共查询到19条相似文献,搜索用时 125 毫秒
1.
针对无线传感网络节点的存储空间、能量等的限制,以及动态密钥管理的无身份认证的安全问题等,提出一种类似一次一密的双密钥管理方案.该方案增加了身份认证模块,以及新节点的认证机制.同时在更新动态密钥时引入盐值,这一特性又进一步增强了无线传感器网络的抗毁性能.最后分析了方案的存储量、连通性以及安全性:在超过6 000个节点的网络环境下,该方案单个节点的密钥存储量大幅降低,仅有E-G方案的一半左右;在连通性方面,E-G方案是基于概率的,一般为0.9,而该方案的连通率为1;在安全性方面,该方案降低了密钥环的数量,未捕获节点的密钥暴露概率比E-G方案低很多. 相似文献
2.
本文提出一种基于多项式的WSN密钥管理方案.基站通过计算节点秘密信息构成的多项式来生成网络的全局密钥,节点通过全局密钥可以认证网络中的合法节点.节点用全局密钥经过对称多项式密钥交换来生成与簇头节点之间的会话密钥.该方案能够动态更新密钥,从而解决了由于节点被捕获所导致的信息泄露、密钥连通性下降和密钥更新通信开销大等问题.性能分析表明,该方案与现有的密钥预分配方案相比,具有更低的存储开销、通信开销、良好的扩展性和连通性. 相似文献
3.
4.
由于无线传感器网络(Wireless Sensor Network,WSN)节点计算能力等资源受限,如何使用较少的计算量实现节点间的认证与密钥协商以保证通信安全一直是研究的热点。针对基于对称密码的认证方案网络扩展性较差、密钥更新困难的问题,以及基于非对称密码的认证方案计算资源开销大的问题,面向WSN安全需求,提出了一种基于身份的非双线性节点认证与密钥协商方案,以椭圆曲线密码算法(Elliptic Curve Cryptography,ECC)为基础,实现了通信节点之间的双向认证、会话密钥协商、确认和更新。分析表明,方案可以满足无线传感器网络节点密钥协商过程所需的几种典型的安全属性,且在资源消耗上有所优化。 相似文献
5.
针对ZigBee节点组网时缺乏身份认证,密钥分配安全性不足的问题,该文提出一种基于身份的无双线性对运算的ZigBee节点身份认证及密钥分配方案。该方案继承了基于身份的认证方案的优点,在实现身份认证的同时完成了ZigBee密钥分配过程,具有较高的安全性和可扩展性。实验结果表明,该文方案具有存储开销小、能耗低等优势。 相似文献
6.
针对现有的基于多项式的密钥预分配管理方案受限于节点间密钥共享率和网络连通率等问题,文中提出了一种基于二次型的无线传感器密钥管理方案.该方案突破现有二元t次对称多项式建立共享密钥的思路,引入多元非对称二次型多项式,利用二次型特征值与特征向量之间的关系,分析证明二次型正交对角化的特性,生成密钥信息,节点则通过交换密钥信息实现身份认证,生成与邻居节点之间独立唯一的会话密钥.性能分析表明,与现有的密钥管理方案相比,方案在抗俘获性、连通性、可扩展性、通信开销和存储开销上有较大的改进. 相似文献
7.
8.
9.
10.
移动ad hoc网络预分配非对称密钥管理方案 总被引:1,自引:0,他引:1
为了降低移动ad hoc网络非对称密钥管理中的通信开销,基于组合公钥思想,将ElGamal方案与预分配密钥方式相结合,提出一种基于身份的预分配非对称密钥管理方案(PAKMS)。该方案通过私钥生成中心为节点预分配主密钥子集及基于时间获得节点密钥更新的方式,从方法上降低了移动ad hoc网络非对称密钥管理中的通信开销;私钥生成中心为节点预分配主密钥子集的方式也使节点在网络运行阶段不再依赖私钥生成中心为节点分配和更新密钥。由此,弱化了基于身份密钥管理中存在的私钥托管问题对网络安全的影响。与典型方案对比分析表明,该方案在提供节点密钥更新服务的情况下能够有效降低网络通信开销。此外,对方案的安全性进行了详细证明。 相似文献
11.
Group key management scheme for large-scale sensor networks 总被引:1,自引:0,他引:1
Wireless sensor networks are inherently collaborative environments in which sensor nodes self-organize and operate in groups that typically are dynamic and mission-driven. Secure communications in wireless sensor networks under this collaborative model calls for efficient group key management. However, providing key management services in wireless sensor networks is complicated by their ad-hoc nature, intermittent connectivity, large scale, and resource limitations. To address these issues, this paper proposes a new energy-efficient key management scheme for networks consisting of a large number of commodity sensor nodes that are randomly deployed. All sensor nodes in the network are anonymous and are preloaded with identical state information. The proposed scheme leverages a location-based virtual network infrastructure and is built upon a combinatorial formulation of the group key management problem. Secure and efficient group key initialization is achieved in the proposed scheme by nodes autonomously computing, without any communications, their respective initial group keys. The key server, in turn, uses a simple location-based hash function to autonomously deduce the mapping of the nodes to their group keys. The scheme enables dynamic setup and management of arbitrary secure group structures with dynamic group membership. 相似文献
12.
13.
设计安全合理的密钥管理方法是解决无线传感器网络安全性问题的核心内容。基于Exclusion Basis System (EBS)的动态密钥管理方法由于安全性高,动态性能好,节约存储资源,受到了广泛关注。但同时存在共谋问题,即对于被捕获节点通过共享各自信息实施的联合攻击抵抗性较差。针对这一问题,该文利用一种特殊形式的三元多项式(同化三元多项式)密钥取代EBS系统中的普通密钥,并在分簇式的网络拓扑结构基础上,设计了一种基于EBS的无线传感器网络动态密钥管理方法。仿真与分析结果表明,相比于采用普通密钥或是二元多项式密钥的方法,该文方法不仅可以有效地解决共谋问题,提高网络对被捕获节点的抵抗性,而且显著减低了更新密钥过程中的能量消耗。 相似文献
14.
Dynamic key management in sensor networks 总被引:11,自引:0,他引:11
Numerous key management schemes have been proposed for sensor networks. The objective of key management is to dynamically establish and maintain secure channels among communicating nodes. Desired features of key management in sensor networks include energy awareness, localized impact of attacks, and scaling to a large number of nodes. A primary challenge is managing the trade-off between providing acceptable levels of security and conserving scarce resources, in particular energy, needed for network operations. Many schemes, referred to as static schemes, have adopted the principle of key predistribution with the underlying assumption of a relatively static short-lived network (node replenishments are rare, and keys outlive the network). An emerging class of schemes, dynamic key management schemes, assumes long-lived networks with more frequent addition of new nodes, thus requiring network rekeying for sustained security and survivability. In this article we present a classification of key management schemes in sensor networks delineating their similarities and differences. We also describe a novel dynamic key management scheme, localized combinatorial keying (LOCK), and compare its security and performance with a representative static key management scheme. Finally, we outline future research directions. 相似文献
15.
密钥管理作为传感器网络安全中最为基本的环节,在认证和加密过程中起着重要作用。针对无线传感器网络(Wireless Sensor Network,WSN)的通信密钥易被破解的缺点以及为建立安全信道而增加密钥会造成网络的连通率低的问题,提出了一种改进的无线传感器网络密钥管理方案,通过定位算法得到网络中的坐标,利用所得到的位置信息对所存储的密钥空间进行优化,可以增大2个邻居节点拥有相同密钥空间的概率。实验结果表明:该方法占用较小密钥存储空间,能明显改善网络连通性和网络的安全性等性能,提高安全性。 相似文献
16.
Pei Qingqi Li Hongning Pang Liaojun Hao Yin Hong Tang Key Lab of Computer Networks Information Security of Ministry of Education Xidian University Xi’an China Institute of China Electronic System Engineering Corporation Beijing China 《中国通信》2010,7(1):73-79
Wireless sensor networks are open architectures, so any potential threat can easily intercept, wiretap and counterfeit the information. Therefore, the safety of WSN is very important. Since any single key system cannot guarantee the security of the wireless sensor network for communications, this paper introduces a hierarchical key management scheme based on the different abilities of different sensor nodes in the clustered wireless sensor network. In this scheme, the nodes are distributed into several clusters, and a cluster head must be elected for each cluster. Private communication between cluster heads is realized through the encryption system based on the identity of each head while private communication between cluster nodes in a same cluster head is achieved through the random key preliminary distribution system. Considering the characteristics of WSN, we adopt dynamic means called dynamic cluster key management scheme to deal with master key, so master key will be updated according to the changed dynamic network topology. For cluster head node plays a pivotal role in this scheme, a trust manage-ment system should be introduced into the election of the cluster head which will exclude the malicious node from outside the cluster, thus improve the whole network security. 相似文献
17.
MUQAMI+: a scalable and locally distributed key management scheme for clustered sensor networks 总被引:1,自引:0,他引:1
Muhammad Khaliq-ur-Rahman Raazi Syed Heejo Lee Sungyoung Lee Young-Koo Lee 《电信纪事》2010,65(1-2):101-116
Wireless sensor networks (WSN) are susceptible to node capture and many network levels attacks. In order to provide protection against such threats, WSNs require lightweight and scalable key management schemes because the nodes are resource-constrained and high in number. Also, the effect of node compromise should be minimized and node capture should not hamper the normal working of a network. In this paper, we present an exclusion basis system-based key management scheme called MUQAMI+ for large-scale clustered sensor networks. We have distributed the responsibility of key management to multiple nodes within clusters, avoiding single points of failure and getting rid of costly inter-cluster communication. Our scheme is scalable and highly efficient in terms of re-keying and compromised node revocation. 相似文献
18.
Farooq Anjum 《Wireless Networks》2010,16(6):1587-1600
In this paper we propose an approach for key management in sensor networks which takes the location of sensor nodes into consideration
while deciding the keys to be deployed on each node. As a result, this approach not only reduces the number of keys that have
to be stored on each sensor node but also provides for the containment of node compromise. Thus compromise of a node in a
location affects the communications only around that location. This approach which we call as location dependent key management
does not require any knowledge about the deployment of sensor nodes. The proposed scheme starts off with loading a single
key on each sensor node prior to deployment. The actual keys are then derived from this single key once the sensor nodes are
deployed. The proposed scheme allows for additions of sensor nodes to the network at any point in time. We study the proposed
scheme using both analysis and simulations and point out the advantages. 相似文献
19.
We propose in this paper a self-organized monitoring architecture for mobile ad-hoc networks based on a selective scheme where
subsets of nodes are managed. These nodes are determined based on their network behavior in order to favor subsets of well-connected
nodes. The key idea is to relax the requirements of the management plane, and to use these manageable subsets to monitor the
performance of the overall network. We therefore propose a new performance metric to be monitored, in order to estimate the
capability of ad-hoc nodes to communicate end-to-end in the network. Extensive simulations show how different parameters affect
this metric. 相似文献