共查询到20条相似文献,搜索用时 125 毫秒
1.
2.
针对一些节点计算能力、通信带宽等资源受限的分布式自组网,文中介绍了几种常见的认证思想,并分析了它们的优缺点及适用性。通过采用自更新哈希链和对称密钥技术,提出一种改进的基于自更新哈希链的双向认证密钥协商方案。分析表明,该方案不仅具有较高的安全性能,而且避免了传统非对称算法的复杂运算,只进行简单的哈希哈数和对称密钥算法,大大减少了节点的计算和通信开销,在一定程度上满足资源受限网络的认证需求。 相似文献
3.
4.
5.
容迟网络是一种新型无线网络技术,近年来与命名数据网络有着融合发展的趋势。这里以发布/订阅多播协议为原型,构造了容迟网络环境下的命名数据网络环境,探讨了该环境下的安全和隐私问题。并进一步提出了基于群签名的数据包隐私保护验证方案,以及基于哈希链的防篡改TTL网络拥塞控制方案,来抵抗泛洪攻击等恶意行为。仿真实验表明基于TTL的网络拥塞控制安全方案可以有效地控制网络中的泛洪攻击等恶意行为,而哈希链方案可以有效防止用篡改TTL的方式来变相阻塞网络。 相似文献
6.
无线传感器网络中自治愈的群组密钥管理方案 总被引:3,自引:1,他引:2
群组密钥管理的自治愈机制是保证无线传感器网络在不可靠信道上进行安全群组通信的重要 手段.基于采用双方向密钥链的群组密钥分发与撤销方法,提出了一个无线传感器网络中具有撤销能力的自治愈群组密钥管理方案.该方案实现了群组密钥的自治愈功能和节点撤销能力, 能够满足在较高丢包率的无线通信环境下传感器网络群组密钥管理的安全需求,确保了群组密钥保密性、前向保密性和后向保密性等安全属性.性能分析表明,该方案具有较小的计算和通信开销,能够适用于无线传感器网络. 相似文献
7.
为了实现车载自组织网络中车辆节点之间信息传输的安全认证,该文设计了一种无证书聚合签名方案。提出的方案采用无证书密码体制,消除了复杂的证书维护成本,同时也解决了密钥托管问题。通过路侧单元生成的假名与周围节点进行通信,实现了车辆用户的条件隐私保护。在随机预言模型下,证明了方案满足自适应选择消息攻击下的存在性不可伪造。然后,分析了方案的实现效率,并模拟实现了车载自组网(VANET)环境中车流密度与消息验证的时间延迟之间的关系。结果表明,该方案满足消息的认证性、匿名性、不可伪造性和可追踪性等性质,并且通信效率高、消息验证的时延短,更适合于动态的车载自组织网络环境。 相似文献
8.
由于ADHOC网络是一种特殊的无线网络,其路由安全性显得尤为重要。文中深入研究了ADHOC网络中安全路由协议sead,对其中的哈希链保护机制进行了深入的分析,包括哈希链中链值的传播,哈希链值在节点间的验证机制。在对sead协议哈希链机制深入分析的基础上,发现其重新生成新链后所带来的哈希链过长以及其链值利用率低的问题,并提出了一个解决方案,节省了资源空间,提高了资源利用率。 相似文献
9.
随机密钥预分配是无线Ad hoc网络中最有效的密钥管理机制。提出了一个适用于Ad hoc网络的基于哈希函数的对偶密钥预分配方案。方案利用哈希函数的单向性,由哈希链形成密钥池,节点仅需预分发数量较少的密钥,就能与邻近节点有效建立对偶密钥。方案具有较低的存储成本与计算开销,同时能达到完全连通性,并能动态管理节点与密钥。分析表明,方案具有较好的有效性和安全性,更适合Ad hoc网络。 相似文献
10.
11.
Self-healing group-wise key distribution schemes with time-limited node revocation for wireless sensor networks 总被引:1,自引:0,他引:1
In this article two novel group-wise key distribution schemes with time-limited node revocation are introduced for secure group communications in wireless sensor networks. The proposed key distribution schemes are based on two different hash chain structures, dual directional hash chain and hash binary tree. Their salient security properties include self-healing rekeying message distribution, which features a periodic one-way rekeying function with efficient tolerance for lost rekeying messages; and time-limited dynamic node attachment and detachment. Security evaluation shows that the proposed key distribution schemes generally satisfy the requirement of group communications in WSNs with lightweight communication and computation overhead, and are robust under poor communication channel quality. 相似文献
12.
Yuh‐Min Tseng 《International Journal of Network Management》2007,17(1):3-15
A mobile ad hoc network does not require fixed infrastructure to construct connections among nodes. Due to the particular characteristics of mobile ad hoc networks, most existing secure protocols in wired networks do not meet the security requirements for mobile ad hoc networks. Most secure protocols in mobile ad hoc networks, such as secure routing, key agreement and secure group communication protocols, assume that all nodes must have pre‐shared a secret, or pre‐obtained public‐key certificates before joining the network. However, this assumption has a practical weakness for some emergency applications, because some nodes without pre‐obtained certificates will be unable to join the network. In this paper, a heterogeneous‐network aided public‐key management scheme for mobile ad hoc networks is proposed to remedy this weakness. Several heterogeneous networks (such as satellite, unmanned aerial vehicle, or cellular networks) provide wider service areas and ubiquitous connectivity. We adopt these wide‐covered heterogeneous networks to design a secure certificate distribution scheme that allows a mobile node without a pre‐obtained certificate to instantly get a certificate using the communication channel constructed by these wide‐covered heterogeneous networks. Therefore, this scheme enhances the security infrastructure of public key management for mobile ad hoc networks. Copyright © 2006 John Wiley & Sons, Ltd. 相似文献
13.
Secure sensor networks has received much attention in the last few years. A sensor network always
works unattended possibly in a hostile environment such as a battlefield. In such environments, sensor networks are subject to node capture. Constrained energy,memory, and computational capabilities of sensor nodes mandate a clever design of security solutions to minimize overhead while maintaining secure communication over the lifespan of the network. In this paper, an authenticated dynamic key management scheme, ADKM has been proposed. It provides efficient, scalable, and survivable dynamic keying in a clustered sensor network with a large number of sensor nodes. ADKM employs a combinatorial exclusion basis system (EBS) for efficiency and one-way hash chains for authentication. Analysis of security and performance demonstrate that ADKM is efficient in security of sensor networks. 相似文献
14.
15.
In order to resolve the collusion resistance problem in the one-way hash chain-based self-healing group key distribution schemes and improve the performance of previous self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the revocation polynomial and a special one-way hash key chain for wireless sensor networks (WSNs) in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, a new method is addressed to provide the capability of resisting the collusion attack between revoked users and new joined users, and a special one-way hash chain utilization method and some new methods to construct the personal secret, the revocation polynomial and the key updating broadcast packet are presented. Compared with existing schemes under same conditions, our proposed scheme not only supports more revoked users and sessions, but also provides a stronger security. Moreover, our proposed scheme reduces the communication overhead, and is especially suited for a large scale WSN in bad environments where a strong collusion attack resistance capability is required and many users will be revoked. 相似文献
16.
该文提出了一个新的适用于大型动态组播群组的密钥管理方案,在分级结构中采用Hash链作 为数据传递密钥来实现层与层之间的数据传递,在子组内利用数字信封来实现密钥管理。此方案具有良好的计算、存储性能及动态安全性,为进一步研究提供了一个有价值的参考。 相似文献
17.
在移动社交网络中分享用户特征属性配置文件能够迅速找到与用户特征属性相同的朋友。然而,配置文件通常包含用户的敏感隐私信息,如果被恶意攻击者截获将有可能造成不可预计的后果。该文提出一种基于用户伪身份匿名与哈希值比对认证的双重握手机制的隐私保护方案,结合身份权限认证、单向哈希散列函数、密钥协商等技术保证恶意攻击者无法通过身份欺骗、伪造特征属性、窃听安全信道等方式获取用户配置文件的真实内容,从而保证用户的个人隐私不被泄漏。依靠可信第三方服务器强大的计算和抗攻击能力, 减轻智能用户终端计算负担和安全风险。安全分析和实验分析表明,该方案更具有隐私性、消息不可抵赖性和可验证性,比传统的解决方案更有效。 相似文献
18.
Melisa Hajyvahabzadeh Elina Eidkhani Seyedeh Anahita Mortazavi Alireza Nemaney?Pour 《Telecommunication Systems》2012,51(2-3):115-123
This paper presents a new group key management protocol, CKC (Code for Key Calculation) for secure IP multicast. In this protocol which is based on logical key hierarchy, only the group key needs to be sent to new member at join. Then, using the group key current members and the new member calculate the necessary keys by node codes and one-way hash function. A?node code is a random number assigned to each node to help users calculate necessary keys. Again, at leave server just sends the new group key to the remaining members. By this key, members calculate necessary keys using node codes and one-way hash function. The security of the keys is based on one-wayness of hash function. The results show that CKC reduces computational and communication overhead, and message size largely at join without increasing them at leave. 相似文献
19.