一种改进的基于位置的攻击容忍WSN安全方案

基于身份的公钥体制(IBE)在无线传感网(WSN)中的安全应用越来越多,尤其是基于位置ID的攻击容忍安全方案研究已被广泛关注,但对WSN而言该方案主要面临两大问题:(1)基于双线性对的IBE计算耗费过大;(2)要求节点位置固定即不支持节点位置的移动。研究提出了一种面向WSN的轻量级IBE加密方案TinyCKE,利用ECC组合密钥实现基于ID的公钥加密机制,较基于双线性对的IBE更适用于计算资源受限的传感节点;基于TinyCKE设计改进了一种基于位置的攻击容忍安全方案,通过对节点位置范围标识及其ID私钥有效时间的统一管理,支持节点在允许范围内任意移动并支持基于ECC组合密钥的高效认证,且使恶意节点对私钥的攻击限定在一个更新周期内,具有对节点位置和私钥时间的攻击容忍性。

Improved Location-based Compromise-tolerant Security Mechanisms for Wireless Sensor Networks

Identity-based encryption has been widely used for wireless sensor networks.The Research on the IBE employed location-based compromise-tolerant security mechanisms is hot.However,there are two issues for the current research on such IBE-based scheme,pairing-based computation for IBE costs so large,and location of each node is supposed to be fixed which loses the permission of node movement.In this paper,a lightweight IBE scheme named TinyCKE is firstly proposed for WSNs,which is based on ECC Combined Key Encryption and is more applicable for resource-constrained WSN nodes than that of pairing-based IBE.Using TinyCKE,an improved location-based compromise-tolerant security scheme is then proposed.It depends on the uniform management of the node location range and the private key lifetime.The proposed solution can not only support the node movements in the legitimate location ranges with lightweight ECC-based authentication supported,but also limit the possible attack of malicious node into one period of key update lifetime.It is well compromise-tolerant for both location and key validate time of nodes.