CN116938321B - Satellite communication method based on anti-quantum access authentication of position key low orbit satellite - Google Patents
Satellite communication method based on anti-quantum access authentication of position key low orbit satellite Download PDFInfo
- Publication number
- CN116938321B CN116938321B CN202311183909.0A CN202311183909A CN116938321B CN 116938321 B CN116938321 B CN 116938321B CN 202311183909 A CN202311183909 A CN 202311183909A CN 116938321 B CN116938321 B CN 116938321B
- Authority
- CN
- China
- Prior art keywords
- satellite
- user equipment
- key
- orbit satellite
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004891 communication Methods 0.000 title claims abstract description 29
- 230000004044 response Effects 0.000 claims abstract description 25
- 239000013598 vector Substances 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 claims 1
- 238000012795 verification Methods 0.000 abstract description 4
- 239000011159 matrix material Substances 0.000 description 12
- 238000004364 calculation method Methods 0.000 description 8
- 238000006467 substitution reaction Methods 0.000 description 5
- 150000003839 salts Chemical class 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/185—Space-based or airborne stations; Stations for satellite systems
- H04B7/18578—Satellite systems for providing broadband data service to individual earth stations
- H04B7/18593—Arrangements for preventing unauthorised access or for providing user protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Astronomy & Astrophysics (AREA)
- Aviation & Aerospace Engineering (AREA)
- General Physics & Mathematics (AREA)
- Radio Relay Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention belongs to the field of satellite network security communication, and particularly relates to a satellite communication method based on position key low orbit satellite quantum access resistant authentication, which comprises the following steps: the ground control center acquires the position and identity information of the satellite and the position and identity information of the user; taking the position information as a key generation parameter, and distributing a position key for a user and a satellite by a ground control center; the user equipment encrypts the current position information by adopting a position key and sends an access authentication request containing the position information to the low orbit satellite; the low orbit satellite verifies the request sent by the user equipment, and if the verification is successful, an access response is returned; the user equipment verifies the access response, and if the verification is successful, the user equipment accesses the satellite to finish registration; the user equipment after successful registration communicates with the low orbit satellite; the method enhances the authentication accuracy by utilizing the uniqueness of the position information, and can resist the key leakage attack caused by the capturing of the user equipment.
Description
Technical Field
The invention belongs to the field of satellite network security communication, and particularly relates to a satellite communication method based on anti-quantum access authentication of a low orbit satellite with a position key.
Background
With the rapid development of the terrestrial 5G mobile communication technology, people put higher demands on future communication scenes oriented to 6G. As a supplement to the ground communication network, satellite networks have received a great deal of attention due to their wide coverage, high throughput, flexible deployment, etc. The satellite network is utilized to ensure the safe access of the user equipment in remote mountain areas, desert ocean and other places, provides technical support for the fields of electric power survey, emergency rescue and the like, and is beneficial to promoting the high fusion and deep interconnection of the heaven-earth integrated information network. The Low Earth Orbit (LEO) satellite network has the advantages of wide coverage, small communication power consumption, high mobility and the like, and can be used as a supplementary network of a foundation network to provide network services for users in complex terrains. However, the LEO satellite network has the characteristics of exposed nodes, open channels, limited resources, high dynamic change of network topology structure, mass user equipment and the like, so that the star-to-ground links and inter-star links in the LEO satellite network use open channel communication and are easy to suffer from attacks such as deception, malicious interception, information theft and the like. Therefore, how to enhance the accuracy of authentication between the user equipment and the satellite and ensure the communication security between the low-orbit satellite and the user equipment is a problem to be solved in the present day.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a satellite communication method based on the anti-quantum access authentication of a low orbit satellite with a position key, which comprises the following steps: constructing a low-orbit satellite communication system, wherein the system comprises a control center, user equipment and a low-orbit satellite; the user equipment and the low orbit satellite initiate an authentication registration request to a control center; the user equipment after successful registration communicates with the low orbit satellite; the user equipment and the low orbit satellite initiate an authentication registration request to the control center comprises:
s1: a control center in the low-orbit satellite communication system selects safety parameters and generates system parameters according to the safety parameters;
s2: the user equipment and the low orbit satellite respectively initiate a registration request to a control center;
s3: the control center generates a position key of the low orbit satellite and a position key of the user equipment according to the registration request; and returning the location key and the registration response to the user device and the recursive satellite, respectively;
s4: the user equipment encrypts the current position information by adopting a position key and sends an access authentication request containing the position information to the low orbit satellite;
s5: the low orbit satellite verifies the request sent by the user equipment, and if the verification is successful, the position information is verified; if the position information is verified successfully, executing a step S6, otherwise, failing to access the low-orbit satellite by the user;
s6: the low orbit satellite successfully authenticates the identity information of the user equipment and returns an access response;
s7: and the user equipment authenticates the access response sent by the low-orbit satellite, if the authentication is successful, the user equipment completes the access of the user equipment to the low-orbit satellite, otherwise, the access fails.
The invention has the beneficial effects that: in the invention, a ground control center generates a corresponding position key according to the position information of the user equipment and the low-orbit satellite network in the system initialization stage, and in the interaction process of the access authentication request of the user equipment and the low-orbit satellite, the identity authentication is completed according to the position information between the user equipment and the low-orbit satellite under the preset position tolerance precision; the invention effectively enhances the accuracy of authentication by utilizing the uniqueness of the position report.
Drawings
FIG. 1 is a flow chart of a low orbit satellite network access authentication method based on a position key;
FIG. 2 is a flow chart of a low orbit satellite network access authentication method based on a location key according to the present invention;
fig. 3 is a flow chart of the interaction between the user equipment and the low-orbit satellite according to the present invention.
Description of the embodiments
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
A satellite communication method based on the anti-quantum access authentication of a low orbit satellite of a position key is shown in figure 1, and comprises a system initialization stage, a registration stage and an access authentication stage.
The system initialization stage comprises: establishing system parameters, wherein the established system parameters mainly comprise: random numbers required by the system, temporary identities of user equipment and low orbit satellites and a system master key.
The registration phase includes: the user equipment and the low orbit satellite generate different random numbers and acquire current position information, embed the position data and random parameters into registration information and send a registration request to a ground control center; after receiving the registration request, the ground control center generates a location key for the user equipment and the low orbit satellite by a key generation algorithm KDF according to the master key, embeds the location key into response information, and sends a registration response to the user equipment and the low orbit satellite.
The access phase comprises: the user equipment obtains the current time and the new position data, calculates an encryption key according to the true identity of the user equipment, calculates a message authentication code by the position key, and calculates an authentication vector by the message authentication code. Embedding the authentication vector, the encryption key and the position information into access authentication request information, and sending an access authentication request to a low orbit satellite; after receiving the access authentication request, the low orbit satellite firstly checks the validity of the timestamp sent by the user equipment, if the timestamp is valid, the position decryption key is calculated, the sent authentication vector is decrypted to obtain position information, the decrypted position information is compared with the received position information, if the position information is within the error tolerance precision, the message authentication code is calculated according to the position key, whether the calculated message authentication code is equal to the received message authentication code or not is compared, if the message authentication code is equal to the received message authentication code, the low orbit satellite judges that the user equipment is legal and sends an authentication response to the user equipment, the user equipment judges whether the low orbit satellite is a legal node according to the response information, if the low orbit satellite is not legal, the access is refused, and if the low orbit satellite is not legal, the access authentication is completed.
An embodiment of a satellite communication method based on position key low orbit satellite anti-quantum access authentication comprises the following steps: constructing a low-orbit satellite communication system, wherein the system comprises a control center, user equipment and a low-orbit satellite; the user equipment and the low orbit satellite initiate an authentication registration request to a control center; and the user equipment after successful registration communicates with the low-orbit satellite.
As shown in fig. 2 and 3, the user equipment and the low orbit satellite initiate an authentication registration request to the control center including:
s1: a control center in the low-orbit satellite communication system selects safety parameters and generates system parameters according to the safety parameters;
s2: the user equipment and the low orbit satellite respectively initiate a registration request to a control center;
s3: the control center generates a position key of the low orbit satellite and a position key of the user equipment according to the registration request; and returning the location key and the registration response to the user device and the recursive satellite, respectively;
s4: the user equipment encrypts the current position information by adopting a position key and sends an access authentication request containing the position information to the low orbit satellite;
s5: the low orbit satellite verifies the request sent by the user equipment, and if the verification is successful, the position information is verified; if the position information is verified successfully, executing a step S6, otherwise, failing to access the low-orbit satellite by the user;
s6: the low orbit satellite successfully authenticates the identity information of the user equipment and returns an access response;
s7: and the user equipment authenticates the access response sent by the low-orbit satellite, if the authentication is successful, the user equipment completes the access of the user equipment to the low-orbit satellite, otherwise, the access fails.
In this embodiment, the control center in the low-orbit satellite communication system selects the security parameters, and generating the system parameters according to the security parameters includes: the ground control center (Terrestrial Control Center, TCC) performs system initialization, selects a prime number q=poly (n), and generates a temporary identity PID for User Equipment (UE) u Generating a system keySelect the hash function of anti-collision +.>Simultaneous generation of temporary identity PID for Low Earth Orbit Satellites (LEOs) s The method comprises the steps of carrying out a first treatment on the surface of the Where q=poly (n) denotes a generator that selects a polynomial poly (n) as prime q, which polynomial is used to generate prime q,/o>Representing a system key, s representing a randomly selected system master key,>representing generator->For the anti-collision hash function->Representing a finite field.
The user equipment and the low orbit satellite are registered with the control center, comprising: user Equipment (UE) generating a random number N u User equipment location information L u Embedded in the registration request and sent to the ground control center for registration, the random number N needed by the key generation of the low orbit satellite s Low orbit satellite position information L s Embedded in the registration request and sent to the ground control center for registration.
The process of sending an access authentication request to the low orbit satellite by the user equipment comprises the following steps: the user equipment acquires current time and position information; computing encryption keys based on the true identity of a user deviceThe method comprises the steps of carrying out a first treatment on the surface of the Using location key LK u Computing message authentication code MAC 1 The method comprises the steps of carrying out a first treatment on the surface of the Computing authentication vectors based on encryption keys and message authentication codesV u =PID u ||AES(SK u , N u ||L u )||MAC 1 ||T 1 The method comprises the steps of carrying out a first treatment on the surface of the To the current position information L u ' sum authentication vector V u Embedding the access authentication information and sending an access authentication request to a satellite; wherein->Represents an encryption key->Representing a key generation algorithm, < >>Representing the master key of the system,indicating the identity of the user->Representing a user registration timestamp->Temporary identity for user->Representing a symmetric encryption algorithm->Representing a random number generated by the user equipment, +.>Representing location information of the user equipment.
The ground control center receives the registration request of the user and the satellite, and then calculates the following calculation according to the master key P pub The user and satellite identity PID distributes the position key needed by authentication for the user equipment by the key generation algorithm KDFAssigning location keys to satellitesThe ground control center embeds the location key LK into the registration response and sends the registration response to the user equipment and the satellite; wherein->Represents an encryption key->Representing a key generation algorithm, < >>Representation systemThe master key of the system is used to store,indicating the identity of the user->Representing a user registration timestamp->Temporary identity for user->Representing a symmetric encryption algorithm->Representing a random number generated by the user equipment, +.>Representing user equipment location information.
The ground control center receives the registration request of the user and the satellite, and then calculates the following calculation according to the master key P pub The user and satellite identity PID distributes the position key needed by authentication for the user equipment by the key generation algorithm KDFAssigning location keys to satellitesThe ground control center embeds the location key LK into a registration response and transmits the registration response to the user equipment and the satellite.
In this embodiment, the KDF is encrypted by using PBKDF2, which specifically includes the steps of:
step 1, acquiring parameters including a password (passphrase), a salt value (salt), iteration times (iterations) and a key length (dkLen).
And 2, connecting the salt value with a counter (from 1) to generate an input block.
And 3, performing HMAC (Hash-based Message Authentication Code) calculation on the input block. Wherein the HMAC computes the keying material by using a pseudo-random function (PRF).
And 4, repeating the step 3, wherein the iteration times are i times, and taking the result obtained by the last calculation as an input block of the next calculation.
And 5, performing exclusive OR operation on the result obtained by each calculation and the initial key material.
And 6, repeating the steps 3 to 5 until the specified key length dkLen is reached.
And 7, returning the finally generated secret key as output.
The satellite first checks the time stamp T after receiving the access authentication request of the user equipment 1 If valid, calculate the location decryption keyFor authentication vector V u In (a) and (b)Decrypting to obtain the position information L of the user equipment u And random number N u The calculated user position information L u And received user equipment location information L u ' comparison is made to see if +.>,/>For a predetermined position tolerance accuracy, if this is satisfied, the position key is used +.>Calculating a message authentication code->Comparing message authentication code MAC 1 ' whether or not to receive MAC 1 Equal. If satellite compares message authentication code MAC 1 ' and received MAC 1 If the time is equal, judging the user as a legal user, firstly, acquiring the current time T by the satellite 2 According to self identity ID s With master key P pub Generating encryption keysAES calculation according to the symmetric encryption algorithm>Obtain authentication vector->Will authenticate vector V s And encryption key SK s Satellite current position information L s The' embedded access authentication response information is transmitted to the user equipment.
In the present embodiment, AES calculation is performed by the symmetric encryption algorithmComprising the following steps: byte substitution, row displacement, column confusion, and round key encryption. Each step of the decryption algorithm corresponds to the inverse operation of the encryption algorithm, and the key of each round in encryption and decryption is obtained by the seed key through the key expansion algorithm. The algorithm is represented by a matrix 4*4 if the plaintext, ciphertext and round keys are 16 bytes. In round key addition: each byte in the matrix performs an XOR operation with the round key; each subkey is generated by a key generation scheme.
Byte substitution: each byte is replaced by a corresponding byte by means of a look-up table by a non-linear replacement function.
Line shifting: each row in the matrix is cyclically shifted. The AES encryption function first performs key expansion to read a 128-bit length string into an integer array of 4*4, which is a state matrix. If pArray [0] [0] =S0, pArray [1] [0] =S1, pArray [0] [1] =S4. This reading process is implemented by the convertto intarray () function. The function of each round of operation modifies pArray, i.e., obfuscates the state matrix. After 10 rounds of encryption have been performed, pArray is converted back into a string, which is then stored in the array of plaintext p. This conversion process is implemented by the convertArrayToStr () function. A single numrray store is first used to fetch 4 bytes from a 32-bit W [ i-1] when executing the T () function. If W [ i-1] is 0x12ABCDEF, numaroy [0] =0x12, numaroy [1] =0xAB. The function split inttoaray () is used to read these four bytes from a 32-bit integer. Invoking the leftLoop4int () function circularly shifts the 4 elements in the numaroy array left by 1 bit. Byte substitution is then performed, and the corresponding value in the S-box is obtained by the getnumfromsbeox () function to replace the value in numaroy. Byte-substituted numaroray is then merged back to a 32-bit integer by the mergeArrayToInt () function, returned after round constant exclusive-or. The main process of byte substitution is to transfer each element in the state matrix into the getNumFromSBox () function, then get the upper 4 bits of the previous 8 bits as row values, the lower 4 bits as column values, then return S row, where S is the array storing the S box. Line shifting: the 2,3,4 th rows of the state matrix are copied out, then left shifted by the corresponding bit number, and then copied into the state matrix array.
Column mixing implementation: the state matrix initial state is copied into tempArray one time, and then tempArray is multiplied by colM matrix, which is an array storing constant matrix to be multiplied. The GFMul () function therein defines the multiplication when the matrix is multiplied, and the addition is directly implemented by exclusive or. GFMul () implements multiplication by calling a function corresponding to multiplication by each number. Such as S1 x 2 is achieved by invoking GFMul2 (S1). S1 x 3 is implemented by GFMul3 (S1).
After receiving the authentication response message, the user equipment first checks the timestamp T 2 If valid, according to the encryption keyDecryption->Comparing the position information,/>The tolerance precision of the position is preset; if so, user rootLocation-based keyCalculating message authentication codesReceived MAC 2 And comparing, and if the nodes are equal, judging that the satellite is a legal node to finish access authentication.
While the foregoing is directed to embodiments, aspects and advantages of the present invention, other and further details of the invention may be had by the foregoing description, it will be understood that the foregoing embodiments are merely exemplary of the invention, and that any changes, substitutions, alterations, etc. which may be made herein without departing from the spirit and principles of the invention.
Claims (8)
1. The satellite communication method based on the anti-quantum access authentication of the position key low orbit satellite is characterized by comprising the following steps of: constructing a low-orbit satellite communication system, wherein the system comprises a control center, user equipment and a low-orbit satellite; the user equipment and the low orbit satellite initiate an authentication registration request to a control center; the user equipment after successful registration communicates with the low orbit satellite; the user equipment and the low orbit satellite initiate an authentication registration request to the control center comprises:
s1: a control center in the low-orbit satellite communication system selects safety parameters and generates system parameters according to the safety parameters;
s2: the user equipment and the low orbit satellite respectively initiate a registration request to a control center;
s3: the control center generates a position key of the low orbit satellite, a position key of the user equipment and a registration response according to the registration request; returning the location key and the registration response to the user equipment and the low orbit satellite respectively;
s4: the user equipment encrypts the current position information by adopting a position key and sends an access authentication request containing the position information to the low orbit satellite;
s5: the low orbit satellite verifies the authentication request sent by the user equipment, and if the authentication is successful, the position information is verified; if the position information is verified successfully, executing a step S6, otherwise, failing to access the low-orbit satellite by the user;
s6: the low orbit satellite successfully authenticates the identity information of the user equipment and returns an access response;
s7: and the user equipment authenticates the access response sent by the low-orbit satellite, if the authentication is successful, the user equipment completes the access of the user equipment to the low-orbit satellite, otherwise, the access fails.
2. The satellite communication method based on position key low orbit satellite anti-quantum access authentication according to claim 1, wherein generating system parameters comprises: the ground control center initializes the system; randomly selecting a prime number q=poly (n), and generating a temporary identity PID for user equipment by a ground control center u The ground control center generates a temporary identity PID for the low-orbit satellite s The method comprises the steps of carrying out a first treatment on the surface of the Generating system keysSelecting a hash function for collision avoidanceThe method comprises the steps of carrying out a first treatment on the surface of the Where q=poly (n) denotes a generator that selects one polynomial poly (n) as prime q; />Representing a system key, s representing a randomly selected system master key, P representing a generator,/a generator>For the anti-collision hash function->Representing a finite field.
3. The method for satellite communication based on position key low orbit satellite anti-quantum access authentication as claimed in claim 1, wherein,the user equipment and the low orbit satellite initiate a registration request to the control center comprising: user identity ID u User current location information L u User registration timestamp T 1 Satellite identity ID s Satellite current position information L s Satellite registration timestamp T 2 。
4. The satellite communication method based on the low orbit satellite anti-quantum access authentication of the position key according to claim 1, wherein the position key generated by the control center is:wherein KDF is a key generation algorithm, ++>For the system master key>Is the temporary identity of the low-orbit satellite,Na random number generated for the system and,Lis position information.
5. The satellite communication method of claim 1, wherein the process of the user equipment transmitting the access authentication request to the low orbit satellite comprises: the user equipment acquires current time and position information; computing encryption keys based on the true identity of a user deviceThe method comprises the steps of carrying out a first treatment on the surface of the Using location key LK u Computing message authentication code MAC 1 The method comprises the steps of carrying out a first treatment on the surface of the Computing authentication vectors based on encryption keys and message authentication codesV u =PID u ||AES(SK u ,N u ||L u )||MAC 1 ||T 1 The method comprises the steps of carrying out a first treatment on the surface of the To the current position information L u ' sum authentication vector V u Embedded in access authentication information to satelliteSending an access authentication request; wherein->Represents an encryption key->Representing a key generation algorithm, < >>Representing the system master key,/->Indicating the identity of the user->Representing a user registration timestamp->Temporary identity for user->Representing a symmetric encryption algorithm->Representing a random number generated by the user equipment, +.>Representing location information of the user equipment.
6. The satellite communication method of claim 1, wherein the low orbit satellite verifies the user device transmission request by the low orbit satellite comprises: low orbit satellite verifies the time stamp T that the user equipment sends 1 If so, calculating a decryption key to decrypt the received authentication vector V of the user equipment to obtain the position information L therein u The method comprises the steps of carrying out a first treatment on the surface of the To calculate the position information L u With bits received from user equipmentInformation-setting L u And (3) comparing, if the comparison result is correct, receiving the user equipment request, otherwise, failing the user equipment request.
7. The satellite communication method of claim 1, wherein the low orbit satellite verifies the position information by using a low orbit satellite based on a position key low orbit satellite anti-quantum access authentication method comprises: the low orbit satellite calculates the position information sent by the user equipment by adopting the position key sent by the control center to obtain a new message authentication code MAC 1 'A'; comparing message authentication code MAC 1 ' and message authentication code MAC received from user equipment 1 If the satellite time T is equal, judging that the user equipment is a legal user, and acquiring the current satellite time T 2 And position information L s Calculating an encryption key SK s And authentication vector V s And embedding the position data and the authentication vector into access authentication response information and sending the access authentication response information to the user equipment.
8. The satellite communication method of claim 1, wherein the user device authenticating the access response sent by the low orbit satellite comprises: checking satellite time stamps T 2 If so, calculating a decryption key, and based on the calculated decryption key, performing a process of authenticating the received satelliteDecrypting to obtain position data; comparing the calculated position data with the received satellite position, if the comparison result is correct, calculating a message authentication code MAC by the position key 2 ' comparing the calculated message authentication code MAC 2 ' and receipt of message authentication code MAC from satellite 2 If the satellite nodes are equal, judging that the satellite nodes are legal nodes, and finishing access authentication; otherwise, the authentication fails; wherein (1)>Representing satellite temporary identity->Representing a symmetric encryption algorithm->Encryption key representing satellite->Representing satellite generated random numbers>Representing the position information of the satellites.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311183909.0A CN116938321B (en) | 2023-09-14 | 2023-09-14 | Satellite communication method based on anti-quantum access authentication of position key low orbit satellite |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311183909.0A CN116938321B (en) | 2023-09-14 | 2023-09-14 | Satellite communication method based on anti-quantum access authentication of position key low orbit satellite |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116938321A CN116938321A (en) | 2023-10-24 |
| CN116938321B true CN116938321B (en) | 2023-11-24 |
Family
ID=88388132
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311183909.0A Active CN116938321B (en) | 2023-09-14 | 2023-09-14 | Satellite communication method based on anti-quantum access authentication of position key low orbit satellite |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116938321B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117376917B (en) * | 2023-12-05 | 2024-03-26 | 成都本原星通科技有限公司 | Satellite communication method for satellite terminal authentication based on lattice proxy signcryption algorithm |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20110136203A (en) * | 2010-06-14 | 2011-12-21 | 삼성에스디에스 주식회사 | Contents management system and method using location information |
| CN103250441A (en) * | 2010-12-07 | 2013-08-14 | 瑞典爱立信有限公司 | Method and apparatus for provisioning temporary identity module using a key-sharing scheme |
| CA3003667A1 (en) * | 2015-10-30 | 2017-05-04 | Paris Michaels | Mobile satellite communication system |
| KR101842009B1 (en) * | 2017-08-31 | 2018-05-14 | 영남대학교 산학협력단 | System and authentication method for vehicle remote key entry |
| CN110971415A (en) * | 2019-12-13 | 2020-04-07 | 重庆邮电大学 | Space-ground integrated space information network anonymous access authentication method and system |
| CN114584975A (en) * | 2022-02-23 | 2022-06-03 | 重庆邮电大学 | Anti-quantum satellite network access authentication method based on SDN |
| CN115022879A (en) * | 2022-05-11 | 2022-09-06 | 西安电子科技大学 | Enhanced Beidou user terminal access authentication method and system based on position key |
-
2023
- 2023-09-14 CN CN202311183909.0A patent/CN116938321B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20110136203A (en) * | 2010-06-14 | 2011-12-21 | 삼성에스디에스 주식회사 | Contents management system and method using location information |
| CN103250441A (en) * | 2010-12-07 | 2013-08-14 | 瑞典爱立信有限公司 | Method and apparatus for provisioning temporary identity module using a key-sharing scheme |
| CA3003667A1 (en) * | 2015-10-30 | 2017-05-04 | Paris Michaels | Mobile satellite communication system |
| KR101842009B1 (en) * | 2017-08-31 | 2018-05-14 | 영남대학교 산학협력단 | System and authentication method for vehicle remote key entry |
| CN110971415A (en) * | 2019-12-13 | 2020-04-07 | 重庆邮电大学 | Space-ground integrated space information network anonymous access authentication method and system |
| CN114584975A (en) * | 2022-02-23 | 2022-06-03 | 重庆邮电大学 | Anti-quantum satellite network access authentication method based on SDN |
| CN115022879A (en) * | 2022-05-11 | 2022-09-06 | 西安电子科技大学 | Enhanced Beidou user terminal access authentication method and system based on position key |
Non-Patent Citations (3)
| Title |
|---|
| Research on hierarchical location management scheme in LEO satellite networks;Wang Jinglin et al.;《2020 10nd International Conference on Future Computer and Communication》;全文 * |
| 卫星通信网络安全接入认证的研究与设计;邓云飞;《硕士学位论文》;全文 * |
| 基于位置密钥的增强型北斗用户设备接入认证协议;曹进 等;《通信学报》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116938321A (en) | 2023-10-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111740828B (en) | Key generation method, device and equipment and encryption and decryption method | |
| Yang et al. | AnFRA: Anonymous and fast roaming authentication for space information network | |
| KR0148300B1 (en) | Method for sharing secret information, generating a digital signature, and performing certification in a communication system that has a plurality of information processing apparatus and a communication system that employs such a method | |
| US4649233A (en) | Method for establishing user authenication with composite session keys among cryptographically communicating nodes | |
| JP2021044828A (en) | Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with wallet management system | |
| KR101492644B1 (en) | Method for elliptic curve public key cryptographic validation | |
| CN110971415A (en) | Space-ground integrated space information network anonymous access authentication method and system | |
| US6633979B1 (en) | Methods and arrangements for secure linking of entity authentication and ciphering key generation | |
| US20060034456A1 (en) | Method and system for performing perfectly secure key exchange and authenticated messaging | |
| CN111342976B (en) | Verifiable ideal on-grid threshold proxy re-encryption method and system | |
| JP7353375B2 (en) | End-to-end double ratchet encryption with epoch key exchange | |
| CN103339958A (en) | Key transport protocol | |
| CN111416706B (en) | Quantum secret communication system based on secret sharing and communication method thereof | |
| JP2000083018A (en) | Method for transmitting information needing secrecy by first using communication that is not kept secret | |
| CN108183791B (en) | Intelligent terminal data security processing method and system applied to cloud environment | |
| US20030149876A1 (en) | Method and system for performing perfectly secure key exchange and authenticated messaging | |
| CN116938321B (en) | Satellite communication method based on anti-quantum access authentication of position key low orbit satellite | |
| CN110855667B (en) | Block chain encryption method, device and system | |
| Mahmood et al. | Distributed multiparty key management for efficient authentication in the internet of things | |
| CN116056080A (en) | Satellite switching authentication method for low-orbit satellite network | |
| CN114362928B (en) | Quantum key distribution and reconstruction method for multi-node encryption | |
| Hwang et al. | Robust stream‐cipher mode of authenticated encryption for secure communication in wireless sensor network | |
| CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
| CN116318739B (en) | Electronic data exchange method and system | |
| Li et al. | An efficient and anonymous attribute-based group setup scheme |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |