| With the coming of the information age,more and more countries and organizations pay attention to the exploration of space due to the rapid development of information technology which leads to the result that space information network has been used in various aspects of information technology.Because of the open environment where space information network(SIN)is,it faces serious security threats,hence,security technologies related to SIN become the research issues of relevant fields around the world in which key management of satellite nodes is an important aspect,that is the foundation of the SIN security.The focus of this thesis is satellite node's private key distribution,authenticated key agreement protocols between two satellite nodes in the same domain,and authenticated key agreement protocols between two satellite nodes within different domains.According to the analysis of current study status,this thesis proposes some security domain-based key management schemes for satellite nodes by applying ID-based cryptography(IBC),considering the characteristics of SIN and satellite nodes.The research results are as follows:Firstly,a security private key distribution scheme based on security domain is proposed,in which dynamically selected Private Key Generators(PKG)cooperate with each other and generate private key for the new satellite joined into the domain.This scheme can efficiently accomplish private key distribution and solve the problem of key escrow.This scheme is not only correct and has a higher efficiency according to the analysis of correctness and efficiency,but also can deal with security threats such as single point failure and collusion attack.Secondly,on the basis of domain-based private key distribution scheme for satellite nodes,an authenticated key agreement scheme for satellite nodes within the same domain is proposed.This scheme can verify the integrity of messages and authenticate identity of satellite nodes during the session key agreement between two satellite nodes.This scheme is correct and satisfies all security attributes of ID-based key agreement protocols according to the analysis of correctness and security.Additionally,comparison with previous schemes shows that it has a higher efficiency.Thirdly,based on domain-based private key distribution scheme and authenticated key agreement scheme within security domain,an authenticated key agreement scheme for satellite nodes within different security domains is proposed which can verify the integrity of messages and authenticate identity of satellite nodes during the session key agreement.It is correct and satisfies all security attributes of the ID-based key agreement protocol according to the analysis of correctness and security.In addition,analysis of efficiency shows that it is more efficient than previous schemes in SIN. |
PDF Full Text Request