An Efficient Authentication and Key Distribution Protocol for Multicast Service in Space-Ground Integration Network

Abstract

Satellite communication technology has attracted the attention of researchers in the study of the sixth-generation (6G) mobile communication network because of its advantages of achieving global coverage with high cost-effectiveness and not being affected by terrain factors and human activities. In order to achieve efficient interconnection between terminals and networks, it is a new development trend of communication technology to integrate satellite communication networks and ground communication networks to construct the Space-Ground Integration Network (SGIN). Multicast service is widely used by network service providers to provide business services to users. Due to the characteristics of higher delay of space communication and unstable link compared with the ground network, if the ground multimedia multicast security protocol is directly applied to the space communication, it is difficult to guarantee the efficiency of the corresponding business service. The existing security protocols in the space information network are usually designed to ensure the security of end-to-end communication, and there are few studies on the security of multimedia multicast services. In view of the above situation, we design a new multicast service security protocol for the SGIN to realize the secure and efficient transmission in multicast services. In the protocol, we first design a key derivation scheme for the shared key between UE and BM-SC based on the existing 5G-AKA mechanism. Then, we propose a group-based multicast service registration mechanism. Finally, we propose a secure and efficient key distribution and update process of multicast service group key based on China Remainder Theorem (CRT). The formal verification tool Scyther is employed to analyze the security of the proposed protocol, and the results show that our scheme has valid security properties. We analyze the performance of the scheme by comparing it with the existing schemes in three aspects, such as signaling overhead, computational overhead, and bandwidth overhead. The comparison results show that our scheme is superior to other existing schemes. Finally, we build an experimental environment and test the delay, transmission rate, and CPU usage of the proposed system. The results show that our scheme improves the efficiency of multicast services while ensuring network security.