Analysis and Design on Key Updating Policies for Satellite Networks
Keywords:key updating, satellite networks, model, protocol, simulation
AbstractSatellite networks are becoming increasingly important because of the exciting global communication services they provide. Key management policies have been successfully deployed in terrestrial networks to guarantee the information security. However, long propagation, storage and computation constraints bring new challenges in designing efficient and cost-effective key updating policies for satellite networks. Based on the structure and communication features of satellite networks, a dynamic key management model for satellite networks (DKM-SN) is presented, which includes certificates owned by each satellite, primary keys and session keys both of which are shared between two satellites. Furthermore, a protocol is designed for updating certificates for satellites; different policies for updating primary and session keys are studied and their efficiency and security are analyzed and compared. In addition, simulation environment for satellite networks is built and the key updating processes are implemented in Walker constellation. From the simulation results, further contrasts on key updating time and storage costs between the applications of IBM hybrid key management model (HKMM) and DKM-SN in satellite networks are presented. Finally, important suggestions in designing key updating policies are given.
J. Kohl, C. Neuman, The Kerberos Network Authentication Service (V5), http://www.ietf.org/rfc/rfc1510.txt, RFC 1510, 1993.
V. Le, S. M. Matyas, D. B. Johnson and J. D. Wilkins, A Public Key Extension to the Common Cryptographic Architecture, IBM System Journal, Vol. 32, pp. 461-485, 1993. http://dx.doi.org/10.1147/sj.323.0461
B. C. Neuman and S. G. Stubblebine, A Note on the Use of Timestamps as Nonces, ACM Operating Systems Reviews, Vol. 27, pp. 10-14, 1993. http://dx.doi.org/10.1145/155848.155852
Philippe Janson and Gene Tsudik, Secure and Minimal Protocols for Authenticated Key Distribution, Computer Communications, Vol. 18, pp. 645-653, 1995. http://dx.doi.org/10.1016/0140-3664(95)99807-O
CCSDS, Security Threats Against Space Missions, Washington: Informational Report, CCSDS 350.1-G-1, Green Book, Issue 1, 2006.
A. Roy-Chowdhury et al., Security Issues in Hybrid Networks with a Satellite Component, IEEE Wireless Communications, Vol. 12, pp. 50-61, 2005. http://dx.doi.org/10.1109/MWC.2005.1561945
H S Cruickshank, A Security System for Satellite Networks, Fifth International Conference on Satel- lite Systems for Mobile Communications and Navigation, London: IEE, pp. 187-190, 1996.
Tanya Vladimirova, Roohi Banu and Martin N. Sweeting, On-Board Security Services in Small Satellites, MAPLD International Conference, Washington: NASA Office of Logic Design, 2005.
C. Boyd and A. Mathuria, Key Establishment Protocols for Secure Mobile Communication: a Selective Survey, Lecture Notes in Computer Science, Vol. 1438, pp. 344-355, 1998. http://dx.doi.org/10.1007/BFb0053746
J. Schaad, M. Myers, Public-Key Infrastructure (X.509), www.ietf.org/html.charters/pkix- charter.html, IETF, PKIX 2797.
X. Ying, Z. Gang, Modeling and Distributed Simulation for Satellite Networks, Computer Simula- tion, Vol. 25, pp. 65-69, 2008.
ANSI X9.62, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), American National Standards Institute, 1999.
ANSI. X9.63, Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography, American National Standards Institute, 2001.
ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.
You are free to:
-Share: copy and redistribute the material in any medium or format;
-Adapt: remix, transform, and build upon the material.
The licensor cannot revoke these freedoms as long as you follow the license terms.
DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.