Lightweight, Privacy-Preserving Handover Authentication for Integrated Terrestrial-Satellite Networks

The handover process in an integrated terrestrial-satellite network (ITSN) faces many security threats, such as eavesdropping, impersonating, replaying, and privacy leakage due to the link exposure and network heterogeneity of ITSN. This paper proposes a lightweight and privacy-preserving ITSN handover authentication mechanism based on elliptic curve cryptography to eliminate the security threats. Specifically, we propose to directly authenticate mobile users at access nodes and on a batch basis, hence avoiding backhaul and concurrent authentication overhead. User anonymous identity and private information encryption are adopted to protect users' privacy. A regular key update scheme is developed to mitigate a risk of private key breach. As demonstrated by a formal security proof based on the AVISPA tool and security analysis, the proposed mechanism resists various attacks (e.g., replay attacks and impersonation attacks). Numerical results show that our mechanism is more efficient than the standard and the existing alternatives. The proposed mechanism has the great potential to secure the handover processes of emerging ITSN.