CGAN BeiDou Satellite Short-Message-Encryption Scheme Using Ship PVT

Abstract

The transmission standard and format of short-message communication in the BeiDou satellite-navigation-system are open, the civilian channel adopts a direct-transmission plaintext mechanism, and the content of short messages is at risk of data leaks. Aiming at addressing the problem of safely transmitting BeiDou short messages, this study proposes a CGAN BeiDou satellite short-message-encryption scheme, using ship PVT (position, speed, and time). Various BeiDou commands with ship position, speed, or time are employed as the input. The two communicating parties use the CGAN (conditional generative adversarial network) confrontation mechanism to encrypt and decrypt the ship-PVT information and generate a symmetrically encrypted key, while the receiver parses only the sender data within the specified PVT-range. Additionally, because the BeiDou system has a positioning error and transmission delay, and considering the ship mobility, the concept of a dynamic tolerance region is introduced at the receiver, to improve the scheme’s decryption success-rate. Finally, the proposed scheme is verified, using simulation and experiments. The proposed algorithm achieves good security, with acceptable efficiency. Furthermore, the experimental platform built by this study is used to prove the feasibility of the scheme applied to BeiDou short-message encryption and decryption.

1. Introduction

Ocean-going ships use satellite communication technology to transmit important data to a ground-monitoring center, which is an important link in ship information perception [1]. The BeiDou satellite navigation system was fully networked in March 2021, and its unique short-message function also provides communication services that a GPS does not have. However, the standards for the modulation and demodulation method, carrier frequency, and data packet-structure of the BeiDou satellite short-message communication are open [2,3]. Therefore, designing an encryption scheme suitable for BeiDou short-message communication and improving the BeiDou system civilian-channel-transmission security is the problem that this study aims to solve.

Encryption technologies mainly include symmetric encryption and asymmetric encryption. The DES (the Data Encryption Standard) adopts a symmetric encryption system, which combines the plaintext after the packet with the key, which has good encryption speed. A typical algorithm for asymmetric encryption is AES (the Advanced Encryption Standard), which effectively extends the key length from 56 bits to 128 bits or even 256 bits. The security of the AES algorithm, as well as the performance of the application in software and hardware, is excellent. At present, cryptography has been integrated with chaos theory, neural networks, and deep learning. To ensure that image encryption has the ability to resist selected plaintext attacks, a chaos model combining hybrid elementary cellular automata and pseudorandom coupled-map-lattices was proposed in [4], and the encryption process was efficient and robust. A hidden Markov model and a hyperchaotic system were combined in [5] to encrypt speech processed by discrete wavelet packets and to perform safe and reliable transmission of audio data on an insecure public network. In the frontier field of image encryption, the new encryption structure and chaotic system were combined in [6], which effectively solved the information-leakage problem. To address the dynamic-degradation phenomenon in chaotic cryptography, a new hybrid-coupled-mapping-lattice model, TWMCML, was proposed in [7], in which the user could define a larger range of input parameters. Experimental verification of the encryption was performed on grayscale and RGB images, combined with edge-detection technology. The dynamic behavior of synaptic crosstalk in Hopfield neural networks was studied in [8]. Combining the chaotic phenomenon and DNA coding technology, a color-image-encryption scheme with a larger key space was proposed. A scheme for constructing a new neural-network memristor using the hyperbolic tangent function was designed in [9]. The fast DNA-encoding algorithm was applied in the field of image encryption in [10]. Its high coding efficiency was an important breakthrough, and it is valuable for many systems with strong real-time requirements. The generation of multiple double-scroll attractors is controlled by neurons, and the internal state equation of the model is used to simulate complex nonlinear behavior. Combining deep learning with encryption technology for automated-driving-data transmission, a secure transmission protocol based on chaos and private convolutional-neural-networks was established in [11], which ensures that traffic privacy data are not leaked. The deep Q-learning model was applied to Internet of things medical-information management in [12] to ensure the security of medical data. However, encryption frameworks based on deep Q-learning have the problem of unstable training. The SecureTrain data-transfer framework based on deep learning was first developed in [13]. The framework was designed based on the homomorphic-secret-sharing model, and uses a preset shared set and data features during training to eliminate extra computing time, which solves the two major challenges of unstable training and the low computational efficiency of deep learning in the field of encryption.

Although deep-learning models have been widely used in data encryption, a GAN (generative adversarial network), known as the most exciting machine-learning algorithm of the past decade, has not been widely used in the field of data encryption since it was proposed in 2014 [14]. At present, breakthroughs have been made in the fields of missing-data imputation [15,16], image generation [17], and data recovery [18]. GAN encryption is a popular encryption algorithm that was recently published by Google, and its convolutional network structure can learn high-dimensional complex data features [19]. To improve the application value of a GAN for real data, an improved discrete unsupervised-cryptographic GAN algorithm, based on the feature-mover distance was proposed in [20], using a CycleGAN to learn the mapping relationship between unmatched plaintext and ciphertext. The GAN encryption technique was used in the field of face image encryption in [21]. The user deforms the source image by customizing the deformation parameters, and the design of a secure authentication scheme for secret sharing is obtained. There have been few studies on the combination of data-security transmission technology and BeiDou satellite communication. Since the civilian channel of the BeiDou system directly transmits plaintext data, a BeiDou short-message authentication strategy based on an ECDS (Elliptic Curve Digital Signature) was proposed in [22]. The algorithm generates reserved bit data in the short-message structure to enhance the anti-spoofing of BeiDou short civil-message communication. The data transmission framework of an aviation-health-management system based on 4G communication and BeiDou communication links was established in [23], in which data encryption and adaptive-link-switching technology were considered at the same time. The application of BeiDou satellite-data-encryption technology in the field of traffic vehicles was analyzed, and the secure-information-transmission platform and PKI (public key infrastructure)-based key-generation method were studied in [24]. The StarFL joint-learning framework applied to intelligent computing was designed in [25]. In addition, a quantum-key-distribution method based on the BeiDou satellite and an encryption and decryption communication mechanism based on a neural network were designed, providing a new method for applying deep learning to BeiDou satellite-communication ideas. A real BeiDou satellite-information-transmission platform was built in [26], and it used the AES (advanced encryption standard) to encrypt military material data, but the method of directly transmitting the key in the BeiDou civilian channel was insecure.

In summary, although the existing research has improved the security of the BeiDou satellite system to a certain extent, because the BeiDou civilian-short-message communication channel directly transmits plaintext, a key transmitted by this method can be easily stolen or monitored by a third party. Additionally, applying BeiDou short-message encryption to the field of satellite information transmission considering ship mobility has not been studied. Therefore, the main contributions of this study are as follows:

• To ensure the security of the BeiDou PVT (position, speed, and time) information used to generate the key, the user PVT information is analyzed under various BeiDou commands, and the BeiDou short-message communication channel for transmitting PVT information is encrypted and decrypted using a CGAN (conditional generative adversarial network).
• To improve the decryption success rate of the BeiDou PVT-key at the receiver, the dynamic region of ship PVT information is analyzed, the concept of a dynamic tolerance region is introduced into the encryption scheme; a complete BeiDou short-message encryption scheme is established.
• The security of PVT encryption based on the CGAN model and the influence of the dynamic tolerance region on the success rate of decryption are verified using simulation and experiments, and a host computer interface is designed to verify the engineering-application value of our scheme.

The remainder of this paper is structured as follows: Section 2 introduces our proposed algorithms, including BeiDou PVT-key-generation and dynamic tolerance region design. Section 3 discusses building a real experimental platform and conducting research on our algorithms. The experimental verification and analysis are then carried out. Conclusions and outlooks are discussed in Section 4.

2. The Design of Our Proposed BeiDou Satellite Short-Message Encryption Scheme

2.1. Theoretical Principles

• BeiDou satellite-information transmission mechanism

BeiDou short-message communication has a strictly specified transmission mechanism and data format. As shown in Figure 1, important ship data are transmitted to the remote monitoring center through BeiDou satellites. The remote monitoring center in Figure 1 is an experimental platform built by us. The overall data format consists of five parts: “Instruction”, “Length”, “Local address”, “Information”, and “Checksum”. The specific “Instruction” form is introduced in Section 2.2, and the “Length” is used to indicate the length of the instruction. This is because the content of the BeiDou short message is edited by the user. If the length of the command is not clear, and the user adds the officially defined command-symbol to the content of the short message, it will cause serious parsing confusion. The rest have the same meaning. In addition, Ref. [27] uses a residual-coding algorithm, which improves the amount of data transmission.

To better describe which stages of information encryption are applied to the system, the principle of BeiDou-satellite global short-message communication is introduced, as shown in Figure 2. The BeiDou satellite uses the TDMA (time-division multiple access) mode and the Beidou 2.1/4.0 protocol to transmit short messages, and the routing table is completely formulated by the China BeiDou Ground Management Center. SlotX is defined as a time slot, and SatX stands for BeiDou satellite number. When Sat1 needs to communicate with Sat3, since there is no intersatellite link between the two satellites in Slot1, the transmission must be carried out in a relay-forwarding manner. First, Sat1 transmits the message to Sat5 within Slot1. Sat5 then transmits the message to Sat4 within Slot2. Finally, Sat4 transmits the message to the destination satellite, Sat3, in Slot3. In addition, the uplink of BeiDou-satellite short-message communication adopts a pseudo-random code spread-spectrum mode, and the carrier frequency is 1610.0–1626.5 MHz. The downlink of the BeiDou satellite adopts a B2b frame signal, the carrier frequency is 1207.14 MHz, and the modulation mode is QPSK.

2.

The relevant theory of the GAN network

The GAN network has been hailed as a breakthrough in a new generation of artificial intelligence. Its generator and discriminator are composed of two neural networks, which use an adversarial mechanism to dynamically adjust network parameters. After data training, the generator can generate new data in which humans cannot distinguish between true and false, and finally, both parties reach a Nash-equilibrium state. To date, GAN networks have been widely used in image processing, anomaly detection, and data-loss interpolation, but there are few related applications in the field of data encryption [28].

2.2. BeiDou PVT-Key-Generation Based on a CGAN

It is not secure to directly transmit unencrypted BeiDou PVT information to generate a key. Therefore, in this study, we take a variety of BeiDou commands with PVT information as the input, and use a CGAN to encrypt and decrypt the command content to ensure the security of the data used to generate the key.

According to the BeiDou-2.1-protocol data interface-requirements set forth by the BeiDou Satellite Management Center, the user’s PVT information mainly relies on the following four ASCII character-command transmissions:

1.$GNGGA,hhmmss.ss,llll.ll,a,yyyyy.yy,a,x,xx,x.x,x.x,U,x.x,U,xxxx,x.x,x.x*hh<CR><LF>

2.$GNRMC,hhmmss.ss,llll.ll,a,yyyyy.yy,a,x.x,x.x,ddmmyy,x.x,a,a*hh<CR><LF>

3.$GNGLL,llll.ll,a,yyyyy.yy,a,hhmmss.ss,A,x*hh<CR><LF>

4.$GNVTG,x.x,T,x.x,M,x.x,N,x.x,K,a*hh<CR><LF>

Here, $GN is the specified command identifier; llll.ll and yyyyy.yy represent latitude and longitude, respectively; hhmmss.ss is a variable-length time field; x.x is a variable-length number, used to store the sailing speed; U is a fixed-length field of the display unit; *hh is the parity check bit to ensure correct parsing; <CR> and <LF> are the statement terminator and the line-feed character, respectively; and the other fields, such as A, ddmmyy, and xxxx, indicate the command transmission-mode. For the identifiers in $GNVTG, T represents the true-north reference direction, M is the magnetic-north reference direction, and N is the velocity unit. The specific operation steps are as follows:

Step 1: the sender specifies the decryption area and compiles it into the abovementioned BeiDou command format, only shipping in the specified position to perform the decryption operation.

Step 2: the receiver also receives BeiDou commands in the same format, and calculates the dynamic tolerance area to be introduced later.

Step 3: only the recipient that meets the decryption conditions will perform the decryption operation.

We delete the command identifiers of the above four common commands, and use the content before the check digit as the BeiDou PVT information to be encrypted. Although PVT information has a good probability distribution characteristic, each command format is different, and even for the same command, the position, velocity, and time information can be specified as any combination of the three. Therefore, this study proposes a BeiDou PVT-key-generation algorithm based on a CGAN. In contrast to GAN encryption, a CGAN establishes sample-label pairs by adding additional label information and then, in an adversarial manner, encrypts BeiDou PVT information in various transmission-command scenarios. Below is a detailed introduction to CGAN encryption and decryption of PVT information.

Consider an encrypted communication scenario among Alice, Bob, and Eve, as shown in Figure 3, where Alice and Bob store the master key, K, distributed by the BeiDou satellite long-term. We define the plaintext and ciphertext to be transmitted by both parties as $P\left(\mathrm{PVT}|\$\right)$ and $C\left(\mathrm{PVT}|\$\right)$. Eve is an eavesdropper attempting to break into the BeiDou short-message communication channel. The CGAN-based model aims to use the three people’s respective convolutional network structures to generate $P_{B\mathrm{ob}}\left(\mathrm{PVT}|\$\right)$ and $P_{E\mathrm{ve}}\left(\mathrm{PVT}|\$\right)$ in an adversarial manner, through the generator, G, and the discriminator, D, so that there is no difference between $P_{B\mathrm{ob}}\left(\mathrm{PVT}|\$\right)$ and the plaintext, and the result, $P_{E\mathrm{ve}}\left(\mathrm{PVT}|\$\right)$, obtained by Eve is, as far as possible, random. D needs to have the ability to accurately determine whether PVT is a real value or a false value generated by G. Vector $\mathit{x}$ is used to represent the original PVT data, vector $\mathit{y}$ is the BeiDou command label, and vector $\mathit{z}$ is noise data used by G to generate false PVT data. Therefore, the CGAN objective equation for encrypting and decrypting BeiDou PVT information is as follows:

$$\underset{G}{\min }\underset{D}{\max }V\left(G,D\right)=\underset{G}{\min }\underset{D}{\max }{\mathrm{E}}_{\mathit{x}\sim p_{data}\left(\mathit{x}\right)}\left[\log D\left(\mathit{x}|\mathit{y}\right)\right]+{\mathrm{E}}_{\mathit{z}\sim p_z\left(\mathit{z}\right)}\left[\log \left(1-D\left(G\left(\mathit{z}|\mathit{y}\right)\right)\right)\right]$$

(1)

$V\left(G,D\right)$ is a typical binary cross-entropy function, $P_{data}\left(\mathit{x}\right)$ is the probability distribution of the real PVT information in $\chi$ space, and $P_z\left(\mathit{z}\right)$ is the noise distribution. For discriminator D, the PVT data with the BeiDou command label are used as the input to ensure that the output PVT information has a label that is consistent with the given label; that is, $\log D\left(\mathit{x}|\mathit{y}\right)$ and $\log \left(1-D\left(G\left(\mathit{z}|\mathit{y}\right)\right)\right)$ are maximized. For the generator, the goal is to minimize $\log \left(1-D\left(G\left(\mathit{z}|\mathit{y}\right)\right)\right)$ so that the generated labeled samples successfully fool discriminator D. Assuming that the fake PVT information generated by generator G satisfies the $P_g\left(x\right)$ distribution, the training process of a CGAN stops when $P_g\left(x\right)$ infinitely approaches $P_{data}\left(\mathit{x}\right)$. At this time, for a fixed G, the optimal D can be expressed as $D_g^{*}\left(\mathit{x}\right)=P_{data}\left(\mathit{x}\right)/\left(P_{data}\left(\mathit{x}\right)+P_g\left(\mathit{x}\right)\right)$.

Based on the above CGAN, we introduce an innovative operation of the CGAN applied to BeiDou PVT-information encryption and decryption. We define ${\theta }_A,{\theta }_B$ and ${\theta }_E$ as the parameters of the convolutional networks of Alice, Bob, and Eve, respectively, using $E_A\left({\theta }_A,P\left(\mathrm{PVT}|\$\right),K\right)$ to represent the PVT ciphertext generated by Alice, and we take $D_B\left({\theta }_B,C\left(\mathrm{PVT}|\$\right),K\right)$ and $D_E\left({\theta }_E,C\left(\mathrm{PVT}\right)\right)$ as the deciphered values obtained by Bob and Eve, respectively, using their respective inputs.

The distance value with the labels is used to define the gap between the real PVT and the deciphered values of Bob and Eve, and the L2-norm is used to calculate the distance. Compared with the L1-norm, the L2-norm enhances the convexity of the optimization solution process, thereby avoiding the overfitting of the L1 distance. The specific formula is as follows:

$$d\left(P\left(\mathrm{PVT}|\$\right),P^{\prime }\left(\mathrm{PVT}|\$\right)\right)={\left({\displaystyle \sum _{i=1}^N{\left(P\left(\mathrm{PVT}|\$\right)-P^{\prime }\left(\mathrm{PVT}|\$\right)\right)}^2}\right)}^{\frac{1}{2}}$$

(2)

where N is the length of the BeiDou PVT information. By analyzing the above formula, it was found that the introduction of the BeiDou command label into the distance function makes the effect of the CGAN encryption- and decryption-model acceptable only after the generated fake PVT-information and the label pass the determination of discriminator D.

Bob’s reconstruction error, $L_B$, and its extension to the plaintext and key distribution, ${\mathrm{E}}_{P\left(\mathrm{PVT}|\$\right),K}$, are expressed as follows:

$$L_B\left({\theta }_A,{\theta }_B,P\left(\mathrm{PVT}|\$\right),K\right)=d\left(P\left(\mathrm{PVT}|\$\right),D_B\left({\theta }_B,E_A\left({\theta }_A,P\left(\mathrm{PVT}|\$\right),K\right),K\right)\right)$$

(3)

$$L_B\left({\theta }_A,{\theta }_B\right)={\mathrm{E}}_{P\left(\mathrm{PVT}|\$\right),K}\left[L_B\left({\theta }_A,{\theta }_B,P\left(\mathrm{PVT}|\$\right),K\right)\right]$$

(4)

In contrast to the decryption process (Bob), the eavesdropper (Eve) needs to reconstruct the BeiDou PVT plaintext under the condition that the master key, K, cannot be obtained. The reconstruction error of Eve is as follows:

$$L_E\left({\theta }_A,{\theta }_E,P\left(\mathrm{PVT}|\$\right),K\right)=d\left(P\left(\mathrm{PVT}|\$\right),D_E\left({\theta }_E,E_A\left({\theta }_A,P\left(\mathrm{PVT}|\$\right),K\right)\right)\right)$$

(5)

$$L_E\left({\theta }_A,{\theta }_E\right)={\mathrm{E}}_{P\left(\mathrm{PVT}|\$\right),K}\left[L_E\left({\theta }_A,{\theta }_E,P\left(\mathrm{PVT}|\$\right),K\right)\right]$$

(6)

The goal of Eve is to determine the convolutional network parameters, ${\theta }_E$, that minimize the reconstruction error, $L_E\left({\theta }_A,{\theta }_E\right)$, as follows:

$$O_E\left({\theta }_A\right)=\arg {\min }_{{\theta }_E}\left(L_E\left({\theta }_A,{\theta }_E\right)\right)$$

(7)

To ensure that the eavesdropper (Eve) cannot parse the ciphertext while the two communicating parties encrypt the BeiDou PVT information, the sub-errors, $L_B$ and $L_E$, are established, to jointly reconstruct the error as follows:

$$L_{AB}\left({\theta }_A,{\theta }_B\right)=L_B\left({\theta }_A,{\theta }_B\right)-L_E\left({\theta }_A,O_E\left({\theta }_A\right)\right)$$

(8)

Then, the Alice and Bob convolutional-network-optimization parameters can be expressed as follows:

$$\left(O_A,O_B\right)=\arg {\min }_{\left({\theta }_A,{\theta }_B\right)}\left[L_{AB}\left({\theta }_A,{\theta }_B\right)\right]$$

(9)

Considering the parallel neuron structure, nonlinear transfer function, and diffusion characteristics of the neural network, the Alice, Bob, and Eve convolutional-neural-network structure shown in Figure 4, is established. The specific steps are as follows:

Step 1: Alice and Bob have the same network structure, consisting of a fully connected layer with sigmoid as the activation function, and three convolutional layers with leaky ReLU (rectified linear unit). The output uses the tanh activation-function to normalize the value to $\left(-1,1\right)$.

Step 2: Alice’s inputs are $P\left(\mathrm{PVT}|\$\right)$ and $K$, and the output is $C\left(\mathrm{PVT}|\$\right)$, while Bob’s network inputs are $C\left(\mathrm{PVT}|\$\right)$ and $K$, and the output is $P_{B\mathrm{ob}}\left(\mathrm{PVT}|\$\right)$.

Step 3: Since Eve cannot obtain the master key that was predistributed by the BeiDou satellites, the network structure of Eve has one more fully connected layer than that of Alice and of Bob.

Step 4: The CGAN model performs the encryption and decryption of BeiDou PVT-information transmission, and then inputs the PVT information into the MD5 hash function, to output the key used to encrypt the plaintext. The core purpose of the MD5 hash function is to take a variable-length message as the input and generate a fixed-length hash as the output of the function. The MD5 hash-function can effectively solve the problem of the length of BeiDou PVT information not being able to be determined, and any change in bytes will cause a huge change in the generated sequence.

2.3. Design of the Dynamic Tolerance Region

Denning’s model was first proposed in [29], and meets the constraint that the receiver can only decrypt ciphertexts sent from a designated area. In the previous section, the two communicating parties performed the encrypted transmission of BeiDou PVT information. In this section, the BeiDou receiver actively obtains the sender’s PVT information through the RDSS antenna, and compares it with the PVT information transmitted based on the CGAN model in the previous section. The receiver performs the decryption operation only when the two sets of PVT information match. However, considering that the maximum communication frequency of the BeiDou short messages is 1 s, and the ship is mobile, the PVT information received by the decryption terminal is often of the state of the previous moment. Additionally, the BeiDou satellite system itself has positioning errors, and the direct use of Denning’s model leads to a low decryption success-rate. Therefore, in this study, we analyze dynamic changes in ship PVT information and set a dynamic tolerance region to solve the above problems.

As shown in Figure 5, we define the longitude and latitude of the ship node at time $t_0$ as $\left(X_0,Y_0\right)$, and the receiver uses the BeiDou RDSS antenna to periodically update the ship’s position at a fixed time interval, $\Delta t$, which is denoted as $t_i=t_0+i\Delta t$.

The shape of the dynamic tolerance region of the moving ship is defined as an ellipse, the center of the decryption area is the center of the ellipse $\left(O{X}_t,O{Y}_t\right)$, the speed is $V$, and the angle between the course and latitude is $\theta$. Then, the center of the dynamic tolerance area at time $t$ is as follows:

$$\{\begin{array}{l}O{X}_t=X_0+V\left(t-t_0\right)\cos \theta \\ O{Y}_t=Y_0+V\left(t-t_0\right)\sin \theta \end{array}$$

(10)

By analyzing the ship’s sailing plan, the user needs to predefine the longitudinal and lateral maneuverability-parameters, $\rho$ and $\delta$. $\rho$ represents the degree of deviation of the ship’s course from a straight line, and $\delta$ represents the degree of change of the ship’s speed. Generally, highways with winding routes and poor road conditions require larger maneuverability-parameters to be set. For ship motions that do not include emergency operations, small coefficients can be chosen for $\rho$ and $\delta$. Assuming that $\left(X_t,Y_t\right)$ obeys a multivariate Gaussian distribution, using the 3-sigma principle yields the parameters of the dynamic tolerance region as follows:

$$\{\begin{array}{l}{\sigma }_X=X_t+\frac{1}{6}\left(\delta -O{X}_t\right)\cos \theta +\frac{1}{6}\left(\rho -O{Y}_t\right)\sin \theta \\ {\sigma }_Y=Y_t-\frac{1}{6}\left(\delta -O{X}_t\right)\sin \theta +\frac{1}{6}\left(\rho -O{Y}_t\right)\cos \theta \end{array}$$

(11)

Therefore, the ellipse equation of the dynamic tolerance region at time $t$ can be expressed as follows:

$$Ellipse\left(X_t,Y_t\right)=\frac{{\left(X_t-O{X}_t\right)}^2}{{\sigma }_X^2}+\frac{{\left(Y_t-O{Y}_t\right)}^2}{{\sigma }_Y^2}-2\cos \theta \frac{\left(X_t-O{X}_t\right)}{{\sigma }_X^{}}\frac{\left(Y_t-O{Y}_t\right)}{{\sigma }_Y^{}}\le c$$

(12)

Here, c is a constant set, according to the positioning error of the BeiDou satellite itself.

Below is an analysis of the parameter update of the dynamic ellipse equation. We use the Gauss–Markov model proposed in [30], to update the four dynamic variables $V,\theta ,\delta$ and $\rho$. The formula is as follows:

$$Z_t=\lambda Z_{t-1}+\left(1-\lambda \right){\overline{Z}}_{t-1}+\sqrt{1-{\lambda }^2}{\epsilon }_{t-1}$$

(13)

Here, $\lambda \in \left[0,1\right]$ is used to adjust the influence of time, $t-1$, and the historical time on time $t$, ${\overline{Z}}_{t-1}$ is the historical average of $Z_t$, and ${\epsilon }_{t-1}$ is a stationary, random Gaussian process that is not related to the parameters to be updated, which can be eliminated by setting the mean and variance. The vessel speed and course update-values, ${\widehat{V}}_k,{\widehat{\theta }}_k$, at the $k$th time, are as follows:

$${\widehat{V}}_k=\lambda {\widehat{V}}_{k-1}+\frac{1-\lambda }{n-1}{\displaystyle \sum _{t=1}^{n-1}\sqrt{{\left(\frac{X_t-X_{t-1}}{\Delta t}\right)}^2+{\left(\frac{Y_t-Y_{t-1}}{\Delta t}\right)}^2}}$$

(14)

$${\widehat{\theta }}_k=\lambda {\widehat{\theta }}_{k-1}+\left(1-\lambda \right)\arctan \left\{\frac{1}{n-1}{\displaystyle \sum _{t=1}^{n-1}\left(\frac{Y_t-Y_{t-1}}{X_t-X_{t-1}}\right)}\right\}$$

(15)

where $k=1,2,\cdots ,n$. Inverting Equation (11) provides the updated formulas for the longitudinal and lateral maneuverability-parameters, $\widehat{\rho }$ and $\widehat{\delta }$, as follows:

$$\{\begin{array}{l}\widehat{\delta }=X_t+6\left({\widehat{\sigma }}_X-O{X}_t\right)\cos \widehat{\theta }-6\left({\widehat{\sigma }}_Y-O{Y}_t\right)\sin \widehat{\theta }\\ \widehat{\rho }=Y_t+6\left({\widehat{\sigma }}_X-O{X}_t\right)\sin \widehat{\theta }+6\left({\widehat{\sigma }}_Y-O{Y}_t\right)\cos \widehat{\theta }\end{array}$$

(16)

where

$$\{\begin{array}{l}{\widehat{\sigma }}_X=\frac{1}{n-1}{\displaystyle \sum _{i=1}^n{\left(X_t-\overline{X}\right)}^2}, \overline{X}={\displaystyle \sum _{i=1}^n{X}_t/n}\\ {\widehat{\sigma }}_Y=\frac{1}{n-1}{{\displaystyle \sum _{i=1}^n\left(Y_t-\overline{Y}\right)}}^2, \overline{Y}={\displaystyle \sum _{i=1}^n{Y}_t/n}\end{array}$$

(17)

Before each dynamic tolerance area is determined, the ellipse equation needs to be recalculated with the updated parameters, but if the ship’s course and speed remain relatively constant, the dynamic tolerance area only needs to update the center of the ellipse. With this setting, the balance between the optimal decryption region and the PVT update frequency can be effectively guaranteed.

The BeiDou short-message encryption scheme considering the dynamic tolerance region is shown in Figure 6. Its structure is a hybrid data-encryption system combining symmetric and asymmetric features. It has the characteristics of symmetric encryption, high efficiency, fast encryption speed, and a small amount of calculation, as well as high security with asymmetric encryption. First, both parties use a CGAN to encrypt and decrypt BeiDou PVT information. This process is equivalent to using an asymmetric encryption system to transmit the encryption/decryption key. Conditional adversarial learning ensures that the BeiDou PVT information used to generate encryption keys are not stolen. The receiver calculates the dynamic tolerance region and compares it with the position actively obtained by the BeiDou RDSS antenna, and it only generates a decryption key for a sender that meets the dynamic-tolerance-region conditions. Finally, both parties use the AES symmetric-encryption algorithm to encrypt and decrypt the BeiDou plaintext and ciphertext, and all ship-data plaintext and BeiDou PVT information with labels $P\left(\mathrm{PVT}|\$\right)$ are transmitted by the BeiDou short-message communication channel.

The encryption and decryption process-flow is shown in Figure 7. This study proposes the CGAN BeiDou satellite short-message encryption scheme using ship PVT to ensure that the key is not directly exposed in the BeiDou short-message channel. The CGAN model implements the protection of keys generated using ship PVT. By calculating the dynamic tolerance area, the receiver is only responsible for parsing the BeiDou plaintext within the area specified by the sender. Both users use the AES algorithm to encrypt the plaintext and decrypt the ciphertext. The encryption process is as follows:

Step 1: the sender specifies the receiver’s PVT information, and only the receiver located at the specified latitude and longitude performs the decryption operation.

Step 2: the pretrained CGAN model is used to encrypt the BeiDou PVT information, and as the initial key to perform key expansion.

Step 3: The BeiDou plaintext to be transmitted uses the AES algorithm to generate the BeiDou ciphertext, and the operations include SubByte, ShiftRow, MixColumn, and AddRoundKey. Since the encryption algorithm is widely known, this article does not repeat its operation principle.

The decryption process is as follows:

Step 1: the receiver obtains the real PVT information through the BeiDou antenna, and calculates the dynamic tolerance area through the preset parameters.

Step 2: the receiver decrypts the PVT information provided by the sender through the pretrained CGAN model, and compares the received PVT information with the real value received by its own antenna in combination with the dynamic tolerance area.

Step 3: when the decryption conditions are not met, the receiver does not perform the decryption operation.

Step 4: When the PVT information of both parties is matched, the receiver uses the AES inverse operation to decrypt the BeiDou ciphertext sent by the user. The AES decryption process also includes five operations, SubByte, ShiftRow, MixColumn, and AddRoundKey, and the process is similar to the encryption procedure.

3. Results and Discussion

To verify the feasibility of the proposed scheme, we built a BeiDou satellite short-message-communication experimental platform. The freighter data in Qingdao, Shandong Province, China, are used as the plaintext, and the decryption terminal is in Harbin Engineering University, Heilongjiang Province, China, as shown in Figure 8. The NI PXIe-1085 box and PXIe-8840 express controller are used to collect real-time data to be transmitted, the BeiDou short-message sending device is responsible for data encryption and transmission, and the BeiDou RDSS antenna actively obtains the real ship’s position. The ground-receiving center is equipped with a dedicated high-performance processor, to receive and decrypt short messages. Real data are collected by the experimental equipment for encryption, as shown in Figure 9. A total of 137,230 pieces of data were collected from 10 November 2021 to 17 December 2021, including: motor power (kW), fuel efficiency (g/kWh), motor speed (RPM), relative wind speed (m/s), fuel consumption (kg/nm), and sailing speed (kn). Below, Section 3.1 and Section 3.2 demonstrate the feasibility of the scheme from the perspective of a simulation and experiment.

3.1. Simulation and Analysis

Instructions containing PVT in the BeiDou-satellite short messages are used as the training set. The number of training instructions is 4096 entries. The CGAN model is trained with a “minibatch”, the learning rate is set to 0.0012, and the optimizer is selected as the Adam optimizer. The simulation sets the input instruction length and output key length of the CGAN as 64 bits, and subsequently needs to concatenate two 64-bit keys as the 128-bit encryption and decryption keys of the AES. The window size of each convolution is set, the input and output depths are [8, 1, 2], [2, 2, 4], [1, 4, 4], and [1, 4, 1], and the step sizes are set to 1, 2, 1, and 1. The convolution window of the first layer is set to 8, considering that a single byte occupies 8 bits, which means that the association between PVT information bytes can be mined more efficiently.

There are two conditions for stopping training: (1) the decryption error rate of the receiver is infinitely close to zero, and the BeiDou PVT information decrypted by the eavesdropper is similar to a random result; (2) the network has not converged after 20,000 rounds of adversarial learning. Therefore, the algorithm’s performance is evaluated by the number of decrypted error bits of the BeiDou PVT information, and making this value tend toward zero is the goal that the CGAN adversarial model needs to achieve. To more comprehensively analyze the advantages of the CGAN model for encrypting BeiDou PVT information, we not only train the 64-bit BeiDou instructions, but also add 16-bit and 32-bit plaintext training. The GAN encryption model is used as the control group.

The objective-function loss is shown in Figure 10. As the number of bits increases, the loss value of the two methods gradually increases, and the loss of a CGAN is always smaller than that of a GAN.

Figure 11, Figure 12 and Figure 13 show the comparison of the training results in 16-, 32-, and 64-bit scenarios, respectively. The number of decryption error bits for Bob tends toward 0 after the training is completed in the three cases, which means that Bob can correctly parse the BeiDou PVT information sent by Alice. Compared with Bob’s relatively smooth training-process, there are single or multiple performance fluctuations during the Eve training-process. However, with the continuous adjustment of the convolutional-network parameters of both parties under the adversarial mechanism, in the scenarios with 16, 32, and 64 bits, Eve’s decryption error bits converge to 7.718, 15.39, and 31.06 bits, respectively. Ideally, they should reach 8, 16, and 32 bits, respectively, which means that when Eve tries to recover the stolen BeiDou PVT information, only approximately half of the BeiDou plaintext can be recovered; that is, Eve’s decryption result is almost completely random. By analyzing the number of decryption error bits after the Eve-network parameters are stabilized, it was found that since the convolution structure is not changed in the simulation, as the number of data bits increases, the deviation between the convergence value of the Eve network and the ideal value becomes increasingly obvious. This is because the convolutional network in complex data scenarios gradually shows a tendency toward underfitting, and an effective way to address this phenomenon is by increasing the network depth and the number of neurons in a single-layer convolution.

Both models achieve stable convergence in limited rounds in 16-, 32-, or 64-bit scenarios. The convergence speed of the CGAN and the number of decrypted error bits after stabilization are both lower than those of the GAN. The number of error bits in the stable state of the CGAN is 7.718, 15.39, and 31.06, respectively, while the GAN only reaches 7.58, 14.92, and 29.29, which obviously deviates from the ideal values of 8, 16, and 32. This is because the CGAN uses labels to preprocess BeiDou commands, which is equivalent to classifying the input BeiDou command-training-set before adversarial training. This mechanism effectively prevents the defect of the GAN input data being completely random. In summary, it is feasible for the CGAN model designed in this study to encrypt and decrypt BeiDou PVT information, and it achieves better results than the GAN model. In addition, to verify the security of the algorithm proposed in this study, we tested 50 neural networks under attack by the Eve-network model, to verify whether the CGAN model can ensure the security of ship-PVT information. The experimental results are shown in

Table 1. Algorithm-security verification under different key lengths.

	Key Length	Number of Test Networks	Number of Successful Encryptions	Encryption Success Rate
1	16 bit	50	50	100%
2	32 bit	50	50	100%
3	64 bit	50	50	100%

. The CGAN model proposed in this study can effectively realize the encryption of ship information, and has good security.

To verify the encryption efficiency of the algorithm in this study, we use 1024 MB of data as the input for comparative experiments. The control groups are the algorithms without PVT-information encryption, namely the traditional DES and AES algorithms, and the algorithms that use the GAN model to encrypt PVT information, namely the GAN-AES. The experimental results are shown in

Table 2. Efficiency verification of different algorithms.

	Algorithms	Data Size (MB)	Encryption Time (s)	Average Speed (MB/s)
1	DES	1024	42	24.38
2	AES	1024	20	51.20
3	GAN-AES	1024	28	36.57
4	CGAN-AES	1024	24	42.67

. Although the algorithm in this study adds the encryption and decryption of ship-PVT information on the basis of AES, since the neural network is pretrained, after the BeiDou short message is input into the model, most of its operations run linearly. Therefore, no excessive computational burden is added. In particular, for the BeiDou-satellite information-transmission system, the frequency of sending short messages is once a minute, so the system using BeiDou satellites is not a system with strong real-time requirements, and thus, the algorithm in this study is applied to BeiDou satellites, with good efficiency.

We take the “Ship remote support” as an example to verify the effect of encryption and decryption. The specified latitude and longitude are set to 120.020866 and 35.816002, respectively, and the actual latitude and longitude are 120.020866 and 35.816012, respectively, with a slight deviation between the two, which is used to simulate the positioning error of the BeiDou satellite. The key generated by the CGAN model is 1B0313952878650D0AC95B4EA5476AB5. From the simulation results, it can be found that by setting the parameters of the dynamic tolerance region, the BeiDou plaintext can be encrypted as “001001100110001111101111101000011111000000001010000010000111010101110011110011111000000000000101111”; the decryptor successfully obtained the BeiDou message information “Ship remote support”, as shown in

Table 3. Encrypted-communication test results.

Simulation Experiments	Simulation-Experiment Results
The specified latitude and longitude	Longitude: 120.020866 Latitude: 35.816002
The actual latitude and longitude	Longitude: 120.020866 Latitude: 35.816012
Dynamic tolerance parameters	50,50
A key generated based on CGAN	1B0313952878650D0AC95B4EA5476AB5
BeiDou satellite plaintext	Ship remote support
BeiDou satellite ciphertext	0010011001100011111011111010000111110000000010100000100001 11010101110011110011111000000000000101111
The decrypted BeiDou plaintext	Ship remote support

.

3.2. Experimental Verification of BeiDou Short-Message Encryption/Decryption

Since this study does not improve the encryption algorithm itself, but introduces the concept of a dynamic tolerance region, the receiver can only parse the BeiDou ciphertext transmitted in the designated sending area by using a BeiDou satellite RDSS antenna, thus preventing eavesdroppers from forging location information, and preventing the BeiDou short-message channel from being invaded. Therefore, the security, complexity, and correlation of the generated ciphertext are consistent with those of the AES, and they are not introduced in detail. This section aims to use MATLAB 2019b to design the experimental software of the upper computer. Then, the CGAN-based BeiDou PVT-key-generation and the encryption- and decryption-processes, considering the dynamic tolerance region, are tested in the designed software. The receiver is limited to only having the ability to parse BeiDou short messages in the designated area, and the decryption success-rate under different combinations of longitudinal and lateral maneuverability-parameters is verified, thus demonstrating the engineering value of the proposed scheme applied to BeiDou satellite short-message communication.

Figure 14 shows the CGAN-based BeiDou satellite short-message-encryption interface. The user can read the BeiDou-PVT information of the specified path, input it into the trained CGAN encryption model, and display the generated key in a binary and graphical manner. The plaintext is encrypted with the key generated, based on the CGAN model and displayed in the “BeiDou Short Message Binary Ciphertext Display” window.

Figure 15 shows the CGAN-based BeiDou satellite short-message-decryption interface. The real PVT information is “4546.54692, N, 12640.86403. E”, and the received PVT information based on the CGAN is “4546.54696, N, 12640.86409. E”. There is a slight gap between the two, which is caused by objective factors, such as a Beidou satellite positioning error, transmission delay, and ship mobility. It was found that the receiver correctly parses the ciphertext, and the specific process is as follows. First, the longitudinal and lateral maneuverability-parameters need to be set, and the dynamic tolerance area needs to be calculated. The receiver can only parse BeiDou ciphertext sent within the specified dynamic-tolerance-region. The BeiDou RDSS antenna actively obtains the true position of the sender, and determines whether it is within the dynamic tolerance area. If the conditions are not met, the operation will be stopped, and if the conditions are met, the next step will be performed. Then, the receiver obtains the BeiDou-PVT information from the trained CGAN decryption model, and displays the generated key in a binary and graphical manner. Finally, the key is used to decrypt the BeiDou ciphertext, and the string can be displayed in the BeiDou Short Message Plaintext Display window. Figure 16 shows a situation where the receiver fails to decrypt correctly: that is, the receiver does not use the received BeiDou PVT information to generate a key but uses the real PVT information actively obtained by the RDSS antenna. If “4546.54696” in the “Real PVT information” dialog is forcibly set to “4646.54696”, the correct key cannot be generated, and the BeiDou short message cannot be decrypted correctly.

To study the effect of the dynamic tolerance region on the decryption success-rate, experiments were carried out on various combinations of longitudinal and lateral maneuverability-parameters. Each combination was tested 100 times, and the decryption success-rate was analyzed. Using Franson’s CoordTrans multisource data-coordinate-conversion tool, it is estimated that every 50 m corresponds to approximately 1.6482 s and 2.0538 s of longitude and latitude changes, respectively. According to the positioning accuracy officially announced by the BeiDou Management Center, 50 m is set as the ideal range for the dynamic tolerance region. The following two situations are discussed: in one situation, the longitudinal maneuverability-parameter,$\rho$, is held fixed in the ideal range, and the lateral maneuverability-parameter, $\delta$, is dynamically adjusted. In the other situation, the influence of dynamic changes in $\delta$ on the decryption success-rate is analyzed under the condition of a fixed $\rho$.

An analysis of Figure 17 shows that if the dynamic tolerance region is not considered, that is, when either $\delta$ or $\rho$ is 0, the decryption success-rate basically remains at 0%. This proves that when the receiver does not consider factors such as BeiDou-system positioning error, transmission delay, and ship mobility, the BeiDou PVT information transmitted based on the GCAN model, cannot match the real value actively obtained by the RDSS antenna. Therefore, the receiver cannot parse the BeiDou ciphertext of the sender, which reflects the importance of the dynamic tolerance zone designed in this study. As $\delta$ or $\rho$ increases gradually, the decryption success-rate also increases. The increase is most obvious when $\delta$ or $\rho$ is in the range of 20 to 30 m, after which the decryption success-rate increases slowly. When either $\delta$ or $\rho$ is set to 50 m, the other maneuverability parameter only needs to be set to more than 30 m. Then, a decryption success-rate of more than 80% can be achieved. In particular, in the ideal case, both $\delta$ and $\rho$ are set to the maximum value of 50 m, and the two communicating parties achieve 100% communication decryption in 100 experiments. In summary, the encryption and decryption scheme considering the dynamic tolerance region proposed in this study has better communication robustness, on the basis of data security.

4. Conclusions

To improve the security of the BeiDou civilian-short-message channel, this study proposes a CGAN BeiDou satellite short-message encryption scheme using ship PVT. The BeiDou PVT information for key generation is transmitted using the CGAN model, and the decryption success-rate is improved by introducing a dynamic tolerance region. The following conclusions are obtained through simulation: the CGAN model is better than the GAN model at encrypting 16-, 32-, and 64-bit BeiDou-PVT commands, but the number of decrypted error bits increases with the complexity of the BeiDou commands. Additionally, by adjusting the longitudinal and lateral maneuverability-parameters to update the dynamic-tolerance-region ellipse equation, the decryption success-rate can be effectively improved, and can reach 100% under ideal conditions. Furthermore, this study describes the design of BeiDou short-message encryption-and-decryption host-computer software based on MATLAB 2019b, and visually displays the CGAN BeiDou satellite short-message encryption scheme using the ship PVT proposed in this study, which increases the engineering-application value.

Considering the problem of the limited length of the BeiDou satellite short-message-communication string, designing an algorithm with both ship-data compression and encryption is a research problem to be solved in the future.