ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (3): 702-717.doi: 10.7544/issn1000-1239.2015.20131382

• 信息安全 • 上一篇    下一篇

基于散列时间有效性的轻量级完整性监测方法

徐钦桂1,秦勇1,杨桃栏2   

  1. 1(东莞理工学院计算机学院 广东东莞 523808) ; 2(国防科学技术大学计算机学院 长沙 410073) (dgxuqg@126.com)
  • 出版日期: 2015-03-01
  • 基金资助: 
    基金项目:国家自然科学基金项目(61300198);广东省自然科学基金项目(S2013010011858);广东省科技计划基金项目(2007A060304003);东莞市高等院校科研机构科技计划基金项目(2012108102035,2012108102007);清远市产学研项目(2012D021212005);广东省高等学校学科与专业建设专项基金项目(2050205)

Light-Weight Integrity Monitoring Based on Hashing Time Validity

Xu Qingui1, Qin Yong1, Yang Taolan2   

  1. 1(College of Computer, Dongguan University of Technology, Dongguan, Guangdong 523808); 2(College of Computer, National University of Science Technology, Changsha 410073)
  • Online: 2015-03-01

摘要: 实时监测节点完整性状态是资源受限节点安全保护的有效手段.分析针对资源受限节点的主要篡改攻击模式及对散列时间带来的影响,提出基于散列时间有效性检验的纯软件完整性监测手段.基于对散列时间有效性可检验条件分析,提出采用验证值伪造惩罚系数描述散列模块抗篡改能力,设计一种融入程序状态的轻量级散列算法,通过简化算法结构与融入程序状态,增大验证值伪造难度,提高验证值伪造惩罚系数.设计支持消息认证的监测协议防止消息伪造,基于验证值比较与散列时间有效性统计,判定节点完整性状态.实验结果表明:该方案以微小的节点开销为代价,获得了更高的散列时间有效性检验可靠性,增强了对散列时间与消息传输时间波动干扰的容忍能力,提高了资源受限节点防篡改攻击性能.

关键词: 完整性监测, 散列时间有效性, 轻量级散列算法, 低开销认证算法, 验证值伪造惩罚系数

Abstract: Real-time monitoring of node integrity is effective means to protect resource-restrained nodes. By identifying main tampering attack modes against resource-restrained nodes, and analysiing the influence on hashing time, pure-software integrity monitoring means based on inspecting hashing time validity is suggested. On the basis of analysing testability condition of hashing time validity, checksum forging punishment coefficient is proposed to indicate tamper-resisting performance of monitor mechanism, and a light-weight hashing algorithm of merging program states is put forward. By simplifying hashing structure and integrating program states into checksum, checksum forging is made more difficult. Damaged nodes have to spend much more time on extra work like restoring legal code and program states than on hashing if they want to aquire the correct checksum. Hence, the proposed mechanism imposes much greater checksum forging punishment on damaged nodes than other approaches like SWATT and Shah. In order to prevent message forging or tampering during transmission over communication networks, a monitoring protocol supporting message authentication is designed. For tolerating influence from hashing time fluctuation and checksum guess, node integrity state is evaluated from results of both checksum comparison and hashing time validity statistics. The experiments show that the proposed approach achieves high reliabiliy in examining validity of checksum and hashing time with small cost. Toleration ability against fluctuation disturbance on hashing time from node multi-tasking environment and communication networks is improved, and hence tamper-resisting performance of resource-constrained nodes is enhanced.

Key words: integrity monitoring, hashing time validity, light-weight hashing algorithm, low-overhead authentication algorithm, checksum forging punishment coefficient

中图分类号: