共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
3.
研究了同构网络模型的组密钥管理问题,首次给出了一个明确的、更完整的动态组密钥管理模型,并提出了一种基于多个对称多项式的动态组密钥管理方案。该方案能够为任意多于2个且不大于节点总数的节点组成的动态多播组提供密钥管理功能,解决了多播组建立、节点加入、退出等所引发的与组密钥相关的问题。该方案支持节点移动,具有可扩展性,并很好地解决了密钥更新过程中多播通信的不可靠性。组成员节点通过计算获得组密钥,只需要少量的无线通信开销,大大降低了协商组密钥的代价。分析比较认为,方案在存储、计算和通信开销方面具有很好的性能,更适用于资源受限的无线传感器网络。 相似文献
4.
Security is critical for sensor networks used in military, homeland security and other hostile environments. Previous research on sensor network security mainly considers homogeneous sensor networks. Research has shown that homogeneous ad hoc networks have poor performance and scalability. Furthermore, many security schemes designed for homogeneous sensor networks suffer from high communication overhead, computation overhead, and/or high storage requirement. Recently deployed sensor network systems are increasingly following heterogeneous designs. Key management is an essential cryptographic primitive to provide other security operations. In this paper, we present an effective key management scheme that takes advantage of the powerful high-end sensors in heterogeneous sensor networks. The performance evaluation and security analysis show that the key management scheme provides better security with low complexity and significant reduction on storage requirement, compared with existing key management schemes. 相似文献
5.
This paper presents a hierarchical key establishment scheme called HIKES. The base station in this scheme, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities authenticating, on its behalf, the cluster members and issuing private keys. HIKES uses a partial key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. HIKES provides an efficient broadcast authentication in which source authentication is achieved in a single transmission and a good defense for the routing mechanism. HIKES defends the routing mechanism against most known attacks and is robust against node compromise. HIKES also provides high addressing flexibility and network connectivity to all sensors in the network, allowing sensor addition and deletion. Simulation results have shown that HIKES provides an energy‐efficient and scalable solution to the key management problem. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
6.
Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address. To achieve better time efficiency in key establishment, we propose a Location-based Huffman (L-Huffman) scheme. First, users are separated into several small groups to minimize communication cost when they are distributed over large networks. Second, both user’s computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree. Third, the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time. Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme. 相似文献
7.
In order to resolve the collusion resistance problem in the one-way hash chain-based self-healing group key distribution schemes and improve the performance of previous self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the revocation polynomial and a special one-way hash key chain for wireless sensor networks (WSNs) in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, a new method is addressed to provide the capability of resisting the collusion attack between revoked users and new joined users, and a special one-way hash chain utilization method and some new methods to construct the personal secret, the revocation polynomial and the key updating broadcast packet are presented. Compared with existing schemes under same conditions, our proposed scheme not only supports more revoked users and sessions, but also provides a stronger security. Moreover, our proposed scheme reduces the communication overhead, and is especially suited for a large scale WSN in bad environments where a strong collusion attack resistance capability is required and many users will be revoked. 相似文献
8.
KeyRev密钥撤销方案可以在一定程度上销毁无线传感网络中的受损节点,并可以生成新一轮通信中会话密钥,已生成会话密钥的节点即可生成数据加密密钥和MAC校验密钥。但因其是采用明文广播受损节点信息。使遭受攻击的节点很容易发现自己身份暴露,从而采取欺骗、篡改等手段依然参与网络通信。对此方案予以改进优化,对广播信息隐蔽处理,更加安全有效地剔除网络中的受损节点。 相似文献
9.
利用异构无线传感器网络中普通节点和簇头节点间的差异性,基于中心可分解型按对平衡设计构造了异构的节点密钥环,设计了2种密钥预分配方案DCPBD和VDCPBD.其中,DCPBD利用了中心可分解类型PBD,将普通区组作为普通节点的密钥环,将特殊区组作为簇头节点的密钥环.VDCPBD基于DCPBD进行了扩展,将单一核密钥替换为基于另一密钥池进行SBIBD设计出的簇间密钥环,减小了DCPBD由于单个簇头节点被俘后对整个网络抗毁性的影响.由于在设计时考虑了节点的异构特性,使用确定性方法构造了异构密钥环,使得在保持密钥连通率不变的前提下获得了更低的空间复杂度.仿真实验表明,2个方案都支持大规模网络,且单跳密钥连通率随网络规模增大而趋近于1,2跳连通率恒为1.VDCPBD还具备了更强的抗节点捕获能力和更好的网络可扩展性. 相似文献
10.
Secure group communication in wireless mesh networks 总被引:1,自引:0,他引:1
Wireless mesh networks (WMNs) have emerged as a promising technology that offers low-cost community wireless services. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Security is critical for the deployment of these services. Previous work focused primarily on MAC and routing protocol security, while application-level security has received relatively little attention. In this paper we focus on providing data confidentiality for group communication in WMNs. Compared to other network environments, WMNs present new challenges and opportunities in designing such protocols. We propose a new protocol framework, Secure Group Overlay Multicast (SeGrOM), that employs decentralized group membership, promotes localized communication, and leverages the wireless broadcast nature to achieve efficient and secure group communication. We analyze the performance and discuss the security properties of our protocols. We demonstrate through simulations that our protocols provide good performance and incur a significantly smaller overhead than a baseline centralized protocol optimized for WMNs. 相似文献
11.
In this paper, we present a secure group key management scheme for hierarchical mobile ad hoc networks. Our approach aims to improve both scalability and survivability of group key management for large-scale wireless ad hoc networks. To achieve our goal, we propose the following approaches: (1) a multi-level security model, which follows a modified Bell-La Padula security model that is suitable in a hierarchical mobile ad hoc networking environment, and (2) a decentralized group key management infrastructure to achieve such a multi-level security model. Our approaches reduce the key management overhead and improve resilience to any single point failure problem. In addition, we have developed a roaming protocol that is able to provide secure group communication involving group members from different groups without requiring new keys; an advantage of this protocol is that it is able to provide continuous group communication even when the group manager fails. 相似文献
12.
Samira Mesmoudi Belkacem Benadda Amin Mesmoudi 《International Journal of Communication Systems》2019,32(7)
In the era of the Internet of Things (IoT), we are witnessing to an unprecedented data production because of the massive deployment of wireless sensor networks (WSNs). Typically, a network of several hundred sensors is created to ensure the interactions between the cyber world and the physical world. Unfortunately, the intensive use of this kind of networks has raised several security issues. Indeed, many WSN‐based applications require secure communication in order to protect collected data. This security is generally ensured by encryption of communication between sensors, which requires the establishment of many cryptographic keys. Managing these keys, within a protocol, is an important task that guarantees the effectiveness of the security mechanism. The protocol should be intelligently adaptable not only to intrusion events but also to the security level needed by some applications. An efficient protocol optimizes also sensors energy and consequently increases the network life cycle. In this paper, we propose, a smart and dynamic key management scheme for hierarchical wireless sensor networks (SKWN). Our protocol offers three subschemes to deal with key establishment, key renewal, and new node integration. Regarding existing schemes, SKWN does not only provide reliable security mechanisms, but it also optimizes energy consumption and overheads related to the communication and memory usage. Furthermore, our approach relies on a machine learning approach to monitor the state of the network and decide the appropriate security level. We provide a formal approach and its implementation, together with simulations allowing to compare resources usage with respect to existing approaches. 相似文献
13.
14.
针对基于对称密钥的密钥分配技术无法彻底解决无线传感器网络中密钥分配的安全问题,提出了一种基于公钥的密钥预分配方案,基站利用一系列原始公钥和单向散列函数产生公钥集合,并为每个节点随机分配公私钥对和公钥集合的子集。由于私钥的唯一性,采用该方案不仅能够提高网络的安全性能,而且可以改善网络的存储开销。利用随机图论的相关原理证明,该方案与传统的密钥预分配方案相比,既保证了网络的安全,又兼顾了网络和节点资源有限的实际,在连通性不变的前提下,其网络安全性和网络的扩展性大幅度提高。 相似文献
15.
利用动态累加器的证人能够证明特定累加项是否参与累加的特性,实现了组成员身份认证,提出了一种新的支持节点动态增加和撤销的组密钥管理方案DAAG。在需要建立组密钥时,所有成员节点提供自己持有的累加项,参与累加计算。DAAG方案在保证成员节点证人机密性的基础上, 通过绑定证人与组密钥更新计算,限制了非成员节点对新密钥的计算能力。安全性和性能分析表明,DAAG方案虽比FM方案消耗更多的通信代价,但能够抵抗伪造、重放和共谋等恶意攻击,提供前后向安全性。 相似文献
16.
Access control is a prime technology to prevent unauthorized access to private information, which is one of the essential issues appearing in secure group communication (SGC) of wireless sensor networks (WSNs). Many studies have made good progress on access control; however, their methods are inadequate to cope with this new issue for SGC-based WSNs since of their inflexibility, inefficiency, insecurity, or small-scale. 相似文献
17.
An improved key distribution mechanism for large-scale hierarchical wireless sensor networks 总被引:3,自引:0,他引:3
Wireless sensor networks are often deployed in hostile environments and operated on an unattended mode. In order to protect the sensitive data and the sensor readings, secret keys should be used to encrypt the exchanged messages between communicating nodes. Due to their expensive energy consumption and hardware requirements, asymmetric key based cryptographies are not suitable for resource-constrained wireless sensors. Several symmetric-key pre-distribution protocols have been investigated recently to establish secure links between sensor nodes, but most of them are not scalable due to their linearly increased communication and key storage overheads. Furthermore, existing protocols cannot provide sufficient security when the number of compromised nodes exceeds a critical value. To address these limitations, we propose an improved key distribution mechanism for large-scale wireless sensor networks. Based on a hierarchical network model and bivariate polynomial-key generation mechanism, our scheme guarantees that two communicating parties can establish a unique pairwise key between them. Compared with existing protocols, our scheme can provide sufficient security no matter how many sensors are compromised. Fixed key storage overhead, full network connectivity, and low communication overhead can also be achieved by the proposed scheme. 相似文献
18.
19.
20.
On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC 下载免费PDF全文
Anil Kumar Sutrala Ashok Kumar Das Neeraj Kumar Alavalapati Goutham Reddy Athanasios V. Vasilakos Joel J. P. C. Rodrigues 《International Journal of Communication Systems》2018,31(8)
In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme. 相似文献