CN108566240A - Networking Verification System and method between a kind of star suitable for double layer minipellet - Google Patents

Abstract

The invention belongs to the technical field of information security, and discloses an inter-satellite network authentication system and method applicable to a double-layer satellite network. The system includes a ground authentication server, a high-orbit satellite authentication client, and a low-orbit satellite authentication client; the ground authentication The server is responsible for completing the initialization of the satellite authentication system, that is, generating and distributing the identity information, keys, and orbit parameters required for inter-satellite authentication; the high-orbit satellite authentication client and the low-orbit satellite authentication client are the main bodies of inter-satellite network authentication , realize inter-satellite identity authentication and key agreement through mutual authentication parameters. Utilizing the characteristics of highly synchronized satellite network clocks and predictable node running trajectories, the present invention designs an authentication pre-calculation mechanism, which effectively improves the authentication efficiency between satellites. The invention can realize safe and efficient identity authentication and key agreement in the networking stage of high and low orbit satellites in the double-layer satellite network, and can be used for network authentication between high and low orbit satellites.

Description

An inter-satellite network authentication system and method suitable for a two-layer satellite network

technical field

The invention belongs to the technical field of information security, and in particular relates to an inter-satellite network authentication system and method suitable for a double-layer satellite network. It can be used to provide satellite identity authentication services for commercial satellite networks during satellite networking, and can realize trust establishment and secure communication between satellites without the participation of a trusted third party.

Background technique

At present, the existing technologies commonly used in the industry are as follows:

Since the current satellite network contains a small number of satellites, such as Iridium (66) and GPS (24), the satellite network is mainly controlled by the ground station. Satellite network authentication usually adopts the way that the ground station directly assigns authentication parameters, session keys, etc. to the satellite. In this control structure, satellites usually do not have the ability to self-organize a network, so that the certification of their network is heavily dependent on the ground station.

However, with the development of aerospace technology, the satellite network tends to be complicated, such as the large number of satellite nodes and the complex satellite control model. Under this trend, the traditional satellite network control method has certain application limitations due to issues such as the deployment location, processing capability, and management capability of the ground station. At the same time, since the satellite communication link adopts wireless transmission medium, the channel is highly open, and the communication content is very easy to be monitored, tampered with, and forged. It is very likely that the satellite network cannot be completed due to malicious interference. In addition, the special deployment environment of the satellite network puts forward higher requirements for the design of the inter-satellite identity authentication protocol. First of all, on-board resources are limited, and it is difficult to cope with large computing overhead, and schemes that require complex calculations will seriously affect the authentication efficiency. Secondly, the distance between satellites is relatively long, and the communication delay cannot be ignored, so the communication overhead becomes a problem that must be considered in the scheme design.

Aiming at the networking problems of satellite networks, people have proposed some solutions, such as:

The patent "A Method for In-orbit Satellite Identity Authentication" (Application No. CN 2017101415439 Application Publication No. CN106850674A) applied by the 30th Research Institute of China Electronics Technology Group Corporation discloses an in-orbit satellite identity authentication method, which is based on the period of satellite orbit It adopts the public-private key authentication mechanism to solve the problem of identity authentication between the stars and the earth.

However, with the development of aerospace technology, the satellite network in design contains more and more nodes. If the satellite network certification requires the frequent participation of ground stations, the certification efficiency will be seriously affected due to satellite-ground communication delays and other issues. Therefore, in order to ensure the safety and efficiency of satellite networking, the authentication protocol needs to minimize the participation of third parties such as ground stations, and improve the autonomy and independence of authentication nodes, so as to ensure that the satellite network can operate safely in the event of ground station failure.

In summary, the problems in the prior art are:

(1) Inter-satellite identity authentication requires ground participation. Without the participation of trusted third parties such as ground stations, it is difficult to achieve independent and independent trust establishment and secure communication between satellites, which is not suitable for satellite network groups with massive nodes. network scene;

(2) Inter-satellite identity authentication does not protect its own identity information, so that attackers can use the intercepted plaintext identity information to forge access requests, thereby carrying out attacks such as denial of service and interfering with satellite networking;

(3) The calculation overhead of inter-satellite identity authentication will affect the authentication delay. Compared with the satellite network with a small number of nodes, in the satellite network with a large number of nodes, due to the more frequent network authentication, the inter-satellite network will be due to the satellite network. Due to the computing power of the computer, there is a delay in authentication. The difficulty and significance of solving the above technical problems:

(1) To design an independent and autonomous inter-satellite network authentication method, it is necessary to design a safe and efficient key update method for it, which not only reduces the participation of ground stations, but also ensures that satellites can accurately update the authentication key;

(2) To design an inter-satellite network authentication method for protecting the identity information of satellites, it is necessary to consider the additional calculation overhead caused by this, not only to ensure the confidentiality of satellite identity information, but also to reduce the resulting calculation overhead;

(3) To design an inter-satellite network authentication method suitable for complex satellite networks, it is necessary to consider the calculation overhead in the authentication process, and try to avoid the calculation delay caused by the limited computing resources when multi-satellite simultaneous authentication occurs.

With the development of aerospace technology, the future satellite network will contain more and more satellite nodes. Designing an inter-satellite network authentication method that can realize independent and autonomous networking without the frequent participation of ground stations is very important for those who have a large number of satellite nodes. It is of great significance that the satellite network can operate stably.

Contents of the invention

Aiming at the problems existing in the prior art, the present invention provides an inter-satellite networking authentication system and method suitable for double-layer satellite networks.

The present invention is achieved like this,

An inter-satellite networking authentication system applicable to a double-layer satellite network of the present invention includes:

The ground authentication server is responsible for completing the initialization of the satellite authentication system, that is, generating and distributing identity information, keys, and orbital parameters required for inter-satellite authentication;

The high-orbit satellite (GEO) authentication client is responsible for receiving the authentication request from LEO, calculating and returning the authentication token Token, calculating the expected response XRES and the session key CK, checking whether the temporary identity TID used by LEO in the authentication request is valid, checking Whether the response value RES returned by LEO is correct, and maintain an authentication information table for LEO;

The low-orbit satellite (LEO) authentication client is responsible for submitting an authentication request to GEO, checking whether the authentication token Token returned by GEO is valid, calculating the temporary identity TID, response value RES and session key CK, and maintaining an authentication information table for GEO.

Ground authentication servers include:

The system initialization module is used to complete the initialization of the satellite authentication system, that is, to write the identity information generated by the identity information generation module, the key generated by the key generation module, and the orbit parameters assigned by the orbit allocation module into the satellite authentication system;

The identity information generation module is used to generate the identity information required for authentication for the satellite according to the production sequence and launch sequence of the satellite;

The key generation module is used to generate the key required for authentication for the satellite;

The orbit assignment module is used for assigning orbits to satellites.

High-Earth Orbit (GEO) certified clients include:

The system initialization module is used to complete the initialization of the on-board authentication system, that is, to obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server;

The network authentication module includes three sub-modules: authentication sub-module, data processing sub-module, and pre-calculation management sub-module. Among them, the authentication sub-module is used to interact with the low-orbit satellite (LEO) authentication client to authenticate the parameters required; the data processing sub-module is used to generate and analyze the authentication parameters and check whether the received authentication parameters are valid; pre-calculation management The sub-module is used to pre-calculate the authentication parameters of the management satellite according to the data in the authentication information table, and maintain the authentication information table;

The orbit prediction module is used to calculate the time node of the next authentication between satellites;

The certification information management module is used to manage the registration and update of LEO certification information.

Low Earth Orbit (LEO) certified clients include:

The system initialization module is used to complete the initialization of the on-board authentication system, that is, to obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server;

The network authentication module includes three sub-modules: authentication sub-module, data processing sub-module, and pre-calculation management sub-module. Among them, the authentication sub-module is used to interact with the high-orbit satellite (GEO) authentication client for the parameters required for authentication; the data processing sub-module is used to generate and analyze authentication parameters and check whether the received authentication parameters are valid; pre-calculation management The sub-module is used to pre-calculate the authentication parameters of the management satellite according to the data in the authentication information table, and maintain the authentication information table;

The orbit prediction module is used to calculate the time node of the next authentication between satellites;

The certification information management module is used to manage the registration and update of GEO certification information.

Another object of the present invention is to provide an information data processing terminal equipped with the inter-satellite networking authentication system suitable for a two-layer satellite network.

In order to achieve the above object, the present invention provides an inter-satellite networking authentication method applicable to a double-layer satellite network, including:

1. Authentication system initialization

(1a) In the launch preparation stage, the satellite submits a system initialization application to the ground authentication server.

(1b) After receiving the application, the ground authentication server generates and distributes identity information, keys, and orbit parameters for the satellite, including identity information ID, group identity information SGID, anonymous protection key IDKey of satellite identity information, satellite authentication Master key MainKey.

2. Satellite certification information registration

(2a) LEO sends its own precise orbit data to GEO, such as orbital height, orbital inclination and other orbital parameters needed for satellite orbital position prediction.

(2b) After receiving the orbit information sent by the LEO, GEO adds the authentication information of the LEO to the authentication information table, that is, stores the ID of the LEO together with the orbit data into the authentication information database on the satellite. After the registration is completed, the GEO returns its precise orbital data to the LEO.

(2c) After receiving the returned orbit data, LEO uses the same operation to store the data in its own authentication database.

3. Inter-satellite identity authentication and key negotiation

The inter-satellite identity authentication and key negotiation are divided into two sub-protocols according to the implementation stage of the inter-satellite network authentication, which are the authentication sub-protocol before the satellite authentication information registration and the authentication sub-protocol after the satellite authentication information registration.

3.1) Authentication sub-protocol before authentication information registration

(3.1.a) LEO obtains the time stamp T _TID through the on-board clock. Based on the obtained T _TID and the preset IDKey, LEO calculates the temporary identity TID that should be used in this authentication, TID = f _TID (IDKey, T _TID ||RID). After the calculation is complete, LEO sends the TID to GEO along with the authentication request.

(3.1b) After receiving the TID, GEO uses the preset IDKey to decrypt the TID, and judges the freshness and validity of the authentication request through the decrypted _TID and RID.

(3.1.c) GEO obtains the time stamp T _Auth needed to generate AuthKey through the on-board clock. Based on the obtained T _Auth and the preset MainKey, AuthKey=f _AK (MainKey, T _Auth ); GEO generates a one-time random number RAND; based on the generated RAND and AuthKey, GEO calculates the time stamp protection sequence TK, TK=f _TK (AuthKey, RAND); GEO obtains the time stamp T _Token needed to generate Token through the on-board clock. Based on the generated RAND, acquired T _Token , and stored SGID, GEO calculates the message authentication code MAC, MAC=f _MAC (AuthKey, RAND||T _Token ||SGID); GEO uses RAND, T _Token , TK, SGID, MAC Combined into one authentication token Token, And calculate the expected response XRES and the session key CK, CK=f _CK (AuthKey, RAND), XRES=f _RES (CK, RAND).

(3.1.d) LEO uses the AuthKey generated in the same way, and uses the generated AuthKey to judge the freshness and validity of Token.

(3.1.e) After the verification is passed, LEO calculates CK and RES in the same way, and returns RES to GEO.

(3.1.f) After receiving RES, GEO compares whether the received RES is equal to the stored XRES. If they are equal, the authentication to the LEO is completed; otherwise, the authentication fails.

3.2) Authentication sub-protocol after authentication information registration

(3.2.a) After the communication link is established, LEO first judges whether its own orbital parameters have changed. In the event of orbital perturbation, since the authentication parameters obtained through the authentication pre-calculation have expired, it is necessary to terminate this agreement and re-execute the authentication sub-agreement (3.1). If the orbit is normal, LEO sends the pre-calculated TID and RES to GEO together with the access request.

(3.2.b) After receiving the access request, GEO compares the received TID and RES with the stored XTID and XRES. If they are equal, complete the authentication to LEO, and return the stored Token to LEO; if not, return an error and re-execute the authentication sub-protocol (3.1).

(3.2.c) LEO uses the pre-calculated AuthKey to determine the validity of the authentication token.

(3.2.d) If the verification is passed, LEO uses AuthKey to calculate the session key CK.

4. Authentication pre-calculation

The certification pre-computation is divided into two sub-protocols according to the implementation stage of the inter-satellite network certification, which are the pre-calculation sub-protocol before the satellite certification information registration and the pre-calculation sub-protocol after the satellite certification information registration.

4.1) Authentication precomputation sub-protocol before authentication information registration

(4.1.a) LEO applies for a blank Token from GEO.

(4.1.b) GEO calculates and returns a blank Token.

(4.1.c) LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth and T _Token . Next, LEO generates the TID and AuthKey that should be used for the next authentication through T _TID and T _Auth respectively. Based on the blank Token returned by GEO, LEO calculates the RES that should be used for the next authentication. After calculation, LEO stores TID and RES.

(4.1.d) GEO calculates the time point of the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth and T _Token . Based on the acquired time parameters, stored satellite ID, stored key IDKey and MainKey, GEO calculates the XTID, XRES, Token, and CK needed for the next authentication. After calculation, GEO stores XTID, XRES, Token, CK.

4.2) Authentication precomputation sub-protocol after authentication information registration

(4.1.a) LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth and T _Token . Next, LEO generates the TID and AuthKey that should be used for the next authentication through T _TID and T _Auth respectively. Based on the Token returned by GEO in the authentication sub-protocol (3.2), LEO calculates the RES that should be used for the next authentication. After calculation, LEO stores TID and RES.

(4.1.b) GEO calculates the time point of the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth and T _Token . Based on the acquired time parameters, stored satellite ID, stored key IDKey and MainKey, GEO calculates the XTID, XRES, Token, and CK needed for the next authentication. After the calculation, GEO stores XTID, XRES, Token, and CK.

Another object of the present invention is to provide a computer program for implementing the inter-satellite networking authentication method applicable to a two-layer satellite network.

Another object of the present invention is to provide an information and data processing terminal for implementing the inter-satellite networking authentication method applicable to a two-layer satellite network.

Another object of the present invention is to provide a computer-readable storage medium, including instructions, which, when run on a computer, enable the computer to execute the inter-satellite networking authentication method applicable to a two-layer satellite network.

The present invention achieves the purpose of anti-replay attack by rationally using time stamps in the process of generating authentication parameters. During identity authentication, the authentication parameters that need to be passed between GEO and LEO are TID, Token, and RES. Among them, the generation of TID requires a time stamp T _TID , GEO can use this to judge the freshness of TID; Token contains the encrypted time parameter T _Token , and LEO can judge whether the received Token is a replay message based on the MAC value; RES There is a corresponding relationship with Token, and it can be judged whether RES is a replayed message by the message return speed.

The inter-satellite identity authentication and key negotiation in the present invention are divided into two sub-protocols according to the execution stage of the inter-satellite network authentication, which are the authentication sub-protocol before the satellite authentication information registration and the authentication sub-protocol after the satellite authentication information registration. After the satellite completes the authentication information registration, the authentication parameters can be pre-calculated through the exchanged satellite precise orbit parameters. Through the design of the pre-calculation mechanism, the inter-satellite authentication after the authentication information registration is completed can implement a lightweight networking authentication protocol, which greatly improves the authentication efficiency.

The temporary identity generation method of the present invention, when generating the temporary identity, the satellite uses the IDKey shared between the GEO and LEO groups to perform cryptographic operations on the composite string of the time stamp _TID and the real identity RID, and use the operation result to represent the temporary identity of the satellite . Since the temporary identity is generated based on time, it can be guaranteed that LEO uses different identity information each time it initiates authentication.

In the method for generating the authentication key AuthKey of the present invention, the authentication key is derived based on time from the master key MainKey distributed by the ground authentication server. Taking advantage of the highly synchronized satellite network clock and predictable trajectory, both GEO and LEO can update the authentication key according to the predicted time. The authentication parameters are calculated in advance based on the predicted time, which not only ensures the synchronization of calculations between the two parties in the agreement, but also improves the authentication efficiency between satellites.

The method of the present invention reduces calculation overhead in the process of inter-satellite authentication, utilizes the characteristics of satellite network clock height synchronization and predictable orbit, designs authentication pre-calculation steps, and calculates the next authentication time in advance during the period when the computer usage rate on the satellite is low parameters required. In the next authentication, identity authentication can be realized only by parameter comparison, which can effectively avoid the authentication delay caused by insufficient computing power of the on-board computer during inter-satellite network authentication.

In summary, the advantages and positive effects of the present invention are:

The invention realizes two-way identity authentication between satellites.

In the present invention, after the satellite authentication system is initialized by the ground station, LEO and GEO can independently and autonomously perform network authentication. LEO realizes the identity authentication of GEO by judging whether the XMAC obtained by local calculation is equal to the MAC in Token; GEO realizes the identity authentication of LEO by judging whether the locally stored XRES is equal to the returned RES. The two-way identity authentication mechanism can resist network attacks such as counterfeiting and tampering in the process of satellite networking, ensuring the safety and orderly progress of satellite networking.

The invention realizes the anonymous protection of the satellite identity information.

In the present invention, when LEO sends an authentication request, it uses a temporary identity, which is generated by encrypting the real identity information based on the time stamp, so that the identity information used for each authentication can be different; at the same time, due to the setting of the authentication pre-calculation mechanism , the verification of identity information in the authentication process mainly adopts the way of character comparison, which will not increase the satellite's additional calculation overhead.

The invention reduces the calculation overhead of the satellite in the authentication process.

The present invention combines the scene characteristics of highly unified satellite network clock and predictable running trajectory, and designs the authentication pre-calculation step, so that the satellite can use the time parameters obtained from orbit prediction to calculate the parameters required for the next authentication in advance, and when networking again Authentication can be completed only by performing a simple parameter comparison operation. By designing the authentication pre-calculation mechanism, the present invention arranges a large number of calculations required in the authentication process in the low utilization rate stage of the satellite processor, thereby avoiding the problem caused by insufficient satellite computing power in the case of multi-satellite authentication at the same time. Authentication delay.

Description of drawings

FIG. 1 is a diagram of an inter-satellite networking authentication system applicable to a two-layer satellite network provided by an embodiment of the present invention.

Fig. 2 is a flow chart of an authentication method for inter-satellite networking applicable to a two-layer satellite network provided by an embodiment of the present invention.

Fig. 3 is a flow chart of authentication of a low-orbit satellite provided by an embodiment of the present invention.

Fig. 4 is a flow chart of authentication of a high-orbit satellite provided by an embodiment of the present invention.

Detailed ways

In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

The existing technology cannot realize trust establishment and secure communication between satellites without the participation of a trusted third party. The present invention provides an inter-satellite networking authentication method applicable to a double-layer satellite network, comprising:

LEO completes the identity authentication of GEO by judging whether the locally calculated XMAC is equal to the MAC in Token; GEO completes the identity authentication of LEO by judging whether the locally stored XRES is equal to the returned RES; when performing identity authentication, GEO and The authentication parameters passed between LEOs include TID, Token, and RES; among them, the generation of TID requires a time stamp TTID, which GEO uses to judge the freshness of the TID; the Token contains the encrypted time parameter T _Token , and LEO judges the receipt based on the MAC value. Whether the received Token is a replay message; there is a corresponding relationship between RES and Token, and GEO can judge whether RES is a replay message through the message return speed;

When LEO sends an authentication request, it uses a temporary identity generated based on time, and the identity information used in each authentication is different; the verification of identity information in the authentication process adopts the method of character comparison; The IDKey shared between the groups performs cryptographic operations on the composite string of the time stamp _TID and the real identity RID, and uses the operation result to represent the temporary identity of the satellite;

Taking advantage of the highly synchronized satellite network clock and predictable trajectory, both GEO and LEO update the authentication key AuthKey according to the predicted time and calculate the authentication parameters in advance.

Fig. 1, the inter-satellite networking authentication system applicable to the double-layer satellite network provided by the embodiment of the present invention includes three modules: a ground authentication server, a high-orbit satellite (GEO) authentication client and a low-orbit satellite (LEO) authentication client.

in:

The ground authentication server is responsible for completing the initialization of the satellite authentication system, that is, generating and distributing identity information, keys, and orbital parameters required for inter-satellite authentication;

The high-orbit satellite (GEO) authentication client is responsible for receiving the authentication request from LEO, calculating and returning the authentication token Token, calculating the expected response XRES and session key CK, and checking whether the temporary identity TID used by LEO in the authentication request is valid , check whether the response value RES returned by LEO is correct, and maintain an authentication information table for LEO;

The low-orbit satellite (LEO) authentication client is responsible for submitting authentication requests to GEO, checking whether the authentication token Token returned by GEO is valid, calculating the temporary identity TID, response value RES and session key CK, and maintaining an authentication information for GEO surface.

The ground authentication server includes: a system initialization module, an identity information generation module, a key generation module, and a track distribution module.

The system initialization module is used to complete the initialization of the satellite authentication system, that is, to write the identity information generated by the identity information generation module, the key generated by the key generation module, and the orbit parameters assigned by the orbit allocation module into the satellite authentication system;

The identity information generation module is used to generate identity information required for authentication for the satellite according to the production sequence and launch sequence of the satellite;

The key generation module is used to generate the key required for authentication for the satellite;

The orbit assignment module is used for assigning orbits to satellites.

The high-orbit satellite (GEO) authentication client includes: a system initialization module, a network authentication module, an orbit prediction module, and an authentication information management module.

The system initialization module is used to complete the initialization of the on-board authentication system, that is, to obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server;

The network authentication module includes three sub-modules: an authentication sub-module, a data processing sub-module, and a pre-calculation management sub-module. Among them, the authentication sub-module is used to interact with the low-orbit satellite (LEO) authentication client to authenticate the parameters required; the data processing sub-module is used to generate and analyze the authentication parameters and check whether the received authentication parameters are valid; pre-calculation management The sub-module is used to pre-calculate the authentication parameters of the management satellite according to the data in the authentication information table, and maintain the authentication information table;

The orbit prediction module is used to calculate the time node of the next authentication between satellites;

The authentication information management module is used to manage the registration and update of LEO authentication information.

The low-orbit satellite (LEO) authentication client includes: a system initialization module, a network authentication module, an orbit prediction module, and an authentication information management module.

The system initialization module is used to complete the initialization of the on-board authentication system, that is, to obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server;

The network authentication module includes three sub-modules: an authentication sub-module, a data processing sub-module, and a pre-calculation management sub-module. Among them, the authentication sub-module is used to interact with the high-orbit satellite (GEO) authentication client for the parameters required for authentication; the data processing sub-module is used to generate and analyze authentication parameters and check whether the received authentication parameters are valid; pre-calculation management The sub-module is used to pre-calculate the authentication parameters of the management satellite according to the data in the authentication information table, and maintain the authentication information table;

The orbit prediction module is used to calculate the time node of the next authentication between satellites;

The authentication information management module is used to manage the registration and update of GEO authentication information.

As shown in Fig. 2-Fig. 4, the inter-satellite network authentication method applicable to the double-layer satellite network provided by the embodiment of the present invention includes authentication system initialization, satellite authentication information registration, inter-satellite identity authentication and key negotiation, and authentication pre-computation four parts.

The present invention will be further described below in conjunction with the initialization of the authentication system.

1. Authentication system initialization:

Step 1: In the launch preparation stage, the satellite submits a system initialization application to the ground authentication server;

Step 2: After receiving the application, the ground authentication server generates ID, SGID, IDKey, MainKey and orbit parameters for the satellite based on the satellite's production number, launch sequence and other information. After the parameters are generated, each parameter is stored in the authentication database of the satellite, among which:

(1) The ID is the identity information of the satellite, which is used to uniquely identify the satellite node when the inter-satellite identity authentication protocol is executed;

(2) The SGID is the group identity information of the satellite, which is used to identify the group to which the satellite belongs, and belongs to the auxiliary identity of the satellite, which can be configured in combination with the actual situation;

(3) The IDKey is the anonymous protection key of the identity information of the satellite, which belongs to the shared key between the GEO and the LEO group, and is used for the generation of the LEO temporary identity in the authentication process;

(4) The MainKey is the master key when the satellite performs inter-satellite authentication, which belongs to the shared secret between the GEO and LEO satellites, and is used to generate the authentication key AuthKey.

The present invention will be further described below in conjunction with satellite authentication information registration.

2. Satellite certification information registration

Satellite authentication information registration is performed after the first inter-satellite identity authentication is completed between GEO and LEO, including the following steps:

Step 1: LEO sends its own precise orbit data to GEO, such as orbital height, orbital inclination, and other orbital parameters required for satellite orbital position prediction;

Step 2: After receiving the orbit information sent by LEO, GEO adds the authentication information of the LEO to the authentication information table, that is, stores the ID of the LEO together with the orbit data into the authentication information database on the satellite. After the registration is completed, GEO returns its precise orbital data to the LEO;

Step 3: After receiving the returned orbit data, LEO uses the same operation to store the data in its own authentication database.

The present invention will be further described below in conjunction with inter-satellite identity authentication and key agreement.

3. Inter-satellite identity authentication and key negotiation

The inter-satellite identity authentication and key negotiation of the authentication method of the present invention are divided into two sub-protocols according to the implementation stage of the inter-satellite network authentication, which are the authentication sub-protocol before the satellite authentication information is registered and the authentication sub-protocol after the satellite authentication information is registered.

(1) Authentication sub-protocol before authentication information registration

The inter-satellite identity authentication and key agreement sub-protocol that occurs before satellite authentication information registration needs to perform the following steps:

Step 1: LEO generates and sends a temporary identity.

LEO obtains the time stamp T _TID through the on-board clock. Based on the obtained T _TID and the preset IDKey, LEO calculates the temporary identity TID that should be used in this authentication, TID = f _TID (IDKey, T _TID ||RID). Among them, f _TID is a temporary identity generation algorithm, which can be realized by referring to HMAC-SM3 (hash message authentication code based on the national secret SM3 algorithm); RID is the real identity information of the satellite. After the calculation is complete, LEO sends the TID to GEO along with the authentication request.

Step 2: GEO judges the validity of the authentication request.

2.1) Freshness Verification

After receiving the TID, GEO uses the preset IDKey to decrypt the TID. If the obtained T _TID satisfies T _TID -T ₀ <ΔT _TID , then the request meets the freshness requirement and proceeds to step 2.2), otherwise terminates the authentication and releases the connection;

2.2) Validity verification

If the decrypted RID conforms to the predetermined naming specification, the identity verification is passed, and step 3 is performed; otherwise, the authentication is terminated and the connection is released.

Step 3: GEO generates and returns an authentication token.

3.1) Generate authentication key

GEO obtains the time stamp T _Auth needed to generate AuthKey through the on-board clock. Based on the obtained T _Auth and the preset MainKey, GEO calculates the authentication key AuthKey used in this authentication, AuthKey=f _AK (MainKey, T _Auth ). Among them, f _AK is the authentication key generation algorithm, which is used for the generation of AuthKey, and it can be implemented by referring to ECB-SM4 (Electric Codebook Mode of National Secret SM4 Algorithm).

3.2) Generate timestamp protection sequence

GEO generates a one-time random number RAND. Based on the generated RAND and AuthKey, GEO calculates a timestamp protection sequence TK, TK=f _TK (AuthKey, RAND). Among them, f _TK is a timestamp protection sequence generation algorithm, which can be realized by referring to ECB-SM4.

3.3) Generate message verification code

GEO obtains the time stamp T _Token required to generate the authentication token Token through the on-board clock. Based on the generated RAND, the acquired T _Token , and the stored SGID, GEO calculates the message authentication code MAC, where MAC=f _MAC (AuthKey, RAND||T _Token ||SGID). Where f _MAC is a message authentication code generation algorithm, which can be realized by referring to MAC-SM4.

3.4) Generate authentication token

GEO merges RAND, T _Token , TK, S _GID , and MAC into one Token,

3.5) Generate expected response and session key

GEO calculates the expected response XRES and the session key CK, CK=f _CK (AuthKey, RAND), XRES=f _RES (CK, RAND). Among them, f _CK is the authentication key generation algorithm, and f _RES is the authentication response value generation algorithm, which can be realized by referring to HMAC-SM3.

After the calculation of authentication parameters is completed, GEO stores XRES and CK, and returns Token to LEO.

Step 4: LEO judges the validity of the authentication token.

4.1) Freshness Verification

LEO uses the generated AuthKey and RAND in Token to calculate TK. After using TK to decrypt Token to get T _Token , judge whether T _Token -T ₀ <ΔT is true. If the T _Token meets the message freshness requirement, execute step 4.2), otherwise, the authentication fails and the connection is released.

4.2) Identity information verification

LEO uses the generated AuthKey and RAND, T _Token and SGID in the Token to calculate the message authentication code XMAC in the same way. After the calculation is completed, judge whether the calculated XMAC is equal to the MAC in the Token. If they are equal, the authentication of GEO is completed. If not, the authentication fails and the connection is released.

Step 5: LEO generates authentication response value and session key.

After the verification is passed, LEO uses RAND and AuthKey to calculate CK and _RES using f _CK and f RES, and returns RES to GEO.

Step 6: GEO validates the response value.

After receiving RES, GEO compares whether the received RES is equal to the stored XRES. If they are equal, the authentication to the LEO is completed; otherwise, the authentication fails.

Authentication sub-protocol after authentication information registration

The identity authentication that occurs after the authentication information is registered needs to use the authentication parameters obtained in the authentication pre-calculation, and the execution of the authentication sub-protocol requires the following steps:

Step 1: LEO sends an authentication request.

After the communication link is established, LEO first judges whether its own orbital parameters have changed. In case of orbital perturbation, since the authentication parameters obtained by the authentication pre-calculation have expired, this agreement needs to be terminated and the authentication sub-agreement (1) should be re-executed. If the orbit is normal, LEO sends the pre-calculated TID and RES to GEO together with the access request.

Step 2: GEO judges the validity of the access request.

After receiving the access request, GEO compares the received TID and RES with the stored XTID and XRES. If they are equal, complete the authentication to LEO, and return the stored Token to LEO; if not, return an error and re-execute the authentication sub-protocol (1).

Step 3: LEO judges the validity of the authentication token.

3.1) Freshness Verification

LEO uses the pre-computed AuthKey and RAND in Token to calculate TK. After using TK to decrypt Token to get T _Token , judge whether T _Token -T ₀ <ΔT is true. If the T _Token meets the message freshness requirement, execute step 3.2), otherwise, the authentication fails and the connection is released.

3.2) Identity information verification

LEO uses the generated AuthKey and RAND, T _Token and SGID in the Token to calculate the message authentication code XMAC in the same way. After the calculation is completed, judge whether the calculated XMAC is equal to the MAC in the Token. If they are equal, the authentication of GEO is completed. If not, the authentication fails and the connection is released.

Step 4: LEO generates a session key.

If the verification is passed, LEO uses the pre-calculated AuthKey and RAND in Token to calculate CK using f _CK .

The present invention will be further described below in conjunction with authentication pre-computation.

4. Authentication pre-calculation

The authentication pre-computation of the authentication method of the present invention is divided into two sub-protocols according to the execution stage of the inter-satellite network authentication, which are the pre-calculation sub-protocol before satellite authentication information registration and the pre-calculation sub-protocol after satellite authentication information registration.

(1) Authentication pre-calculation sub-protocol before authentication information registration

The authentication precomputation sub-protocol that occurs prior to the registration of satellite authentication information requires the following steps:

Step 1: LEO applies for a blank Token from GEO.

Step 2: GEO calculates and returns a blank Token.

Step 3: LEO conducts certification precomputation

LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token . Next, LEO generates the TID and AuthKey that should be used for the next authentication through T _TID and T _Auth respectively. Based on the blank Token returned by GEO, LEO calculates the RES that should be used for the next authentication. After calculation, LEO stores TID and RES.

Step 4: GEO conducts certification precomputation

GEO calculates the time point of the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token . Based on the acquired time parameters, stored satellite ID, stored key IDKey and MainKey, GEO calculates the XTID, XRES, Token, and CK needed for the next authentication. After calculation, GEO stores XTID, XRES, Token, CK.

(2) Authentication precomputation sub-protocol after authentication information registration

The certification precomputation sub-protocol that occurs after satellite certification information registration needs to perform the following steps: Step 1: LEO conducts certification precomputation

LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token . Next, LEO generates the TID and AuthKey that should be used for the next authentication through T _TID and T _Auth respectively. Based on the token returned by GEO in the authentication sub-protocol (2),

LEO calculates the RES that should be used for the next authentication. After calculation, LEO stores TID and RES.

Step 2: GEO conducts certification precomputation

GEO calculates the time point of the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token . Based on the acquired time parameters, stored satellite ID, stored key IDKey and MainKey, GEO calculates the XTID, XRES, Token, and CK needed for the next authentication. After the calculation, GEO stores XTID, XRES, Token, and CK.

The above steps 1 and 2 are independently calculated by LEO and GEO respectively during the idle time of the processor, without considering the sequence of execution.

The present invention will be further described below in combination with simulation experiments.

In the above-mentioned authentication method, if the communication and calculation overhead brought by the authentication pre-computation in the inter-satellite network authentication process are not considered (because the core idea of the authentication method of the present invention is to reduce the authentication interaction time of the satellite by designing the authentication pre-computation mechanism overhead), the authentication overhead of the authentication method of the present invention is as follows:

(1) The number of interactions, identity authentication that occurs before satellite authentication information registration requires 3 session interactions, and identity authentication that occurs after satellite authentication information registration requires 2 session interactions;

(2) The number of core operations, the identity authentication that occurs before the satellite authentication information registration requires 2B+2H+2M+2C operations, and the identity authentication that occurs after the satellite authentication information registration requires 1M+2C operations, where B represents one operation Block encryption, H represents a hash operation, M represents a message verification code operation, and C represents a comparison operation;

(3) Calculation time. It takes 20.3 microseconds for identity authentication before satellite authentication information registration, and 5.9 microseconds for identity authentication after satellite authentication information registration. The above experimental environment is a computer with i5 4590+8G RAM, using SM3 -256bit for Hash calculation, SM3-HMAC-256bit for MAC calculation, SM4-128bit for packet encryption, using a random number with a length of 128bits, and a time stamp with a length of 48bits.

From the above experimental results, it can be concluded that when using this authentication method, due to the setting of the authentication pre-calculation mechanism, as long as the registration of authentication information between satellites is completed, the inter-satellite network authentication can be completed with less overhead, and at the same time, it can be completed at a lower cost. Overhead realizes the anonymous protection of LEO identity information.

In the above embodiments, all or part of them may be implemented by software, hardware, firmware or any combination thereof. When implemented wholly or partly in the form of a computer program product, said computer program product comprises one or more computer instructions. When the computer program instructions are loaded or executed on the computer, the processes or functions according to the embodiments of the present invention will be generated in whole or in part. The computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable devices. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from a website, computer, server or data center Transmission to another website site, computer, server or data center by wired (eg coaxial cable, fiber optic, digital subscriber line (DSL) or wireless (eg infrared, wireless, microwave, etc.)). The computer-readable storage medium may be any available medium that can be accessed by a computer, or a data storage device such as a server or a data center integrated with one or more available media. The available medium may be a magnetic medium (for example, a floppy disk, a hard disk, or a magnetic tape), an optical medium (for example, DVD), or a semiconductor medium (for example, a Solid State Disk (SSD)).

The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. within range.

Claims (10)

1. a kind of inter-satellite network authentication method applicable to double-layer satellite network, it is characterized in that, described inter-satellite network authentication method applicable to double-layer satellite network comprises: LEO completes the identity authentication of GEO by judging whether the locally calculated XMAC is equal to the MAC in Token; GEO completes the identity authentication of LEO by judging whether the locally stored XRES is equal to the returned RES; when performing identity authentication, GEO and The authentication parameters passed between LEOs include TID, Token, and RES; among them, the generation of TID requires a time stamp T _TID , and GEO uses this to judge the freshness of TID; the Token contains the encrypted time parameter T _Token , and LEO judges it based on the MAC value Whether the received Token is a replay message; there is a corresponding relationship between RES and Token, and GEO can judge whether RES is a replay message through the message return speed; When LEO sends an authentication request, it uses a temporary identity generated based on time, and the identity information used in each authentication is different; the verification of identity information in the authentication process adopts the method of character comparison; The IDKey shared between the groups performs cryptographic operations on the composite string of the time stamp _TID and the real identity RID, and uses the operation result to represent the temporary identity of the satellite; Taking advantage of the highly synchronized satellite network clock and predictable trajectory, both GEO and LEO update the authentication key AuthKey according to the predicted time and calculate the authentication parameters in advance. 2. the inter-satellite network authentication method applicable to double-layer satellite network as claimed in claim 1, is characterized in that, the described inter-satellite network authentication method applicable to double-layer satellite network comprises: In the first step, the authentication system is initialized, and the ground station generates and distributes the identity information, keys, and orbital parameters required for authentication between satellites; The second step is the registration of satellite authentication information. After receiving the orbit information sent by LEO, GEO adds the authentication information of the LEO to the authentication information table, and stores the ID of the LEO together with the orbit data into the authentication information database on the satellite; the registration is completed After that, GEO returns its precise orbital data to LEO; The third step is inter-satellite identity authentication and key negotiation. According to the authentication stage, the authentication sub-protocol before the satellite authentication information registration and the authentication sub-protocol after the satellite authentication information registration are selected; The fourth step is authentication pre-calculation. According to the authentication stage, the pre-calculation sub-protocol before satellite authentication information registration and the pre-calculation sub-protocol after satellite authentication information registration are selected. 3. the inter-satellite networking authentication method applicable to double-layer satellite network as claimed in claim 2, is characterized in that, the first step, authentication system initialization specifically comprises: (1a) In the launch preparation stage, the satellite submits a system initialization application to the ground authentication server; (1b) After receiving the application, the ground authentication server generates and distributes identity information, keys, and orbit parameters for the satellite, including identity information ID, group identity information SGID, anonymous protection key IDKey of satellite identity information, satellite authentication Master key MainKey. 4. The inter-satellite networking authentication method applicable to double-layer satellite networks as claimed in claim 2, wherein the second step, the registration of satellite authentication information specifically includes: (2a) LEO sends its own precise orbit data to GEO, including orbital height and orbital inclination parameters for satellite orbital position prediction; (2b) After receiving the orbit information sent by LEO, GEO adds the authentication information of LEO to the authentication information table, and stores the ID of LEO together with the orbit data into the authentication information database on the satellite; after the registration is completed, GEO returns itself to LEO precise orbital data; (2c) After receiving the returned orbital data, LEO will store the data in its own authentication database; The third step, inter-satellite identity authentication and key negotiation specifically includes: Execute the authentication sub-agreement before satellite authentication information registration and the authentication sub-agreement after satellite authentication information registration; The authentication sub-protocol before the authentication information registration includes: (3a) LEO obtains the time stamp T _TID through the on-board clock; based on the obtained T _TID and the preset IDKey, LEO calculates the temporary identity TID that should be used for this authentication, TID = f _TID (IDKey, T _TID || RID) ; After the calculation is completed, LEO sends the TID to GEO together with the authentication request; (3b) After receiving the TID, GEO uses the preset IDKey to decrypt the TID, and judges the freshness and validity of the authentication request through the decrypted _TID and RID; (3c) GEO obtains the time stamp T _Auth needed to generate AuthKey through the on-board clock; based on the obtained T _Auth and the preset MainKey, AuthKey=f _AK (MainKey, T _Auth ); GEO generates a one-time random number RAND; Based on the generated RAND and AuthKey, GEO calculates the time stamp protection sequence TK, TK=f _TK (AuthKey, RAND); GEO obtains and generates the Token time stamp T _Token through the on-board clock; based on the generated RAND, the obtained T _Token , the stored SGID, GEO calculates message authentication code MAC, MAC=f _MAC (AuthKey, RAND||T _Token ||SGID); GEO combines RAND, T _Token , TK, SGID, and MAC into an authentication token Token, And calculate expected response XRES and session key CK, CK=f _CK (AuthKey, RAND), XRES=f _RES (CK, RAND); (3d) LEO uses the AuthKey generated by (3b)-(3c), and uses the generated AuthKey to judge the freshness and validity of the Token; (3e) After verification, LEO calculates CK and RES, and returns RES to GEO; (3f) After receiving RES, GEO compares whether the received RES is equal to the stored XRES; if they are equal, the authentication of LEO is completed; otherwise, the authentication fails; The authentication sub-protocol after the authentication information is registered includes: After the communication link is established, LEO first judges whether its own orbital parameters have changed; if there is an orbital perturbation, the authentication parameters obtained by the authentication pre-calculation become invalid, terminate this agreement, and re-execute the authentication sub-protocol before the authentication information registration; if the operating orbit is normal , LEO sends the pre-calculated TID and RES to GEO together with the access request; After receiving the access request, GEO will compare the received TID and RES with the stored XTID and XRES; if they are equal, complete the authentication of LEO and return the stored Token to LEO; if they are not equal, return an error and restart Execute the authentication sub-protocol before the authentication information registration; LEO uses the pre-calculated AuthKey to determine the validity of the authentication token; After the verification is passed, LEO uses AuthKey to calculate the session key CK; The fourth step, certification pre-calculation specifically includes: Execute the pre-calculation sub-protocol before satellite authentication information registration and the pre-calculation sub-protocol after satellite authentication information registration; The authentication pre-calculation sub-protocol before the authentication information is registered, specifically includes: (4a) LEO applies for a blank Token from GEO; (4b) GEO calculates and returns a blank Token; (4c) LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters T _TID , T _Auth , and T _Token ; then, LEO generates the next authentication token through T _TID and T _Auth respectively TID and AuthKey; based on the blank Token returned by GEO, LEO calculates the RES for the next authentication; after the calculation is completed, LEO stores the TID and RES; (4d) GEO calculates the time point for the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters T _TID , T _Auth , and T _Token ; based on the obtained time parameters, the stored satellite ID, and the stored key IDKey and MainKey, GEO calculates the XTID, XRES, Token, and CK for the next authentication; after the calculation is completed, GEO stores XTID, XRES,, Token, and CK; The authentication pre-calculation sub-protocol after the authentication information is registered specifically includes: LEO calculates the time point of the next authentication with the target GEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token ; then, LEO generates TID and AuthKey for the next authentication through T _TID and T _Auth respectively ;Based on the Token returned by GEO in the authentication sub-protocol, LEO calculates the RES for the next authentication; after the calculation is completed, LEO stores the TID and RES; GEO calculates the time point of the next authentication with the target LEO through the orbit position prediction technology, and obtains three time parameters of T _TID , T _Auth , and T _Token ; based on the obtained time parameters, the stored satellite ID, the stored key IDKey and MainKey , GEO calculates the XTID, XRES, Token, and CK for the next authentication; after the calculation is completed, GEO stores XTID, XRES, Token, and CK. 5. A computer program for realizing the authentication method for inter-satellite networking applicable to a double-layer satellite network according to any one of claims 1-4. 6. An information and data processing terminal that implements the authentication method for inter-satellite networking applicable to double-layer satellite networks according to any one of claims 1-4. 7. A computer-readable storage medium, comprising instructions, which, when run on a computer, cause the computer to execute the inter-satellite network authentication method applicable to a two-layer satellite network according to any one of claims 1-4. 8. An inter-satellite network authentication system applicable to a double-layer satellite network applicable to a double-layer satellite network authentication method as claimed in claim 1, wherein said double-layer satellite network is applicable to The inter-satellite networking authentication system of the network includes: The ground authentication server is used to complete the initialization of the satellite authentication system, generate and distribute identity information, keys, and orbital parameters for authentication between satellites; The high-orbit satellite GEO authentication client is used to receive the authentication request from LEO, calculate and return the authentication token Token, calculate the expected response XRES and session key CK, check whether the temporary identity TID used by LEO in the authentication request is valid, and check whether the LEO Whether the returned response value RES is correct, maintain an authentication information table for LEO; Low-orbit satellite (LEO) authentication client, used to submit authentication requests to GEO, check whether the authentication token Token returned by GEO is valid, calculate temporary identity TID, response value RES and session key CK, and maintain an authentication information table for GEO . 9. The inter-satellite networking authentication system applicable to double-layer satellite networks as claimed in claim 8, wherein the ground authentication server comprises: The system initialization module is used to complete the initialization of the satellite authentication system, and writes the identity information generated by the identity information generation module, the key generated by the key generation module, and the orbit parameters assigned by the orbit allocation module into the satellite authentication system; The identity information generation module is used to generate the identity information required for authentication for the satellite according to the production sequence and launch sequence of the satellite; The key generation module is used to generate the key required for authentication for the satellite; Orbit allocation module, used for allocating orbits for satellites; High-orbit satellite GEO certification clients include: The system initialization module is used to complete the initialization of the on-board authentication system, and obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server; Network authentication module, including authentication sub-module, data processing sub-module and pre-calculation management sub-module; The authentication sub-module is used to interact with the low-orbit satellite LEO authentication client for the parameters required for authentication; The data processing sub-module is used to generate and parse authentication parameters, and check whether the received authentication parameters are valid; The pre-calculation management sub-module is used to manage the pre-calculation of the authentication parameters of the satellite according to the data in the authentication information table, and maintain the authentication information table; The orbit prediction module is used to calculate the time node of the next authentication between satellites; The certification information management module is used to manage the registration and update of LEO certification information; LEO certified clients include: The system initialization module is used to complete the initialization of the on-board authentication system, and obtain the identity information, keys, and orbital parameters required for satellite authentication from the ground authentication server; Network authentication module, including authentication sub-module, data processing sub-module and pre-calculation management sub-module; The authentication sub-module is used for the parameters required for interactive authentication with the high-orbit satellite GEO authentication client; The data processing sub-module is used to generate and parse authentication parameters, and check whether the received authentication parameters are valid; The pre-calculation management sub-module is used to manage the pre-calculation of the authentication parameters of the satellite according to the data in the authentication information table, and maintain the authentication information table; The orbit prediction module is used to calculate the time node of the next authentication between satellites; The certification information management module is used to manage the registration and update of GEO certification information. 10. An information data processing terminal equipped with the inter-satellite networking authentication system applicable to a two-layer satellite network according to any one of claims 8-9.