This paper studies cryptographic key exchange in satellite communications, which requires specific solutions because the satellite context presents unique challenges, particularly concerning onboard resource constraints and long transmission latency. We address these challenges by considering the Internet Key Exchange (IKE) protocol, which is widely used in terrestrial networks, and studying its applicability in the satellite context. This requires addressing two main issues: i) its efficiency in terms of the resources and bandwidth required to adapt to satellite terminals, and ii) its resistance even to attackers equipped with a quantum computer, in order to resist obsolescence and defend against harvest-now-decrypt-later attacks. We study these aspects from both a design and experimental point of view, defining and assessing some protocol variants characterized by low complexity and quantum resistance. To address the need to manage the transition from classic cryptographic primitives to post-quantum ones, we also consider the possibility of using hybrid cryptographic solutions that combine them both.

翻译：本文研究了卫星通信中的密码学密钥交换问题。由于卫星环境存在特殊挑战，尤其是星载资源受限与长传输延迟的制约，因此需要专门的解决方案。我们通过考察地面网络广泛应用的互联网密钥交换（IKE）协议，并研究其在卫星场景中的适用性来应对这些挑战。这需要解决两个核心问题：i) 在适配卫星终端时，协议在所需资源和带宽方面的效率；ii) 协议对配备量子计算机的攻击者的抵抗能力，以抵御技术过时风险并防范"先存储后解密"攻击。我们从设计与实验两个维度展开研究，定义并评估了若干具有低复杂度和量子抗性的协议变体。考虑到从经典密码原语向后量子密码原语过渡的管理需求，我们还探讨了融合两者的混合密码解决方案的可行性。