基于门限机制的密钥管理方案能提供高的安全性,但认证成功率较低,可扩展性差;基于证书链的密钥管理方案适合自组网的特点,但其安全性仅取决于证书链中节点的信任度,不能满足高安全要求的应用环境。该文提出了门限机制和证书链信任值方法相结合的混合式密钥管理和认证方案,在增加少量通信量的情况下,方案提高了自组网的认证成功率和系统的安全性,较好地平衡了自组网的安全性和认证成功率,满足自组网应用的安全要求。
关 键 词 自组网; 证书链; 密钥管理; 门限机制
A New Hybrid Key Management Scheme for Ad hoc Networks
WANG Hao1,XIE Ying1,ZHENG Wu2
(1. College of Automation, Chongqing University of Posts and Telecommunications Nan′an Chongqing 400065; 2. School of Computer Science and Engineering, University of Electronic Science and Technology of China Chengdu 610054)
Abstract Key management schemes based on threshold mechanism can provide high security, but lower certificate success rate and bad scalability; key management schemes based on certification chain satisfy self-organized features, but their security depends on trust degree of nodes and could not be applied high security environment. We advance hybrid key management scheme based on threshold mechanism and certification chain. Simulation shows that with less increment of communication overhead, our scheme can improve both certificate success rate and system security and better balances security and availability, and satisfies security needs of Ad hoc networks.
Key words Ad hoc; certification chain; key management; threshold mechanism
无线移动自组网是一种节点可任意移动、拓扑结构高度动态变化、没有预设网络基础设施的多跳无线网络。这种无线网络具有可临时组网、快速展开、无控制中心、抗毁灭等特点,在军事通信和民用系统中有着广泛的应用。然而,由于自组网的无线链路、动态拓扑、缺乏集中管理和资源受限等特点,其本身就是很脆弱的,容易遭受多种攻击,而且传统的安全机制不再适合于它,极大地阻碍了自组网的应用,特别是在关系到国防安全的军事领域。自组网的密钥管理和认证是自组网安全研究的核心问题之一,也是自组网安全研究中最困难的问题之一,是研究自组网安全通信和安全路由的基础[1]。
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉
全部0条评论
快来发表一下你的评论吧 !