AHA-BV: Access and handover authentication protocol with batch verification for satellite–terrestrial integrated networks

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces Pub Date : 2024-05-16 DOI:10.1016/j.csi.2024.103870

Junyan Guo , Liyuan Chang , Yue Song , Shuang Yao , Zhi Zheng , Yihang Hao , Shixuan Zhu , Wei Guo , Ming Zhao

{"title":"AHA-BV: Access and handover authentication protocol with batch verification for satellite–terrestrial integrated networks","authors":"Junyan Guo , Liyuan Chang , Yue Song , Shuang Yao , Zhi Zheng , Yihang Hao , Shixuan Zhu , Wei Guo , Ming Zhao","doi":"10.1016/j.csi.2024.103870","DOIUrl":null,"url":null,"abstract":"<div><p>At present, the rapid development of satellite capabilities has prompted the proposal of satellite–terrestrial integrated networks (STIN), which solves the problem of limited signal coverage of terrestrial cellular networks, further promotes the globalization process, and realizes global data sharing and on-demand use. However, due to the high openness of satellite-to-ground links in STIN, users are vulnerable to attacks such as eavesdropping, replay, tampering, and impersonation when requesting access to satellite nodes and obtaining subscription services. To ensure the security and reliability, many authentication protocols have been proposed, but there are still some shortcomings, such as high authentication overhead, vulnerability to certain attacks. In addition, for inter-satellite handovers caused by the highly dynamic topology of satellites, the computational overhead of existing handover authentication mechanisms is too high to be applied to frequent inter-satellite handover scenarios in STIN. To address the above issues, in this paper, we propose a new access and handover authentication protocol with batch verification for STIN, namely the AHA-BV protocol. The AHA-BV protocol not only realizes mutual authentication and key negotiation between users and satellite access points without the participation of the network control center, but also ensures the conditional anonymity of users during the access authentication phase. Furthermore, the lightweight batch verification mechanism reduces the risk of computing bottlenecks when resource-constrained satellites receive a large number of access authentication requests. Not only that, the AHA-BV protocol can also achieve sustained trust in subscription services from STIN with low computational overhead during the inter-satellite handover authentication phase. Formal and heuristic security analysis show that the AHA-BV protocol can meet the security requirements of STIN. Performance analysis indicates that the AHA-BV protocol has low authentication overhead while ensuring security, and is more suitable for users under satellite dynamic topology to access and obtain subscription services from STIN.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":4.1000,"publicationDate":"2024-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0920548924000394","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

At present, the rapid development of satellite capabilities has prompted the proposal of satellite–terrestrial integrated networks (STIN), which solves the problem of limited signal coverage of terrestrial cellular networks, further promotes the globalization process, and realizes global data sharing and on-demand use. However, due to the high openness of satellite-to-ground links in STIN, users are vulnerable to attacks such as eavesdropping, replay, tampering, and impersonation when requesting access to satellite nodes and obtaining subscription services. To ensure the security and reliability, many authentication protocols have been proposed, but there are still some shortcomings, such as high authentication overhead, vulnerability to certain attacks. In addition, for inter-satellite handovers caused by the highly dynamic topology of satellites, the computational overhead of existing handover authentication mechanisms is too high to be applied to frequent inter-satellite handover scenarios in STIN. To address the above issues, in this paper, we propose a new access and handover authentication protocol with batch verification for STIN, namely the AHA-BV protocol. The AHA-BV protocol not only realizes mutual authentication and key negotiation between users and satellite access points without the participation of the network control center, but also ensures the conditional anonymity of users during the access authentication phase. Furthermore, the lightweight batch verification mechanism reduces the risk of computing bottlenecks when resource-constrained satellites receive a large number of access authentication requests. Not only that, the AHA-BV protocol can also achieve sustained trust in subscription services from STIN with low computational overhead during the inter-satellite handover authentication phase. Formal and heuristic security analysis show that the AHA-BV protocol can meet the security requirements of STIN. Performance analysis indicates that the AHA-BV protocol has low authentication overhead while ensuring security, and is more suitable for users under satellite dynamic topology to access and obtain subscription services from STIN.

查看原文本刊更多论文

AHA-BV：带批量验证的卫星-地面集成网络接入和切换验证协议

目前，卫星能力的快速发展促使人们提出了星地一体化网络（STIN），它解决了地面蜂窝网络信号覆盖有限的问题，进一步推动了全球化进程，实现了全球数据共享和按需使用。然而，由于 STIN 中卫星到地面链路的高度开放性，用户在请求访问卫星节点和获取订阅服务时很容易受到窃听、重放、篡改和假冒等攻击。为确保安全性和可靠性，人们提出了许多认证协议，但仍存在一些不足，如认证开销大、易受某些攻击等。此外，对于卫星拓扑高度动态所导致的卫星间切换，现有切换认证机制的计算开销过高，无法应用于 STIN 中频繁的卫星间切换场景。针对上述问题，本文提出了一种适用于 STIN 的带批量验证的新型接入和切换验证协议，即 AHA-BV 协议。AHA-BV 协议不仅可以在没有网络控制中心参与的情况下实现用户与卫星接入点之间的相互认证和密钥协商，还能确保用户在接入认证阶段的有条件匿名性。此外，当资源有限的卫星收到大量接入验证请求时，轻量级批量验证机制可降低计算瓶颈风险。不仅如此，AHA-BV 协议还能在卫星间切换验证阶段以较低的计算开销实现对 STIN 订阅服务的持续信任。形式和启发式安全分析表明，AHA-BV 协议能够满足 STIN 的安全要求。性能分析表明，AHA-BV 协议在确保安全的同时具有较低的认证开销，更适合卫星动态拓扑结构下的用户访问和获取 STIN 的订阅服务。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Standards & Interfaces 工程技术-计算机：软件工程

CiteScore

11.90

自引率

16.00%

发文量

审稿时长

6 months

期刊介绍： The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.