共查询到19条相似文献,搜索用时 109 毫秒
1.
adhoc网络作为一种无线移动网络正成为网络研究中的热点之一。针对移动adhoc网络的特性和对目前已有的移动adhoe网络密钥管理方案的分析,提出了一种基于信任图和门限密码技术的全分布、自组织的移动adhoc网络密钥管理新方案。该方案允许节点发布公钥证书并且通过证书链实施认证,有效地解决了网络节点之间的信任,同时又阻止恶意节点发布错误公钥证书欺骗认证服务。该方案具有较高的可靠性、扩展性和安全性,适用于大规模移动ad hoc网络。 相似文献
2.
无证书公钥密码体制克服了基于身份公钥密码体制中的密钥托管问题,没有传统公钥密码体制中证书管理带来的额外开销。但传统认证服务中强依赖于专门认证服务器和可信第三方的认证模式,认证运行成本高,针对集中认证处理能力低、需要低运行成本的WSN网络节点,不能运用传统认证的缺陷,提出一种基于无证书密码的WSN认证,该认证把网络节点的认证交给可信邻接点组成的认证集去完成。结果分析和仿真实验表明该认证方案对伪造、重放、冒充和俘获网络节点等攻击具有安全性。 相似文献
3.
4.
5.
结合无证书签密协议,提出一种分级移动Adhoc网络密钥管理方案。该方案不需要公钥证书,用户自己生成公钥,有效地降低了用户终端计算、存储能力的需求和系统密钥管理的通信开销;同时密钥生成中心为用户生成部分私钥,解决了基于身份密码体制中的密钥托管问题;分级的结构将网上节点分成一些相对独立的自治域,既提高了安全服务的可用性和可扩充性,也便于对某些紧急情况快速做出反应。 相似文献
6.
接入认证是层次型移动IPv6(HMIPv6)网络安全的基本需求.构建了适于HMIPv6的分层认证框架,设计了一种节点证书与身份相结合的签名方案,并以此为基础提出了HMIPv6网络双向接入认证机制.该机制利用基于身份密码技术简化了公钥基础设施的复杂密钥管理过程;以节点证书为接入认证的主要依据,消除了接入网络与家乡网络间的消息交互;采用提出的层次化签名方案,实现了用户与接入网络的双向认证.机制经过简单扩展,能够支持多层HMIPv6网络的接入认证.性能与安全性分析表明,与传统的及其他基于身份的认证方案比较,所提出的机制拥有更高的认证效率和安全性. 相似文献
7.
一种新型MANET自组织密钥管理方案 总被引:1,自引:0,他引:1
基于信任网模型设计的密钥管理方案不需要任何特殊的控制机构或可信机构,较适应MANET的需求。已有成果中,节点需要维护证书库,通过在合并的证书库中搜索证书链完成认证。这种方法在较大规模的网络中效率较低,并有严重的安全问题。本文提出了一种新的自组织公钥管理方案HPWKM,它使用全新的设计思想:对大规模MANET划分安全域,设计域内证书预签发机制和确定性证书链路径算法,提高方案扩展能力和认证成功率。HPWKM继承信任网模型的自组织特点,不需要节点维护证书库,相比其它同类方案,具有更低的运行开销和更高的安全性。 相似文献
8.
基于CPK的高效移动Ad Hoc网络密钥管理方案 总被引:1,自引:0,他引:1
移动Ad Hoc网络具有的动态网络拓扑、无线链路的弱安全性、节点的有限物理保护和无中心基础结构等特性,使得它面临严重的安全问题。因此鲁棒的密钥管理服务是移动Ad Hoc网络的安全基础。提出了一个基于椭圆曲线组合公钥方案和门限密码系统的移动Ad Hoc网络密钥管理方案。本方案的主要创新点是提出了三层密钥管理模型,并基于此模型,提出了节点密钥生成、密钥份额分发、节点密钥更新、密钥份额更新和密钥撤销的具体实现。三层密钥管理模型实现较高的安全性和较低的密钥管理开销。与基于证书的和基于身份的密钥管理方案相比,本方案在安全性和效率方面更加适用于移动Ad Hoc网络。 相似文献
9.
10.
基于NTRU公钥密码体制的无线局域网安全方案* 总被引:2,自引:1,他引:1
从身份认证、数据机密性和密钥管理等方面分析了无线局域网IEEE 802.11协议的安全机制,证明该协议存在着严重的安全漏洞,容易受到多种密码攻击。针对以上问题提出了一种新的基于NTRU公钥密码体制的无线局域网安全解决方案,该方案采用基于NTRU的公钥证书机制进行密钥管理、双向身份认证和会话密钥协商,采用AES分组加密算法进行通信数据加密。由于NTRU的高效性及公钥证书机制在密钥管理方面的灵活方便性,使得该方案能在传输带宽、终端处理器和存储器资源都十分有限的无线局域网中提供与有线网络等同的安全级别,而且高效 相似文献
11.
In IEEE INFOCOM 2004, Chan proposed a distributed key management scheme for mobile ad hoc networks, and deduced the condition under which the key sets distributed to the network nodes can form a cover-free family (CFF), which is the precondition that the scheme can work. In this paper, we indicate that the condition is falsely deduced. Furthermore, we discuss whether CFF is capable for key distributions in ad hoc networks. 相似文献
12.
Ad hoc networks are self-configurable networks with dynamic topologies. All involved nodes in the network share the responsibility for routing, access, and communications. The mobile ad hoc network can be considered as a short-lived collection of mobile nodes communicating with each other. Such networks are more vulnerable to security threats than traditional wireless networks because of the absence of the fixed infrastructure. For providing secure communications in such networks, lots of mechanisms have been proposed since the early 1990s, which also have to deal with the limitations of the mobile ad hoc networks, including high power saving and low bandwidth. Besides, public key infrastructure (PKI) is a well-known method for providing confidential communications in mobile ad hoc networks. In 2004, Varadharajan et al. proposed a secure communication scheme for cluster-based ad hoc networks based on PKI. Since the computation overheads of the PKI cryptosystem are heavy for each involved communicating node in the cluster, we propose an ID-based version for providing secure communications in ad hoc networks. Without adopting PKI cryptosystems, computation overheads of involved nodes in our scheme can be reduced by 25% at least. 相似文献
13.
《Journal of Network and Computer Applications》2007,30(3):937-954
In mobile ad hoc networks, due to unreliable wireless media, host mobility and lack of infrastructure, providing secure communications is a big challenge. Usually, cryptographic techniques are used for secure communications in wired and wireless networks. Symmetric and asymmetric cryptography have their advantages and disadvantages. In fact, any cryptographic means is ineffective if its key management is weak. Key management is also a central aspect for security in mobile ad hoc networks. In mobile ad hoc networks, the computational load and complexity for key management are strongly subject to restriction by the node's available resources and the dynamic nature of network topology. We propose a secure and efficient key management (SEKM) framework for mobile ad hoc networks. SEKM builds a public key infrastructure (PKI) by applying a secret sharing scheme and using an underlying multi-cast server groups. We give detailed information on the formation and maintenance of the server groups. In SEKM, each server group creates a view of the certificate authority (CA) and provides certificate update service for all nodes, including the servers themselves. A ticket scheme is introduced for efficient certificate service. In addition, an efficient server group updating scheme is proposed. The performance of SEKM is evaluated through simulation. 相似文献
14.
移动Ad Hoc网络是一种无中心自组织的多跳无线网络,有效的密钥管理是网络安全的关键。因此,本文提出了一个能够快速响应的密钥管理框架。这个框架通过应用可验证的秘密共享方案来建立PKI,并通过引入路由机制构造了一个快速响应的服务器组。服务器组可以对组内结点的私钥分量更新和所有结点的证书更新提供快速响应。为了验证框架的
的性能,本文通过仿真给出了实验结果。 相似文献
的性能,本文通过仿真给出了实验结果。 相似文献
15.
《Computer Standards & Interfaces》2014,36(3):577-584
A mobile ad hoc network (MANET) is a special type of wireless network in which a collection of mobile nodes with wireless network interfaces may form a temporary network, without the aids of any fixed infrastructure. Security has become a hot research topic in mobile ad hoc networks. In 1998, Volker and Mehrdad proposed a tree-based key management and access control scheme for the mobile agents to manage rights to access its own resources for the visited mobile nodes. Latter, Huang et al. showed that Volker and Mehrdad's scheme needs a large amount of storage and costs for managing and storing secret keys. Huang et al. further proposed a new and efficient scheme based on the elliptic curve cryptosystems to reduce costs and gain better efficiency. However, there is a security leak inherent in Huang et al.'s scheme that the malicious node can overstep his authority to access unauthorized information. This paper will propose a secure, robust, and efficient hierarchical key management scheme for MANETs. Some practical issues and solutions about dynamic key management are also considered and proposed. As compared with Huang et al.'s scheme, our proposed scheme can provide better security assurance, while requiring smaller key-size, lower computational complexities, and constant key management costs which is independent on the number of the confidential files and the visited nodes. 相似文献
16.
Due to the nature of distribution and self-organization, mobile ad hoc networks rely on cooperation between nodes to transfer information. One of the key factors to ensure high communication quality is an efficient assessment scheme for risks and trust of choosing next potential cooperative nodes. Trust model, an abstract psychological cognitive process, is one of the most complex concepts in social relationships, involving factors such as assumptions, expectations and behaviors. All of the above make it difficult to quantify and forecast trust accurately. In this paper, based on the theories of fuzzy recognition with feedback, SCGM(1, 1) model and Markov chain, we present a pattern of prediction making. The analysis and experimental computation show that this scheme is efficient in trust prediction for ad hoc networks. 相似文献
17.
A mobile ad hoc network (MANET) is a wireless communication network which does not rely on a pre-existing infrastructure or any centralized management. Securing the exchanges in MANETs is compulsory to guarantee a widespread development of services for this kind of networks. The deployment of any security policy requires the definition of a trust model that defines who trusts who and how. Our work aims to provide a fully distributed trust model for mobile ad hoc networks. In this paper, we propose a fully distributed public key certificate management system based on trust graphs and threshold cryptography. It permits users to issue public key certificates, and to perform authentication via certificates' chains without any centralized management or trusted authorities. Moreover, thanks to the use of threshold cryptography; our system resists against false public keys certification. We perform an overall evaluation of our proposed approach through simulations. The results indicate out performance of our approach while providing effective security. 相似文献
18.
19.
Arjan Durresi Mimoza Durresi Leonard Barolli 《Journal of Computer and System Sciences》2011,77(4):677-686
We study the unique trust management, and more precisely reputation management and revocation of malicious nodes in the context of ad hoc networks used for emergency communications.Unlike in centralized systems, reputation management and revocation in ad hoc networks is non-trivial. This difficulty is due to the fact that the nodes have to collaboratively calculate the reputation value of a particular node and then revoke the node if the reputation value goes below a threshold. A major challenge in this scheme is to prevent a malicious node from discrediting other genuine nodes. The decision to revoke a node has to be communicated to all the nodes of the network. In traditional ad hoc networks the overhead of broadcasting the message throughout the network may be very high. We solve the problem of reputation management and node revocation in ad hoc networks of cell phones by using a threshold cryptography based scheme. Each node of the network would have a set of anonymous referees, which would store the reputation information of the node and issue reputation certificates to the node with timestamps. The misbehavior of a particular cell phone is reported to its anonymous referees, who issue certificates which reflect the positive and negative recommendations. 相似文献
