AdHoc网络安全架构研究
|
摘要
Ad Hoc网络现正日趋成熟,在不同规模的组网中都有广泛的应用。随着Ad Hoc网络通信技术的发展,网络规模变得越来越庞大,网络安全在Ad Hoc网络通信中变得越来越重要。但无线网络的高移动性,高误码率,以及无线节点资源有限等特点限制,现有成熟的安全架构不能适用用于Ad Hoc网络。Ad Hoc网络在普及和带来便利的同时,存在如下的安全隐患:信道传输数据可以被第三方窃听;准备充分的攻击者可以对目标节点发送伪造的信息,造成目标做出错误的判断和错误的动作;信道的突发错误和长传播延迟可能影响传输的数据;拓扑结构变化快,并没有无可靠的节点作为中心节点。在Ad Hoc网络中建立一个有效的安全机制至关重要。
如今比较成熟的安全机制都是为地面网络设计的,如IPSEC(Internet Security Protocol),SSL(Secure Socket Layer)等,但直接在Ad Hoc网络中应用已有协议会产生新的安全问题。在对已有安全机制研究的基础上,本论文重点研究在大规模Ad Hoc网络中建立可靠的安全架构,其创新点如下:
1.针对大规模Ad Hoc网络中存在的不诚信问题,基于组合公钥技术和门限密码体制的结合,并引入双线性映射算法设计秘密分片验证机制,提出了一种新的支持不诚信行为发现的移动Ad Hoc网络密钥管理方案BMMS-DBD。通过与已有的密钥管理方案相比较,该方案在保证效率、安全和扩展性要求的前提下,具有较强的健壮性,能够适用于大规模移动Ad Hoc网络。
2.针对Ad Hoc网络中数据传输大延时、高误码率的特点,考虑与密钥管理方案BMMS-DBD兼容,在SK协议的基础上,融合X509数字证书格式,设计了X509-BSK认证方案。该方案完成Ad Hoc网络密钥交换,并设计了基于椭圆曲线密码的数字证书格式、密钥交换协议和安全通信流程。通过安全分析,该方案有交互开销小、算法复杂性低、认证效率高等优点,适合用于Ad Hoc网络。
3.综合了提出的密钥管理方案和认证方案,在网络协议架构的基础上,设计安全协议层次架构。在应用层、网络层、传输层、数据链路层、物理层针对可能的安全问题给出了防控方法,层次化地为无线网络协议提供了安全问题解决策略。
Ad Hoc network become more and more mature, and is used in different scale networking. With development of Ad Hoc network communication technique, the scale of network turns into lager, network security in Ad Hoc network communication become more and more important. But Ad Hoc network has high mobility, high error rate, and resource of wireless points is limited, therefore existing security architecture in usual network can’t be suitable to apply in Ad Hoc network. When Ad Hoc network popularize and bring convenient to people, security in Ad Hoc network is challenged: The communication between Ad Hoc networks can be wiretapped by others;Attacker over prepare can send imitative message to target node, cause it make wrong judge and wrong action;Abrupt error and long transmission delay, affect the communication;The topology of Ad Hoc networks changes every second and no dependable node exist.
Right now, most of mature security structures is designed for fixed networks, as IPSEC (Internet Security Protocol), SSL (Secure Socket Layer). Moving them to Ad Hoc networks straightway will product new security problem. Based on research in existing security protocol, this paper mainly research a security structure in large-scale Ad Hoc networks, the main contributions of this dissertation are as follows:
1.In large-scale mobile Ad-Hoc network, there exists problem of nodes’dishonest behaviors. Due to this, we design a novel key management scheme with dishonest behavior discovery mechanism. The proposed scheme is based on techniques of combined public key and threshold secret sharing, and uses bilinear map algorithm to design the verification mechanism of secret shares. Comparisons with existing schemes show that the proposed scheme not only ensures good efficiency, security and scalability, but has strong robustness against dishonest nodes. The proposed scheme can suit large-scale mobile Ad-Hoc network well.
2.Because Ad Hoc networks have high delay and high error rate, and consider be compatible with BMMS-DBD scheme. Based on SK protocol, unite X509 digital certificate, we designed X509-BSK authentication scheme. It completes key exchanging,defines the digital certificate and secure communication protocol. The research and analyses shows that the elliptic curve key agreement protocol have advantages of lower interaction cost, lower computing complexity and higher security strength compared to other protocols.
3. Synthesize suggested key management scheme and authentication scheme, base on Ad Hoc network protocol framework, we propose security protocol architecture. The architectures give the resolve method in each layer for potential security problem, systematically provide security strategy for each network level.
如今比较成熟的安全机制都是为地面网络设计的,如IPSEC(Internet Security Protocol),SSL(Secure Socket Layer)等,但直接在Ad Hoc网络中应用已有协议会产生新的安全问题。在对已有安全机制研究的基础上,本论文重点研究在大规模Ad Hoc网络中建立可靠的安全架构,其创新点如下:
1.针对大规模Ad Hoc网络中存在的不诚信问题,基于组合公钥技术和门限密码体制的结合,并引入双线性映射算法设计秘密分片验证机制,提出了一种新的支持不诚信行为发现的移动Ad Hoc网络密钥管理方案BMMS-DBD。通过与已有的密钥管理方案相比较,该方案在保证效率、安全和扩展性要求的前提下,具有较强的健壮性,能够适用于大规模移动Ad Hoc网络。
2.针对Ad Hoc网络中数据传输大延时、高误码率的特点,考虑与密钥管理方案BMMS-DBD兼容,在SK协议的基础上,融合X509数字证书格式,设计了X509-BSK认证方案。该方案完成Ad Hoc网络密钥交换,并设计了基于椭圆曲线密码的数字证书格式、密钥交换协议和安全通信流程。通过安全分析,该方案有交互开销小、算法复杂性低、认证效率高等优点,适合用于Ad Hoc网络。
3.综合了提出的密钥管理方案和认证方案,在网络协议架构的基础上,设计安全协议层次架构。在应用层、网络层、传输层、数据链路层、物理层针对可能的安全问题给出了防控方法,层次化地为无线网络协议提供了安全问题解决策略。
Ad Hoc network become more and more mature, and is used in different scale networking. With development of Ad Hoc network communication technique, the scale of network turns into lager, network security in Ad Hoc network communication become more and more important. But Ad Hoc network has high mobility, high error rate, and resource of wireless points is limited, therefore existing security architecture in usual network can’t be suitable to apply in Ad Hoc network. When Ad Hoc network popularize and bring convenient to people, security in Ad Hoc network is challenged: The communication between Ad Hoc networks can be wiretapped by others;Attacker over prepare can send imitative message to target node, cause it make wrong judge and wrong action;Abrupt error and long transmission delay, affect the communication;The topology of Ad Hoc networks changes every second and no dependable node exist.
Right now, most of mature security structures is designed for fixed networks, as IPSEC (Internet Security Protocol), SSL (Secure Socket Layer). Moving them to Ad Hoc networks straightway will product new security problem. Based on research in existing security protocol, this paper mainly research a security structure in large-scale Ad Hoc networks, the main contributions of this dissertation are as follows:
1.In large-scale mobile Ad-Hoc network, there exists problem of nodes’dishonest behaviors. Due to this, we design a novel key management scheme with dishonest behavior discovery mechanism. The proposed scheme is based on techniques of combined public key and threshold secret sharing, and uses bilinear map algorithm to design the verification mechanism of secret shares. Comparisons with existing schemes show that the proposed scheme not only ensures good efficiency, security and scalability, but has strong robustness against dishonest nodes. The proposed scheme can suit large-scale mobile Ad-Hoc network well.
2.Because Ad Hoc networks have high delay and high error rate, and consider be compatible with BMMS-DBD scheme. Based on SK protocol, unite X509 digital certificate, we designed X509-BSK authentication scheme. It completes key exchanging,defines the digital certificate and secure communication protocol. The research and analyses shows that the elliptic curve key agreement protocol have advantages of lower interaction cost, lower computing complexity and higher security strength compared to other protocols.
3. Synthesize suggested key management scheme and authentication scheme, base on Ad Hoc network protocol framework, we propose security protocol architecture. The architectures give the resolve method in each layer for potential security problem, systematically provide security strategy for each network level.
引文
[1]郑少仁,王海涛,赵志峰,米志超,黎宁,Ad hoc网络技术,人民邮电出版社,2005
[2] N. Abramson,“The ALOHA System - Another Alternative for Computer Communications,”in Proc. Fall Joint Computer Conference, vol. 37, pp.281-285, 1970.
[3] J.A. Freebersyser and B. Leiner,“A DoD Perspective on mobile ad hoc networks,”Charles E. Perkins (Ed.), Ad Hoc Networking, Addison Wesley, pp. 29-51, 2001.
[4] S. E. Deering.”Host Extensions for IP Multicasting”. Internet RFC 1112, August 1989.
[5] IEEE Std 1363–2000: Standard Specifications for Public Key Cryptography. IEEE. 2000
[6] W. Stallings, Cryptography and Network Security: Principles and Practice, 3rd edition.刘玉珍等译,电子工业出版社2004
[7] Chang, Y. and Chang, C. 2005. An efficient authentication protocol for mobile satellite communication systems. SIGOPS Oper. Syst. Rev. 39, 1 (Jan. 2005), 70-84.
[8] R. Ankney, D. Hohnson, and M. Matyas. The unified model. Contribution to X9F1, 1995.
[9] B. Song and K. Kim. Two-pass authenticated key agreement protocol with key confirmation. Progress in Cryptology - Indocrypt 2000, LNCS 1977:237–249, 2000.
[10] T. Matsumoto, Y. Takashima, and H. Imai. On seeking smart public-key distribution systems. Transactions of IEICE, VolE69:99–106, 1986.
[11] L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone. An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography, pages 28:119–134, 2003.
[12] B. Kaliski. An unknown key share attack on the MQV key agreement protocol. ACM Transactions on Information and System Security, pages 36–49, 2001.
[13] Laurie Law, Alfred Menezes, Minghua Qu, Jerry Solinas, Scott Vanstone, An efficient protocol for authenticated key agreement. Tech. Rep. CORR 98-05, Department of C&O, University of Waterloo. 1998
[14] IEEE Std 1363–2000: Standard Specifications for Public Key Cryptography. IEEE. 2000
[15] C. Lee, J. Lim, and J. Kim. An efficient and secure key agreement. IEEE p1363a draft, 1998.
[16] K. Al-Sultan, M. Saeb, M. Elmessiery, and U.A.Badawi. A new two-pass key agreement protocol. Proceedings of the IEEE Midwest 2003 Symp. on Circuits, Systems and Computers, 2003.
[17] Strangio, M. A., Efficient Diffie-Hellman two-party key agreement protocols based onelliptic curves. In Proceedings of the 2005 ACM Symposium on Applied Computing (Santa Fe, New Mexico, March 13 - 17, 2005).
[18] R. Poovendran.”Key Management for Secure Multicast Communication”. PhD thesis, University of Maryland College Park, 1999.
[19] ITU-T Rec. X.509, Information technology– Open Systems Interconnection– The Directory: Public-key and attribute certificate frameworks, 2005
[20] Koblitz, N. A Course in Number Theory and Cryptography. New York: Springer-Verlag, 1994.
[21] Lossless Data Compression. Recommendation for Space Data System Standards,CCSDS 121.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, May 1997.
[22] Image Data Compression. Recommendation for Space Data System Standards,CCSDS 122.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, November 2005.
[23] TC Synchronization and Channel Coding. Recommendation for Space Data System Standards, CCSDS 231.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[24] TM Space Data Link Protocol. Recommendation for Space Data System Standards, CCSDS 132.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[25] AOS Space Data Link Protocol. Recommendation for Space Data System Standards, CCSDS 732.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[26] Proximity-1 Space Link Protocol. Recommendation for Space Data System Standards. CCSDS 211.0-B-3. Blue Book. Issue 3. Washington, D.C.: CCSDS, May 2004.
[27] S. B. Wicker and V. K. Bhargava, Eds. 1999 Reed-Solomon Codes and their Applications. John Wiley & Sons, Inc.
[28] "Data Encryption Standard", January 1977, http://www.nist.gov.
[29] M.J. Wiener et al., CryptoBytes vol. 4, nr. 1: Performance Comparison of Public-Key Cryptosystems, Summer, 1998
[30] Roy-Chowdhury, A.; Baras, J.S.; Hadjitheodosiou, M.; Papademetriou, S., Security issues in hybrid networks with a satellite component, Wireless Communications, IEEE [see also IEEE Personal Communications], Vol.12, Iss.6, Dec. 2005, Pages: 50- 61
[31] D. Wallner ,E. Harder , R. Agee , rfc2627, Key Management for Multicast: Issues and Architectures, National Security Agency ,June 1999
[32] A. Roy-Chowdhury,“IP Routing and Key Management for Secure Multicast in Satellite ATM Networks,”Master’s thesis, University of Maryland, College Park, 2003, available at http://techreports.isr.umd.edu/reports/2004/MS2004-1.pdf
[33] M. Moharrum, M. Eltoweissy and R. Mukkamala,“Dynamic combinatorial key management scheme for sensor networks,”Wireless Communications and Mobile Computing, 2006; 6:1017–1035
[34] A. Fiat and M. Naor. Broadcast Encryption. Advances in Cryptology -- CRYPTO'93.
[35] G. Chiou and W. Chen. Secure broadcasting using the secure lock. IEEE Transactions on Software Engineering, 15(8):929-934, Aug. 1989.
[36] T. Matsumoto and H. Imai.”On the KEY PREDISTRIBUTION SYSTEM: A Partical Solution to the Key Distribution Problem”. Advances in Cryptology - CRYPTO’87, Lecture Notes in Computer Science, LNCS, 293:185–193, 1988.
[37] FIPS-PUB-180-2, Secure Hash Standard, U.S.Dept. of Commerce/NIST, August 1, 2002
[38] S. Blake-Wilson, D. Johnson, and A. Menezes. Key agreement protocols and their security analysis. In Proceedings of the 6th IMA Int.l Conf on Cryptography and Coding, LNCS 1355:30–45, 1997.
[39] H. Harney and C. Muckenhirn.”Group Key Management Protocol (GKMP) Architecture”. Internet RFC 2094, July 1997.
[40] S. Rafaeli, D. Hutchison. A Survey of Key Management for Secure Group Communication. ACM Computing Surveys, vol. 35, no. 3, pp. 309–329, 2003.
[41] Y. Kim, A. Perrig, and G. Tsudik, "Tree-based group key agreement," ACM Trans. Inf. Syst. Secur, vol. 7, pp. 60-96, 2004.
[42] W. Yu, Y. Sun, and K.J.R. Liu, "Optimizing Rekeying Cost for Contributory Group Key Agreement Schemes," Dependable and Secure Computing, IEEE Transactions on, vol. 4, pp. 228-242, 2007.
[43] A. Yavuz, F. Alagoz, and E. Anarim, "A New Satellite Multicast Security Protocol Based on Elliptic Curve Signatures," Information and Communication Technologies, 2006. ICTTA '06. 2nd, vol. 2, pp. 2512-2517, 2006.
[44] Pintsov and Vanstone, "Postal Revenue Collection in the Digital Age," Financial Cryptography: 4th International Conference, FC 2000, Anguilla, British West Indies, February 2000. Proceedings, 2001.
[45] P.P.C. Lee, J.C.S. Lui, and D.K.Y. Yau, "Distributed collaborative key agreement and authentication protocols for dynamic peer groups," IEEE/ACM Trans. Netw, vol. 14, pp. 263-276, 2006.
[46] M.A. Moulavi and H. Parvar, "Agent Based Bandwidth Reduction for Key Management in Hierarchical Group Communication," Communication Systems Software and Middleware, 2007. COMSWARE 2007. 2nd International Conference on, pp. 1-5, 2007.
[47] C. Ma, J. Ao, and J. Li, "Password-based Dynamic Group Key Agreement," Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on, pp. 203-208.
[48] Y. Chiu, C. Lei, C. Huang. Secure Multicast Using Proxy Encryption. In Proceedings of International Conference on Information and Communications Security, ICICS 2005, Lecture Notes in Computer Science, vol. 3783, pp. 280–290, 2005.
[49] A. Ivan, Y. Dodis. Proxy Cryptography Revisited. In Proceedings of the Tenth Network and Distributed System Security Symposium, 2003.
[50] R. Ingle and G. Sivakumar, "Tunable Group Key Agreement," Local Computer Networks, 2007. LCN 2007. 32nd IEEE Conference on, pp. 1017-1024, 2007.
[51] J. Hur, Y. Shin, and H. Yoon, "Decentralized group key management for dynamic networks using proxy cryptography," Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks, pp. 123-129, 2007.
[52] Y. Sun and K. Liu, "Analysis and Protection of Dynamic Membership Information for Group Key Distribution Schemes," Information Forensics and Security, IEEE Transactions on, vol. 2, pp. 213-226, 2007.
[53] L. Li et al., "ACKDs: An Authenticated Combinatorial Key Distribution Scheme for Wireless Sensor Networks," Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Eighth ACIS International Conference on, vol. 2, pp. 262-267, 2007.
[54] A. Joux. A One Round Protocol for Tripartite Diffie-Hellman. In Proceedings of ANTS 4, LNCS 1838, pp. 385-394, Springer-Verlag, 2000.
[55] M. Eltoweissy, H. Heydari, L. Morales, and H. Sudborough,“Combinatorial Optimization for Group Key Management,”Journal of Network and System Management, Vol. 12, No. 1, March 2004.
[56] M.Eltoweissy, M.Younis, K.Ghumman,“Lightweight key management for wireless sensor networks,”Performance, Computing, and Communications, 2004 IEEE International Conference on, April 15-17, 2004 Pages:8 13-818
[57] M. Moharrum, R. Mukkamala, and M. Eltoweissy,“CKDS: An Efficient Combinatorial Key Distribution Scheme for Wireless Ad-Hoc Networks”, in Proceedings of IEEE International Conference on Performance, Computing, and Communications (IPCCC‘04), pages 631-636, Phoenix, Arizona, April 2004.
[58] L. Zhou and Z.J. Haas. Securing Ad Hoc Networks[J]. IEEE Networks, 1999, Vol. 13(5):24-30.
[59] H. Luo and S. Lu. Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks[R]. Technical Report 200030, UCLA Computer Science Department, 2000.
[60] Christian Schwingenschogl, Stephan Eichler. Certificate- based Key Management for Secure Communications in Ad Hoc Networks[C]. European Wireless 2004. Mobile and Wireless Systems beyond 3G. Spain: Barcelona, 2004:24-27.
[61] Li Fa-Gen, Gao Jun-Tao, Liu Shuang-Gen, Hu Yu-Pu. Key Management Using Certificate-Based Cryptosystem in Ad Hoc Networks[J]. Journal of Shanghai Jiaotong University (Science),Vo1.E-11,No.2,2006,152-157.
[62] Dan Boneh and Matt Franklin. Identity-Based Encryption from the Weil Pairing[C]. Proceedings of Crypto 2001, Heidelberg: Springer Berlin, Vol. 2139, 2001, 213–229.
[63] A. Khalili, J. Katz and W. Arbaugh. Toward Secure Key Distribution in Truly Ad-Hoc Networks[C].2003 Symposi- um on Applications and the Internet Workshops (SAINT 2003), Orlando, Florida: IEEE Computer Society, 2003, 342-346.
[64] Deng Hong-mei, Anindo Mukherjee, Dharma P. Agrawal. Threshold and Identity-based Key Management and Authentication for Wireless Ad Hoc Networks[C]. Washin- gton DC, USA: ITCC, Vol.2, 2004, 107-111.
[65] Nan Xiang-Hao, Tang Wen and Yu Jia-Ning. ECC combi- ned public key, large-scale key management technique- [C].Beijing: China Computer Society Information Privacy Professional Committee of Academic Council, 2001, 341-345.
[66] Tang Wen, Nan Xiang-Hao and Chen Zhong. A Profile to Network Security Techniques[M]. Beijing: National Defense Industry Press, 2003, 56-61.
[67] Nan Xiang-Hao and Chen Hua-Ping. Combined Public Key scheme standard V2.1[J]. Network and Computer Security, 2008(09):1-2.
[68] Liu Jian-wei, Liu Chun, Guo Ke-qiang. A Key Manage- ment and Authentication Model for Ad hoc Network[C]. Personal, Indoor and Mobile Radio Communications, 2007 (PIMRC2007). IEEE 18th International Symposium on. Athens: Vol.1, 2007, 1-5.
[69] A. Shamir. How to share a secret[C]. Communications of the ACM, New York, NY, USA: Vol.22, 1979, 612-613.
[70] D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. Full version available at http://crypto.- stanford.edu/ibe.
[71] Antoine Joux and Kim Nguyen. Separating Decision Diffie–Hellman from Computational Diffie-Hellman in Cryptographic Group[J].Journal of Cryptology, 2003, Vol.16 (NO.4):239-247.
[72] Deng Hui-Fang, Deng Wen, Tian Wen-Chun, Zheng Dong-Xi. Design and implementationof CPK identity based on authentication system[J]. Computer Engineering and Design, 2008, Vol.29 (19):4920-4922.
[73] Xu Peng, Cui Guo-Hua and Lei Feng-Yu. An Efficient and Provably Secure IBE Scheme without Bilinear Map[J]. Journal of Computer Research and Development, 2008, Vol.45 (10):1687-1695.
[74] L. Zhou, Z.J. Haas. Securing Ad Hoc Networks- [J].IEEE Network, 1999, Vol.13 (No.6):24-30.
[75] Liu Yang, Yu Neng-Hai, Feng Xian-Lei. A Cluster Based Solution to BGP on Mobile Ad hoc Network[J]. Journal of Electronics & Information Technology, 2006, Vol.28 (No.12): 2386-2389.
[76] Elaine Shi, John Bethencourt, T.-H.Hubert Chan, Dawn Song, Adrian Perrig. Multi-Dimensional Range Query over Encrypted Data[C]. Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA: IEEE Computer Society, 2007, 350-364.
[77] A. Menezes, T. Okamoto, S. Vanstone. Reducing elliptic curve logarithms to logarithms in a finite field[C].Annual ACM Symposium on Theory of Computing, New York, NY, USA: ACM, 1991, 80-89.
[2] N. Abramson,“The ALOHA System - Another Alternative for Computer Communications,”in Proc. Fall Joint Computer Conference, vol. 37, pp.281-285, 1970.
[3] J.A. Freebersyser and B. Leiner,“A DoD Perspective on mobile ad hoc networks,”Charles E. Perkins (Ed.), Ad Hoc Networking, Addison Wesley, pp. 29-51, 2001.
[4] S. E. Deering.”Host Extensions for IP Multicasting”. Internet RFC 1112, August 1989.
[5] IEEE Std 1363–2000: Standard Specifications for Public Key Cryptography. IEEE. 2000
[6] W. Stallings, Cryptography and Network Security: Principles and Practice, 3rd edition.刘玉珍等译,电子工业出版社2004
[7] Chang, Y. and Chang, C. 2005. An efficient authentication protocol for mobile satellite communication systems. SIGOPS Oper. Syst. Rev. 39, 1 (Jan. 2005), 70-84.
[8] R. Ankney, D. Hohnson, and M. Matyas. The unified model. Contribution to X9F1, 1995.
[9] B. Song and K. Kim. Two-pass authenticated key agreement protocol with key confirmation. Progress in Cryptology - Indocrypt 2000, LNCS 1977:237–249, 2000.
[10] T. Matsumoto, Y. Takashima, and H. Imai. On seeking smart public-key distribution systems. Transactions of IEICE, VolE69:99–106, 1986.
[11] L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone. An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography, pages 28:119–134, 2003.
[12] B. Kaliski. An unknown key share attack on the MQV key agreement protocol. ACM Transactions on Information and System Security, pages 36–49, 2001.
[13] Laurie Law, Alfred Menezes, Minghua Qu, Jerry Solinas, Scott Vanstone, An efficient protocol for authenticated key agreement. Tech. Rep. CORR 98-05, Department of C&O, University of Waterloo. 1998
[14] IEEE Std 1363–2000: Standard Specifications for Public Key Cryptography. IEEE. 2000
[15] C. Lee, J. Lim, and J. Kim. An efficient and secure key agreement. IEEE p1363a draft, 1998.
[16] K. Al-Sultan, M. Saeb, M. Elmessiery, and U.A.Badawi. A new two-pass key agreement protocol. Proceedings of the IEEE Midwest 2003 Symp. on Circuits, Systems and Computers, 2003.
[17] Strangio, M. A., Efficient Diffie-Hellman two-party key agreement protocols based onelliptic curves. In Proceedings of the 2005 ACM Symposium on Applied Computing (Santa Fe, New Mexico, March 13 - 17, 2005).
[18] R. Poovendran.”Key Management for Secure Multicast Communication”. PhD thesis, University of Maryland College Park, 1999.
[19] ITU-T Rec. X.509, Information technology– Open Systems Interconnection– The Directory: Public-key and attribute certificate frameworks, 2005
[20] Koblitz, N. A Course in Number Theory and Cryptography. New York: Springer-Verlag, 1994.
[21] Lossless Data Compression. Recommendation for Space Data System Standards,CCSDS 121.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, May 1997.
[22] Image Data Compression. Recommendation for Space Data System Standards,CCSDS 122.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, November 2005.
[23] TC Synchronization and Channel Coding. Recommendation for Space Data System Standards, CCSDS 231.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[24] TM Space Data Link Protocol. Recommendation for Space Data System Standards, CCSDS 132.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[25] AOS Space Data Link Protocol. Recommendation for Space Data System Standards, CCSDS 732.0-B-1. Blue Book. Issue 1. Washington, D.C.: CCSDS, September 2003.
[26] Proximity-1 Space Link Protocol. Recommendation for Space Data System Standards. CCSDS 211.0-B-3. Blue Book. Issue 3. Washington, D.C.: CCSDS, May 2004.
[27] S. B. Wicker and V. K. Bhargava, Eds. 1999 Reed-Solomon Codes and their Applications. John Wiley & Sons, Inc.
[28] "Data Encryption Standard", January 1977, http://www.nist.gov.
[29] M.J. Wiener et al., CryptoBytes vol. 4, nr. 1: Performance Comparison of Public-Key Cryptosystems, Summer, 1998
[30] Roy-Chowdhury, A.; Baras, J.S.; Hadjitheodosiou, M.; Papademetriou, S., Security issues in hybrid networks with a satellite component, Wireless Communications, IEEE [see also IEEE Personal Communications], Vol.12, Iss.6, Dec. 2005, Pages: 50- 61
[31] D. Wallner ,E. Harder , R. Agee , rfc2627, Key Management for Multicast: Issues and Architectures, National Security Agency ,June 1999
[32] A. Roy-Chowdhury,“IP Routing and Key Management for Secure Multicast in Satellite ATM Networks,”Master’s thesis, University of Maryland, College Park, 2003, available at http://techreports.isr.umd.edu/reports/2004/MS2004-1.pdf
[33] M. Moharrum, M. Eltoweissy and R. Mukkamala,“Dynamic combinatorial key management scheme for sensor networks,”Wireless Communications and Mobile Computing, 2006; 6:1017–1035
[34] A. Fiat and M. Naor. Broadcast Encryption. Advances in Cryptology -- CRYPTO'93.
[35] G. Chiou and W. Chen. Secure broadcasting using the secure lock. IEEE Transactions on Software Engineering, 15(8):929-934, Aug. 1989.
[36] T. Matsumoto and H. Imai.”On the KEY PREDISTRIBUTION SYSTEM: A Partical Solution to the Key Distribution Problem”. Advances in Cryptology - CRYPTO’87, Lecture Notes in Computer Science, LNCS, 293:185–193, 1988.
[37] FIPS-PUB-180-2, Secure Hash Standard, U.S.Dept. of Commerce/NIST, August 1, 2002
[38] S. Blake-Wilson, D. Johnson, and A. Menezes. Key agreement protocols and their security analysis. In Proceedings of the 6th IMA Int.l Conf on Cryptography and Coding, LNCS 1355:30–45, 1997.
[39] H. Harney and C. Muckenhirn.”Group Key Management Protocol (GKMP) Architecture”. Internet RFC 2094, July 1997.
[40] S. Rafaeli, D. Hutchison. A Survey of Key Management for Secure Group Communication. ACM Computing Surveys, vol. 35, no. 3, pp. 309–329, 2003.
[41] Y. Kim, A. Perrig, and G. Tsudik, "Tree-based group key agreement," ACM Trans. Inf. Syst. Secur, vol. 7, pp. 60-96, 2004.
[42] W. Yu, Y. Sun, and K.J.R. Liu, "Optimizing Rekeying Cost for Contributory Group Key Agreement Schemes," Dependable and Secure Computing, IEEE Transactions on, vol. 4, pp. 228-242, 2007.
[43] A. Yavuz, F. Alagoz, and E. Anarim, "A New Satellite Multicast Security Protocol Based on Elliptic Curve Signatures," Information and Communication Technologies, 2006. ICTTA '06. 2nd, vol. 2, pp. 2512-2517, 2006.
[44] Pintsov and Vanstone, "Postal Revenue Collection in the Digital Age," Financial Cryptography: 4th International Conference, FC 2000, Anguilla, British West Indies, February 2000. Proceedings, 2001.
[45] P.P.C. Lee, J.C.S. Lui, and D.K.Y. Yau, "Distributed collaborative key agreement and authentication protocols for dynamic peer groups," IEEE/ACM Trans. Netw, vol. 14, pp. 263-276, 2006.
[46] M.A. Moulavi and H. Parvar, "Agent Based Bandwidth Reduction for Key Management in Hierarchical Group Communication," Communication Systems Software and Middleware, 2007. COMSWARE 2007. 2nd International Conference on, pp. 1-5, 2007.
[47] C. Ma, J. Ao, and J. Li, "Password-based Dynamic Group Key Agreement," Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on, pp. 203-208.
[48] Y. Chiu, C. Lei, C. Huang. Secure Multicast Using Proxy Encryption. In Proceedings of International Conference on Information and Communications Security, ICICS 2005, Lecture Notes in Computer Science, vol. 3783, pp. 280–290, 2005.
[49] A. Ivan, Y. Dodis. Proxy Cryptography Revisited. In Proceedings of the Tenth Network and Distributed System Security Symposium, 2003.
[50] R. Ingle and G. Sivakumar, "Tunable Group Key Agreement," Local Computer Networks, 2007. LCN 2007. 32nd IEEE Conference on, pp. 1017-1024, 2007.
[51] J. Hur, Y. Shin, and H. Yoon, "Decentralized group key management for dynamic networks using proxy cryptography," Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks, pp. 123-129, 2007.
[52] Y. Sun and K. Liu, "Analysis and Protection of Dynamic Membership Information for Group Key Distribution Schemes," Information Forensics and Security, IEEE Transactions on, vol. 2, pp. 213-226, 2007.
[53] L. Li et al., "ACKDs: An Authenticated Combinatorial Key Distribution Scheme for Wireless Sensor Networks," Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Eighth ACIS International Conference on, vol. 2, pp. 262-267, 2007.
[54] A. Joux. A One Round Protocol for Tripartite Diffie-Hellman. In Proceedings of ANTS 4, LNCS 1838, pp. 385-394, Springer-Verlag, 2000.
[55] M. Eltoweissy, H. Heydari, L. Morales, and H. Sudborough,“Combinatorial Optimization for Group Key Management,”Journal of Network and System Management, Vol. 12, No. 1, March 2004.
[56] M.Eltoweissy, M.Younis, K.Ghumman,“Lightweight key management for wireless sensor networks,”Performance, Computing, and Communications, 2004 IEEE International Conference on, April 15-17, 2004 Pages:8 13-818
[57] M. Moharrum, R. Mukkamala, and M. Eltoweissy,“CKDS: An Efficient Combinatorial Key Distribution Scheme for Wireless Ad-Hoc Networks”, in Proceedings of IEEE International Conference on Performance, Computing, and Communications (IPCCC‘04), pages 631-636, Phoenix, Arizona, April 2004.
[58] L. Zhou and Z.J. Haas. Securing Ad Hoc Networks[J]. IEEE Networks, 1999, Vol. 13(5):24-30.
[59] H. Luo and S. Lu. Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks[R]. Technical Report 200030, UCLA Computer Science Department, 2000.
[60] Christian Schwingenschogl, Stephan Eichler. Certificate- based Key Management for Secure Communications in Ad Hoc Networks[C]. European Wireless 2004. Mobile and Wireless Systems beyond 3G. Spain: Barcelona, 2004:24-27.
[61] Li Fa-Gen, Gao Jun-Tao, Liu Shuang-Gen, Hu Yu-Pu. Key Management Using Certificate-Based Cryptosystem in Ad Hoc Networks[J]. Journal of Shanghai Jiaotong University (Science),Vo1.E-11,No.2,2006,152-157.
[62] Dan Boneh and Matt Franklin. Identity-Based Encryption from the Weil Pairing[C]. Proceedings of Crypto 2001, Heidelberg: Springer Berlin, Vol. 2139, 2001, 213–229.
[63] A. Khalili, J. Katz and W. Arbaugh. Toward Secure Key Distribution in Truly Ad-Hoc Networks[C].2003 Symposi- um on Applications and the Internet Workshops (SAINT 2003), Orlando, Florida: IEEE Computer Society, 2003, 342-346.
[64] Deng Hong-mei, Anindo Mukherjee, Dharma P. Agrawal. Threshold and Identity-based Key Management and Authentication for Wireless Ad Hoc Networks[C]. Washin- gton DC, USA: ITCC, Vol.2, 2004, 107-111.
[65] Nan Xiang-Hao, Tang Wen and Yu Jia-Ning. ECC combi- ned public key, large-scale key management technique- [C].Beijing: China Computer Society Information Privacy Professional Committee of Academic Council, 2001, 341-345.
[66] Tang Wen, Nan Xiang-Hao and Chen Zhong. A Profile to Network Security Techniques[M]. Beijing: National Defense Industry Press, 2003, 56-61.
[67] Nan Xiang-Hao and Chen Hua-Ping. Combined Public Key scheme standard V2.1[J]. Network and Computer Security, 2008(09):1-2.
[68] Liu Jian-wei, Liu Chun, Guo Ke-qiang. A Key Manage- ment and Authentication Model for Ad hoc Network[C]. Personal, Indoor and Mobile Radio Communications, 2007 (PIMRC2007). IEEE 18th International Symposium on. Athens: Vol.1, 2007, 1-5.
[69] A. Shamir. How to share a secret[C]. Communications of the ACM, New York, NY, USA: Vol.22, 1979, 612-613.
[70] D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. Full version available at http://crypto.- stanford.edu/ibe.
[71] Antoine Joux and Kim Nguyen. Separating Decision Diffie–Hellman from Computational Diffie-Hellman in Cryptographic Group[J].Journal of Cryptology, 2003, Vol.16 (NO.4):239-247.
[72] Deng Hui-Fang, Deng Wen, Tian Wen-Chun, Zheng Dong-Xi. Design and implementationof CPK identity based on authentication system[J]. Computer Engineering and Design, 2008, Vol.29 (19):4920-4922.
[73] Xu Peng, Cui Guo-Hua and Lei Feng-Yu. An Efficient and Provably Secure IBE Scheme without Bilinear Map[J]. Journal of Computer Research and Development, 2008, Vol.45 (10):1687-1695.
[74] L. Zhou, Z.J. Haas. Securing Ad Hoc Networks- [J].IEEE Network, 1999, Vol.13 (No.6):24-30.
[75] Liu Yang, Yu Neng-Hai, Feng Xian-Lei. A Cluster Based Solution to BGP on Mobile Ad hoc Network[J]. Journal of Electronics & Information Technology, 2006, Vol.28 (No.12): 2386-2389.
[76] Elaine Shi, John Bethencourt, T.-H.Hubert Chan, Dawn Song, Adrian Perrig. Multi-Dimensional Range Query over Encrypted Data[C]. Proceedings of the 2007 IEEE Symposium on Security and Privacy, Washington, DC, USA: IEEE Computer Society, 2007, 350-364.
[77] A. Menezes, T. Okamoto, S. Vanstone. Reducing elliptic curve logarithms to logarithms in a finite field[C].Annual ACM Symposium on Theory of Computing, New York, NY, USA: ACM, 1991, 80-89.