无人值守无线传感器网络中可靠数据生存恢复方案

无人值守无线传感器网络( UWSN)通常部署在环境恶劣或敌对环境中,在静态汇聚节点(或基站)部署困难的情况下,感知节点无法完成感知信息的实时汇聚传输,需暂时维持感知数据的生存状态。为增强数据生存概率,提高感知数据的抗损坏、擦除和篡改能力,在建立攻击模型假设的基础上,针对失效节点攻击假设,提出一种基于中国剩余定理加密秘钥分割机制的可靠数据生存恢复方案。利用门限秘钥分割存储机制增强密钥分割存储安全性,确保数据加密分割生存的可靠性,针对恶意节点攻击所造成的不可靠数据恢复威胁,构建基于恢复不一致性的恶意恢复攻击检测方案及基于多数表决的恶意恢复攻击识别机制,确保数据恢复的安全、可靠。     

无人值守WSN中数据概率复制生存仿真与研究

无人值守无线传感器网络通常部署在恶劣或敌对环境中,在静态汇聚节点(或基站)部署困难情况下,感知节点无法完成实时的数据汇聚传输,需在汇聚周期内维持数据的生存.现有节点信息副本复制的数据生存方案未考虑节点信誉和运行状况,副本分发机制缺乏有效和针对性,效率较低.为解决上述问题,提出了一种适合无人值守传感器网络的节点信誉度的概率随机副本复制方案.根据节点信誉度模型完善了现有数据副本概率随机分发机制,提高了信息副本分发的有效性,避免了重复分发及冗余存储,降低了开销,进而确保了数据的生存概率.仿真结果表明了改进方案的优越性.     

基于矩阵的无线传感器网络密钥预分配

为了提高邻居节点建立共享密钥的概率, 减少无线传感器网络资源的消耗, 从而进一步提高无线传感器网络中的连通性, 提出了一种基于矩阵的无线传感器网络的随机密钥部署方案。该方案在无线传感器的目标划分区域中采用3×3矩阵的方式进行密钥预分配, 使邻居节点共享直接密钥的个数为q, 提高了节点间共享密钥的阈值, 减少了节点存储冗余密钥的数量。数据分析和仿真结果表明, 该方案不但在存储密钥数量和安全性方面有较好的性能, 而且连通率为100%。     

基于中国剩余定理的传感器网络密钥管理协议

无线传感器网络的安全性是目前研究的热点。传统基于临时初始密钥和基于密钥池预分配的方案难以在网络连通性和节点存储计算消耗之间有效平衡,网络生命期内使用固定不变的初始密钥/密钥池难以抵抗节点捕获攻击。本文基于中国剩余定理提出了传感器网络密钥管理协议,每个节点携带较少的密钥素材,能够实现网络最大连通,并具有较少的存储空间和计算与通信能耗;基于时间概念分多个阶段部署传感器节点时,发布的密钥素材在不同的节点部署阶段相应变化,使得网络具有自愈合功能,从而具有较强的抗节点捕获攻击。     

高效的无线传感器网络交叉加密认证方案

为了解决无线传感器网络中所传数据的机密性和完整性问题,本文提出一种高效的无线传感器交叉加密认证方案。该方案基于对称密钥密码系统,网络中的节点只和其2跳以内的节点共享密钥,传输中的密文始终只加密2层,从而降低存储密钥的空间,减少加、解密时的计算量。此外,方案在加密时引入带投票技术的认证功能,从而在保证数据机密性和完整性的同时大大降低消息丢失的概率。     

无线传感器网络中分布式存储方案的改进

本文提出了一种效率较高的无线传感器网络的分布式数据存储方案。该方案将数据D加密成n个秘密共享份分别存储于无线传感器网络的n个存储节点中,只有从这n个存储节点中获得有效秘密共享份数大于或等于预先设定的阀值k（1≤k≤n）时才可重构原始数据;而获得任意小于份的共享份数将得不出原始数据。这样,在加密了数据的同时,又能使得WSN在一部分节点失效（失效的节点数小于k）的情况下仍然能获得原始数据,从而提高了数据的可靠性和容灾性。相对于运用Shamir秘密共享方案,本方案将更有效率。     

无线传感器网络随机密钥预分配改进方案

由于无线传感器网络节点能量、存储能力和计算能力的有限性,使传统的网络安全方案受到挑战。针对无线传感器网络的特点,在预共享密钥和随机密钥分发方案的基础上,提出了一种密钥分配方案。该方案采用只保存密钥池中密钥ID号的方法,节省了节点的存储空间。同时,考虑到传感器节点自身资源有限的特点,在满足加密需要的前提下,通过减少会话步骤、简化计算方法来降低传感器节点的工作负荷,从而使得传感器节点存储空间和通信开销都非常小,大大提高了传感器网络的工作效率。     

一种基于 Ｓｈａｍｉｒ 的安全 ＷＳＮ 分簇路由协议设计

路由协议在无线传感器网络中承担着数据的采集和转发等重要任务。针对目前的无线传感器网络路由协议存在数据安全性不高、网络可靠性差等问题,提出一种基于Shamir密钥交换的分簇型WSN路由协议（SSCRP）。根据节点剩余能量、接收信号强度、节点到基站的最短路径长度以及节点的负载率等因子进行簇头的选择。考虑到恶意节点侵入网络,使用Shamir密钥共享算法设计了轻量级的数据加密方案,为了均衡网络能耗提高网络整体的生存期,利用簇头的剩余能量和簇拥塞率及时进行簇头的轮换。实验结果表明SSCRP协议在端到端延时、数据包交付率、节点平均通信成本以及网络生存时间方面都表现出较好的性能。     

基于虹膜特征密钥的无线传感器网络安全数据融合

本文针对无线传感器网络中的数据融合操作面临严重的安全隐患,提出了一种基于虹膜特征密钥的数据融合加密方案,该方案不仅解决了在数据融合过程中密钥记忆和存储难的问题,而且也避免了中间节点攻击数据融合结果的问题.通过抗攻击能力仿真实验分析,该方案相比于传统的数据融合方案较为合理,减少了节点能量消耗,延长了网络生存周期.     

基于网格部署模型的WSN密钥分配方案

针对现有密钥预分配方案中网络连通性差、存储开销大、节点抗攻击能力不强等问题,提出一种基于网格部署模型的无线传感器网络密钥分配方案。该方案将部署区域划分为相互不重叠的六边形网格,为每个网格分配多个不同的密钥空间,且使任意相邻的网格之间仅共享一个密钥空间。根据节点的部署信息和已知的区域信息为其分配密钥信息,从存储开销、网络连通性和安全性方面对方案进行性能分析。实验结果表明,与已有密钥分配方案相比,该方案的网络连通率为1,不仅能降低节点内存需求,而且增强了无线传感器网络中节点抗随机攻击和区域攻击的能力。     

无人值守无线传感器网络中一种安全高效的数据存活策略

无人值守的无线传感器网络中感知到的数据被长期存储于网络节点中,而不是被即刻发送到一个中央节点.这是因为有些应用中感兴趣的是摘要信息(如历史信息)而不是实时数据.摘要信息可通过保存的数据现场提取,从而避免了实时数据的传送,减少了通信代价.该网络通常会面临安全风险,导致数据的随机失效或节点俘获,因而数据需要存活直到被收集的时刻.安全问题由此产生:如何最大化数据存活率,并且由于节点的资源限制安全策略需要具备较高效率.提出一系列数据存活策略.一些观察如基于位置熵的受限移动策略被证明.建议的高级策略使用这一策略提高了效率,同时利用计算秘密共享技术保证了容错和防御节点俘获.     

WSNs中可保护数据完整性和隐私的数据融合算法

提出一种可进行数据完整性和隐私保护的无线传感器网络安全数据融合算法IPPDA。通过在感知数据中附加一组同余数, 使汇聚节点能通过中国剩余定理进行数据完整性检测; 以时间和密钥为参数计算基于杂凑函数的消息验证码, 保证数据的新鲜性; 利用同态加密算法对数据进行隐私保护。仿真结果表明, IPPDA可以有效保护融合数据的隐私性、完整性和新鲜性, 能花费比iCPDA和iPDA算法更少的数据通信量和计算量, 得到更加精确的数据融合结果。     

An asymptotically perfect secret sharing scheme based on the Chinese Remainder Theorem

The secret sharing schemes based on the Chinese Remainder Theorem (CRT) and their applications have attracted many researchers in recent years. In this paper, we propose a weighted threshold secret sharing scheme based on the CRT and prove the scheme is asymptotically perfect. Since all CRT-based secret sharing schemes use special sequences of pairwise coprime integers as its parameters, this paper proposes the first algorithm to generate these integers. Moreover, the correctness of this algorithm is proved by using the prime number theorem. The experimental result shows the effectiveness and the efficiency of our algorithm as well as the space efficiency of our scheme using the sequences of integers generated from our algorithm. Our scheme with the parameter generation algorithm can be used in many applications such as threshold cryptosystems.     

A proactive secret sharing scheme based on Chinese remainder theorem

If an adversary tries to obtain a secret s in a (t, n) threshold secret sharing (SS) scheme, it has to capture no less than t shares instead of the secret s directly. However, if a shareholder keeps a fixed share for a long time, an adversary may have chances to filch some shareholders’ shares. In a proactive secret sharing (PSS) scheme, shareholders are supposed to refresh shares at fixed period without changing the secret. In this way, an adversary can recover the secret if and only if it captures at least t shares during a period rather than any time, and thus PSS provides enhanced protection to long-lived secrets. The existing PSS schemes are almost based on linear SS but no Chinese Remainder Theorem (CRT)-based PSS scheme was proposed. This paper proposes a PSS scheme based on CRT for integer ring to analyze the reason why traditional CRT-based SS is not suitable to design PSS schemes. Then, an ideal PSS scheme based on CRT for polynomial ring is also proposed. The scheme utilizes isomorphism of CRT to implement efficient share refreshing.     

基于浮标的3D水声传感器网络节点定位

节点位置的确定是水下无线传感器网络的应用基础。为了提高节点定位精度并延长网络生命周期,提出一种使用海面浮标节点作为参考节点的水下传感器网络节点定位算法。仿真结果表明该方法提高了节点定位的精度,并在一定程度上减少了能耗。     

Secure and energy-efficient data aggregation with malicious aggregator identification in wireless sensor networks

Data aggregation in wireless sensor networks is employed to reduce the communication overhead and prolong the network lifetime. However, an adversary may compromise some sensor nodes, and use them to forge false values as the aggregation result. Previous secure data aggregation schemes have tackled this problem from different angles. The goal of those algorithms is to ensure that the Base Station (BS) does not accept any forged aggregation results. But none of them have tried to detect the nodes that inject into the network bogus aggregation results. Moreover, most of them usually have a communication overhead that is (at best) logarithmic per node. In this paper, we propose a secure and energy-efficient data aggregation scheme that can detect the malicious nodes with a constant per node communication overhead. In our solution, all aggregation results are signed with the private keys of the aggregators so that they cannot be altered by others. Nodes on each link additionally use their pairwise shared key for secure communications. Each node receives the aggregation results from its parent (sent by the parent of its parent) and its siblings (via its parent node), and verifies the aggregation result of the parent node. Theoretical analysis on energy consumption and communication overhead accords with our comparison based simulation study over random data aggregation trees.     

Key distribution scheme for peer-to-peer communication in mobile underwater wireless sensor networks

Wireless Sensor Networks (WSN) consist of small battery-limited devices called sensor nodes. The communication between sensor nodes is a type of peer-to-peer communication, since each node has the same capability and role. One of the recent application areas of these nodes is underwater sensing. Communication in Underwater Wireless Sensor Networks (UWSN) is challenging since radio frequencies cannot be used. Instead acoustic waves, which cause extra challenges, are used in UWSN. Since UWSNs are deployed in hostile environment, nodes can be captured by an adversary. In order to secure UWSNs, key distribution problem must be addressed. Moreover, UWSNs are inherently mobile since the nodes may be drifted in the sea. In this paper, we propose a key distribution model which is applied for two group mobility models, namely nomadic mobility model and meandering mobility model. In both schemes hierarchical structure is used and communication is handled via well-known Blom’s key distribution scheme. Our simulation results show that mobility causes some temporary decreases in the connectivity, but our schemes help to heal the connectivity performance in time. Moreover, our schemes show good resiliency performance such that capture of some nodes by an adversary only causes very small amount of links between uncaptured nodes to be compromised.     

基于分布式认证的完整性保护数据融合方案

针对无线传感器网络(WSN)数据融合中存在的数据完整性保护问题,在双簇头安全融合（DCSA）方案的基础上,提出一个安全高效的数据融合方案,通过在节点间加入对称密钥,采用分布式验证方法,使节点认证与融合同时进行,在向上融合的过程中立即证实子节点融合数据的完整性。同时,利用红黑簇头的监督特性,能够定位恶意节点,增强抗共谋攻击能力。实验结果表明,所提方案在保证与DCSA相同安全等级的前提下,能够及早检测并丢弃错误数据,提高了完整性检测机制的效率,且具有更低的网络能耗。     

理想型[(t,k,n)]紧耦合秘密共享构造

在[(t,n)]门限秘密共享恢复过程中,任意多于[t]个的参与者可以恢复得到秘密。但是在实际的应用过程中,当参与者人数为[k(t≤k≤n)]时,只需获得[t]个参与者的份额（share）即可恢复秘密,即使其中的[k-t]个参与者不提供子份额。[(t,k,n)]紧耦合秘密共享是指在[(t,n)]门限秘密共享中,当参与者人数为[k]时,[k]个参与者作为一个整体,其中的每个人均参与到秘密恢复中,任意的[k-1]个参与者无法获取秘密的任何信息。在现有的紧耦合秘密共享方案中,无论是基于中国剩余定理的紧耦合秘密共享方案或者是基于拉格朗日插值多项式的紧耦合秘密共享方案,均存在信息率不为1,导致效率低下的缺陷。将中国剩余定理推广到有限域上的多项式环上,利用多项式环上的中国剩余定理构造出理想型[(t,k,n)]紧耦合秘密共享方案。     

A secret image sharing scheme based on piecewise linear chaotic map and Chinese remainder theorem

In this paper, a secret image sharing scheme, by combining arithmetic compression coding and Chinese remainder theorem (CRT) is proposed. It is well known that arithmetic compression coding method for image has a good compressibility, and it can reduce the size of the shadow image, which consists of sharing values. Usually, a smaller shadow image is convenient to store and transmit. The piecewise linear map is applied to design compression coding scheme, which has the same properties as the conventional arithmetic compression coding. The CRT is used to construct the sharing scheme for compression codes. Meanwhile, it also has encryption effects in the process of sharing. Finally, the security and the effectiveness of the secret image sharing scheme are confirmed by some computer simulation results.