| 基于CFL的空间网络认证策略研究 |
| |
| 引用本文: | 王琳,王夕冉,侯博文,石乐义.基于CFL的空间网络认证策略研究[J].计算机应用研究,2022,39(11). |
| |
| 作者姓名: | 王琳 王夕冉 侯博文 石乐义 |
| |
| 作者单位: | 中国石油大学(华东) 海洋与空间信息学院,中国石油大学(华东) 海洋与空间信息学院,中国石油大学(华东) 计算机科学与技术学院,中国石油大学(华东) 计算机科学与技术学院 |
| |
| 基金项目: | 国家自然科学基金资助项目(61772551);山东省自然科学基金资助项目(ZR2019MF034) |
| |
| 摘 要: | 卫星网络作为一种新兴的网络,具有覆盖范围广、传输环节少等优点,但拓扑结构复杂、链路频繁切换,因而面临诸多网络安全威胁。为解决卫星网络中身份认证等安全性问题,结合CFL认证体制,提出了一种适用于卫星网络的安全认证策略研究。在注册阶段,用户和卫星分别向地面控制中心申请证书,地面控制中心验证用户和卫星的身份后为用户和卫星签署证书;在认证阶段,用户与卫星互相交换证书,自主生成验证密钥并验证证书,实现用户与卫星的双向快速认证。分析结果表明,所提方案能够满足卫星网络的安全需求,抵御各种常见的网络安全攻击;与其他相关方案的相比,该方案无须地面中心参与认证过程,通信开销与计算开销较小,在保证安全性的基础上,与最低计算开销方法相比,将通信开销降低了近30%,有效提高了认证效率。因此,本方案不仅适合星载资源有限的卫星网络,且能够增强卫星网络的安全性。
|
| 关 键 词: | 卫星网络 安全认证 CFL证书 指数乘积型密码算法 |
| 收稿时间: | 2022/4/12 0:00:00 |
| 修稿时间: | 2022/10/21 0:00:00 |
Research on spatial network authentication strategy based on CFL |
| |
| Wang Lin,Wang Xiran,Hou Bowen and Shi Leyi.Research on spatial network authentication strategy based on CFL[J].Application Research of Computers,2022,39(11). |
| |
| Authors: | Wang Lin Wang Xiran Hou Bowen and Shi Leyi |
| |
| Affiliation: | College of Oceanography and Space Informatics,,, |
| |
| Abstract: | As a new network, satellite network has the advantages of wide range and few transmission links. However, due to the complex topology and frequent link switching, it faces many network security threats. To solve security problems such as identity authentication in satellite network, combined with CFL authentication, this paper put forward a applicable satellite network security authentication scheme. In the registration stage, the user and the satellite applied for certificates to the ground control center respectively. The ground control center verified the identity of the user and the satellite and signed the certificates for the user and the satellite. In the authentication stage, users and satellites exchanged certificates, generated authentication keys and verified certificates independently, and realized two-way fast authentication between users and satellites. The results of security analysis show that the proposed scheme can meet the security requirements of satellite network and resist various kinds of common network security attacks. Compared with other related schemes, this scheme did not require the ground center to participate in the authentication process, and the communication overhead and computing overhead are small. On the basis of ensuring security, compared with the minimum computing overhead method, the communication overhead is reduced by nearly 30%, which effectively improves the authentication efficiency. Therefore, this scheme is not only suitable for satellite network with limited on-board resources, but also can enhance the security of satellite network. |
| |
| Keywords: | satellite network security authentication CFL certificate exponential multiplication cipher algorithm |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
