低地球軌道衛星(LEO)是空間資訊網路(Space Information Network, SIN)中行動衛星通訊系統的一環。由於低軌衛星較接近地面,有信號的傳輸路線短、衰減損耗、時間延遲短及研製費用低的優點,而且可以實現真正的全球覆蓋, 現已成為行動通信衛星發展的熱點。
從1996年至2016年,一直有學者根據行動衛星通訊系統提出認證機制並宣稱他們的安全性。但是,他們的機制也在後來被提出漏洞。直到2016年Liu等人提出的空間資訊網路上輕量級自我更新策略認證機制並宣稱改善具備足夠的安全。然而,還是發現Liu等人提出的機制有每個使用者無法有第二個會期、不具前推私密性、無法對對抗複合性攻擊的安全漏洞。本研究針對上述漏洞,透過改良認證機制,利用安全檢驗及分析評估,改善其安全漏洞,使輕量級自我更新策略認證機制能更符合資訊安全。
A low earth orbit satellite (LEO) typically is one type of earth orbits of mobile satellite communications systems in Space Information Network. LEO is growing concern in mobile satellite communications systems developments based on their strengths, such as the lower altitude, the shorter transmission, the reduced loss of satellite frequency, the lower communication time lag and the cheaper cost. And it range covers global distribution.
From 1996 to 2016, many experts pointed out their authentication schemes for mobile satellite communications systems and claimed that their scheme achieved security requirements. After that, their weaknesses were detected. In 2016, Liu et al. published “a lightweight authentication scheme based on self-updating strategy for space information network” and claimed that their scheme reached security requirements. However, the flaws of Liu et al.’s scheme were found for it is vulnerable to hold the second session, the forward secrecy and to resist composite attacks. This thesis improves the flaws of Liu et al.’s scheme and meet information security.
