BSP 개념을 이용한 DTN 프로토콜의 안전한 키 분배 메커니즘

Abstract

우주개발을 위해 세계 각국들이 많은 관심을 가지고 연구를 활발히 진행 하고 있다. 국내에서도 마찬가지로 이러한 우주개발 동향에 맞추어 2040년까지 중장기 계획을 세우고 있다. 우주기술 중에서 우주에서의 통신을 위해 우주인터넷(Delay Tolerant Network) 아키텍처가 활발히 연구되고 있다. 연결성이 보장되는 지상인터넷과는 달리 우주에서는 연결성이 간헐적이기 때문에 새로운 환경에서의 통신을 위한 기술이 연구되었다. DTN은 store-and-forward 특성에 따라 데이터 저장과 custody 기반 전송을 지원하는 BP(Bundle Protocol)과 재전송 신뢰성을 가지는 LTP(Licklider Tranmission Protocol) 등이 있다. 본 논문에서는 DTN에서의 키 분배 관련 프로토콜(SBSP, IKE, TLS, DTNSKM)에 대해 설명하고 지상 인터넷 키 분배 프로토콜과 비교한다. 그리고 BSP의 overlay 개념을 이용한 암호화된 공개 키 분배 메커니즘 기술을 제안하고 테스트를 진행하였다. 첫 번째는 암호화 모듈별 테스트를 진행했고, 다음은 암호화 모듈을 중첩 적용하여 3가지 모듈의 순서를 바꾸어 가며 처리 속도를 테스트를 진행했다. 마지막으로 BSP 방식을 이용하여 공개키에 오버레이 방식으로 암호화 한 값을 패킷을 확인하여 암호화가 되었다는 것을 확인하는 테스트를 진행한다. 본 논문의 목적은 암호화 되지 않는 공개 키 분배에 BSP 방식으로 암호화 모듈을 중첩 적용하는 목표를 가짐으로써 마지막 테스트인 노드로부터 KA로 공개 키 전송시 암호화 과정이 적용되어 기밀성이 지켜지는 테스트를 중점으로 진행하려고 하였다. 테스트에 사용된 모듈중에서는 Bit shifting - AES256 - ARIA 순서의 암호화가 가장 좋은 성능을 보였다. 또한 암호화가 적용된 패킷의 내용으로 노드에서 KA로 공개키를 전송할 때 암호화 과정이 적용되어 기밀성이 지켜지는 것을 확인하였다.|For space development, many countries have interests around the world and they are actively researching. Korea is planning a long-term plan by 2040, according to these trends of space development. In space technology, the space Internet (Delay Tolerant Network) architecture has been actively researched for communication in the universe. Unlike the terrestrial Internet, where the connection is guaranteed, the connection is intermittent in the universe, so the technology for communication in the new environment was studied. DTN has BP (Bundle Protocol) supporting data storage and custody based transfer, and LTP (Licklider Tranmission Protocol) with retransmission reliability, supporting store - and - forward characteristics. In this paper, key distribution related protocols (SBSP, IKE, TLS, DTNSKM) in DTN is discussed and compared DTN to the Internet key distribution protocol on the ground. Moreover, public key distribution mechanism using BSP 's overlay concept will be suggested and tested. First test was encrypting by each crypto mechanisms, second test was throughput test while changing the order of three way of mudules. The last test was checking the packet of encrypted public key which using overlay mechanism of BSP. The most important test in this paper was the last test. In conclusion, above all the modules used in this paper, Bit shifting - AES256 - ARIA ordered module had the best encryption/decryption time. In addition, since encrypted packet was verified by the packet, confidentiality was established when the node send encrypted public key using the mechanism of BSP to KA.; For space development, many countries have interests around the world and they are actively researching. Korea is planning a long-term plan by 2040, according to these trends of space development. In space technology, the space Internet (Delay Tolerant Network) architecture has been actively researched for communication in the universe. Unlike the terrestrial Internet, where the connection is guaranteed, the connection is intermittent in the universe, so the technology for communication in the new environment was studied. DTN has BP (Bundle Protocol) supporting data storage and custody based transfer, and LTP (Licklider Tranmission Protocol) with retransmission reliability, supporting store - and - forward characteristics. In this paper, key distribution related protocols (SBSP, IKE, TLS, DTNSKM) in DTN is discussed and compared DTN to the Internet key distribution protocol on the ground. Moreover, public key distribution mechanism using BSP 's overlay concept will be suggested and tested. First test was encrypting by each crypto mechanisms, second test was throughput test while changing the order of three way of mudules. The last test was checking the packet of encrypted public key which using overlay mechanism of BSP. The most important test in this paper was the last test. In conclusion, above all the modules used in this paper, Bit shifting - AES256 - ARIA ordered module had the best encryption/decryption time. In addition, since encrypted packet was verified by the packet, confidentiality was established when the node send encrypted public key using the mechanism of BSP to KA.