基于随机密钥预分布模型的安全定向扩散协议

为了解决无线传感器网络中定向扩散协议的安全问题,提出一种基于随机密钥预分布模型的安全定向扩散协议.通过建立安全梯度及应用累积报文鉴别码和多层加密,扩展了定向扩散协议的安全机制,使其能够提供点到点的安全数据通信.安全分析表明,基于随机密钥预分布模型的安全定向扩散协议能够保证定向扩散协议在兴趣扩散、数据传输、路由建立和路径加强阶段的安全性,有效抵御多种由泄密节点发起的攻击.     

无线传感网络中基于身份的密钥管理方案研究

文章结合门限共享方案,提出了一种基于身份的无线传感器网络密钥管理方法,该方法无需认证中心,直接通过各网络节点自身的决策,实现了通讯节点间的双向认证.引入门限密钥机制,能够较好地提高系统的健壮性,在保证系统安全性的同时,有效地改进了系统效率,并且较好地解决了丢包问题,降低了通信开销,能够较好地抵抗入侵,适用于无线传感网中...     

多点协作复制攻击检测研究

在实际应用中,许多无线传感器网络是一个多功能的异构网络,同时存在静态网络和移动网络,这对节点复制攻击检测是一个极大的挑战。利用静态网络和移动网络相互协作实施检测,提出一种协作式检测方案,实现了节点复制攻击的检测与防御。通过实验对方案中的静态网络检测的密钥对预分配方案(PTPP)和移动节点复制攻击检测的协作式检测方案(CCD)进行了验证。分析表明,该方案具有较好的安全性和可以接受的成本和开销,是一种实用的异构无线传感器网络的节点复制攻击检测方案。     

基于中国剩余定理和LU矩阵的传感器网络密钥预分配方案

针对典型分簇式传感器网络密钥预分配方案连通性和抗毁性差、节点开销大的问题,结合中国剩余定理和LU矩阵提出了一个密钥预分配方案.该方案簇头节点与簇内节点间的通信密钥运用中国剩余定理建立,而簇头节点之间以及簇头节点和基站间的通信密钥采用LU矩阵生成,这样既克服了运用中国剩余定理建立通信密钥的单一性问题,又克服了采用LU矩阵生成通信密钥节点开销大的缺陷.方案支持节点加入与撤销,簇内节点加入与撤销时方案分别满足后向和前向安全性.与典型密钥预分配方案相比,该方案以占用一个密钥存储空间的簇内节点开销和较少的簇头节点开销既实现了网络100%的连通性,又实现了网络完全抗毁性.     

无线传感器网络中的一种 安全高效的路由协议

针对无线传感器网络中部分路由协议在设计时对安全性考虑不够的问题，本文提出一种安全高效的路由协议－STEEN协议。该协议是在TEEN（Threshold sensitive Energy Efficient sensor Network protocol）路由协议的基础上，以增强路由安全性同时兼顾网络的能量消耗为目标而设计的。该协议通过预置密钥和采用随机密钥对密钥管理的方法，解决了节点间的认证和安全通信的问题，增强了网络的安全性。通过安全性分析可以看到，该安全路由协议可防御多种针对网络层的攻击。     

一种带验证和撤销的组密钥分发方案

提出一种在无线传感器网络中具有正确性验证和头结点撤销功能的组密钥更新方案. 通过建立组密钥之间的冗余关联,实现了在不增加结点负担的情况下,合法结点利用当前广播消息和自身秘密恢复丢失的组密钥. 利用撤销多项式实现对结点和头结点的撤销,此外还能提供密钥的正确性验证. 分析表明,在没有增加计算开销和通信开销情况下本方案具有更好的安全性.     

一种高连通率的传感器网络密钥预分配方法

密钥管理是无线传感器网络安全的基础,其中密钥预分配是可行性比较高的密钥管理方法,节点之间的共享密钥的概率一直是密钥预分配中比较重要的性能指标,可是现有的无线传感器网络密钥预分配方案大多存在节点间密钥共享概率低或者共享概率不稳定的问题.结合Blom对称多项式,通过改进TD方法,提出了一种改进的密钥预分配方法,该方法能够实现稳定的节点间高密钥共享概率,从而保证了无线传感器网络的安全连通,此外该方法还具有灵活易变的特性,可以改变传感器分组数目以及传感器存储的密钥个数,满足实际需求.     

安全广播加密系统及边界研究

提出了一类新的安全广播加密系统,说明了它与密钥预分配系统的关系,获得在某一安全水平下各用户应掌握的秘密信息量.该系统具有广泛的适用性.     

A formal reputation system for trusting wireless sensor network

In this paper, a formal system is proposed based on beta reputation for the development of trustworthy wireless sensor networks (FRS-TWSN). Following this approach, key concepts related to reputation are formal described step by step for wireless sensor networks where sensor nodes maintain reputation for other sensors and use it to evaluate their trustworthiness. By proving some properties of beta reputation system, the beta distribution is founded to fit well to describe reputation system. Also, a case system is developed within this framework for reputation representation, updates and integration. Simulation results show this scheme not only can keep stable reputation but also can prevent the system from some attacks as bad mouthing and reputation cheating. Biography: XIAO Deqin(1970–), female, Associate professor, research direction: formal theory of information security.     

A practical identity-based signature scheme

Many identity-based signature （IBS） schemes solving key escrow were proposed, But the updating of the private keys wasn＇t discussed in these literatures. For the problem of key update, an identity-based key-insulated signature scheme with secure key-updates has been proposed. But their scheme inherited the key escrow property. In this paper, we propose a new identity-based strong key-insulated signature scheme without key escrow. It makes the IBS scheme more applicable to the real world. After analyzing the security and the performance, an application example in E-passport passive authentication scenario is described.     

无线传感器网络的结构分析与加密方案

在简要介绍无线传感器网络特点的基础上,给出了无线传感器网络的体系结构,随着无线传感器网络的广泛应用,网络安全成了很多传感器网络应用的关键,最后提出了一种基于密钥预分配无线传感器网络中的加密方案。     

基于分簇的无线传感器网络动态密钥管理方案

针对现有无线传感器网络密钥计算量过大、存储空间过多和管理不够灵活的问题,在基于分簇的网络拓扑结构基础上,引入虚拟网格技术,提出基于分簇的无线传感器网络动态密钥管理方案。在簇头与活动节点之间采用基于簇基密钥的预分配策略进行通信,在簇头之间采用基于Blom矩阵并结合随机数的对密钥进行通信,该方案能在活动节点或簇头被捕获或能量耗尽时实现密钥的动态更新。与现有方案相比较,此方案能动态更新密钥,有着更好的安全性并具有良好的扩展性。     

WSN中基于一次预共享密钥的安全管理方案

无线传感器网络在部署初始阶段,由于未被恶意者察觉,或者破解存在难度,节点通常能够在一定时间内具有抵抗劫持的能力．基于此分析提出一种适合于静态网络的基于一次性预共享密钥的安全管理方案SMOPK,方案在无线传感器网络部署的初始阶段利用一次性预共享密钥进行密钥协商等,从而在相邻节点间建立保密的安全连接,建立与实际拓扑一致的安全拓扑．分析表明SMOPK方案具有开销小、安全性强的特点,适合于静态无线传感器网络的安全要求．     

无线传感器网络中节点移动场景下的密钥管理方法

为了探讨无线传感器网络中节点移动场景下的密钥管理方法,克服现有方案在移动节点重新加入网络方面的安全缺陷,提出了基于椭圆曲线数字签名算法的复合安全机制来验证移动场景下的节点身份,解决了其他密钥管理方案中存在的节点易受拒绝服务攻击和密钥易被敌人推算出等安全性问题.采用阶为160 bit的椭圆曲线,在带有XMTS300CB传...     

A new certificateless public key encryption scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.     

Secure proxy re-encryption from CBE to IBE

In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude ＂safe＂. Furthermore, it is compatible with current IBE （identity-based encryption） deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.     

A Secure MAKAP for Wireless Communication

A mutual authentication and key establishment protocol proposed by Aydos et al, for wireless communication based on elliptic curve cryptography can provide authentication between the user and server and they agreement a session key in the end of it. Unfortunately, Mangipudi pointed out Aydos＇ scheme was incurred the man-in-middle attack denial-of-service attack and impersonation based on man-in-middle attack. Then he proposed an improved scheme m overcome the above weakness. However, there is an attack which can forge the message required in the protocol and impersonation a valid user to the server.     

An Efficient Key Management Protocol for Wireless Sensor Networks

Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy（LEACH） for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.     

无线传感器网络安全加密成簇算法的设计及研究

在无线传感器网络中,网络节点的成簇算法是实现对传感器网络高效节能管理和应用的有效途径为了提高网络的安全性和寿命,提出了一种基于随机并行簇头选举算法和密钥预分配方案,在假设的网络模型中,均匀地选举簇头节点,并且实现对恶意节点的识别和删除,在数据通信阶段通过加密算法实现数据通信的安全性,从而有效地实现网络寿命的延长和数据通信的安全。     

Applying evolutionary algorithm to public key cryptosystems

A best algorithm generated scheme is proposed in the paper by making use of the thought of evolutionary algorithm, which can generate dynamically the best algorithm of generating primes in RSA cryptography under different conditions. Taking into account the factors of time, space and security integrated, this scheme possessed strong practicability. The paper also proposed a model of multi-degree parallel evolutionary algorithm to evaluate synthetically the efficiency and security of the public key cryptography. The model contributes to designing public key cryptography system too. Foundation item: Supported by the Hi-Tech Research and Development Foundation item: Supported by the Hi-Tech Research and Development Biography; Tu Hang (1975-), male, Ph. D candidate, research directions: Biography; Tu Hang (1975-), male, Ph. D candidate, research directions: