共查询到20条相似文献,搜索用时 0 毫秒
1.
Key management is an important building block for all security operations in sensor networks. Most existing key management schemes try to establish shared keys for all pairs of neighbor sensors; hence, a large number of keys need to be preloaded on each sensor, which necessitates a large key space for the nodes in the network. The recent trend in research is to mainly consider homogeneous sensor networks, and to a lesser degree heterogeneous sensor networks, for key management. In this paper, we propose a novel key agreement protocol which is based on pairing-based cryptography over an elliptic curve. Using this protocol, any two nodes that need to communicate can independently compute the same secret key by using pairing and identity-based encryption properties. The proposed protocol significantly reduces the key space of a node. Additionally, the security analysis of the proposed protocol shows that it is robust against a number of attacks including wormhole attack, masquerade attacks, reply attacks, and message manipulation attacks. 相似文献
2.
Self-organizing group key agreement protocols without a centralized administrator are essential to secure group communication in dynamic peer systems. In this paper, we propose a generic construction of a one-round self-organizing group key agreement protocol based on the Chinese Remainder Theorem. In the proposed construction, all group members contribute their own public keys to negotiate a shared encryption public key, which corresponds to all different decryption keys. Using his/her own secret key, each group member is able to decrypt any ciphertext encrypted by the shared encryption key. Following the generic construction, we instantiate a one-round self-organizing group key agreement protocol using the efficient and computationally inexpensive public key cryptosystem NTRU. Both the public key and the message in this protocol are secure against the known lattice attacks. Furthermore, we also briefly describe another concrete scheme with our generic idea, based on the ElGamal public key cryptosystem. 相似文献
3.
With the continuously emerging of Internet applications based on secure group communication, the design of secure group communication becomes an important Internet design topic. Group key management is important for secure group communication. Previous work focuses on key tree, which is an important type of key graphs. In this paper, we first propose another type of key graph—key link-tree, which shows better performance than key tree in single rekeying. Considering that the adoption of key link-tree results in worse than key tree in batch rekey, we propose two transform algorithms between key tree and key link-tree, which can get better rekey performance. 相似文献
4.
With the widespread use of cluster systems and ever increasing threat to computer security, it becomes more necessary to design and build secure cluster systems. Most cluster systems rely on security products like firewalls for their security, but they cannot guarantee security of intra-cluster communications, which can be a weak spot that hackers exploit for further security attacks. A recent study by Lee and Kim (2007) [22] proposed a security framework to protect intra-cluster communications by encrypting and authenticating all packets with fine-grained security where any two communicating processes dynamically generate and share a cryptographic key, called a session key. However, the fine-grained security scheme can incur serious performance degradation in large-scale cluster systems since it may take a long time to access session keys. To solve this problem, we propose to incorporate a session key cache inside a cluster interconnect card to speed up accesses to the session keys and build an analytical cluster traffic model to estimate the behavior of the cache in large-scale cluster systems. For further performance improvement, we propose a prefetching scheme speculating job scheduler’s decision without OS interventions. Simulation results indicate that the session key cache with the prefetching scheme decreases the network latency by 50% on average, compared to the configurations without the enhancements. 相似文献
5.
Sundararaman Rajagopalan Sivaraman Rethinam Sridevi Arumugham Har Narayan Upadhyay John Bosco Balaguru Rayappan Rengarajan Amirtharajan 《Multimedia Tools and Applications》2018,77(18):23449-23482
In multimedia communication, significance of the images for data representation is noteworthy. In this context, secure transmission of images over open channel has become a challenging task. Creation of different strategies in improving the secure image transmission always has a demand. The proposed work suggests an RGB image encryption with the confluence of attractors and hardware triggered key image in which confusion and diffusion were accomplished by Lorenz, Lü and Cellular Automata attractors. The uniqueness of proposed encryption scheme is a key image generation module through cascaded Ring Oscillator circuit which creates M?×?N key image for diffusion of pixels. Facilitating the authenticated networked access to key image generation hardware enables the secure server-client architecture for a variety of secure image transfer applications. The proposed approach is a hardware – software codesign which possesses a good keyspace, improved key sensitivity and satisfies the various statistical parameters thus offering substantial resistance to differential, occlusion and chosen plaintext attacks on RGB images. 相似文献
6.
7.
Within the framework of UC (universally composable) security, a general method is presented to construct a secure channel protocol with using IND-CVA (indistinguishability of encryption scheme under ciphertext verification attacks). A channel protocol with using the method first invokes an ideal keyexchange protocol to get a session key, and then computes the messages with an authenticated encryption scheme. The paper shows that a channel protocol is UC secure if and only if the underlying authenticated enc... 相似文献
8.
Changhui Hu Tat Wing Chim S.M. Yiu Lucas C.K. Hui Victor O.K. Li 《Computer Networks》2012,56(9):2292-2303
Vehicular Ad Hoc Network (VANET) is an emerging type of network which facilitates vehicles on roads to communicate for driving safety. It requires a mechanism to help authenticate messages, identify valid vehicles, and remove malevolent vehicles which do not obey the rules. Most existing solutions either do not have an effective message verification scheme, or use the public key infrastructure (PKI). In this network, vehicles are able to broadcast messages to other vehicles and a group of known vehicles can also communicate securely among themselves. So group communication is necessary for the network. However, most existing solutions either do not consider this or use pairing operation to realize this. They are either not secure or not effective. In this paper, we provide a more comprehensive set of secure schemes with Hash-based Message Authentication Code (HMAC) in VANETs to overcome their shortcomings. Of course, we still need to use Pairing operation in some place. Our scheme is composed of three schemes: (1) Communications between Vehicles and Road-Side Units (RSUs), (2) One to One Communications within a Group, (3) One to One Communications without a Group. Based on our simulation study, we show that our schemes are effective and the delay caused is much lower. The average delay caused by our first scheme is nearly thousands of times lower than prior schemes. The average delay caused by our second scheme is 0.312 ms, while the delay caused by prior scheme is 12.3 ms. Meanwhile the average delay caused by our third scheme is 0.312 ms, and the delay caused by prior scheme is about 9 s. 相似文献
9.
《Computer Networks》2007,51(17):4727-4743
This paper proposes an efficient protocol and associate algorithm for group key management in secure multicast. This protocol is based on a hierarchy approach in which the group is logically divided into subgroups. The group key is organized using member secrets assigned to each member and server secrets assigned to each subgroup, and the inverse value of the member secrets are also used to manage the group key when a member leaves. In this case, each member in a single subgroup needs to store the inverse values of the other members in that subgroup with the exception of its own. When a member joins the group, after updating the previous group key in the server, the new key is sent to all existing group members, and the inverse value of the new member is sent to subgroup members (where there is a join), by exploiting IP multicast. Most importantly, the server just sends the inverse value of the leaving member to the subgroups when a member leaves. Then, the group key is updated by each remaining member in the subgroups by using that inverse value. Consequently, the benefits are two-fold. First, only one key needs to be generated by the server at each event. Second, not only the computational overhead is reduced but also new key information can be multicast to all members simultaneously. This paper describes the details of our novel protocol and the related algorithm. 相似文献
10.
11.
安全组播是组播技术走向实用化必须解决的问题。在组成员动态变化时,设计一个高效的密钥管理方案是安全组播研究的主要问题。该文提出了一种基于LKH模型的分层式组播密钥管理方案。该方案基于分层机制将一个组播分为几个小组,并且采用了指数函数和随机密钥,使得在组成员离开组播时,具体的密钥更新由组成员自己完成。该方案比传统方案减少了密钥更新开销量,提高密钥更新效率,并缩减了密钥存储量。 相似文献
12.
A protocol for secure key distribution using classical light is proposed. The method relies on white-light interferometric measurements by one of the communicating parties and the random choice of delays by the other party. In this way, securely shared random keys are created, thereby enabling secure data transmission. In contrast to quantum key distribution, only classical waves are used. Single photons (and the practical problems associated with them) are avoided. The security of the method cannot be proven at the moment but different attacks are described and briefly analyzed. 相似文献
13.
14.
Chen Chien-Ming Deng Xiaoting Gan Wensheng Chen Jiahui Islam S. K. Hafizul 《The Journal of supercomputing》2021,77(8):9046-9068
The Journal of Supercomputing - Since most Internet of things (IoT) devices are energy-limited, increasingly more manufacturers have chosen to develop IoT applications based on group communication.... 相似文献
15.
针对传统的基于多项式的密钥管理方案存在会话密钥计算能耗大的问题,设计了一种多项式共享分片机制,引入C-neighbor思想,提出一种路由驱动的密钥管理方案RDPB,利用多项式共享分片取代会话密钥计算过程中的整体多项式.性能分析与实验结果表明,与传统的多项式方案相比,本文提出的方案可以较大程度的减少密钥建立过程中所耗费的能量,同时具有较高的安全性. 相似文献
16.
Yang and Chang (2009) proposed a three-party authenticated key exchange protocol for securing communications in mobile-commerce environments. Their protocol reduces computation and communication costs by employing elliptic curve cryptosystems. However, Tan (2010) pointed out that Yang and Chang (2009)’s protocol cannot withstand impersonation and parallel attacks, and further proposed an enhanced protocol to resist these attacks. This paper demonstrates that Tan (2010)’s approach still suffers from impersonation attacks, and presents an efficient and secure three-party authenticated key exchange protocol to overcome shown weaknesses. 相似文献
17.
One issue which is essential for the security of calculations and communication as well as the ability to guarantee data confidentiality is intelligent threshold division of strategic information that may later be passed on to a group of authorized users for reconstruction and shared use. Enabling such division of information acquires particular significance with regard to the management of important and confidential data by various national institutions, corporations or strategic (military) units. It seems that these techniques will become increasingly more important along with the growing number of their applications. The division of confidential information is inevitably related to the cryptographic algorithms of the division of secrets. Relying on these techniques, this paper will focus on two issues. The first is the expansion of the traditional techniques for the division of secrets and the development of the so-called linguistic threshold schemes, a new concept based on the traditional algorithms of the division of information which additionally introduces the stage of linguistic conversion of shared data using specially defined formal grammar. The other is the demonstration of how linguistic threshold schemes thus developed may be used to manage secret data in a variety of selected organizational structures. 相似文献
18.
19.
20.