面向天地一体化网络的认证与密钥协商协议  被引量：2

作　　者：谢绒娜 谭莉 武佳卉 史国振 李楚涵 邓烨 XIE Rong-Na;TAN Li;WU Jia-Hui;SHI Guo-Zhen;LI Chu-Han;DENG Ye(Department of Cryptography and Science Technology,Beijing Electronic Science and Technology Institute,Beijing 100070,China)

机构地区：[1]北京电子科技学院密码科学与技术系,北京100070

出　　处：《密码学报》2023年第5期1035-1051,共17页Journal of Cryptologic Research

基　　金：国家重点研发计划(2016YFB0800304,2017YFB0801803);中央高校基本科研业务费专项资金(328202230)。

摘　　要：天地一体化网络具有通信模式复杂和动态性、开放性、资源受限等特点,本文针对现有认证与密钥协商协议需要多因子参与认证、计算与通信开销大等问题,分析天地一体化网络安全需求与性能需求,提出一种面向天地一体化网络的认证与密钥协商协议.为适应天地一体化网络的多层级架构,协议采用树状结构,共包括相邻节点认证与密钥协商和跨节点认证与密钥协商两个阶段.在相邻节点认证与密钥协商过程中完成各节点的组网认证,形成认证表格,为后续通信提供认证数据;采用透明传输的思想,基于切比雪夫混沌映射技术实现跨节点认证与密钥协商,保证会话密钥协商的安全性.针对节点高度动态变化的特点,设计认证预测机制,预测节点的运动轨迹,提前完成节点认证数据的迁移,实现不同通信模式无缝切换,提高通信效率.安全性分析和性能分析表明,与同类型的协议相比,本文协议在安全性上具有明显优势,并且降低了通信与计算开销,满足天地一体化网络的轻量级需求.The space-ground integrated network has complex communication patterns,and is characterized by being dynamic,open,and having limited resources.This paper aims at problems that existing authentication and key agreement protocols require multi-factor participation in authentication,and high computation and communication overhead,analyzes the security and performance requirements of the space-ground integrated network,and proposes an authentication and key agreement protocol for the space-ground integrated network.The proposed protocol uses a tree-like network topology to accommodate the multi-layered architecture of the space-ground integrated network,dividing the protocol into two phases:adjacent node authentication and key agreement and cross-node authentication and key agreement.The network authentication of each node is completed in the process of adjacent node authentication and key agreement,forming an authentication form to provide authentication data for subsequent communication.The idea of transparent transmission is adopted to achieve cross-node authentication and key agreement based on Chebyshev chaotic mapping technology to ensure the security of session key agreement.Given the highly dynamic change of nodes,the authentication prediction mechanism is designed to predict the motion trajectory of nodes and complete the migration of node authentication data in advance,to achieve seamless switching between different communication modes and to improve communication efficiency.Security analysis and performance analysis show that,this protocol outperforms similar protocols in terms of security and reduces communication and computation overheads to meet the lightweight requirements of the space-ground integrated network.

关 键 词：天地一体化网络 认证 密钥协商 切比雪夫混沌映射 预测 

分 类 号：TN927.2[电子电信—通信与信息系统]