Research On Key Techniques Of Secure Authentication In Space-based Internet Of Things

The Space-based Internet of Things(S-IoT)utilizes the global coverage of satellite systems and the characteristics of wide-area connectivity,which will effectively compensate for the insufficient coverage of existing Internet and mobile communication networks and achieve seamless interconnection of everything in the world.However,the natural openness of S-Io T makes it vulnerable to security threats such as identity forgery,privacy breaches,and denial of service attacks.Secure authentication is a core key step in authenticating legitimate users and ensuring network security,which plays a vital role in the secure deployment and application of S-IoT.Existing network secure authentication methods are difficult to meet the multi-user high concurrent secure authentication requirements in the wide coverage of S-IoT.In this paper,several key technologies in S-IoT secure authentication have been studied in depth.The main work is as follows:Firstly,based on IPv6 and broadcast pre-authentication,a lightweight identity-based S-IoT secure authentication method(SpaceIDA)is proposed for the problems of complex certificate management,long interaction delay and limited link bandwidth in S-IoT.SpaceIDA skillfully uses the IPv6 address interface ID to design the identity-based secure authentication protocol,avoiding the complex certificate management problem of the public key infrastructure and greatly reducing the number of authentication interactions.In SpaceIDA,the authentication server signature and parameter pre-broadcasting mechanism are designed to greatly reduce the bandwidth and delay overhead of the authentication server signature transmission.The novel lightweight user signature structure is designed to effectively reduce user signature size and reduce bandwidth and latency overhead.The theoretical analysis proofs that two signatures of SpaceIDA have EUF-ACMIA security.As the experimental results show,comparing SpaceIDA with the classic identity-based signature authentication method,the user signature verification time is reduced by about 50% to 60%,and the authentication server signature size is reduced by about 13% to 50%.Secondly,a Proof-of-work(PoW)based Co-Authentication scheme(PCA)is proposed for the problem of Denial of Service(DoS)attacks to pseudonymous authentication in Vehicular Ad Hoc Network(VANET)applications of S-IoT.PCA builds the PoW mechanism by carefully designing the hash puzzle,which fundamentally limits the ability of attackers to forge pseudonymous certificates.The mutual trust cluster generation algorithm is designed to accelerate formating the mutual trust clusters automatically among legitimate users.The co-authentication method based on the mutual trust cluster is designed to integrate the computing resources of legitimate node to defend attackers.The theoretical analysis and simulation results show that the PCA scheme can effectively mitigate DoS attacks against pseudonymous authentication while the growth trend of certificate verification overhead with the number of nodes significantly changes from linear to logarithmic.