An Efficient Certificateless Authentication Scheme for Satellite Internet

Satellite Internet has broad emerging applications in aviation, marine, forest, disaster emergency and other fields. Since the openness of satellite Internet, it is extremely vulnerable to eavesdropping, replay, impersonation and other attacks, which may cause significant privacy and security concerns. To prevent malicious nodes from accessing and attacking satellite Internet, many authentication schemes have been proposed, but few of them consider the authentication and security of satellite nodes. In addition, most schemes assume that key management in network control center (NCC) is absolutely secure. But if it is maliciously attacked and the public-private key pairs are leaked, the entire system will crash immediately. In this paper, we propose CLASSI, a novel, secure and efficient certificateless authentication scheme for satellite Internet. CLASSI no longer assigns the complete public and private keys when users, satellites and gateway stations register, but uses their identity information to generate partial private keys. We make full use of the computing and storage capabilities of satellites to give satellites the ability to authenticate. We theoretically prove the security of our scheme through formal analysis and prove that our scheme can resist various of attacks. We also conducted extensive experiments and compared CLASSI with the existing schemes. The experimental results demonstrate that CLASSI is more suitable for user access in satellite Internet when meeting more security attributes.