基于“北斗”的战场移动装备域间身份认证方法

为了实现对移动装备在不同管理域间切换时身份的快速、安全认证，基于“北斗”卫星导航系统所提供的安全可靠的短报文通信功能和高精度的授时功能，提出了一种基于“北斗”的战场移动装备域间身份认证方法，设计了基于“北斗”的战场移动装备域间身份认证体系结构和战场移动装备域间身份认证协议。该认证体系采用两级认证机制。整个移动网络通过“北斗”系统的高精度授时实现全网时钟的精确同步，将“北斗”系统提供的时钟信息作为时间戳加入到身份认证信息中，并利用“北斗”系统传输身份认证信息。经过对协议的安全性分析表明，该协议安全可靠，可以实现域间身份认证时新管理域中的认证中心与移动装备的双向认证，也可以实现移动装备的匿名认证，同时具有抗重放攻击能力。此外，该协议有效地减小了家乡域认证中心的开销。

Beidou-based inter-domain identity authentication for mobile equipment in battlefield

To realize the fast and safe identity authentication for mobile equipment when they move between different administration domains,a Beidou-based inter-domain identity authentication method for mobile equipment in battlefield is proposed based on the safe and credible brief message communication function and accurate time service provided by Beidou satellites navigation system.The system structure and protocol of Beidou-based inter-domain identity authentication for mobile equipment in battlefield are designed.The two-class authentication mechanism is adopted in the system structure.The accurate clock synchronization of the whole mobile network can be realized by the accurate time service provided by Beidou system.The timestamp got from the clock information provided by Beidou system is put in the identity authentication messages transmitted by Beidou system.The security analysis of protocol shows that it is safe and credible,it can realize not only the bidirectional authentication between the authentication center in the new administration domain and the mobile equipment in the inter-domain identity authentication,but also the anonymous authentication of mobile equipment,and it provides the ability to resist the replay attack.Moreover,the protocol decreases the costs of the authentication center in home domain effectively.