计算机科学 ›› 2015, Vol. 42 ›› Issue (Z11): 333-340.

• 信息安全 • 上一篇    下一篇

一种基于身份的层次式空间网络组密钥管理方案

蒋自辉,雷凤宇   

  1. 解放军75741部队 广州510510,解放军75741部队 广州510510
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受“973”项目(2009CB320403),国家自然科学基金(60832008,60832006)资助

Identity-based Hierarchy Group Key Management of Space Network

JIANG Zi-hui and LEI Feng-yu   

  • Online:2018-11-14 Published:2018-11-14

摘要: 随着航天技术、移动通信技术和网络技术的迅速发展以及信息化建设的逐渐深入,空间信息系统也在向着网络化的趋势加速发展,其应用前景受到了极大的关注,故其对安全的要求越来越高。文中提出的基于身份的空间网络组密钥管理方案ID-GKM中,采用分层分组式的组密钥管理机制,方案除了包括常有的组密钥生成分发、密钥更新外,还考虑了私钥更新。在私钥更新部分,采用B&F提出的基于身份的公钥加密机制,提出了适合空间网络的私钥更新机制。该方案能够适应空间网络的层次化架构,满足其对强扩展性、高可靠性等的要求。另外,针对地面终端节点与空间节点不同的特点,提出地面组管理的密钥更新应采用批量更新的方案,该方案结合使用了定期和基于队列更新的思想,且可以考虑采用基于代理重加密的组密钥管理方案来解决LKH方案中组密钥更新时对用户必须在线的要求。

关键词: 分布式生成中心,签密,LKH

Abstract: With the gradual deepening of the information construction and the rapid development of space technology,mobile communication technology and network technology,spatial information system development also accelerates toward networking.Potential applications of special information network have gotten more concern,so its safety requirements are getting higher and higher.This paper proposed a identity-based group key management program(ID-GKM) for the entire space network,which uses the hierarchical-grouped group key management scheme.In addition to a common group key generating,distribution and updating,it also considered the part of the private key updating.Using the identity-based key encryption mechanism which is proposed by Boneh and Franklin,we proposed the private key update mechanism for space network.The program can adapt the hierarchical structure of the space network and meet the requirements of its strong scalability and high reliability.In addition,we concerned the difference of the ground terminal node and the nodes in space.This scheme uses the batch updating that is a combination of updating regularly and updating based on queue.And we can use the proxy re-encryption group key management scheme to solve the issue that the user must be online when group key is updating.

Key words: Distributed private key generation centre,Signcryption,LKH

[1] 彭长艳.空间网络安全关键技术研究[D].长沙:国防科学技术大学,2010
[2] 罗长远,李伟,邢洪智,等.空间网络中基于身份的分布式密钥管理研究[J].电子与信息学报,2010,32(1):183-188
[3] Yu Yong,Yang Bo,Huang Xin-yi,et al.Efficient Identity-Based Signcryption Scheme for Multiple Receivers[C]∥Proceedings of the 4th International Conference on Autonomic and Trusted Computing,ATCZOO7,Lecture Notes in Computer Science 4610.HongKong,China,2007:13-21
[4] Ayan R-C,Baras J S,Hadjitheodosious M,et al.Security Issues in Hybrid Networks with a Satellite Component [J].IEEE Wireless Communications,2005,12(6):50-61
[5] Yavuz A A,Alagozl F,Anarim E.A New Satellite Multicast Security Protocol Based on Elliptic Curve Signatures [C]∥2nd Information and Communication Technologies,2006(ICTTA’06).2006
[6] Yavuz A A,Alagozl F,Anarim E.NAMEPS:N-Tier Satellite Multicast Security Protocol Based on Signcryption Schemes [C]∥Proceedings of the 49th Annual IEEE Global Telecommunications Conference(Globecom2006).San Francisco,California,USA,2006:1-6
[7] 杨德明,慕德俊,许钟.Ad hoc空间网络密钥管理与认证方案[J].通信学报,2006,27(8):104-107
[8] 罗长远,李伟,李海林,等.分布式CA下空间网络认证密钥安全度量方法[J].电子与信息学报,2009,31(10):2316-2320
[9] Victor P,Hubenko J,Raines R A,et al.Improving Satellite Multicast Security Scalability by Reducing Rekeying Requirements [J].IEEE Network,2007,21(4):51-56
[10] 王宇,卢昱,吴忠旺,等.构建多级多层的空间信息系统安全基础设施[J].宇航学报,2007,28(5):1081-1085
[11] Chen T-H,Lee W-B,ai H-B.A Self-Verification Authentication Mechanism for Mobile Satellite Communication Systems [J].Computers and Electrical Engineering,2009,35(1):41-48
[12] Chen Yi-ruei,Tygar J D,Tzeng W-G.Secure Group Key Management Using Uni-Directional Proxy Re-Encryption Schemes [C]∥IEEE INFOCOM 2011:The 30th IEEE International Conference on Computer Communications.2011

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!