| Satellite communication network can play an important role in the development of society and economy.The double-layer satellite network,which includes both geostationary and low orbit satellites,can not only achieve the wide coverage of satellite signal but also solve the problem that all-weather management of telluric control center for on-orbit satellites.Once proposed,it has attracted wide attention.However,complicated networking scenarios and harsh deployment environments put forward higher requirements for the design of satellite networking authentication schemes.Deferent from wireless networks deployed on ground,identity authentication schemes for satellite network need to deal with a series of security challenges in complex network environments,such as resource-limited satellite environment,dynamic network structure and discontinuous communication link.In addition,to adapt to the new trend of massive networking node and complex topology structure,authentication schemes should also minimize the reliance on trusted third parties when achieving secure networking,so as to ensure the autonomy and flexibility of satellite networking.Therefore,how to realize the autonomous,safe and efficient networking of massive communication satellites in complex environments has become a research hotspot.For double-layer satellite network,since most of existing security authentication schemes ignore the specific network structure when designed,they may not be entirely suitable for complex networking scenarios,such as the authentication scenario between geostationary and low earth orbit satellite and the authentication scenario between adjacent satellites on adjacent low orbits.To solve problems mentioned above,this thesis proposes two satellite networking authentication schemes,which are suitable for different networking scenarios in double-layer satellite network.These schemes focus mainly on solving problems of networking authentication between geostationary and low earth orbit satellites and networking authentication between adjacent satellites in different low orbits.Specifically,the main work of this thesis includes the following three aspects.First,proposing an authentication scheme for the networking between geostationary and low orbit satellites in double-layer satellite network.We firstly analyze the characteristic of link switching between satellites above,summarize the security requirements of satellite authentication in networking stage,and propose an attacker model for satellite network.Then,based on symmetric cryptography algorithm,we design a satellite networking authentication scheme without the trusted third party.And considering the characteristics of satellite network such as highly unified clock and predictable satellite trajectory in satellite network,a pre-calculation algorithm is designed in this scheme,which can effectively reduce the computing overhead of satellite in switching authentication stage.Second,proposing an authentication scheme for the networking between adjacent satellites on adjacent low orbits.We firstly analyze the networking characteristics of satellites,and then based on symmetric cryptography and pre-calculation algorithm,we design a satellite networking authentication,which only requires the participation of trusted third party for the first authentication and has high flexibility of networking.Performance analysis shows that this scheme can satisfy various security requirements for satellite networking and has low computing and communication overhead.Third,using formal analysis method based on BAN logic,we prove the security of two satellite networking authentication schemes proposed above,and then to evaluate the actual performance of authentication schemes,we have built a simulation experiment system.Simulation results show that our schemes can effectively reduce the computing overhead of satellites in networking authentication stage and can be used in resource-limited satellite networks. |
PDF Full Text Request