共查询到19条相似文献,搜索用时 156 毫秒
1.
随机密钥预分配是无线Ad hoc网络中最有效的密钥管理机制。提出了一个适用于Ad hoc网络的基于哈希函数的对偶密钥预分配方案。方案利用哈希函数的单向性,由哈希链形成密钥池,节点仅需预分发数量较少的密钥,就能与邻近节点有效建立对偶密钥。方案具有较低的存储成本与计算开销,同时能达到完全连通性,并能动态管理节点与密钥。分析表明,方案具有较好的有效性和安全性,更适合Ad hoc网络。 相似文献
2.
利用异构无线传感器网络中普通节点和簇头节点间的差异性,基于中心可分解型按对平衡设计构造了异构的节点密钥环,设计了2种密钥预分配方案DCPBD和VDCPBD.其中,DCPBD利用了中心可分解类型PBD,将普通区组作为普通节点的密钥环,将特殊区组作为簇头节点的密钥环.VDCPBD基于DCPBD进行了扩展,将单一核密钥替换为基于另一密钥池进行SBIBD设计出的簇间密钥环,减小了DCPBD由于单个簇头节点被俘后对整个网络抗毁性的影响.由于在设计时考虑了节点的异构特性,使用确定性方法构造了异构密钥环,使得在保持密钥连通率不变的前提下获得了更低的空间复杂度.仿真实验表明,2个方案都支持大规模网络,且单跳密钥连通率随网络规模增大而趋近于1,2跳连通率恒为1.VDCPBD还具备了更强的抗节点捕获能力和更好的网络可扩展性. 相似文献
3.
4.
5.
6.
7.
无线传感器网络容易受到节点欺骗和虚假信息的影响造成所采集信息的安全问题,正常节点可能被占领而变为恶意节点,从而给网络带来不利影响。研究并提出了面向传感器网络的节点安全成簇机制,采用基本的随机密钥预分配模型和有效的密钥管理技术实现网络在成簇阶段进行恶意节点的识别和剔除;同时,增加节点和簇头的安全认证以及重新分簇方法增强节点的安全性。仿真结果表明该成簇机制能够准确捕捉、剔除恶意节点,并能显著降低网络中的广播能耗,对延长网络寿命将起到积极作用。 相似文献
8.
鲁娟 《信息安全与通信保密》2012,(9):88-90
针对现有的无线传感器网络密钥预分发方案密钥易泄露,不可追溯泄密传感器节点等产生的信息泄露问题,新方案改进了已有的基于多项式密钥预分发方案,将节点位置信息和身份信息引入传输信息的路径中,并经过密钥更新及管理说明,连通性和安全性分析。证明新方案提高了已有方案的抗捕获性,易于基站即时发现捕获节点,即时进行调整和明确所接收到的信息的来源。易于用在军事领域及不安全环境中进行信息监测及传输。 相似文献
9.
本文提出一种基于多项式的WSN密钥管理方案.基站通过计算节点秘密信息构成的多项式来生成网络的全局密钥,节点通过全局密钥可以认证网络中的合法节点.节点用全局密钥经过对称多项式密钥交换来生成与簇头节点之间的会话密钥.该方案能够动态更新密钥,从而解决了由于节点被捕获所导致的信息泄露、密钥连通性下降和密钥更新通信开销大等问题.性能分析表明,该方案与现有的密钥预分配方案相比,具有更低的存储开销、通信开销、良好的扩展性和连通性. 相似文献
10.
11.
To achieve secure communication in wireless sensor networks (WSNs), where sensor nodes with limited computation capability are randomly scattered over a hostile territory, various key pre-distribution schemes (KPSs) have been proposed. In this paper, a new KPS is proposed based on symplectic geometry over finite fields. A fixed dimensional subspace in a symplectic space represents a node, all 1-dimensional subspaces represent keys and every pair of nodes has shared keys. But this naive mapping does not guarantee a good network resiliency. Therefore, it is proposed an enhanced KPS where two nodes have to compute a pairwise key, only if they share at least q common keys. This approach enhances the resilience against nodes capture attacks. Compared with the existence of solution, the results show that new approach enhances the network scalability considerably, and achieves good connectivity and good overall performance. 相似文献
12.
《Mobile Computing, IEEE Transactions on》2008,7(7):858-868
Key pre-distribution has been claimed to be the only viable approach for establishing shared keys between neighboring sensors after deployment for a typical sensor network. However, none of the proposed key pre-distribution schemes simultaneously achieves good performance in terms of scalability in network size, key-sharing probability between neighboring sensors, memory overhead for keying information storage, and resilience against node capture attacks. In this paper, we propose SBK, an in-situ self-configuring framework to bootstrap keys in large-scale sensor networks. SBK is fundamentally different compared to all key pre-distribution schemes. It requires no keying information pre-deployment. In SBK, sensors differentiate their roles as either service nodes or worker nodes after deployment. Service sensors construct key spaces, and distribute keying information in order for worker sensors to bootstrap pairwise keys. An improved scheme, iSBK, is also proposed to speed up the bootstrapping procedure. We conduct both theoretical analysis and simulation study to evaluate the performances of SBK and iSBK. To the best of our knowledge, SBK and iSBK are the only key establishment protocols that simultaneously achieve good performance in scalability, key-sharing probability, storage overhead, and resilience against node capture attacks. 相似文献
13.
基于EBS (Exclusion Basis Systems)的密钥管理协议,以安全性高、动态性和扩展性好,较适用于异构传感器网络,但却存在共谋问题。该文提出了一种基于MST (Minimum Spanning Tree)的密钥共谋问题优化方案。该方案利用Prim算法对由簇内感知节点所构成的无向连通图进行最小生成树求解,并对该树进行遍历,根据所得节点遍历顺序进行密钥的指派与分配,使得相邻节点间所含的密钥重叠程度增大,发生共谋的可能性得到降低。实验结果表明:同比于密钥随机分配方案与SHELL方案,所提方案有效提高了网络的抗捕获能力。 相似文献
14.
Saber Banihashemian Abbas Ghaemi Bafghi Mohammad Hossien Yaghmaee Moghaddam 《Wireless Personal Communications》2011,60(3):463-474
Today, key management is widely recognized as an important aspect of security in wireless sensor networks. In these networks,
sensor nodes can be either mobile or static. Therefore, supporting the mobility of the nodes can be regarded as a purpose
of key management schemes. In our previous work, we presented a key management scheme that was more efficient with respect
to security and connectivity compared to the other ones. In that scheme, it is assumed that the nodes are static. In this
paper we are going to present a scheme that supports the mobility of the nodes and makes the initial scheme more flexible.
The basic criterion for the evaluation of the scheme is the communication overhead. First, the nodes establish a secure link
with the cluster heads and then establish a secure link among themselves with the help of the cluster heads. We have analyzed
this scheme with regards to the communication overhead and we will compare it with the other schemes. 相似文献
15.
An ID-based broadcast encryption scheme for key distribution 总被引:3,自引:0,他引:3
A broadcast encryption scheme enables a center to distribute keys and/or broadcast a message in a secure way over an insecure channel to an arbitrary subset of privileged recipients. In this paper, an ID-based broadcast encryption scheme is proposed, by which a center can distribute keys over a network, so that each member of a privileged subset of users can compute a specified key. Then a conventional private-key cryptosystem, such as DES, can be used to encrypt the subsequent broadcast with the distributed key. Because a key distribution can be done in an encrypted broadcast without any key pre-distribution, re-keying protocols for group membership operations can be simplified, a center can use the ID-based broadcast encryption scheme again to distribute a new and random session key. The ID-based broadcast encryption scheme from bilinear pairings is based on a variant of the Boneh-Franklin identity based encryption scheme. 相似文献
16.
Wireless sensor networks as the key infrastructure of the new networking paradigm are vulnerable against different kinds of attacks. Therefore, ensuring a secure communication between the sensor nodes is important. One of the most critical issues in this regard is the key distribution mechanism. Due to the random deployment of the sensors in the target area, key pre-distribution is a promising approach, in which a list of keys, so-called key-ring, is pre-distributed to each sensor node before deployment. To establish a secure communication, two nodes must share a common key from their key-rings. In this paper, we consider a hybrid key pre-distribution approach based on the symmetric design. We propose a new scheme, which is a modification of the hybrid symmetric design in order to improve the connectivity and resilience. Considering the trade-off between resilience and connectivity, we introduce a new parameter based on the application requirement. The experimental results and analytical analysis approve the efficiency of our proposed approach and introduced parameter. 相似文献
17.
This article presents a novel hybrid key pre-distribution scheme based on combinatorial design keys and pair-wise keys. For the presented scheme, the deployment zone is cleft into equal-sized cells. We use the combinatorial design based keys to secure intra-cell communication, which helps to maintain low key storage overhead in the network. For inter-cell communication, each cell maintain multiple associations with all the other cells within communication range and these associations are secured with pair-wise keys. This helps to ensure high resiliency against compromised sensor nodes in the network. We provide in-depth analysis for the presented scheme. We measure the resiliency of the presented scheme by calculating fraction of links effected and fraction of nodes disconnected when adversary compromises some sensor nodes in the network. We find that the presented scheme has high resiliency than majority of existing schemes. Our presented scheme also has low storage overhead than existing schemes.
相似文献18.
Energy efficiency is a critical issue in wireless sensor networks(WSNs).In order to minimize energy consumption and balance energy dissipation throughout the whole network,a systematic energy-balanced cooperative transmission scheme in WSNs is proposed in this paper.This scheme studies energy efficiency in systematic view.For three main steps,namely nodes clustering,data aggregation and cooperative transmission,corresponding measures are put forward to save energy.These measures are well designed and tightly coupled to achieve optimal performance.A half-controlled dynamic clustering method is proposed to avoid concentrated distribution of cluster heads caused by selecting cluster heads randomly and to get high spatial correlation between cluster nodes.Based on clusters built,data aggregation,with the adoption of dynamic data compression,is performed by cluster heads to get better use of data correlation.Cooperative multiple input multiple output(CMIMO) with an energy-balanced cooperative cluster heads selection method is proposed to transmit data to sink node.System model of this scheme is also given in this paper.And simulation results show that,compared with other traditional schemes,the proposed scheme can efficiently distribute the energy dissipation evenly throughout the network and achieve higher energy efficiency,which leads to longer network lifetime span.By adopting orthogonal space time block code(STBC),the optimal number of the cooperative transmission nodes varying with the percentage of cluster heads is also concluded,which can help to improve energy efficiency by choosing the optimal number of cooperative nodes and making the most use of CMIMO. 相似文献
19.
In order to provide security services in wireless sensor networks, a well-known task is to provide cryptographic keys to sensor nodes prior to deployment. It is difficult to assign secret keys for all pairs of sensor node when the number of nodes is large due to the large numbers of keys required and limited memory resources of sensor nodes. One possible solution is to randomly assign a few keys to sensor nodes and have nodes be able to connect to each other with some probability. This scheme has limitations in terms of the tradeoffs between connectivity and memory requirements. Recently, sensor deployment knowledge has been used to improve the level of connectivity while using lesser amounts of memory space. However, deployment based key predistribution schemes may cause a large number of nodes to be cryptographically isolated if nodes move after key pre-distribution. Mobility may be necessitated for reasons depending on applications or scenarios. In this paper, we consider mobility due to spatial retreat of nodes under jamming attacks as an example. Jamming attacks are easy and efficient means for disruption of the connectivity of sensors and thus the operation of a sensor network. One solution for mobile sensor nodes to overcome the impact of jamming is to perform spatial retreats by moving nodes away from jammed regions. Moved nodes may not be able to reconnect to the network because they do not have any shared secret with new neighbors at new locations if strict deployment knowledge based key predistribution is employed. In this paper, we propose a hybrid key predistribution scheme that supports spatial retreat strategies to cope with jamming attacks. Our scheme combines the properties of random and deployment knowledge based key predistribution schemes. In the presence of jamming attacks, our scheme provides high key connectivity (similar to deployment knowledge based schemes) while reducing the number of isolated nodes. We evaluate the performance of our scheme through simulations and analysis. 相似文献