基于CCSDS空间数据链路安全协议的星载遥控认证保护  

作　　者：唐利锋 崔阳 刘晓瑞 刘希红 TANG Lifeng;CUI Yang;LIU Xiaorui;LIU Xihong(Shanghai Aerospace Electronics Co.,Ltd.,Shanghai 201821,China;Innovation Academy for Microsatellites,Chinese Academy of Sciences,Shanghai 201210,China)

机构地区：[1]上海航天电子有限公司,上海201821 [2]中国科学院微小卫星创新研究院,上海201210

出　　处：《上海航天（中英文）》2021年第4期118-127,共10页Aerospace Shanghai（Chinese&English）

基　　金：上海市科学技术委员会全球多媒体卫星系统项目(17DZ1100700)。

摘　　要：在国际空间数据系统咨询委员会(CCSDS)规定的空间遥控系统数据传输体制下,对星载遥控认证保护进行了研究。选择了遥控数据认证保护层次,并设计了认证保护数据范围。针对上行遥控的认证保护机制与国际空间数据系统咨询委员会的空间遥控链路命令操作过程(COP-1)之间存在的"闭锁"风险,设计了重传请求保护机制。基于空间数据链路安全(SDLS)协议体制,提出了一种遥控认证帧结构模型。在该模型中,通过插入随机序列码段,使相同指令/数据帧经认证算法计算后,其结果的非线性度扩大;通过插入毫秒级精度的时间序列码段,抵御重放攻击,并极好地适应不同地面控制中心对航天器的并行控制。提出一种针对遥控认证保护的,涉及"常态"和"应急态"的安全关联(SA)周期管理的方法、密钥生存周期管理的方法,有效实现各虚拟信道的独立保护及密钥的科学管理。同时,提出一种开展星载遥控认证保护业务的算法设计方法。The satellite-borne transmission control(TC)authentication protection is studied under the hierarchy of the TC data transmission system specified by Consultative Committee for Space Data Systems(CCSDS). The data link sub-layer used for authentication protection is selected,and the scope of protected data is designed. Due to the"lock-up"risk between the authentication protection mechanism of the uplink TC and the COP-1 command operation process of CCSDS,a retransmission request protection mechanism is designed. Based on the space data link security(SDLS)protocol system,a TC authentication frame structure model is proposed. In this model,the non-linearity of the same instruction/data frame is enlarged after the calculation with the authentication algorithm by inserting random sequence code segments. By inserting the time sequence code segments with millisecond-level precision,it resists the replay attacks and well adapts the parallel control of spacecraft by multiple satellite control centers. A security association(SA) cycle management model and a key life cycle management model involving"normal state"and"emergency state"for TC authentication protection are designed to realize the independent protection of each virtual channel and the scientific management of the key effectively. At the same time,an algorithm design method for satellite-borne TC authentication protection services is proposed.

关 键 词：国际空间数据系统咨询委员会(CCSDS) 空间数据链路安全协议(SDLS) 通信操作程序 COP-1 密钥 MD5 

分 类 号：TP309[自动化与计算机技术—计算机系统结构] TP872[自动化与计算机技术—计算机科学与技术]