面向空间信息网络的免配对无证书链上接入认证方法  

作　　者：霍如 王志浩 邵子豪 黄韬 HUO Ru;WANG Zhihao;SHAO Zihao;HUANG Tao(School of Information Science and Technology,Beijing University of Technology,Beijing 100124,China;Purple Mountain Laboratories,Nanjing 211111,China;State Key Laboratory of Networking and Switching Technology,Beijing University of Posts and Telecommunications,Beijing 100876,China)

机构地区：[1]北京工业大学信息科学技术学院,北京100124 [2]紫金山实验室,江苏南京211111 [3]北京邮电大学网络与交换技术国家重点实验室,北京100876

出　　处：《通信学报》2024年第8期136-148,共13页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2023YFB2704200)。

摘　　要：传统的地面网络接入认证方法存在单点故障和证书分发过程不透明的问题,难以应对空间信息网络中高度复杂和动态多变的拓扑网络,因此提出了一种面向空间信息网络的免配对无证书链上接入认证方法。首先,结合联盟链和无证书公钥密码分发技术,构建了星链通信模型。在此基础上,提出了基于区块链的免配对无证书公钥-椭圆曲线混合加密算法,设计了接入认证机制,以保障接入认证过程的安全性和操作的可追溯性。最后,通过扩展的区块结构记录接入认证清单,设计了批处理机制,实现高效切换。安全分析与仿真结果表明,所提方法与现有方法相比,在提供更强安全性保障的前提下,降低了信令开销约50%、认证时延至少约12.4%、批处理认证时延约23%。Due to the single point failure and opaque certificate distribution process of the access authentication methods in a traditional terrestrial network,it was difficult to apply to a spatial information network with a highly complex and dynamic topology.Therefore,pairing-free certificateless blockchain-based access authentication method for spatial information network was proposed.Firstly,a satellite-blockchain network communication model was constructed,combining consortium blockchain and certificateless public key cryptography distribution technology.Furthermore,a certificateless public key without pairing and elliptic curve hybrid encryption algorithm based on blockchain was proposed,and an access authentication mechanism was designed to ensure the security of the access authentication process and the traceability of operations.Finally,the access authentication list was recorded through the extended block structure,and the batch verification mechanism was designed to achieve efficient handover.Security analysis and simulation results show that,compared with existing methods,the proposed method reduces the signaling overhead by about 50%,the authentication delay by at least 12.4%,and the batch authentication delay by about 23%,while providing stronger security guarantees.

关 键 词：空间信息网络 区块链 无证书公钥密码分发技术 接入认证 

分 类 号：TN309[电子电信—物理电子学]