Satellite-Terrestrial Integrated Networks (STIN) hold significant promise for future global communication, but robust authentication remains a primary challenge for their secure application. Current authentication schemes often exhibit deficiencies such as inadequate dynamic binding of device biometrics, insufficient lightweight computation for resource-constrained satellites, lack of truly decentralized trust, and inefficient group handover in high concurrency scenarios. To address these issues, this paper proposes FG-LAS, a lightweight, fault-tolerant, and group handover authentication scheme. FG-LAS innovatively: 1) Introduces a Device Biometric Binding Key (DBBK) to achieve dynamic, unique, and replay-resistant binding between user biometrics and device fingerprints; 2) Employs Threshold ECDSA to construct a decentralized trust architecture, enhancing key management robustness and mitigating single-point-of-failure risks; and 3) Leverages satellite orbit predictability to pre-generate authentication parameters and optimize handovers using group processing, thereby reducing latency and computational overhead. Security analysis and performance evaluations demonstrate the proposed scheme’s feasibility, efficiency, and effectiveness for STIN environments.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

FG-LAS: A Fault-Tolerant and Group Handover Lightweight Authentication Scheme for Dynamic and Heterogeneous STIN Environments

  • Yunxiang Zhang,
  • Xuan Zhang,
  • Shixiong Yao

摘要

Satellite-Terrestrial Integrated Networks (STIN) hold significant promise for future global communication, but robust authentication remains a primary challenge for their secure application. Current authentication schemes often exhibit deficiencies such as inadequate dynamic binding of device biometrics, insufficient lightweight computation for resource-constrained satellites, lack of truly decentralized trust, and inefficient group handover in high concurrency scenarios. To address these issues, this paper proposes FG-LAS, a lightweight, fault-tolerant, and group handover authentication scheme. FG-LAS innovatively: 1) Introduces a Device Biometric Binding Key (DBBK) to achieve dynamic, unique, and replay-resistant binding between user biometrics and device fingerprints; 2) Employs Threshold ECDSA to construct a decentralized trust architecture, enhancing key management robustness and mitigating single-point-of-failure risks; and 3) Leverages satellite orbit predictability to pre-generate authentication parameters and optimize handovers using group processing, thereby reducing latency and computational overhead. Security analysis and performance evaluations demonstrate the proposed scheme’s feasibility, efficiency, and effectiveness for STIN environments.