Ad Hoc中基于双线性对和证书的组密钥管理协议

针对当前多数分布式组密钥管理协议不能提供密钥认证及不能抵御主动攻击的安全问题,设计了满足认证性的CBPSTR(certificate- owned and bilinear pairing- based STR)协议.该协议采用特殊的三叉密钥树结构,结合STR和TGDH协议并引入证书和双线性对密码体制.CBPSTR协议包括6个子协议:建立多播组、成员加入、成员离开、合并多播组、拆分多播组和更新组密钥.安全性分析表明CBPSTR协议在计算上是安全的.与STR协议进行比较,CBPSTR协议具有较低计算和通信代价.由于具有成员间的认证性,CBPSTR能抵抗中间人攻击、密钥泄漏假冒攻击和未知密钥共享攻...

Group Key Management Protocol Based on Bilinear Pairing and Certificate in Ad Hoc Network

Most of the distributed group key management protocols are not secure against the active attacks without key authentication, so a CBPSTR (certificate-owned and bilinear pairing-based STR) protocol was designed to meet the requirement. Based on the STR and TGDH, the certificate mechanism and bilinear pairing function in elliptic curve with the ternary tree were introduced to propose a novel multicast key management scheme CBPSTR. The CBPSTR protocol included 6 sub protocols (setup protocol, join protocol, leave protocol, merge protocol, partition protocol and refresh protocol). Security analysis showed that the CBPSTR protocol was secure for calculation. Compared with STR, the CBPSTR possessed lower communication and computation cost. Moreover, the CBPSTR could effectively resist man-in-the-middle attack, key-compromise impersonation resilience and unknown key-share resilience. It could be concluded that the CBPSTR protocol was a novel, authentication and efficient distributed key management protocol.