CN116347438B - Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication - Google Patents
Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication Download PDFInfo
- Publication number
- CN116347438B CN116347438B CN202310619937.6A CN202310619937A CN116347438B CN 116347438 B CN116347438 B CN 116347438B CN 202310619937 A CN202310619937 A CN 202310619937A CN 116347438 B CN116347438 B CN 116347438B
- Authority
- CN
- China
- Prior art keywords
- message
- fpga
- processing fpga
- ecpri
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 38
- 238000004891 communication Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000012545 processing Methods 0.000 claims abstract description 150
- 238000004806 packaging method and process Methods 0.000 claims abstract description 7
- 238000004458 analytical method Methods 0.000 claims description 34
- 238000005538 encapsulation Methods 0.000 claims description 27
- 238000006243 chemical reaction Methods 0.000 claims description 14
- 238000001914 filtration Methods 0.000 claims description 13
- 238000012858 packaging process Methods 0.000 claims 2
- 238000013461 design Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/08—Protocols for interworking; Protocol conversion
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/088—Access security using filters or firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/04—Large scale networks; Deep hierarchical networks
- H04W84/06—Airborne or Satellite Networks
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Astronomy & Astrophysics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
- Radio Relay Systems (AREA)
Abstract
The invention discloses an encryption and decryption data transmission method of multiplexing a forward channel in 5G satellite communication, which belongs to the field of satellite communication, and comprises the steps of analyzing an encryption and decryption message from a security module in a remote radio unit by an uplink terminal, packaging the message into an eCPRI message format, and transmitting the encryption and decryption message to a baseband processing unit for processing by multiplexing the forward channel eCPRI; the downlink terminal baseband processing unit transmits downlink I/Q data messages, encrypted messages and decrypted messages to the remote radio unit through the eCPRI interface, the remote radio unit distinguishes message types through the mode of self-defining the eCPRI message header, analyzes and repackages the encrypted messages and the decrypted messages, and then sends the encrypted messages and the decrypted messages to a plaintext port and a ciphertext port of the security module for processing respectively; the invention releases the resource occupation of the terminal baseband processing unit for processing the encrypted and decrypted message and solves the problem of CPU resource shortage of the baseband processing unit.
Description
Technical Field
The invention relates to the technical field of satellite communication, in particular to an encryption and decryption data transmission method for multiplexing a forward channel in a 5G satellite ground terminal.
Background
With the rapid development of social economy and scientific technology in China, certain effects are achieved in the existing satellite communication field. In China, the satellite Internet has been brought into the overall scope of the infrastructure, and has made great contribution to the communication industry of the country. The nations and related departments place a great deal of attention on satellite communication networks, which has made the development of satellite networks in China an important focus of attention for modern people.
However, the satellite communication network has not been developed for a long time, and many problems still exist in the practical process. At present, satellite communication plays an important role in various fields such as military, emergency rescue, maritime affairs and civilian life. As an important communication means, its confidentiality is particularly important, and it must be ensured that information is not revealed in various links of generation, transmission, processing and storage. At the same time, information integrity is also important, and it is necessary to ensure that information is not modified, destroyed, inserted, disordered, and lost during transmission and storage.
For the satellite communication ground terminal, related algorithms such as large-bandwidth data volume processing, satellite orbit transformation, beam switching, ephemeris calculation, encryption and decryption data processing and the like of the satellite communication at present need to meet quite strict data processing performance requirements, so that quite a lot of CPU resources of a baseband processing unit BBU are consumed, the design of the baseband processing unit BBU meets relatively great challenges, and meanwhile, the design cost of the satellite ground terminal is greatly increased. In summary, how to reduce CPU resource consumption of the baseband processing unit BBU on the premise of meeting the satellite communication performance index requirement, thereby reducing the cost of the satellite ground terminal is an important study.
Disclosure of Invention
Aiming at the problems of shortage of CPU resources, higher terminal cost and the like of the satellite communication ground terminal baseband processing unit, the invention aims to provide the satellite communication ground terminal baseband processing unit with the following advantages: a method for transmitting encrypted and decrypted data of multiplexing a forward channel in 5G satellite communication solves the problem of shortage of CPU resources of a baseband processing unit in a 5G satellite ground terminal, reduces the cost of the BBU of the baseband processing unit, thereby reducing the operation cost of the whole satellite ground terminal and ensuring the encrypted and decrypted message processing performance of the satellite ground terminal.
In order to achieve the above purpose, the present invention adopts a mode of multiplexing the forward channel, and transmits the enhanced common public radio interface eCPRI of the encrypted and decrypted data multiplexed forward channel together with the I/Q data, and the baseband processing unit BBU interacts with the plaintext port and the ciphertext port of the security module through the RRU part of the satellite ground terminal.
The 5G satellite ground terminal in the scheme comprises a baseband processing unit (BBU, building Base band Unit), a remote radio unit (RRU, remote Radio Unit) and a safety module. The RRU comprises a co-processing FPGA and a main processing FPGA. The co-processing FPGA is mainly responsible for functions such as user service data, telephone traffic functions, message transfer and the like; the main processing FPGA is responsible for functions such as I/Q data processing and the like. The main/co-processing FPGA of the radio frequency processing unit is provided with an ARM core and supports the development of a Linux software platform.
The security module is responsible for encrypting and decrypting the data; the external interface of the security module is divided into a plaintext port and a ciphertext port, and the plaintext port and the ciphertext port are respectively connected with the co-processing FPGA and the main processing FPGA.
For the security module, the input of the plaintext port is a message needing encryption, and the output is a decrypted message; the input of the ciphertext port is a message needing to be decrypted, and the input is an encrypted message; the encrypted message in the method refers to a message needing encryption, and the decrypted message refers to a message needing decryption.
Besides, the design of the two channels of the plaintext port and the ciphertext port increases the upper limit of the peak rate of the encrypted and decrypted message, and can achieve twice the designed peak rate of the encrypted and decrypted message processed by a single channel.
In the method, the data transmission from the baseband processing unit BBU to the remote radio unit RRU and the security module is downlink data transmission; the data transmission from the RRU and the security module to the BBU is uplink data transmission.
The downlink direction comprises the following steps:
s1, a baseband processing unit BBU in a 5G satellite ground terminal sends downlink I/Q data messages, encrypted messages and decrypted messages to an RRU cooperative processing FPGA through an enhanced common public radio interface (eCPRI, enhanced Common Public Radio Interface);
s2, the co-processing FPGA filters the encrypted message from the eCPRI through the message filtering module, and sends the encrypted message to a plaintext port of the security module for encryption after passing through the message analysis and encapsulation module;
s3, the co-processing FPGA directly and transparently transmits the downlink I/Q data message and the decryption message to the main processing FPGA through the Ethernet interface;
s4, the main processing FPGA filters the decrypted message from the Ethernet interface through the message filtering module, and sends the decrypted message to the ciphertext port of the security module for decryption through the message analysis and encapsulation module; the downlink I/Q data message is processed in the main processing FPGA and then transmitted to the satellite.
The uplink direction comprises the following steps:
s1, a main processing FPGA sends an encrypted message from a security module to a message analysis and encapsulation module for processing, and the encrypted message is encapsulated into an eCPRI message format again;
s2, after the processed encrypted message and the uplink I/Q data message received by the main processing FPGA from the satellite side are combined, the combined uplink I/Q data message and the encrypted data message are sent to the co-processing FPGA by using an enhanced common radio interface eCPRI;
s3, the co-processing FPGA sends the decrypted message from the security module to a message analysis and encapsulation module for processing, and the decrypted message is encapsulated into an eCPRI message format again;
s4, after the co-processing FPGA combines the processed decryption message with the encryption message and the uplink I/Q data message from the main processing FPGA, the enhanced common radio interface eCPRI is utilized to send the combined uplink I/Q data message, encryption message and decryption message to the baseband processing unit BBU.
The message filtering module in the downlink steps S2 and S4: the method comprises the following specific steps:
step 1, distinguishing an I/Q data message, an encryption message and a decryption message by negotiating an RTC ID custom field in an eCPRI message header by a BBU and an RRU of a satellite ground terminal;
step 2, the co-processing FPGA of the RRU part of the satellite ground terminal filters out the encrypted message, processes the encrypted message through a message encapsulation analysis module and sends the encrypted message to a plaintext port of the security module;
and 3, filtering the decrypted message by a main processing FPGA of the RRU part of the satellite ground terminal, processing the decrypted message by a message packaging analysis module, and sending the decrypted message to a ciphertext port of the security module.
In the scheme, after the message is filtered out by the message filtering module, the message is not immediately sent to the message analysis and encapsulation module, but is firstly cached in the first-in first-out queue of the FPGA, and the message is scattered and then sent to the message analysis and encapsulation module, so that the problems of mismatching of the eCPR (enhanced common radio interface) and the interface of the security module and overlarge burst flow of the encrypted and decrypted message in the downlink direction are solved, and the message analysis module can work normally.
The specific steps of encrypting and decrypting the message in the steps S2 and S4 in the uplink direction are as follows:
step 1, making message sending priority of an enhanced common public radio interface eCPRI of a forward channel as follows: timing information message > uplink I/Q data message > encryption message > decryption message;
step 2, the main processing FPGA is responsible for combining the timing information message, the uplink I/Q data message and the encryption message and then transmitting the combined timing information message, the uplink I/Q data message and the encryption message to the co-processing FPGA through an Ethernet interface;
and step 3, the co-processing FPGA is responsible for combining the decryption message received from the security module with the message received from the main processing FPGA.
The message combining module is mainly used for realizing the scheduling of message combining through an FPGA (field programmable gate array) state machine, and the sending priority of the PPGA message is that a timing information message > an uplink I/Q data message > an encrypted message; the sending priority of the co-processing FPGA message is that the timing information message > the uplink I/Q data message > the encryption message > the decryption message. The message sending module sends the subsequent message only after the current message is sent; the message received at the current message sending moment is temporarily stored in the FPGA cache FIFO.
The message packaging modules described in the downlink S2, S4 and uplink steps S1, S3: the method comprises the following specific steps of
A downlink direction step:
step 1, analyzing effective payload in an encryption and decryption message from an eCPRI message;
step 2, converting the message transmission rate to the interface rate of the security module through a rate conversion module;
and step 3, the main/co-processing obtains the protocol header information of the security module message by configuring an FPGA register through a software platform, and encapsulates the payload into a security module message format. The plaintext port and the ciphertext port of the security module have different MAC addresses.
Uplink direction step:
step 1, analyzing effective payload in an encryption and decryption message from a security module protocol message, and storing message length information in an FPGA;
step 2, converting the rate to the eCPRI rate of the enhanced common public radio interface through a rate conversion module;
and 3, after the main/co-processing FPGA obtains the eCPRI message protocol header information in a mode of configuring an FPGA register by a software platform, the main processing FPGA obtains timing information from a local place and obtains length information from an analysis module, and after the co-processing FPGA obtains the timing information from the timing information message and obtains the length information from the analysis module, the payload is packaged into an eCPRI message format.
The message analysis and encapsulation module mainly realizes the mutual conversion between the eCPRI message and the security module protocol message and comprises the functions of eCPRI message analysis/encapsulation, rate conversion and security module message analysis/encapsulation. The software platform can update eCPRI protocol header information and safety module protocol header information by configuring an FPGA register in the RRU, so that the scheme can support the transmission of messages of different Ethernet protocols.
The rate conversion module is also an important component of the message analysis and encapsulation module. The eCPR and the security module interface have different transmission rates and message bit widths, and the rate conversion module performs the functions of cross-clock domain conversion and message bit width adjustment.
After the main processing FPGA locally generates the timing information, the timing information message is sent to the assistant processing FPGA, and the assistant processing FPGA acquires the timing information by analyzing the timing information message. The Frame number, the Slot number and other information in the encryption and decryption eCPRI format message header packaged in the uplink direction are updated in real time according to the timing information message received by the co-processing FPGA, so that the baseband processing unit BBU in the satellite ground terminal is convenient to count the I/Q data message and the encryption and decryption message respectively according to the time information. The satellite ground terminal RRU main processing FPGA generates local timing information, and the cooperative processing FPGA synchronizes the timing information according to the timing information message from the main processing FPGA.
Compared with the prior art, the invention has the following advantages:
1. the invention transmits the encryption and decryption message through multiplexing the forward channel eCPRI interface, and greatly reduces the CPU resource consumption of the encryption and decryption service to the baseband processing unit BBU on the premise of ensuring the normal transmission of the I/Q data message, thereby well reducing the cost of the satellite ground terminal baseband processing unit BBU;
2. the baseband processing unit BBU in the satellite ground terminal can conveniently count the flow information of the encrypted and decrypted message through the information such as frame number, slot number and the like in the eCPRI message header;
3. the remote radio unit RRU in the satellite ground terminal can flexibly adapt to the eCPRI message protocol and the security module message protocol in a dynamic configuration mode of a software platform.
Drawings
FIG. 1 is a block diagram of a message processing flow of a satellite ground terminal according to the present invention.
Fig. 2 is a block diagram of a parsing and packaging module for encrypted messages in the present invention.
Fig. 3 is a flow chart of uplink and downlink processing of a satellite ground terminal message in the invention.
Detailed Description
The present invention is further described below in conjunction with the detailed description, steps and drawings for facilitating understanding by those skilled in the art. An enhanced common public radio interface eCPRI with the interface between a satellite ground terminal BBU and an RRU being 10G rate; the safety module interface is gigabit Ethernet, and the message transmission protocol is two-layer MAC message.
The security module is responsible for encrypting and decrypting the data; the security module is divided into a plaintext port and a ciphertext port, and is respectively connected with the gigabit Ethernet interfaces of the co-processing FPGA and the main processing FPGA. The plaintext port and the ciphertext port have different MAC addresses.
For the security module, the input of the plaintext port is a message needing encryption, and the output is a decrypted message; the input of the ciphertext port is a message needing to be decrypted, and the input is an encrypted message; the encrypted message in the method refers to a message needing encryption, and the decrypted message refers to a message needing decryption.
In this embodiment, the data transmission from the baseband processing unit BBU to the remote radio unit RRU and the security module is downlink data transmission; the data transmission from the RRU and the security module to the BBU is uplink data transmission.
The downlink direction comprises the following steps:
s1, a baseband processing unit BBU in a 5G satellite ground terminal sends downlink I/Q data messages, encrypted messages and decrypted messages to an RRU cooperative processing FPGA through a 10G rate enhanced universal public radio interface eCPRI;
s2, the co-processing FPGA filters the encrypted message from the eCPRI through the message filtering module, and sends the encrypted message to a plaintext port of the security module for encryption through the gigabit Ethernet interface after passing through the message analysis and encapsulation module;
s3, the co-processing FPGA directly and transparently transmits the downlink I/Q data message and the decryption message to the main processing FPGA through a 10G rate Ethernet interface;
s4, the main processing FPGA filters the decrypted message from the 10G Ethernet interface through the message filtering module, and sends the decrypted message to the ciphertext port of the security module for decryption through the message analysis and encapsulation module; the downlink I/Q data message is processed in the main processing FPGA and then transmitted to the satellite.
The uplink direction comprises the following steps:
s1, a main processing FPGA sends an encrypted message from a security module to a message analysis and encapsulation module for processing, and the encrypted message is encapsulated into an eCPRI message format again;
s2, after the processed encrypted message and the uplink I/Q data message received by the main processing FPGA from the satellite side are combined, the combined uplink I/Q data message and the encrypted data message are sent to the co-processing FPGA by using an enhanced common radio interface eCPRI with the 10G rate;
s3, the co-processing FPGA sends the decrypted message from the security module to a message analysis and encapsulation module for processing, and the decrypted message is encapsulated into an eCPRI message format again;
s4, after the co-processing FPGA combines the processed decryption message with the encryption message and the uplink I/Q data message from the main processing FPGA, the 10G-rate enhanced common radio interface eCPRI is utilized to send the combined uplink I/Q data message, encryption message and decryption message to the baseband processing unit BBU.
The message filtering module in the downlink steps S2 and S4: the method comprises the following specific steps:
step 1, distinguishing an I/Q data message, an encryption message and a decryption message by negotiating an RTC ID custom field in an eCPRI message header by a BBU and an RRU of a satellite ground terminal;
step 2, the co-processing FPGA of the RRU part of the satellite ground terminal filters out the encrypted message, processes the encrypted message through a message encapsulation analysis module and sends the encrypted message to a plaintext port of the security module;
and 3, filtering the decrypted message by a main processing FPGA of the RRU part of the satellite ground terminal, processing the decrypted message by a message packaging analysis module, and sending the decrypted message to a ciphertext port of the security module.
In the scheme, after the message is filtered out by the message filtering module, the message is not immediately sent to the message analysis and encapsulation module, but is firstly cached in the first-in first-out queue of the FPGA, and the message is scattered and then sent to the message analysis and encapsulation module, so that the problems of mismatching of the interface rates of the 10G-rate enhanced common public radio interface eCPRI and the gigabit-rate safety module and overlarge burst flow of the encrypted and decrypted message in the downlink direction are solved, and the message analysis module can be ensured to work normally.
The specific steps of encrypting and decrypting the message in the steps S2 and S4 in the uplink direction are as follows:
step 1, making message sending priority of an enhanced common public radio interface eCPRI of a forward channel as follows: timing information message > uplink I/Q data message > encryption message > decryption message;
step 2, the main processing FPGA is responsible for combining the timing information message, the uplink I/Q data message and the encryption message and then transmitting the combined timing information message, the uplink I/Q data message and the encryption message to the co-processing FPGA through an Ethernet interface;
and step 3, the co-processing FPGA is responsible for combining the decryption message received from the security module with the message received from the main processing FPGA.
The message combining module is mainly used for realizing the scheduling of message combining through an FPGA (field programmable gate array) state machine, and the sending priority of the PPGA message is that a timing information message > an uplink I/Q data message > an encrypted message; the sending priority of the co-processing FPGA message is that the timing information message > the uplink I/Q data message > the encryption message > the decryption message. The message sending module sends the subsequent message only after the current message is sent; the message received at the current message sending moment is temporarily stored in the FPGA cache FIFO.
The message sending module is realized by a finite state machine and defines the following states: IDLE, timing message transmission, I/Q data message transmission, encrypted message transmission, decrypted message transmission, and transmission completion waiting. The state machine performs state jump according to the message priority, and after the message transmission is completed, the state machine jumps to the IDLE state again for waiting for the message; the messages of different types are stored in different FIFOs in the FPGA respectively.
The message packaging modules described in the downlink S2, S4 and uplink steps S1, S3: the method comprises the following specific steps of
A downlink direction step:
step 1, analyzing effective payload in an encryption and decryption message from an eCPRI message;
step 2, converting the message transmission rate to the interface rate of the security module through a rate conversion module;
and 3, the main/co-processing FPGA acquires the protocol header information of the security module message by configuring an FPGA register through a software platform, and encapsulates the payload into a security module message format.
Uplink direction step:
step 1, analyzing effective payload in an encryption and decryption message from a security module protocol message, and storing message length information in an FPGA;
step 2, converting the rate to the eCPRI rate of the enhanced common public radio interface through a rate conversion module;
and 3, after the main/co-processing FPGA obtains the eCPRI message protocol header information in a mode of configuring an FPGA register by a software platform, the main processing FPGA obtains timing information from a local place and obtains length information from an analysis module, and after the co-processing FPGA obtains the timing information from the timing information message and obtains the length information from the analysis module, the payload is packaged into an eCPRI message format.
The message analysis and encapsulation module is mainly responsible for stripping the MAC message encapsulation of the baseband processing unit BBU and the RRU in the ePRI message header and the content irrelevant to the security module message in the ePRI message protocol header; and the parsed effective bytes of the encrypted and decrypted message are packaged again according to the format of the plaintext port message and the ciphertext port message.
The rate conversion module realizes the function of mutual conversion between the bit width of the eCPRI64bit message of the 10G rate enhanced general public radio interface and the bit width of the 8bit message of the gigabit Ethernet interface; and supports cross-clock domain conversion between the 10G enhanced common public radio interface ecpri156.25M clock domain and the gigabit ethernet 125M clock domain.
It will be apparent that the embodiments described above are some, but not all, embodiments of the invention. All other embodiments, based on the embodiments of the invention, which are obtained by a person of ordinary skill in the art without any inventive effort, are within the scope of the invention.
Claims (5)
1. A method for transmitting encrypted and decrypted data of multiplexing forward channel in 5G satellite communication is characterized in that:
the method comprises the steps that an enhanced common public radio interface eCPRI of a multiplexing forward transmission channel is used for transmitting encrypted and decrypted data together with I/Q data by a satellite ground terminal applied to 5G satellite communication, and a baseband processing unit BBU interacts with a plaintext port and a ciphertext port of a satellite ground terminal security module by a remote radio unit RRU;
the satellite ground terminal comprises a baseband processing unit BBU, a remote radio unit RRU and a safety module, wherein the remote radio unit RRU comprises a co-processing FPGA and a main processing FPGA; the external interface of the security module is divided into a plaintext port and a ciphertext port, the plaintext port is connected with the co-processing FPGA, and the ciphertext port is connected with the main processing FPGA;
the data transmission from the baseband processing unit BBU to the remote radio unit RRU and the security module is downlink data transmission; the data transmission from the RRU and the security module to the BBU is uplink data transmission;
the downlink data transmission includes the steps of:
s1, a baseband processing unit BBU in a satellite ground terminal sends a downlink I/Q data message, an encryption message and a decryption message to a co-processing FPGA of the satellite ground terminal through an enhanced common public radio interface eCPRI;
s2, the co-processing FPGA filters the encrypted message from the enhanced common public radio interface eCPRI through a message filtering module of the co-processing FPGA, and sends the encrypted message to a plaintext port of a security module for encryption through a message analysis and encapsulation module of the co-processing FPGA;
s3, the co-processing FPGA directly and transparently transmits the downlink I/Q data message and the decryption message to the main processing FPGA through an enhanced common radio interface eCPRI;
s4, the main processing FPGA filters the decryption message from the enhanced common public radio interface eCPRI through a message filtering module of the main processing FPGA, and sends the decryption message to a ciphertext port of the security module for decryption through a message parsing and packaging module of the main processing FPGA; the downlink I/Q data message is processed in the main processing FPGA and then transmitted to the satellite side;
the uplink data transmission includes the steps of:
s1, a main processing FPGA sends an encrypted message from a security module to a message analysis and encapsulation module of the main processing FPGA for processing, and the encrypted message is encapsulated into an eCPRI message format again;
s2, after the main processing FPGA combines the processed encrypted message with the uplink I/Q data message received by the main processing FPGA from the satellite side, the uplink I/Q data message and the encrypted data message after the combination are sent to the co-processing FPGA by using the enhanced common radio interface eCPRI;
s3, the co-processing FPGA sends the decrypted message from the security module to a message analysis and encapsulation module of the co-processing FPGA for processing, and the decrypted message is encapsulated into an eCPRI message format again;
s4, after the co-processing FPGA combines the processed decryption message with the encryption message and the uplink I/Q data message from the main processing FPGA, the enhanced common public radio interface eCPRI is utilized to send the combined uplink I/Q data message, the encryption message and the decryption message to the baseband processing unit BBU for processing;
the filtering of the messages in the downlink data transmission steps S2 and S4 means: the baseband processing unit BBU and the remote radio unit RRU distinguish the I/Q data message, the encrypted message and the decrypted message through an RTC ID custom field in an enhanced common public radio interface eCPRI message header;
for the security module, the input of the plaintext port is a message needing encryption, and the output is a decrypted message; the input of the ciphertext port is a message needing to be decrypted, and the input is an encrypted message;
the encrypted message refers to a message needing encryption, and the decrypted message refers to a message needing decryption.
2. The method for encrypting and decrypting data of a multiplexed forward channel in 5G satellite communication according to claim 1, wherein: the message combining in the uplink data transmission steps S2 and S4 specifically includes:
step 1, making message sending priority of an enhanced common public radio interface eCPRI of a forward channel as follows: timing information message > uplink I/Q data message > encryption message > decryption message;
step 2, the main processing FPGA is responsible for combining the timing information message, the uplink I/Q data message and the encryption message and then transmitting the timing information message, the uplink I/Q data message and the encryption message to the co-processing FPGA through an enhanced common radio interface eCPRI;
and step 3, the co-processing FPGA is responsible for combining the decryption message received from the security module with the message received from the main processing FPGA.
3. The method for encrypting and decrypting data of a multiplexed forward channel in 5G satellite communication according to claim 1, wherein: the message parsing and packaging process in the steps S2 and S4 in the downlink data transmission is specifically as follows:
step 1, analyzing effective load in encryption and decryption message from eCPRI message;
step 2, converting the message transmission rate to the interface rate of the security module through a rate conversion module in the message analysis and encapsulation module;
and step 3, the main/co-processing FPGA acquires the message protocol header information of the security module by configuring an FPGA register through a software platform, and encapsulates the load into a security module message format.
4. The method for encrypting and decrypting data of a multiplexed forward channel in 5G satellite communication according to claim 1, wherein: the message parsing and packaging process in the steps S1 and S3 in the uplink data transmission is specifically as follows:
step 1, analyzing effective load in encrypted message or decrypted message from safety module protocol message, and storing message length information in first-out queue of FPGA;
step 2, converting the rate to the eCPRI rate of the enhanced common radio interface through a rate conversion module in the message analysis and encapsulation module;
and 3, after the main/co-processing FPGA obtains the eCPRI message protocol header information in a mode of configuring an FPGA register by a software platform, the main processing FPGA obtains timing information from a local place, a message analysis and encapsulation module of the main processing FPGA obtains length information, and the co-processing FPGA obtains the timing information from a timing information message, and a message analysis and encapsulation module of the co-processing FPGA obtains the length information and encapsulates a load into an eCPRI message format.
5. The method for encrypting and decrypting the data of the multiplexed forward channel in the 5G satellite communication according to claim 4, wherein the method comprises the following steps: the specific method for acquiring timing information by the FPGA in the cooperative processing step 3 is as follows:
after the main processing FPGA locally generates the timing information, the timing information message is sent to the assistant processing FPGA, and the assistant processing FPGA acquires the timing information by analyzing the timing information message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310619937.6A CN116347438B (en) | 2023-05-30 | 2023-05-30 | Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310619937.6A CN116347438B (en) | 2023-05-30 | 2023-05-30 | Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116347438A CN116347438A (en) | 2023-06-27 |
| CN116347438B true CN116347438B (en) | 2023-09-08 |
Family
ID=86876315
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310619937.6A Active CN116347438B (en) | 2023-05-30 | 2023-05-30 | Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116347438B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111107586A (en) * | 2019-12-24 | 2020-05-05 | 广东机电职业技术学院 | Processing method and system for BBU forward-transmitted data |
| CN111555879A (en) * | 2020-07-13 | 2020-08-18 | 南京凯瑞得信息科技有限公司 | Satellite communication network management channel message encryption and decryption method and system |
| CN114205873A (en) * | 2020-09-18 | 2022-03-18 | 诺基亚通信公司 | Dynamic eCPRI header compression |
-
2023
- 2023-05-30 CN CN202310619937.6A patent/CN116347438B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111107586A (en) * | 2019-12-24 | 2020-05-05 | 广东机电职业技术学院 | Processing method and system for BBU forward-transmitted data |
| CN111555879A (en) * | 2020-07-13 | 2020-08-18 | 南京凯瑞得信息科技有限公司 | Satellite communication network management channel message encryption and decryption method and system |
| CN114205873A (en) * | 2020-09-18 | 2022-03-18 | 诺基亚通信公司 | Dynamic eCPRI header compression |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116347438A (en) | 2023-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2022002075A1 (en) | Edge computing-based internet-of-things proxy apparatus and data decision method | |
| CN103346949B (en) | Based on Embedded dual pathways network packet unpack and organize bag method and system | |
| EP1360813B1 (en) | Generalized packet header suppression mechanism | |
| CN108521343B (en) | OAM message processing method and device | |
| CN102316516B (en) | A kind of LTE uplink data transmission structure construction method | |
| CN108990125A (en) | Method, terminal device and the network equipment of data transmission | |
| RU2007144701A (en) | TRANSFER OF MANAGEMENT INFORMATION IN THE MOBILE COMMUNICATION SYSTEM | |
| CN113949718B (en) | E1 and IP hybrid bearer-based power private network scheduling and number-placing system and method | |
| CN112003937B (en) | Satellite data transmission method, device, computer equipment and storage medium | |
| WO2017054583A1 (en) | Downlink control information transmission method in multiple user cooperative communication, base station, and user equipment | |
| EP2323285B1 (en) | Method and apparatus for transmitting 10 gigabit optical fiber channel service in optical transport network | |
| EP2334010B1 (en) | Method and device for adjusting the data transmission in the transport network | |
| CN111212446A (en) | Data processing method, data processing device, computer equipment and storage medium | |
| CN101257456A (en) | Method and apparatus for enhancing compressing message forwarding performance | |
| WO2021179453A1 (en) | Signal processing method, access network device and multi-system access network device | |
| CN114598648B (en) | Spacecraft uplink network flow control device and method based on reverse constraint transfer | |
| CN101459968A (en) | Remote distance wireless transmission method | |
| CN116347438B (en) | Encryption and decryption data transmission method for multiplexing forward channel in 5G satellite communication | |
| CN109714295B (en) | Voice encryption and decryption synchronous processing method and device | |
| CN102348203A (en) | Method for realizing encryption synchronization | |
| WO2019037439A1 (en) | Data transmission method and device, terminal and server | |
| CN109586886B (en) | Data transmission system | |
| CN101958835B (en) | Data transmission method and logic network adapter | |
| CN106375063B (en) | Data transmission method and equipment thereof | |
| WO2022007829A1 (en) | Data transmission method, apparatus, and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method for encrypting and decrypting data transmission in 5G satellite communication with multiplexed forward channels Effective date of registration: 20231123 Granted publication date: 20230908 Pledgee: Nanjing Bank Co.,Ltd. Nanjing Financial City Branch Pledgor: NANJING DIGITGATE TECHNOLOGY Co.,Ltd. Registration number: Y2023980066973 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |