ2,即Γ2=SIG(t||ARN||iv0||kd,skG),将第二签名填充至第二消息的报文字段,并将第二匿名身份填充至第二消息的控制字段后,向飞机发送第二消息。如图3所示,地面站还可以根据第一初始向量预测飞机在会话过程中使用的N个匿名身份,即AIDi=ENC(ARN,kd,iv0i),N为大于等于1的正整数,具体地,地面站可以通过对第一初始向量依次加一获取N个身份向量,可以理解为iv0i=iv0+i,1≤i≤N,再通过会话密钥对身份向量进行加密后与飞机注册码进行异或操作得到匿名身份,将得到的N个匿名身份构成对应飞机的匿名身份库。上述第二消息发送过程可以简单描述为:It should be noted that, as shown in FIG. 2 , after receiving the first message sent by the aircraft, the ground station can decrypt the first ciphertext C 1 with the private key sk G of its own ground station to obtain the first initial vector iv 0 , session key k d , timestamp t and first signature Γ 1 , namely DEC(C 1 , sk G ), AID 2 can also be taken out from the control field, and the aircraft registration number, ie ARN, can be obtained by decrypting the session key =DEC(AID,k d ), after obtaining the aircraft registration number, the ground station obtains the aircraft public key pk F corresponding to the aircraft according to the aircraft registration number query, and then verifies the first signature with the aircraft public key based on the signature verification algorithm, namely VER (iv 0 ||k d ||t||ARN,Γ 1 ,pk F ), in the case of successful verification, the ground station can determine that the first message is not tampered by an attacker, thereby determining the session key and time of the aircraft stamp and aircraft registration number, the ground station can discard the first message in case of unsuccessful verification. After the ground station successfully verifies the first signature and determines the session key, timestamp and time registration number of the aircraft, the ground station can verify the freshness of the timestamp by comparing the difference between the determined timestamp and the timestamp of the current moment. Check whether the delay is within a reasonable range. If the delay is within a reasonable range, proceed to the next step. If the delay is not within a reasonable range, discard the first message and wait for the aircraft to send an updated first message. After determining that the delay is within a reasonable range, the ground station can use the ground station private key to sign the timestamp t, the aircraft registration number ARN, the first initial vector iv 0 and the session key k d based on the digital signature algorithm to obtain the second signature Γ 2 , namely Γ 2 =SIG(t||ARN||iv 0 ||k d , sk G ), fill the second signature into the message field of the second message, and fill the second anonymous identity into the second message After controlling the field, a second message is sent to the aircraft. As shown in Figure 3, the ground station can also predict N anonymous identities used by the aircraft during the session according to the first initial vector, that is, AID i =ENC(ARN,k d ,iv 0i ), where N is a positive value greater than or equal to 1 Integer, specifically, the ground station can obtain N identity vectors by adding one to the first initial vector in turn, which can be understood as iv 0i =iv 0 +i, 1≤i≤N, and then encrypt the identity vector with the session key Then, perform an XOR operation with the aircraft registration code to obtain an anonymous identity, and the obtained N anonymous identities constitute the anonymous identity database of the corresponding aircraft. The above second message sending process can be simply described as:
Message3:
在一些可能的实施例中,在验证通过的情况下,根据第一初始向量生成匿名身份库,包括:In some possible embodiments, when the verification is passed, the anonymous identity database is generated according to the first initial vector, including:
将第一初始向量依次加一生成N个身份向量,其中,N为大于等于1的正整数;Add one to the first initial vector in turn to generate N identity vectors, where N is a positive integer greater than or equal to 1;
根据飞机注册号、会话密钥和N个身份向量生成飞机的N个第一匿名身份;Generate N first anonymous identities of the aircraft according to the aircraft registration number, session key and N identity vectors;
基于N个第一匿名身份形成匿名身份库。An anonymous identity database is formed based on the N first anonymous identities.
在本申请实施例中,飞机在对第二消息验证通过的情况下,可以将第一初始向量依次加一生成N个身份向量,可以理解为iv0i=iv0+i,1≤i≤N,通过会话密钥将N个身份向量分别加密后再分别与飞机注册号进行异或操作得到N个第一匿名身份,将N个第一匿名身份形成飞机自身的匿名身份库。In the embodiment of the present application, when the aircraft passes the verification of the second message, the first initial vector can be added by one to generate N identity vectors, which can be understood as iv 0i =iv 0 +i, 1≤i≤N , encrypt the N identity vectors respectively with the session key, and then perform XOR operation with the aircraft registration number to obtain N first anonymous identities, and form the N first anonymous identities into the aircraft's own anonymous identity database.
在一些可能的实施例中,基于匿名身份库与地面站开展会话,包括:In some possible embodiments, conducting a session with the ground station based on an anonymous identity repository includes:
基于匿名身份库生成第三消息;generating a third message based on the anonymous identity store;
向地面站发送第三消息;sending a third message to the ground station;
接收地面站发送的第四消息。The fourth message sent by the ground station is received.
其中,第三消息可以是飞机基于匿名身份库中的N个第一匿名身份生成的会话消息,用于向地面站通报飞机自身的飞行状态,第四消息可以是地面站根据接收到的第三消息发送的会话消息,用于通知或指示飞机其根据第三消息做出的反应。The third message may be a session message generated by the aircraft based on the N first anonymous identities in the anonymous identity database, which is used to notify the ground station of the flight status of the aircraft itself, and the fourth message may be the third message received by the ground station according to the third A session message sent by the message to inform or instruct the aircraft of its response to the third message.
在本申请实施例中,飞机在形成自身的匿名身份库后,可以基于匿名身份库生成第三消息,再向地面站发送第三消息,从而可以向地面站通报飞机自身的飞行状态,地面站接收到飞机发送的第三消息后,可以获知飞机当前的飞行状态,并基于第三消息的内容生成对应的第四消息,并向飞机发送第四消息,飞机接收到地面站发送的第四消息后,可以获得地面站根据第三消息对其做出的通知内容或指示内容。In the embodiment of the present application, after the aircraft forms its own anonymous identity database, it can generate a third message based on the anonymous identity database, and then send the third message to the ground station, so that the ground station can be notified of the flight status of the aircraft itself. After receiving the third message sent by the aircraft, the current flight status of the aircraft can be known, and a corresponding fourth message is generated based on the content of the third message, and the fourth message is sent to the aircraft, and the aircraft receives the fourth message sent by the ground station. Afterwards, the notification content or indication content made by the ground station according to the third message can be obtained.
在一些可能的实施例中,基于匿名身份库生成第三消息,包括:In some possible embodiments, the third message is generated based on the anonymous identity repository, including:
生成第一明文和第一消息序列号,并计算第一明文和第一消息序列号的第一哈希值;generating the first plaintext and the first message sequence number, and calculating the first hash value of the first plaintext and the first message sequence number;
根据第一消息序列号和第一初始向量计算第三消息的第二初始向量;Calculate the second initial vector of the third message according to the first message sequence number and the first initial vector;
根据第一明文、第一哈希值和第二初始向量通过会话密钥生成第二密文;generating a second ciphertext through the session key according to the first plaintext, the first hash value and the second initial vector;
在匿名身份库中通过随机数算法选择第三匿名身份;Select the third anonymous identity through random number algorithm in the anonymous identity database;
将第三消息中的飞机注册号替换为第三匿名身份,以及将第三消息中的报文段填充成第二密文后,向地面站发送第三消息。The third message is sent to the ground station after replacing the aircraft registration number in the third message with the third anonymous identity, and after filling the segment in the third message with the second ciphertext.
其中,第一明文可以是飞机根据当前自身的飞行状态生成的文本内容,第一消息序列号可以是第三消息对应的消息序列号,第一哈希值可以是飞机基于哈希算法根据第一明文和第一消息序列号生成的哈希值,地面站可以通过验证第一哈希值确定第三消息是否发生篡改,第二初始向量可以是飞机根据第一消息序列号和第一初始向量计算得到的第三消息的初始向量,第二密文可以是飞机基于加密算法根据第一明文、第一哈希值和第二初始向量通过会话密钥生成的密文,第三匿名身份可以是飞机在自身匿名身份库中通过随机数算法随机选择的其中一个第一匿名身份。The first plaintext may be text content generated by the aircraft according to its current flight status, the first message sequence number may be the message sequence number corresponding to the third message, and the first hash value may be the The plaintext and the hash value generated by the sequence number of the first message. The ground station can verify whether the third message has been tampered with by verifying the first hash value. The second initial vector can be calculated by the aircraft according to the sequence number of the first message and the first initial vector. The obtained initial vector of the third message, the second ciphertext may be the ciphertext generated by the aircraft based on the encryption algorithm according to the first plaintext, the first hash value and the second initial vector through the session key, and the third anonymous identity may be the aircraft. One of the first anonymous identities randomly selected by a random number algorithm in its own anonymous identity database.
在本申请实施例中,如图4所示,飞机确定地面站已经做好会话准备,并生成匿名身份库后,可以生成第一明文M1和第一消息序列号MSN1,并计算第一明文和第一消息序列号的第一哈希值H1,即H1=Hash(M1,MSN1),根据第一消息序列号和第一初始向量可以计算第三消息对应的第二初始向量ivi,即ivi=SM3(iv0||MSN1),通过会话密钥根据第一明文、第一哈希值和第二初始向量生成第二密文C1,即C1=ENC(M1||H1,kd,ivi),通过随机数算法在匿名身份库中随机选择其中一个第一匿名身份作为第三匿名身份,将第三消息中的飞机注册号替换为第三匿名身份,以及将第三消息中的报文段填充成第二密文后,生成完整的第三消息后,向地面站发送第三消息,上述过程可以简单表示为:In the embodiment of the present application, as shown in FIG. 4 , after the aircraft determines that the ground station is ready for a session and generates an anonymous identity database, it can generate the first plaintext M 1 and the first message sequence number MSN 1 , and calculate the first The plaintext and the first hash value H 1 of the first message sequence number, that is, H 1 =Hash(M 1 , MSN 1 ). According to the first message sequence number and the first initial vector, the second initial value corresponding to the third message can be calculated The vector iv i , namely iv i =SM3(iv 0 ||MSN 1 ), generates the second ciphertext C 1 according to the first plaintext, the first hash value and the second initial vector through the session key, that is, C 1 =ENC (M 1 ||H 1 ,k d ,iv i ), randomly select one of the first anonymous identities in the anonymous identity database as the third anonymous identity through the random number algorithm, and replace the aircraft registration number in the third message with the first anonymous identity. Three anonymous identities, and after filling the segment in the third message into the second ciphertext, after generating a complete third message, the third message is sent to the ground station. The above process can be simply expressed as:
Message4:
需要说明的是,在飞机和地面站的会话过程中,需要为每条会话消息生成初始向量,但只有第一初始向量用于匿名身份库的生成。It should be noted that, during the conversation between the aircraft and the ground station, an initial vector needs to be generated for each conversation message, but only the first initial vector is used for generating the anonymous identity database.
需要说明的是,仍如图4所示,飞机向地面站发送第三消息后,地面站可以接收到第三消息,从第三消息中取出第三匿名身份,根据第三匿名身份在匿名身份库中查找相同的匿名身份,在查找到第三匿名身份的情况下,根据第三匿名身份查询对应的第一初始向量iv0、会话密钥kd和飞机注册号ARN,在查找不到第三匿名身份的情况下,可以丢弃第三消息。在查询并获取到第三匿名身份对应的第一初始向量、会话密钥和飞机注册号后,还可以提取第三消息中的第一消息序列号,根据第一初始向量和第一消息序列号可以计算第三消息对应的第二初始向量,根据计算得到的第二初始向量和第一密文通过会话密钥进行解密,得到第一明文和第一哈希值,基于第一明文和第一消息序列号通过哈希算法计算哈希值,即Hash(M1,MSN1),验证第一哈希值是否等于Hash(M1,MSN1),在第一哈希值等于Hash(M1,MSN1)的情况下,对第一明文进行下一步处理,在第一哈希值不等于Hash(M1,MSN1)的情况下,可以丢弃第一消息。It should be noted that, as shown in FIG. 4, after the aircraft sends the third message to the ground station, the ground station can receive the third message, extract the third anonymous identity from the third message, and use the third anonymous identity in the anonymous identity according to the third anonymous identity. Find the same anonymous identity in the library, and in the case of finding the third anonymous identity, query the corresponding first initial vector iv 0 , session key k d and aircraft registration number ARN according to the third anonymous identity, and if the third anonymous identity cannot be found. In the case of three anonymous identities, the third message can be discarded. After querying and obtaining the first initial vector, session key and aircraft registration number corresponding to the third anonymous identity, the first message sequence number in the third message can also be extracted. According to the first initial vector and the first message sequence number The second initial vector corresponding to the third message can be calculated, and the session key is used to decrypt the calculated second initial vector and the first ciphertext to obtain the first plaintext and the first hash value. Based on the first plaintext and the first The message serial number calculates the hash value through the hash algorithm, that is, Hash(M 1 , MSN 1 ), and verifies whether the first hash value is equal to Hash(M 1 , MSN 1 ), and the first hash value is equal to Hash(M 1 ). , MSN 1 ), the next step is performed on the first plaintext, and when the first hash value is not equal to Hash(M 1 , MSN 1 ), the first message can be discarded.
需要说明的是,在飞机和地面站的会话过程中,每条会话消息中的部分字段需要安全保护,具体如表2所示,其中ARN、Text FlightID、Text字段是增加安全保护的字段,其余字段可以用明文传输:It should be noted that during the conversation between the aircraft and the ground station, some fields in each session message require security protection, as shown in Table 2, in which the ARN, Text FlightID, and Text fields are fields that increase security protection, and the rest Fields can be transmitted in clear text:
表2安全保护字段Table 2 Security protection fields
在一些可能的实施例中,接收地面站发送的第四消息,包括:In some possible embodiments, receiving the fourth message sent by the ground station includes:
获取第四消息中第四匿名身份;Obtain the fourth anonymous identity in the fourth message;
在匿名身份库中查找第四匿名身份;Find a fourth anonymous identity in the anonymous identity repository;
在匿名身份库中查找到第四匿名身份的情况下,查询第四匿名身份对应的第一初始向量和会话密钥;In the case of finding the fourth anonymous identity in the anonymous identity database, query the first initial vector and session key corresponding to the fourth anonymous identity;
获取第四消息中的第二消息序列号;obtaining the sequence number of the second message in the fourth message;
根据第四匿名身份对应的第一初始向量和第二消息序列号计算第四消息的第三初始向量;Calculate the third initial vector of the fourth message according to the first initial vector corresponding to the fourth anonymous identity and the second message sequence number;
获取第四消息中的第三密文,根据会话密钥和第三初始向量解密第三密文,获得第二明文和第二哈希值;Obtain the third ciphertext in the fourth message, decrypt the third ciphertext according to the session key and the third initial vector, and obtain the second plaintext and the second hash value;
计算第二明文和第二消息序列号的第三哈希值;calculating a third hash value of the second plaintext and the second message sequence number;
验证第三哈希值是否等于第二哈希值;Verify that the third hash value is equal to the second hash value;
在第三哈希值等于第二哈希值的情况下,对第二明文进行处理,在第三哈希值不等于第二哈希值的情况下,丢弃第四消息。If the third hash value is equal to the second hash value, the second plaintext is processed, and if the third hash value is not equal to the second hash value, the fourth message is discarded.
其中,第四匿名身份可以是地面站在对应飞机的匿名身份库中随机选择的其中一个匿名身份,第二消息序列号可以是地面站为第四消息生成的消息序列号,第三初始向量可以是飞机根据第四匿名身份对应的第一初始向量和第二消息序列号计算得到的第四消息的第三初始向量,第三密文可以是地面站生成的第三密文,第二明文可以是地面站生成的明文,第二哈希值可以是地面站计算的哈希值,第三哈希值可以是飞机通过哈希算法根据第二明文和第二消息序列号计算得到的哈希值。The fourth anonymous identity may be one of the anonymous identities randomly selected by the ground station in the anonymous identity database of the corresponding aircraft, the second message sequence number may be the message sequence number generated by the ground station for the fourth message, and the third initial vector may be is the third initial vector of the fourth message calculated by the aircraft according to the first initial vector corresponding to the fourth anonymous identity and the second message sequence number. The third ciphertext can be the third ciphertext generated by the ground station, and the second plaintext can be is the plaintext generated by the ground station, the second hash value may be the hash value calculated by the ground station, and the third hash value may be the hash value calculated by the aircraft through the hash algorithm according to the second plaintext and the second message serial number .
在本申请实施例中,如图5所示,飞机向地面站发送第三消息后,可以等待接收地面站发送的第四消息,接收到第四消息后,可以从第四消息中获取第四匿名身份,在自身匿名身份库查找第四匿名身份,在匿名身份库中查找到第四匿名身份的情况下,查询第四匿名身份对应的第一初始向量iv0和会话密钥kd,再从第四消息中获取第二消息序列号MSN2,根据第四匿名身份对应的第一初始向量和第二消息序列号计算第四消息的第三初始向量,即ivi=Hash(iv0||MSN2),再获取第四消息中的第三密文,根据会话密钥和第三初始向量解密第三密文,获得第二明文和第二哈希值,即M2||H2=DEC(C3,kd,ivi),通过哈希算法根据第二明文和第二消息序列号计算第三哈希值H3,验证第三哈希值和第二哈希值是否相等,即验证H3=H2,在第三哈希值等于第二哈希值的情况下,对第二明文进行处理,在第三哈希值不等于第二哈希值的情况下,丢弃第四消息。In the embodiment of the present application, as shown in FIG. 5 , after the aircraft sends the third message to the ground station, it can wait to receive the fourth message sent by the ground station, and after receiving the fourth message, it can obtain the fourth message from the fourth message. Anonymous identity, look up the fourth anonymous identity in its own anonymous identity database, and if the fourth anonymous identity is found in the anonymous identity database, query the first initial vector iv 0 and the session key k d corresponding to the fourth anonymous identity, and then Obtain the second message sequence number MSN2 from the fourth message, and calculate the third initial vector of the fourth message according to the first initial vector corresponding to the fourth anonymous identity and the second message sequence number, that is, iv i =Hash(iv 0 || MSN 2 ), then obtain the third ciphertext in the fourth message, decrypt the third ciphertext according to the session key and the third initial vector, and obtain the second plaintext and the second hash value, that is, M 2 ||H 2 = DEC(C 3 ,k d ,iv i ), calculate the third hash value H 3 according to the second plaintext and the second message sequence number through the hash algorithm, and verify whether the third hash value and the second hash value are equal, That is, to verify that H 3 =H 2 , in the case that the third hash value is equal to the second hash value, the second plaintext is processed, and in the case that the third hash value is not equal to the second hash value, the third hash value is discarded. Four messages.
需要说明的是,地面站在发送第四消息之前,需要生成第四消息。具体地,仍如图5所示,地面站可以生成第二明文和第二消息序列号,计算第二明文和第二消息序列号的第二哈希值,即H2=Hash(M2,MSN2),根据第一初始向量和第二消息序列号计算第四消息的第三初始向量,基于加密算法根据第二明文、第二哈希值、第三初始向量、会话密钥生成第三密文,通过随机数算法在对应飞机的匿名身份库中随机选择其中一个第一匿名身份作为第四匿名身份,将第四消息中的飞机注册号替换为第四匿名身份,以及将第四消息中的报文段填充成第三密文后,生成完整的第四消息后,向飞机发送第四消息,上述过程可以简单表示为:It should be noted that, before sending the fourth message, the ground station needs to generate the fourth message. Specifically, still as shown in FIG. 5 , the ground station can generate the second plaintext and the second message sequence number, and calculate the second hash value of the second plaintext and the second message sequence number, that is, H 2 =Hash(M 2 , MSN 2 ), calculate the third initial vector of the fourth message according to the first initial vector and the second message sequence number, and generate the third initial vector according to the second plaintext, the second hash value, the third initial vector and the session key based on the encryption algorithm cipher text, randomly select one of the first anonymous identities in the anonymous identity database of the corresponding aircraft as the fourth anonymous identity through the random number algorithm, replace the aircraft registration number in the fourth message with the fourth anonymous identity, and replace the fourth message with the fourth anonymous identity. After the message segment in is filled into the third ciphertext, the complete fourth message is generated, and the fourth message is sent to the aircraft. The above process can be simply expressed as:
Message5:
在一些可能的实施例中,在匿名身份库中查找第四匿名身份之后,还包括:In some possible embodiments, after searching the fourth anonymous identity in the anonymous identity database, the method further includes:
在匿名身份库中查找不到第四匿名身份的情况下,丢弃第四消息。In the case that the fourth anonymous identity cannot be found in the anonymous identity database, the fourth message is discarded.
在本申请实施例中,飞机在自身匿名身份库中查找第四匿名身份,在查找不到第四匿名身份库的情况,可以确定接受到的第四消息不是向自身发送的消息,可以丢弃第四消息。In the embodiment of the present application, the aircraft searches for the fourth anonymous identity in its own anonymous identity database. If the fourth anonymous identity database cannot be found, it can be determined that the received fourth message is not a message sent to itself, and the fourth anonymous identity can be discarded. Four messages.
在一些可能的实施例中,在根据地面站身份信息确定地面站的公钥之前,包括:In some possible embodiments, before determining the public key of the ground station according to the identity information of the ground station, the method includes:
通过认证中心获取飞机的航线经过的地面站身份信息和与地面站身份信息对应的公钥。Obtain the identity information of the ground station and the public key corresponding to the identity information of the ground station through the certification center.
在本申请实施例中,飞机在根据地面站身份信息确定地面站的公钥之前,会先获取地面站的公钥。如图6所示,可以采用公钥基础设施(Public Key Infrastructure,PKI)管理公钥,通过第三方信任机构-认证中心(Certificate Authority,CA),即证书颁发中心,将飞机和地面站的公钥与各自的身份信息进行绑定。在会话开始之前,依据空管中心提供的飞行计划,飞机可以通过CA得知航线所可能经过地面站的公钥及对应的身份信息,地面站也可以通过CA得知所有可能经过其覆盖区域的飞机的公钥与对应的身份信息。如此,在飞机或地面站接收到对方的身份信息后,可以根据对方的身份信息查询到对应的对方公钥。In the embodiment of the present application, before determining the public key of the ground station according to the identity information of the ground station, the aircraft will first obtain the public key of the ground station. As shown in Figure 6, the public key infrastructure (Public Key Infrastructure, PKI) can be used to manage the public key, and the public key of the aircraft and the ground station can be transferred through the third-party trust organization - the Certificate Authority (CA), that is, the certificate issuing center. The keys are bound with their respective identity information. Before the session starts, according to the flight plan provided by the air traffic control center, the aircraft can know the public key and corresponding identity information of the ground station that the route may pass through through the CA. The aircraft's public key and the corresponding identity information. In this way, after the aircraft or the ground station receives the identity information of the counterparty, the corresponding public key of the counterparty can be queried according to the identity information of the counterparty.
需要说明的是,会话密钥可以由飞机生成后发送给地面站,也可以通过Diff-Hellman(迪菲-赫尔曼)协议、Joux三方密钥协商(尤克斯)协议、BD二轮组密钥协商(Burmester、Desmedt,伯梅斯特、德梅特)协议等密钥协商协议进行协商确定。It should be noted that the session key can be generated by the aircraft and sent to the ground station, or it can be sent to the ground station through the Diff-Hellman (Diffy-Hellman) protocol, the Joux tripartite key agreement (Yux) protocol, the BD second-round group Key agreement protocols such as the key agreement (Burmester, Desmedt, Burmester, Desmedt) protocol are negotiated and determined.
需要说明的是,基于会话密钥的对称加解密算法优选可以是SM4对称加解密算法,也可以是3DES(Triple Data Encryption Algorithm,三重数据加密算法)、AES(AdvancedEncryption Standard,高级加密标准)等对称加解密算法。此外,数字签名算法、验签算法和非对称加解密算法优先可以是SM2非对称加解密算法,也可以是RSA(Ron Rivest、AdiShamir、Leonard Adleman,罗纳德·李维斯特、阿迪·萨莫尔、伦纳德·阿德曼)等非对称加解密算法。It should be noted that the symmetric encryption and decryption algorithm based on the session key may preferably be the SM4 symmetric encryption and decryption algorithm, or may be symmetric such as 3DES (Triple Data Encryption Algorithm, triple data encryption algorithm), AES (Advanced Encryption Standard, advanced encryption standard). Encryption and decryption algorithm. In addition, the digital signature algorithm, signature verification algorithm and asymmetric encryption and decryption algorithm can be preferably SM2 asymmetric encryption and decryption algorithm, or RSA (Ron Rivest, AdiShamir, Leonard Adleman, Ronald Rivest, Adi Shamir) , Leonard Aardman) and other asymmetric encryption and decryption algorithms.
为了实现上述实施例,如图7所示,本实施例中还提供了一种民航ACARS地空数据链匿名安全会话装置700,该装置700包括:第一接收模块710,发送模块720,第二接收模块730,验证模块740,会话模块750。In order to realize the above embodiment, as shown in FIG. 7 , this embodiment also provides a civil aviation ACARS ground-air data link anonymous
第一接收模块710,用于接收地面站广播的地面站身份消息;a
发送模块720,用于基于地面站身份消息通过非对称密钥机制向地面站发送第一消息,其中,第一消息包括第一初始向量;A sending
第二接收模块730,用于接收地面站发送的第二消息;A
验证模块740,用于验证第二消息,在验证通过的情况下,根据第一初始向量生成匿名身份库,其中,匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;A
会话模块750,用于基于匿名身份库与地面站开展会话。The
根据本申请实施例的民航ACARS地空数据链匿名安全会话装置,通过接收地面站广播的地面站身份消息;基于地面站身份消息通过非对称密钥机制向地面站发送第一消息,其中,第一消息包括第一初始向量;接收地面站发送的第二消息;验证第二消息,在验证通过的情况下,根据第一初始向量生成匿名身份库,其中,匿名身份库包括N个第一匿名身份,N为大于等于1的正整数;基于匿名身份库与地面站开展会话。本申请能够有效保障民航ACARS消息的保密性、隐私性和认证性。According to the civil aviation ACARS ground-air data link anonymous security session device according to the embodiment of the present application, the ground station identity message broadcasted by the ground station is received; based on the ground station identity message, the first message is sent to the ground station through an asymmetric key mechanism, wherein the first message is a message including a first initial vector; receiving a second message sent by the ground station; verifying the second message, and in the case of passing the verification, generating an anonymous identity database according to the first initial vector, wherein the anonymous identity database includes N first anonymous Identity, N is a positive integer greater than or equal to 1; conducts a conversation with the ground station based on the anonymous identity database. This application can effectively guarantee the confidentiality, privacy and authentication of civil aviation ACARS messages.
在一些可能的实施例中,发送模块720,包括:In some possible embodiments, the sending
确定单元,用于根据地面站身份信息确定地面站的公钥;a determining unit for determining the public key of the ground station according to the identity information of the ground station;
第一生成单元,用于生成第一初始向量、会话密钥,并记录当前时间的时间戳;a first generating unit, used to generate a first initial vector, a session key, and record the timestamp of the current time;
第二生成单元,用于根据飞机注册号和会话密钥通过地面站的公钥生成飞机的第二匿名身份;The second generation unit is used to generate the second anonymous identity of the aircraft through the public key of the ground station according to the aircraft registration number and the session key;
第三生成单元,根据第一初始向量、会话密钥、时间戳和飞机注册号通过飞机的私钥生成第一签名;The third generation unit generates a first signature through the private key of the aircraft according to the first initial vector, the session key, the timestamp and the aircraft registration number;
第四生成单元,根据第一初始向量、会话密钥、时间戳和第一签名通过地面站的公钥生成第一密文;The fourth generation unit generates the first ciphertext through the public key of the ground station according to the first initial vector, the session key, the time stamp and the first signature;
替换单元,用于将第一消息中的飞机注册号替换为飞机的第二匿名身份,以及将第一消息中的报文段填充成第一密文后,向地面站发送所述第一消息。A replacement unit, configured to replace the aircraft registration number in the first message with the second anonymous identity of the aircraft, and after filling the segment in the first message into the first ciphertext, send the first message to the ground station .
在一些可能的实施例中,验证模块740,包括:In some possible embodiments, the
获取单元,用于通过第二消息获取第二签名;an obtaining unit, configured to obtain the second signature through the second message;
第一验证单元,用于通过地面站的公钥对第二签名进行验证。The first verification unit is used for verifying the second signature through the public key of the ground station.
在一些可能的实施例中,验证模块740,还包括:In some possible embodiments, the
第五生成单元,用于将第一初始向量依次加一生成N个身份向量,其中,N为大于等于1的正整数;The fifth generation unit is used for adding one to the first initial vector in turn to generate N identity vectors, where N is a positive integer greater than or equal to 1;
第六生成单元,用于根据飞机注册号、会话密钥和N个身份向量生成飞机的N个第一匿名身份;The sixth generating unit is used to generate N first anonymous identities of the aircraft according to the aircraft registration number, the session key and the N identity vectors;
形成单元,用于基于N个第一匿名身份形成匿名身份库。The forming unit is used to form an anonymous identity database based on the N first anonymous identities.
在一些可能的实施例中,会话模块750,包括:In some possible embodiments, the
第七生成单元,用于基于匿名身份库生成第三消息;a seventh generating unit, configured to generate a third message based on the anonymous identity database;
第一发送单元,用于向地面站发送第三消息;a first sending unit, configured to send a third message to the ground station;
第一接收单元,用于接收地面站发送的第四消息。The first receiving unit is configured to receive the fourth message sent by the ground station.
在一些可能的实施例中,第七生成单元,包括:In some possible embodiments, the seventh generating unit includes:
生成计算子单元,用于生成第一明文和第一消息序列号,并计算第一明文和第一消息序列号的第一哈希值;generating and calculating subunits for generating the first plaintext and the first message sequence number, and calculating the first hash value of the first plaintext and the first message sequence number;
第一计算子单元,用于根据第一消息序列号和第一初始向量计算第三消息的第二初始向量;a first calculation subunit, configured to calculate the second initial vector of the third message according to the first message sequence number and the first initial vector;
第一生成子单元,用于根据第一明文、第一哈希值和第二初始向量通过会话密钥生成第二密文;a first generating subunit, configured to generate a second ciphertext through the session key according to the first plaintext, the first hash value and the second initial vector;
选择子单元,用于在匿名身份库中通过随机数算法选择第三匿名身份;A selection subunit, used to select a third anonymous identity in the anonymous identity database through a random number algorithm;
替换子单元,用于将第三消息中的飞机注册号替换为第三匿名身份,以及将第三消息中的报文段填充成第二密文后,向地面站发送第三消息。The replacement subunit is used for replacing the aircraft registration number in the third message with the third anonymous identity, and after filling the segment in the third message into the second ciphertext, then sending the third message to the ground station.
在一些可能的实施例中,第一接收单元,包括:In some possible embodiments, the first receiving unit includes:
第一获取子单元,用于获取第四消息中第四匿名身份;a first obtaining subunit, used for obtaining the fourth anonymous identity in the fourth message;
查找子单元,用于在匿名身份库中查找第四匿名身份;a search sub-unit for searching the fourth anonymous identity in the anonymous identity database;
查询子单元,用于在匿名身份库中查找到第四匿名身份的情况下,查询第四匿名身份对应的第一初始向量和会话密钥;a query subunit, configured to query the first initial vector and the session key corresponding to the fourth anonymous identity when the fourth anonymous identity is found in the anonymous identity database;
第二获取子单元,用于获取第四消息中的第二消息序列号;a second acquisition subunit, used for acquiring the second message sequence number in the fourth message;
第二计算子单元,用于根据第四匿名身份对应的第一初始向量和第二消息序列号计算第四消息的第三初始向量;a second calculation subunit, configured to calculate the third initial vector of the fourth message according to the first initial vector corresponding to the fourth anonymous identity and the second message sequence number;
第三获取子单元,用于获取第四消息中的第三密文,根据会话密钥和第三初始向量解密第三密文,获得第二明文和第二哈希值;The third obtaining subunit is used to obtain the third ciphertext in the fourth message, decrypt the third ciphertext according to the session key and the third initial vector, and obtain the second plaintext and the second hash value;
第三计算子单元,用于计算第二明文和第二消息序列号的第三哈希值;a third calculation subunit, configured to calculate the third hash value of the second plaintext and the second message sequence number;
验证子单元,用于验证第三哈希值是否等于第二哈希值;a verification sub-unit for verifying whether the third hash value is equal to the second hash value;
第一丢弃子单元,用于在第三哈希值等于第二哈希值的情况下,对第二明文进行处理,在第三哈希值不等于第二哈希值的情况下,丢弃第四消息。The first discarding subunit is configured to process the second plaintext when the third hash value is equal to the second hash value, and discard the second plaintext when the third hash value is not equal to the second hash value. Four messages.
在一些可能的实施例中,第一接收单元,还包括:In some possible embodiments, the first receiving unit further includes:
第二丢弃子单元,用于在匿名身份库中查找不到第四匿名身份的情况下,丢弃第四消息。The second discarding subunit is configured to discard the fourth message when the fourth anonymous identity cannot be found in the anonymous identity database.
在一些可能的实施例中,所述民航ACARS地空数据链匿名安全会话装置,包括:In some possible embodiments, the civil aviation ACARS ground-air data link anonymous security session device includes:
公钥获取模块,用于通过认证中心获取飞机的航线经过的地面站身份信息和与地面站身份信息对应的公钥。The public key acquisition module is used to acquire the identity information of the ground station and the public key corresponding to the identity information of the ground station through the certification center.
需要说明的是,前述对民航ACARS地空数据链匿名安全会话方法实施例的解释说明也适用于该实施例的民航ACARS地空数据链匿名安全会话装置,此处不再赘述。It should be noted that the foregoing explanations of the embodiment of the civil aviation ACARS ground-air data link anonymous security session method are also applicable to the civil aviation ACARS ground-air data link anonymous security session device of this embodiment, which will not be repeated here.
此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。在本申请的描述中,“多个”的含义是至少两个,例如两个,三个等,除非另有明确具体的限定。In addition, the terms "first" and "second" are only used for descriptive purposes, and should not be construed as indicating or implying relative importance or implying the number of indicated technical features. Thus, a feature delimited with "first", "second" may expressly or implicitly include at least one of that feature. In the description of the present application, "plurality" means at least two, such as two, three, etc., unless expressly and specifically defined otherwise.
在本说明书的描述中,参考术语“一个实施例”、“一些实施例”、“示例”、“具体示例”、或“一些示例”等的描述意指结合该实施例或示例描述的具体特征、结构、材料或者特点包含于本申请的至少一个实施例或示例中。在本说明书中,对上述术语的示意性表述不必须针对的是相同的实施例或示例。而且,描述的具体特征、结构、材料或者特点可以在任一个或多个实施例或示例中以合适的方式结合。此外,在不相互矛盾的情况下,本领域的技术人员可以将本说明书中描述的不同实施例或示例以及不同实施例或示例的特征进行结合和组合。In the description of this specification, description with reference to the terms "one embodiment," "some embodiments," "example," "specific example," or "some examples", etc., mean specific features described in connection with the embodiment or example , structure, material or feature is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, those skilled in the art may combine and combine the different embodiments or examples described in this specification, as well as the features of the different embodiments or examples, without conflicting each other.
尽管上面已经示出和描述了本申请的实施例,可以理解的是,上述实施例是示例性的,不能理解为对本申请的限制,本领域的普通技术人员在本申请的范围内可以对上述实施例进行变化、修改、替换和变型。Although the embodiments of the present application have been shown and described above, it should be understood that the above embodiments are exemplary and should not be construed as limitations to the present application. Embodiments are subject to variations, modifications, substitutions and variations.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210617103.7A CN115134123B (en) | 2022-06-01 | 2022-06-01 | Anonymous safety conversation method and device for civil aviation ACARS ground-air data link |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210617103.7A CN115134123B (en) | 2022-06-01 | 2022-06-01 | Anonymous safety conversation method and device for civil aviation ACARS ground-air data link |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115134123A true CN115134123A (en) | 2022-09-30 |
| CN115134123B CN115134123B (en) | 2023-05-05 |
Family
ID=83378297
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210617103.7A Active CN115134123B (en) | 2022-06-01 | 2022-06-01 | Anonymous safety conversation method and device for civil aviation ACARS ground-air data link |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115134123B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101261772A (en) * | 2008-04-17 | 2008-09-10 | 民航数据通信有限责任公司 | Automatic Dependent Surveillance-Broadcast Information Security Transmission System |
| CN106961329A (en) * | 2017-03-23 | 2017-07-18 | 电子科技大学 | A kind of solution for being directed to ADS B agreements confidentiality and integrality |
| US20180218619A1 (en) * | 2015-07-17 | 2018-08-02 | Relmatech Limited | An aircraft controlled by a secure integrated airspace management system |
| CN112073964A (en) * | 2020-10-26 | 2020-12-11 | 河南大学 | An authentication method for communication between UAV and base station based on elliptic curve encryption |
-
2022
- 2022-06-01 CN CN202210617103.7A patent/CN115134123B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101261772A (en) * | 2008-04-17 | 2008-09-10 | 民航数据通信有限责任公司 | Automatic Dependent Surveillance-Broadcast Information Security Transmission System |
| US20180218619A1 (en) * | 2015-07-17 | 2018-08-02 | Relmatech Limited | An aircraft controlled by a secure integrated airspace management system |
| CN106961329A (en) * | 2017-03-23 | 2017-07-18 | 电子科技大学 | A kind of solution for being directed to ADS B agreements confidentiality and integrality |
| CN112073964A (en) * | 2020-10-26 | 2020-12-11 | 河南大学 | An authentication method for communication between UAV and base station based on elliptic curve encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115134123B (en) | 2023-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yang et al. | A practical and compatible cryptographic solution to ADS-B security | |
| US11122428B2 (en) | Transmission data protection system, method, and apparatus | |
| JP6452205B2 (en) | Key distribution in satellite systems | |
| Baek et al. | How to protect ADS-B: Confidentiality framework and efficient realization based on staged identity-based encryption | |
| CN111149324A (en) | Cryptographic method and system for managing digital certificates having linked values | |
| Mun et al. | Secure privacy-preserving V2V communication in 5G-V2X supporting network slicing | |
| EP3664360A1 (en) | Certificateless public key encryption using pairings | |
| WO2018226154A1 (en) | Secure and encrypted heartbeat protocol | |
| CN110753321A (en) | Safe communication method for vehicle-mounted TBOX and cloud server | |
| WO2007115246A1 (en) | Secure ads-b authentication system and method | |
| CN104993928A (en) | Unmanned plane safe communication link encryption method based on real-time embedded control system | |
| US12206767B2 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
| Braeken | Holistic air protection scheme of ADS-B communication | |
| CN112291196B (en) | End-to-end encryption method and system suitable for instant messaging | |
| KR20190068172A (en) | Secure Drone communication protocol | |
| Ewert et al. | Group key distribution procedures for the L-band digital aeronautical communications system (LDACS) | |
| Khan et al. | Securing ADS-B Communications through a Novel Authentication Framework | |
| Heinrich et al. | Security analysis of the RaSTA safety protocol | |
| Yang et al. | Secure Automatic Dependent Surveillance-Broadcast Systems | |
| KR101213301B1 (en) | Apparatus and method for re-authentication treatment of downloadable conditional access system | |
| US20210044435A1 (en) | Method for transmitting data from a motor vehicle and method for another vehicle to receive the data through a radio communication channel | |
| US11019042B1 (en) | Data assisted key switching in hybrid cryptography | |
| CN107623682B (en) | Instruction transmission system based on double channels | |
| CN115134123B (en) | Anonymous safety conversation method and device for civil aviation ACARS ground-air data link | |
| Wu et al. | An approach of security protection for VSAT network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |