LAA: Lattice-Based Access Authentication Scheme for IoT in Space Information Networks

Space information network (SIN), which has the characteristics of large capacity, high reliability, and wide coverage, can be effectively applied to the Internet of Things (IoT) business. However, SIN is vulnerable to various attacks due to its highly exposed links, and the power and processing capacity of satellites and IoT devices (IoTDs) are usually limited. Meanwhile, massive IoTDs connecting to SIN in an instant incur a severe signaling congestion and there is no authentication protocol proposed for massive IoTDs in SIN. In this article, we first propose a novel semi-aggregated signature mechanism and session key agreement mechanism. Then, based on the above two mechanisms, we propose a novel access authentication scheme named lattice-based access authentication (LAA) which contains two types of lattice-based authentication protocols: 1) LAA for massive IoTDs and 2) LAA for a single IoTD. The security analysis by employing the formal provable security analysis, the automation verification tool named Scyther, the Burrows–Abadi–Needham-logic, and the informal security analysis demonstrate that our proposed protocols successfully achieve these security properties, including mutual authentication, conditional anonymity, unlinkability, data confidentiality, data integrity, unforgeability, undeniability, key establishment, perfect forward/backward secrecy (PFS/PBS), and resistance against protocol attacks and quantum attacks. We further evaluate the performance of our proposed protocols with regard to signaling overhead, transmission overhead, computational overhead, and authentication delay, which shows that our proposed protocols can provide high efficiency.

[1]  Guangliang Ren,et al.  Multisatellite Cooperative Random Access Scheme in Low Earth Orbit Satellite Networks , 2019, IEEE Systems Journal.

[2]  Byrav Ramamurthy,et al.  Communication Technologies and Architectures for Space Network and Interplanetary Internet , 2013, IEEE Communications Surveys & Tutorials.

[3]  Guyu Hu,et al.  A simple real-time handover management in the mobile satellite communication networks , 2015, 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS).

[4]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[5]  Chin-Chen Chang,et al.  An efficient authentication protocol for mobile satellite communication systems , 2005, OPSR.

[6]  Elaine B. Barker,et al.  SP 800-57. Recommendation for Key Management, Part 1: General (revised) , 2007 .

[7]  Elaine B. Barker,et al.  SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) , 2007 .

[8]  Geoffrey Ye Li,et al.  Ultra-Dense LEO: Integrating Terrestrial-Satellite Networks Into 5G and Beyond for Data Offloading , 2018, IEEE Transactions on Wireless Communications.

[9]  Nenghai Yu,et al.  A Secure and Efficient Access and Handover Authentication Protocol for Internet of Things in Space Information Networks , 2019, IEEE Internet of Things Journal.

[10]  Jianhua Li,et al.  An anonymous distributed key management system based on CL-PKC for space information network , 2016, 2016 IEEE International Conference on Communications (ICC).

[11]  Jianhua Li,et al.  Analysis and design of an authentication protocol for space information network , 2016, MILCOM 2016 - 2016 IEEE Military Communications Conference.

[12]  Nenghai Yu,et al.  Low-Latency Authentication Against Satellite Compromising for Space Information Network , 2018, 2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS).

[13]  Qin Zhiguang,et al.  Formal Analysis for Security of Otway-Rees Protocol with BAN Logic , 2009, 2009 First International Workshop on Database Technology and Applications.

[14]  Wei-Bin Lee,et al.  A self-verification authentication mechanism for mobile satellite communication systems , 2009, Comput. Electr. Eng..

[15]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[16]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[17]  Hsiao-Hwa Chen,et al.  Security in space information networks , 2015, IEEE Commun. Mag..

[18]  G. Zheng,et al.  Design and logical analysis on the access authentication scheme for satellite mobile communication networks , 2012, IET Inf. Secur..

[19]  Qiaoyan Wen,et al.  A Lattice-Based Unordered Aggregate Signature Scheme Based on the Intersection Method , 2018, IEEE Access.

[20]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[21]  Xin He,et al.  Traffic Analysis of LEO Satellite Internet of Things , 2019, 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC).

[22]  Zhang Peng,et al.  A Homomorphic Aggregate Signature Scheme Based on Lattice , 2012 .

[23]  Cheng-Chi Lee,et al.  An improvement on the self-verification authentication mechanism for a mobile satellite communication system , 2014 .

[24]  Craig Gentry,et al.  A Simple BGN-Type Cryptosystem from LWE , 2010, EUROCRYPT.

[25]  ChuanFu Zhang,et al.  A novel self-certified security access authentication protocol in the space network , 2012, 2012 IEEE 14th International Conference on Communication Technology.

[26]  Min-Shiang Hwang,et al.  An authentication scheme for mobile satellite communication systems , 2003, OPSR.

[27]  Wan Jizhong,et al.  Full Secure Identity-Based Encryption Scheme over Lattices in the Standard Model , 2015, 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC).

[28]  Björn E. Ottersten,et al.  Physical Layer Security in Multibeam Satellite Systems , 2012, IEEE Transactions on Wireless Communications.

[29]  Jihwan P. Choi,et al.  Low-delay broadband satellite communications with high-altitude unmanned aerial vehicles , 2018, Journal of Communications and Networks.

[30]  Frank Y. Li,et al.  An efficient Chinese remainder theorem based node capture resilience scheme for Mobile WSNs , 2010, 2010 IEEE International Conference on Information Theory and Information Security.

[31]  Nenghai Yu,et al.  AnFRA: Anonymous and Fast Roaming Authentication for Space Information Network , 2019, IEEE Transactions on Information Forensics and Security.

[32]  Jemal H. Abawajy,et al.  Secure object tracking protocol for Networked RFID Systems , 2015, 2015 IEEE/ACIS 16th International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD).