Abstract
SIN (Space Information Network) is expected to play an increasing role in providing real-time, flexible, and integrated communication and data transmission services in an efficient manner. Nowadays, SIN has been widely developed for position navigation, environment monitor, traffic management, counter-terrorism, etc. However, security is a major concern in SIN, since the satellites, spacecrafts, and aircrafts are susceptible to a variety of traditional/specific network-based attacks, including eavesdropping, session hijacking, and illegal accessing. The network architecture and security issues of SIN were reviewed. Various security requirements were discussed that should be considered when designing SIN. And existing solutions proposed to meet these requirements were surveyed. The key challenges and key technologies that still require extensive research and development for securing SIN were indentifed.
Article PDF
Similar content being viewed by others
References
[1]ROY-CHOWDHURY A, BARASJOHN S, HADJITHEODOSIOU M, et al. Security issues in hybrid networks with a satellite component[J]. IEEE wireless communications, 2005, 12(6): 50–61.
WIKIPEDIA. Iran-U.S. RQ-170 Incident[EB/OL]. 2011. https://en.wikipedia.org/wiki/Iran-U.S._RQ-170_incident.
MAJUMDAR D. Iran’s captured RQ-170: How bad is the damage?[EB/OL]. 2011. http://www.airforcetimes.com/news/2011/12/defense-iran-captured-rq-170-how-bad-120911/.
WARNER J S, JOHNSTON R G. A simple demonstration that the global positioning system (GPS) is vulnerable to spoofing[J]. Journal of security administration, 2002, 25(2): 19–27.
WIKIPEDIA. Death of muammar gaddafi[EB/OL]. 2011. https://en.wikipedia.org/wiki/Death of Muammar Caddafi.
MUKHERJEE J, RAMAMURTHY B. Communication technologies and architectures for space network and interplanetary internet[J]. IEEE communications surveys and tutorials, 2013, 15(2): 881–897.
LIU J, LIU C, GUO K. A key management and authentication model for ad hoc network[C]//Proceedings of the IEEE 18th International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC 2007), c2007: 1–5.
CCSDS 713.5-B-1. Space communication protocol specification (SCPS)-security protocol[S]. The Consultative Committee for Space Data Systems (CCSDS), 1999.
CCSDS 733.5-O-0.1. Next generation space internet (NGSI) - end-to-end security for space mission communications[S]. The Consultative Committee for Space Data Systems (CCSDS), 2003.
RFC 2409. The Internet key exchange (IKE)[Z]. Network Working Group, 1998.
CCSDS 350.1-G-1. Security threats against space missions[S]. The Consultative Committee for Space Data Systems (CCSDS), 2006.
CCSDS 350.0-G-2. The application of CCSDS protocols to secure systems[S]. The Consultative Committee for Space Data Systems (CCSDS), 2006.
CCSDS 350.9-G-1. CCSDS cryptographic algorithms[S]. The Consultative Committee for Space Data Systems (CCSDS), 2014.
CCSDS 351.0-M-1. Security architecture for space data systems[S]. The Consultative Committee for Space Data Systems (CCSDS), 2012.
ALBERTS D S, GARSTKA J J, STEIN F P. Network centric warfare: developing and leveraging information superiority[M]. Command and Control Research Program Publication Series, 2000.
SIMONSEN E. Integrated defense systems[EB/OL]. https://www.boeing.com/news/frontiers/archive/2005/october/i_ids3 html.
MOHR W. Broadband radio access for IP-based networks in the IST BRAIN project[C]//Proceedings of the International Conference on Telecommunications (ICT 2000), c2000: 22–25.
AIELLO W, BELLOVIN S M, BLAZE M, et al. Just fast keying: Key agreement in a hostile internet[J], ACM transactions on information and system security, 2004, 7(2): 242–273.
ERONEN P. Internet key exchange protocol version 2 (IKEv2)[S]. Internet Engineering Task Force (ITEF). 2010.
WU T. The SRP authentication and key exchange system[S]. Internet Engineering Task Force (ITEF). 2000.
SHEN R J. Some thoughts of Chinese integrated space-ground network system[J]. Engineering science, 2006, 8(10): 19–30.
MIN S. Discussion on space-based integrated information network[J], Space international, 2013, 8: 46–54.
DAEMEN J, VINCENT R. The design of Rijndael: AES-the advanced encryption standard[M]. Berlin Heidelberg: Springer, 2002.
ZHEN J, LI J, LEE M J, et al. A lightweight encryption and authentication scheme for wireless sensor networks[J]. International journal of security and networks, 2006, 1(3–4): 138–146.
BOGDANOV A, MENDEL F, REGAZZONI F, et al. ALE: AES-based lightweight authenticated encryption[C]//Proceedings of the 20th International Workshop on Fast Software Encryption (FSE 2013), Singapore, c2013: 447–466.
LI N, LIN K, LIN W, et al. A joint encryption and error correction method used in satellite communications[J]. China communications, 2014, 11(3): 70–79.
VLADIMIROVA T, BANU R, SWEETING M. On-board security services in small satellites[C]//Proceedings of the IEEE 23rd International Conference on Geoscience and Remote Sensing Symposium (IGARSS 2006), c2006: 1–15.
BANU R, VLADIMIROVA T. Fault-tolerant encryption for space applications [J]. IEEE transactions on aerospace and electronic systems, 2009, 45(1): 266–279.
FLEISCHMANN E, FORLER C, LUCKS S. McOE: a family of almost foolproof on-line authenticated encryption schemes[C]//Proceedings of the 19th International Workshop on Fast Software Encryption (FSE 2012), c2012: 196–215.
ISO/IEC 19772:2009. Information security-Security techniques-Authenticated Encryption[S]. International Organization for Standardization, 2009.
BELLARE M, NAMPREMPRE C. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm[C]//Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2000), c1976: 531–545.
BELLARE M, NAMPREMPRE C. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm[J]. Journal of cryptology, 2008, 21(4): 469–491.
ROGAWAY P. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC[C]//Proceedings of the 10th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2004), c2004: 16–31.
ROGAWAY P, SHRIMPTON T. A provable-security treatment of the key-wrap problem[C]//Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2006), c2006: 373–390.
DWORKIN M J. Special Publication 800-38C: recommendation for block cipher modes of operation: the ccm mode for authentication and confidentiality[S]. National Institute of Standards and Technology, 2005.
BELLARE M, ROGAWAY P, WAGNER D. The EAX mode of operation[C]//Proceedings of the 11th International Workshop on Fast Software Encryption (FSE 2004), c2004: 389–407.
MCGREW D A, VIEGA J. The security and performance of the Galois/Counter Mode (GCM) of operation[C]//Proceedings of the 5th International Conference on Cryptology in India (INDOC-RYPT 2004), c2004: 343–355.
DWORKIN M J. Special Publication 800-38D: recommendation for block cipher modes of operation: Galois/Counter Mode (GCM) and GMAC[S]. National Institute of Standards and Technology, 2007.
ZHANG L, ZHOU J, TANG C. Research on application of AEAD techniques for CCSDS telecommand protocol[J]. Journal of electronics and information security, 2009, 31(2): 343–348.
WEISS H. CCSDS standardization of security algorithms for civil space missions[S]. American Institute of Aeronautics and Astronzautics, 2012.
LYU X, MU Y, LI H. Non-interactive key establishment for bundle security protocol of space DTNs[J]. IEEE transactions on information forensics and security, 2014, 9(1): 5–13.
ZHOU J, SONG M, SONG J, et al. Autonomic group key management in deep space DTN[J], Wireless personal communications, 2014, 77(1): 269–287.
CHENG T H, LEE W B, CHEN H B. A self-verification authentication mechanism for mobile satellite communication systems[J]. Computers and electrical engineering, 2009, 35(1): 41–48.
WANG Y, LU Y, WU Z, et al. Constructing multi-level and multilayer security infrastructure of space information system[J], Journal of astronautics, 2007, 28(5): 1081–1085.
SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Proceedings of the 14th Annual International Cryptology Conference Santa Barbara (CRYPTO 1984), c1984: 47–53.
BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[C]//Proceedings of the 21st Annual International Cryptology Conference (CRYPTO 2001), c2001: 213–229.
BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[J]. SIAM journal on computing, 2003, 32(3): 586–615.
WATERS B. Efficient identity-based encryption without random oracles[C]//Proceedings of the 23rd Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2005), c2005: 114–127.
GENTRY C. Practical identity-based encryption without random oracles[C]//Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2006), c2006: 445–464.
LUO C, LI W, XING H, et al. Research on identity-based distributed key management in space network[J], China communications, 2010, 32(1): 183–188.
HORWITZ J, LYNN B. Toward hierarchical identity-based encryption[C]//Proceedings of the 20th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2002), c2002: 466–481.
GENTRY C, SILVERBERG A. Hierarchical ID-based cryptography[C]//Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT2002), c2002: 548–566.
GENTRY C, HALEVI S. Hierarchical identity based encryption with polynomially many levels[C]//Proceedings of the 6th Theory of Cryptography Conference (TCC 2009), c2009: 437–456.
LEWKO A, WATERS B. New techniques for dual system encryption and fully secure HIBE with short ciphertexts[C]//Proceedings of the 7th Theory of Cryptography Conference (TCC 2010), c2010: 455–479.
HOWARTH M P, IYENGAR S, SUN Z, et al. Dynamics of key management in secure satellite multicast[J]. IEEE journal on selected areas in communications, 2004, 22(2): 308–319.
HUBENKO J V, RAINES R, BALDWIN R, et al. A secure and efficient satellite-based multicast architecture[C]//IEEE Radio and Wireless Symposium, FL, USA, c2008: 227–230.
SUN Y, MA H, ZHENG G, et al. Multiple group shared key management for satellite multicast[J]. Journal of astronautics, 2013, 34(6): 824–832.
LIU W, LIU J, WU Q, et al. Hierarchical identity-based broadcast encryption[C]//Proceedings of the 19th Australasian Conference on Information Security and Privacy (ACISP 2014), c2014: 242–257.
LIU W, LIU X, LIU J, et al. Auditing and revocation enabled role-based access control over outsourced private EHRs[C]//Proceedings of the 17th International Conference on High Performance Computing and Communications (HPCC 2015), New York, USA, c2015: 336–341.
LIU W, LIU J, WU Q, et al. Practical chosen-ciphertext secure hierarchical identity-based broadcast encryption[J]. International journal of information security, 2016, 15(1): 35–50.
LIU M, LI Z, GUO X, et al. Evaluation and improvement of vertical handoff algorithms in heterogeneous wireless networks[J]. Journal of software, 2007, 11(3): 1652–1659.
HUANG S C, ZHU H, ZHANG W. SAP: seamless authentication protocol for vertical handoff in heterogeneous wireless networks [C]//Proceedings of the 3rd International Conference on Quality of Service in Heterogeneous Wired/Wireless Networks (QSHINE 2006), Seoul, South Korea, c2006.
KHAN M W. Secure and efficient vertical handover in heterogeneous wireless networks[J]. International journal of advanced networking and applications, 2013, 5(2): 1908–1912.
CHEN H, PLAS D. Transparent end-user authentication across heterogeneous wireless networks[C]//Proceedings of the IEEE 58th Vehicular Technology Conference (VTC 2003), Orlando, Florida, USA, c2003: 2088–2092.
GUO Y, WANG C, WANG L. Universally composable authentication and key exchange protocol for access control in spatial information networks[J]. Acta electronica sinica, 2010, 38(10): 2358–2364.
CANETTI R. Universally composable security: A new paradigm for cryptographic protocols [C]//Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science (FOCS 2001), Las Vegas, Nevada, USA, c2001: 136–145.
CANETTI R, KRAWCZYK H. Universally composable notions of key exchange and secure channels[C]//Proceedings of the 20th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2002), c2002: 337–351.
SHEN C, ZHANG H, WANG H, et al. Researches and developes of trusted computing[J]. Scientia sinica: informationis, 2010, 40(2): 139–166.
MJØLSNES S, TSAY J. Computational security analysis of the UMTS and LTE authentication and key agreement protocols[S]. Cornell University Library. 2012.
MUN H, HAN K, KIM K. 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA[C]//Proceedings of the IEEE Wireless Telecommunications Symposium (WTS 2009), Prague, Czechoslovakia, c2009: 1–8.
Author information
Authors and Affiliations
Additional information
LIU Jianwei was born in Shandong. He received the B.S. and M.S. degrees in Electronic and Information from Shandong University, Shandong, China in 1985 and 1988, respectively. He received his Ph.D. degree in Communication and Electronic System from Xidian University Shaanxi, China in 1998. He is now a professor of Electronic and Information Engineering at Beihang University, Beijing, China. His current research interests include wireless communication network, cryptography, and information & network security. (Email: liujianwei@buaa.edu.cn)
LIU Weiran [corresponding author] was born in Beijing. He received the B.S. degree from Beihang University, Beijing, China in 2012. He is currently working toward the PhD. degree in Electronic and Information Engineering, Beihang University, Beijing, China. His research interests include applied cryptography and cloud security. (Email: liuweiran900217@gmail.com)
WU Qianhong was born in Sichuan. He received the Ph.D. degree in Cryptography from Xidian University, Shaanxi, China in 2004. Since then, he has been with Wollongong University (Australia) as an associate research fellow, with Wuhan University (China) as an associate professor, with Universitat Rovira i Virgili (Catalonia) as a research director, and now with Beihang University (China) as a professor. He is a member of IACR, ACM and IEEE. His current research interests include cryptography, data security and privacy, and information theory. (Email: qianhong.wu@buaa.edu.cn)
LI Dawei was born in Shandong. He received the B.S. degree from Beihang University, Beijing, China in 2015. He is currently working toward the Ph.D. degree in Electronic and Information Engineering, Beihang University, Beijing, China. His research interests include applied cryptography and mobile security. (Email: lidaweibuaa@ 163.com)
CHEN Shigang received the B.S. degree in computer science from the University of Science and Technology of China in 1993. He received the M.S. and Ph.D. degrees in computer science from the University of Illinois at Urbana-Champaign in 1996 and 1999, respectively. After graduation, he was with Cisco Systems for three years before joining the University of Florida in 2002. He served on the technical advisory board for Protego Networks in 2002-2003. He now is a professor with the Department of Computer and Information Science and Engineering at the University of Florida. His research interests include computer networks, Internet security, wireless communications, and distributed computing. He received IEEE Communications Society Best Tutorial Paper Award in 1999 and US National science Foundation (NSF) CAREER Award in 2007. He holds 12 US patents. He is an associate editor for IEEE/ACM Transactions on Networking. He is an IEEE fellow. (Email: sgchen@cise.ufi. edu)
This work is partially supported by The National Basic Research Program of China (973 program) (No.2012CB315905), The National Natural Science Foundation of China (No.61272501, No.61370190, No.61003214), The Natural Science Foundation of Beijing (No.4132056).
Rights and permissions
About this article
Cite this article
Jianwei, L., Weiran, L., Qianhong, W. et al. Survey on key security technologies for space information networks. J. Commun. Inf. Netw. 1, 72–85 (2016). https://doi.org/10.1007/BF03391547
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/BF03391547