KeySpace: Public Key Infrastructure Considerations in Interplanetary Networks

As satellite networks expand to encompass megaconstellations and interplanetary communication, the need for effective Public Key Infrastructure (PKI) becomes increasingly pressing. This paper addresses the challenge of implementing PKI in these complex networks, identifying the essential goals and requirements. We develop a standardized framework for comparing PKI systems across various network topologies, enabling the evaluation of their performance and security. Our results demonstrate that terrestrial PKI techniques can be adapted for use in highly distributed interplanetary networks, achieving efficient low-latency connection establishment and minimizing the impact of attacks through effective revocation mechanisms. This result has significant implications for the design of future satellite networks, as it enables the reuse of existing PKI solutions to provide increased compatibility with terrestrial networks. We evaluate this by building the Deep Space Network Simulator (DSNS), a novel tool for efficiently simulating large space networks. Using DSNS, we conduct comprehensive simulations of connection establishment and key revocation under a range of network topologies and PKI configurations. Furthermore, we propose and evaluate two new configuration options: OCSP Hybrid, and the use of relay nodes as a firewall. Together these minimize the extent of the network an attacker can reach with a compromised key, and reduce the attacker's load on interplanetary relay links.