Rongna Xie, Zongyu Li, Li Tan, Guozhen Shi, Xiaonan Fan
Received: 2023-03-28; Revised: 2023-09-04; Accepted: 2024-01-04; Online: 2024-02-08
The space-ground integrated network adopts a multi-level network architec-ture, which is characterized by dynamism and openness. Based on the char-acteristics, a tree-based lightweight group key management mechanism GCKMM was proposed to realize the security of multicast and broadcast communication. In GCKMM, the group key was generated, distributed, and updated in a hierarchical manner. Adopting the Hash-based Message Au-thentication Code function (HMAC) as the key derivation function KDF, when a leaf node or a subgroup joined and left the group dynamically, the group keys would be generated by KDF, achieving the forward and backward security of group keys. In addition, when the parent nodes distributed the group keys to their children nodes, they would invoke the compactly com-mitting AEAD (ccAEAD), which guaranteed the confidentiality, integrity, and non-repudiation of the keys. The security analysis showed that GCKMM realized both forward and backward security, and could resist both man-in-the-middle and replay attacks. The performance analysis showed that GCKMM has obvious advantages in storage, computation, and communica-tion overheads.