Abstract:As satellite networks grow larger and begin to incorporate interplanetary communication, there is an increasing interest in the unsolved problem of how to approach PKI in these conditions. In this paper we explore the goals and requirements for implementing key management systems in satellite networks, focusing on megaconstellations and interplanetary networks. We design a set of standardized experiments which can be used to compare systems against one another for particular network topologies. Using these, we demonstrate that terrestrial PKI techniques are feasible in highly distributed interplanetary networks, showing that it is possible to configure PKI systems to achieve efficient low-latency connection establishment, and minimize the impact of attacks through effective revocations. We evaluate this by building the Deep Space Network Simulator (DSNS), a novel network simulator aimed at efficient simulation of large space networks. We run simulations evaluating connection establishment and key revocation under a wide range of PKI configurations. Finally, we propose and evaluate two additional configuration options: OCSP Hybrid, and the use of relay nodes as a firewall. Together these minimize the extent of the network an attacker can reach with a compromised key, and reduce the attacker's load on interplanetary relay links.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is how to effectively implement Public Key Infrastructure (PKI) in satellite networks (especially large - scale constellations and inter - planetary networks) to ensure the security and reliability of communications. Specifically, the paper focuses on the following aspects: 1. **Applicability of PKI in inter - planetary networks**: Due to the high - latency and intermittent - connection characteristics of inter - planetary networks, it is an unsolved question whether traditional ground - based PKI technologies can work effectively in such an environment. The paper evaluates the performance of different PKI configurations under specific network topologies by designing standardized experiments. 2. **Efficient low - latency connection establishment**: In inter - planetary networks, due to long - distance transmission and a limited connection time window, the time cost of establishing a secure connection is crucial. The paper aims to optimize this process and ensure that the connection establishment time is as short as possible. 3. **Effective key revocation mechanism**: In large - scale satellite networks, situations where keys are leaked or need to be updated are inevitable. The paper explores how to quickly spread revocation information to minimize the damage caused by attackers using leaked keys. 4. **Balance between security and performance**: The paper also considers how to minimize the impact on network performance while ensuring security. For example, by distributing CA nodes to reduce query latency while ensuring the security of the entire network. To achieve these goals, the authors built a new network simulator - the Deep Space Network Simulator (DSNS) - to simulate large - scale satellite networks and evaluate different PKI configurations. In this way, they demonstrated that existing ground - based PKI technologies can be effectively applied in inter - planetary networks and proposed some improvement measures, such as the OCSP hybrid mode and using relay nodes as firewalls, to further improve the security and efficiency of the system. ### Main contributions of the paper - **Verified the feasibility of existing PKI technologies in inter - planetary networks**: Through simulation experiments, it is proved that traditional PKI protocols can be used in inter - planetary networks without the need to develop completely new protocols. - **Proposed optimized configurations**: In view of the unique topological structure of inter - planetary networks, several optimized configuration schemes are proposed to improve performance and security. - **Introduced new evaluation indicators**: Defined several key indicators (such as connection establishment overhead, revocation coverage time, etc.) to evaluate the effects of different PKI configurations. In general, this paper provides an important theoretical basis and technical framework for secure communications in future inter - planetary networks.

KeySpace: Public Key Infrastructure Considerations in Interplanetary Networks

KeySpace: Public Key Infrastructure Considerations in Interplanetary Networks

A Certificate-Less Distributed Key Management Scheme for Space Networks

Inter-domain authentication scheme for Pervasive Computing Environments

Assessment of practical satellite quantum key distribution architectures for current and near-future missions

Distributed Symmetric Key Establishment: a Scalable Quantum-Safe Key Distribution Protocol

Parallel trusted node approach for satellite quantum key distribution

PkT-SIN: A Secure Communication Protocol for Space Information Networks With Periodic k-Time Anonymous Authentication

A Lightweight and Secure Group Key Based Handover Authentication Protocol for the Software-Defined Space Information Network.

Future Architecture of the Interplanetary Internet

Key Management Scheme DPSKC for Ad Hoc Space Network

Finite key performance of satellite quantum key distribution under practical constraints

A Communication Satellite Servises Based Decentralized Network Protocol

An Implementation Suite for a Hybrid Public Key Infrastructure

An anonymous distributed key management system based on CL-PKC for space information network

Networking Feasibility of Quantum Key Distribution Constellation Networks

Simulating quantum repeater strategies for multiple satellites

A novel authentication and key‐agreement scheme for satellite communication network

Satellite Quantum Communications When Man-in-the-Middle Attacks Are Excluded

End-to-End Demonstration for CubeSatellite Quantum Key Distribution

LK-AKA: A lightweight location key-based authentication and key agreement protocol for S2S communication