适于车载网安全通信的高效签密方案

针对车载自组织网络的特点,该文利用双线性对提出了一个新的基于身份的签密方案,并在随机预言模型中给出了安全性证明.在假设Bilinear Diffie-Hellman问题是困难的条件下,该方案被证明是安全的.与已有的基于身份的签密方案相比,该方案计算量和传输代价小,适合用于车载网安全通信.     

VoIP网络基于签密的安全机制的研究与实现

提出了一种高效的基于身份的可用于多域的签密方案并引申出相应的数字签名方案,然后在该方案的基础上提出了一种适用于VoIP网络环境的安伞机制,该机制避免了基于传统PKI的安全机制的诸多弊端,实现了跨域的身份认证与消息的机密传输.经过分析以及实现验证:该机制与已有的安全机制有很好的兼容性,且不降低原机制的安全性及有效性,同时解决了HTTP摘要认证下的单向认证以及预共享密钥问题,并消除了S/MIME基于证书认证和SRTP不提供密钥协商的不足.     

对一个基于身份签密方案的分析与改

基于身份的签密方案计算开销小,密钥管理简单,适用于保证信息的保密性和认证性。Zhang等提出了一个高效的基于身份签密方案,并在随机预言模型下证明了该方案的安全性。通过分析发现Zhang等的签密方案存在缺陷,针对缺陷提出了相应的改进方案,并且基于随机预言模型证明了新方案的安全性。理论分析和实验仿真证明,所提方案计算复杂度低,适合于实际应用。     

基于身份的多重签密方案

本文利用椭圆曲线上的双线性对提出一个新的基于身份的多重签密方案，解决以前的传统证书式多重签密方案的证书管理，传递等繁琐问题．并进行了安全性分析，在BDH问题是困难的假设下方案是安全的．签密能够在一个逻辑步骤内同时完成保密和认证两项功能，而其计算量和通信成本都要低于传统的“先签名后加密”，在电子商务等方向有很好的应用前景。     

基于双线性对的高效短密文签密算法

签密是一种能够同时保证机密性和认证性的新颖体制,但已有方案的通信效率较低,成为影响签密广泛应用的主要问题之一。基于BLS签名,构造了一个具有短密文属性的高效签密方案。该方案在Random Oracle模型和GDH假设之下是可证明安全的。明文数据率在当前的安全参数下可达76%,是已知方案中密文长度最短的方案,特别适用于带宽受限场合的安全通信。     

一种新的适于Ad hoc网可认证密钥协商协议

提出一种新的适于Ad hoc网可认证密钥协商协议。基于签密技术。在同一逻辑步内同时实现了认证和加密功能,提高了密钥协商效率;基于身份的公钥密码系统,降低了建立和管理公钥基础设施的代价;应用椭圆曲线上双线性对,使得该协议能以短的密钥和小的计算量实现同等安全要求。与已有密钥协商协议相比,新协议计算和传输量小,带宽要求低,安全性高,适合能源和带宽受限的Ad hoc网络。     

适合ad hoc网络无需安全信道的密钥管理方案

密钥管理问题是构建ad hoc安全网络系统首要解决的关键问题之一.针对ad hoc网络特点,提出了一个无需安全信道的门限密钥管理方案.该方案中,可信中心的功能由局部注册中心和分布式密钥生成中心共同实现,避免了单点失效问题;通过门限技术,网络内部成员相互协作分布式地生成系统密钥;利用基于双线性对的公钥体制实现了用户和分布式密钥生成中心的双向认证;通过对用户私钥信息进行盲签名防止攻击者获取私钥信息,从而可以在公开信道上安全传输.分析表明该方案达到了第Ⅲ级信任,具有良好的容错性,并能抵御网络中的主动和被动攻击,在满足ad hoc网络安全需求的情况下,极大地降低了计算和存储开销.     

一个扩展的基于身份的签密方案

在基于身份的签密方案，公钥可以通过用户的身份直接得到，简化了证书管理，但在传统的签密方案中，密钥产生中心很容易知道用户的私钥．不适合方案在开放式环境中的应用。文章利用椭圆曲线上双线性映射的特性．提出了一个扩展的基于身份的签密方案，并且对其安全性进行了证明。该方案具有多个密钥产生中心，能够同时实现数字签名和消息加密两项功能，能够应用于开放环境中，实现了向前安全性。     

新的基于身份的签密方案

利用椭圆曲线上的双线性对,提出一个基于身份的签密方案。在新方案中,接收者收到一个签密消息,在验证该消息签名的合法性后,再对消息进行恢复。在安全性方面,新方案具有机密性、不可伪造性、公开可验证性、鲁棒性;在计算量和通信成本方面,新方案中只需要进行1次模指数运算、2次双线性对运算和1次双线性对预运算,签密产生的密文长度为2｜G1｜＋｜m｜,总成本比已有的基于身份的签密方案耗费少,从而有效实现了对消息的认证和保密。     

基于属性的签密方案

现实生活中存在这样一种情况：具有某些属性的群组中的一个成员，他将上传一些签过名的敏感数据到第三方网站，并希望只能被具有特定属性的群组访问。为满足此需求，文章定义了基于属性的签密方案，其中，文件由属性集标识，私钥由一个访问控制结构产生，用来控制解密权限。最后，给出了方案的正确性证明和安全性分析。     

A secure incentive protocol for mobile ad hoc networks

The proper functioning of mobile ad hoc networks depends on the hypothesis that each individual node is ready to forward packets for others. This common assumption, however, might be undermined by the existence of selfish users who are reluctant to act as packet relays in order to save their own resources. Such non-cooperative behavior would cause the sharp degradation of network throughput. To address this problem, we propose a credit-based Secure Incentive Protocol (SIP) to stimulate cooperation among mobile nodes with individual interests. SIP can be implemented in a fully distributed way and does not require any pre-deployed infrastructure. In addition, SIP is immune to a wide range of attacks and is of low communication overhead by using a Bloom filter. Detailed simulation studies have confirmed the efficacy and efficiency of SIP. This work was supported in part by the U.S. Office of Naval Research under Young Investigator Award N000140210464 and under grant N000140210554. Yanchao Zhang received the B.E. degree in Computer Communications from Nanjing University of Posts and Telecommunications, Nanjing, China, in July 1999, and the M.E. degree in Computer Applications from Beijing University of Posts and Telecommunications, Beijing, China, in April 2002. Since September 2002, he has been working towards the Ph.D. degree in the Department of Electrical and Computer Engineering at the University of Florida, Gainesville, Florida, USA. His research interests are network and distributed system security, wireless networking, and mobile computing, with emphasis on mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and heterogeneous wired/wireless networks. Wenjing Lou is an assistant professor in the Electrical and Computer Engineering department at Worcester Polytechnic Institute. She obtained her Ph.D degree in Electrical and Computer Engineering from University of Florida in 2003. She received the M.A.Sc degree from Nanyang Technological University, Singapore, in 1998, the M.E degree and the B.E degree in Computer Science and Engineering from Xi'an Jiaotong University, China, in 1996 and 1993 respectively. From Dec 1997 to Jul 1999, she worked as a Research Engineer in Network Technology Research Center, Nanyang Technological University. Her current research interests are in the areas of ad hoc and sensor networks, with emphases on network security and routing issues. Wei Liu received his B.E. and M.E. in Electrical and Information Engineering from Huazhong University of Science and Technology, Wuhan, China, in 1998 and 2001. In August 2005, he received his PhD in Electrical and Computer Engineering from University of Florida. Currently, he is a senior technical member with Scalable Network Technologies. His research interest includes cross-layer design, and communication protocols for mobile ad hoc networks, wireless sensor networks and cellular networks. Yuguang Fang received a Ph.D. degree in Systems Engineering from Case Western Reserve University in January 1994 and a Ph.D degree in Electrical Engineering from Boston University in May 1997. He was an assistant professor in the Department of Electrical and Computer Engineering at New Jersey Institute of Technology from July 1998 to May 2000. He then joined the Department of Electrical and Computer Engineering at University of Florida in May 2000 as an assistant professor, got an early promotion to an associate professor with tenure in August 2003 and a professor in August 2005. He has published over 150 papers in refereed professional journals and conferences. He received the National Science Foundation Faculty Early Career Award in 2001 and the Office of Naval Research Young Investigator Award in 2002. He has served on many editorial boards of technical journals including IEEE Transactions on Communications, IEEE Transactions on Wireless Communications, IEEE Transactions on Mobile Computing and ACM Wireless Networks. He is a senior member of the IEEE.     

Ad hoc网络时钟同步研究

由于ad hoc网络应用环境的多样性且不同的应用具有不同的同步要求，没有一种时钟同步协议可以适应各种情况。在分析了网络时钟同步困难的基础上，结合不同的ad hoc网络应用，探讨了不同应用环境下时钟同步协议的特殊性，并介绍了现有典型的ad hoc网络时钟同步协议。最后，针对ad hoc网络时钟同步中值得进一步研究的几个问题做了初步的分析。     

A secure mutual authentication scheme with non‐repudiation for vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) have been a research focus in recent years. VANETs are not only used to enhance the road safety and reduce the traffic accidents earlier but also conducted more researches in network value‐added service. As a result, the security requirements of vehicle communication are given more attention. In order to prevent the security threat of VANETs, the security requirements, such as the message integrity, availability, and confidentiality are needed to be guaranteed further. Therefore, a secured and efficient verification scheme for VANETs is proposed to satisfy these requirements and reduce the computational cost by combining the asymmetric and symmetric cryptology, certificate, digital signature, and session key update mechanism. In addition, our proposed scheme can resist malicious attacks or prevent illegal users' access via security and performance analysis. In summary, the proposed scheme is proved to achieve the requirements of resist known attacks, non‐repudiation, authentication, availability, integrity, and confidentiality. Copyright © 2015 John Wiley & Sons, Ltd.     

车载自组网的现状与发展

简要介绍了车载自组网的发展历史、特点和应用领域。使用分析和比较的方法，讨论各种无线通信技术用于车载自组网的优缺点，并针对车载自组网的应用及特性提出搭建车间通信系统的设计思想和突破方向。为了便于读者跟踪国外先进的研究成果，还介绍了一些在这一领域比较活跃的研究机构以及他们的主要工作。     

SDMAC: Selectively Directional MAC protocol for wireless mobile ad hoc networks

Using directional antennas in wireless mobile ad hoc networks can greatly improve the transmission range as well as the spatial reuse. However, it will also cause some problems such as deafness problem and hidden terminal problem, which greatly impair the network performance. This paper first proposes a MAC protocol called Selectively Directional MAC (SDMAC) that can effectively address these problems and significantly improve the network throughput. Then two improvements on SDMAC are proposed. The first one is to improve the network throughput by scheduling the packets in the queue (a scheme called Q-SDMAC), thus the head-of-line (HOL) blocking problem can be addressed. The second one is to relax the assumption that each node knows the relative directions of its neighboring nodes and use caches to buffer those relative directions (a scheme named Q-SDMAC using cache). Extensive simulations show that: (1) SDMAC can achieve much better performance than the existing MAC protocols using directional antennas; (2) The network throughput can be significantly improved by scheduling the packets in the queue; (3) Using caches can still achieve high network throughput when nodes are moving; and (4) Network throughput decreases when directional antennas have side lobe gain.

Contention-based forwarding for mobile ad hoc networks

Existing position-based unicast routing algorithms which forward packets in the geographic direction of the destination require that the forwarding node knows the positions of all neighbors in its transmission range. This information on direct neighbors is gained by observing beacon messages each node sends out periodically.

Due to mobility, the information that a node receives about its neighbors becomes outdated, leading either to a significant decrease in the packet delivery rate or to a steep increase in load on the wireless channel as node mobility increases. In this paper, we propose a mechanism to perform position-based unicast forwarding without the help of beacons. In our contention-based forwarding scheme (CBF) the next hop is selected through a distributed contention process based on the actual positions of all current neighbors. For the contention process, CBF makes use of biased timers. To avoid packet duplication, the first node that is selected suppresses the selection of further nodes. We propose three suppression strategies which vary with respect to forwarding efficiency and suppression characteristics. We analyze the behavior of CBF with all three suppression strategies and compare it to an existing greedy position-based routing approach by means of simulation with ns-2. Our results show that CBF significantly reduces the load on the wireless channel required to achieve a specific delivery rate compared to the load a beacon-based greedy forwarding strategy generates.