高级检索

    基于M-IBE的异构传感网密钥管理协议

    M-IBE Based Key Management Protocol for Heterogeneous Sensor Networks

    • 摘要: 为解决异构传感网(heterogeneous sensor networks, HSN)因功能异构而导致的组内通信和组间通信安全问题,研究了公钥密码体制尤其身份基密码体制(identity-based encryption, IBE)在异构传感网中的应用,提出了基于多域身份基加密(multi-domain identity-based encryption, M-IBE)的异构传感网密钥管理协议.从逻辑上把HSN中的一个组类比于M-IBE的一个域.部署前由可信第三方为HSN生成全局公共参数、选取各组公私钥、抽取组内各节点私钥;部署后同组内邻居节点通过交换身份标识建立共享密钥;不同组内邻居节点在获得簇头授权后协商建立共享密钥.协议由密钥预分配、组内共享密钥建立、组间共享密钥协商、新节点加入、节点移除5部分组成.实验分析表明:该协议具有较高的安全性,可以抵抗高端节点和低端节点俘获攻击,较低的存储需求和恒定的连通概率适用于安全需求较高的应用场景中.

       

      Abstract: To address intra-group and inter-group communication issues arising from function heterogeneity in heterogeneous sensor networks (HSNs), the applications of public-key cryptosystem, especially identity-based encryption (IBE), is studied, and a key management protocol for HSNs based on multi-domain identity-based encryption (M-IBE) is proposed. In the protocol, one group of HSNs is analogized to one domain in M-IBE from a logical point of view. Before deployment, a trusted third party generates global public parameters for the HSN, selects public and private keys for each group, and extracts private key for each sensor within the group. After deployment, neighbor sensors within the same group set up shared-key through the exchange of sensor identity; neighbor sensors in different groups establish shared-key after getting authorized from cluster heads. The proposed protocol is composed of four parts: key material pre-distribution, shared-key establishment within group, shared-key agreement between two groups, and adding new sensors and removing sensors. The security analysis and performance evaluation show that the protocol has high security, which can resist against high-end sensors and low-end sensors capture attacks. It also has low storage requirements and constant connectivity probability. It can satisfy the demand for higher security application scenarios.

       

    /

    返回文章
    返回