基于Merkle哈希树的范围查询验证技术
|
摘要
由于目前在两层传感器网络中的范围查询验证技术主要基于Merkle哈希树,存在验证对象大、验证过程冗余、安全性低等问题,提出一种新颖的基于Merkle哈希树数据完整性验证方案.该方案采用部分物化的思想优化哈希树模型,首先将叶子节点分为若干组,每组构建一棵子哈希树,这些子哈希树构成第1层子树,并且只对第1层子树的根节点签名;然后按照同样的方法,将第1层子树签名的根节点分为若干组,形成第2层子树.以此类推,直到最后只有一颗哈希树为止;最后,基站通过部分签名的根节点便可验证查询结果的真实性.实验结果表明,该方案可以增强哈希树的抗攻击性,提高查询结果的验证速度,降低各节点计算hash值的复杂度.
Due to that the current range query verification technique in the two-layer sensor network is mainly based on the Merkle hash tree,which has disadvantages of large verification object,redundant verification procedures and low security,a novel data integrity verification scheme based on Merkle hash tree is proposed. To optimize the hash tree model,the partial materialization theory is adopted in the scheme. First,all of the leaf nodes are divided into several groups and each group constructs a hash subtree. All the hash trees are collectively called the first layer subtree,only the root node of which is signed. Secondly,in the same way,the signed root nodes of the first layer subtree are divided into several groups forming the second layer subtree,and there exists only one hash tree at the end. Finally,the authenticity of query results is verified by the base station according to partially signed root nodes. The experimental results show that the proposed method can enhance the robustness of hash tree and improve the verification speed of query results,and reduce the computational complexity for calculating hash value of each node.
Due to that the current range query verification technique in the two-layer sensor network is mainly based on the Merkle hash tree,which has disadvantages of large verification object,redundant verification procedures and low security,a novel data integrity verification scheme based on Merkle hash tree is proposed. To optimize the hash tree model,the partial materialization theory is adopted in the scheme. First,all of the leaf nodes are divided into several groups and each group constructs a hash subtree. All the hash trees are collectively called the first layer subtree,only the root node of which is signed. Secondly,in the same way,the signed root nodes of the first layer subtree are divided into several groups forming the second layer subtree,and there exists only one hash tree at the end. Finally,the authenticity of query results is verified by the base station according to partially signed root nodes. The experimental results show that the proposed method can enhance the robustness of hash tree and improve the verification speed of query results,and reduce the computational complexity for calculating hash value of each node.
引文
[1]崔莉,鞠海玲,苗勇,等.无线传感器网络研究进展[J].计算机研究与发展,2005,42(1):163-174.Cui Li,Ju Hailing,Miao Yong,et al.Overview of wireless sensor network[J].Journal of Computer Research and Development,2005,42(1):163-174.(in Chinese)
[2]Laffey D,Buckley J,O'Flynn B.The development of environmentally tested antennas for wireless sensor networks[C]//Proceedings of the 4th Workshop on Embedded Networked Sensors-EmNets'07.Cork,Ireland,2007:73-77.
[3]范永健,陈红.两层传感器网络中可验证隐私保护Top-k查询协议[J].计算机学报,2012,35(3):423-433.DOI:10.3724/SP.J.1016.2012.00423.Fan Yongjian,Chen Hong.Verifiable privacy-preserving Top-k query protocol in two-tiered sensor networks[J].Chinese Journal of Computers,2012,35(3):423-433.DOI:10.3724/SP.J.1016.2012.00423.(in Chinese)
[4]戴华,杨庚,秦小麟,等.面向隐私保护的两层传感网Top-k查询处理方法[J].计算机研究与发展,2013,50(6):1239-1252Dai Hua,Yang Geng,Qin Xiaolin,et al.Privacy-preserving Top-k query processing in two tiered wireless sensor networks[J].Journal of Computer Research and Development,2013,50(6):1239-1252.(in Chinese)
[5]李睿,林亚平,易叶青,等.两层传感器网络中安全top-k查询协议[J].计算机研究与发展,2012,49(9):1947-1958Li Rui,Lin Yaping,Yi Yeqing,et al.A secure top-k query protocol in two-tiered sensor networks[J].Journal of Computer Research and Development,2012,49(9):1947-1958.(in Chinese)
[6]Sheng B,Li Q.Verifiable privacy-preserving sensor network storage for range query[J].IEEE Transactions on Mobile Computing,2011,10(9):1312-1326.DOI:10.1109/tmc.2010.236.
[7]Shi J,Zhang R,Zhang Y.A spatiotemporal approach for secure range queries in tiered sensor networks[J].IEEE Transactions on Wireless Communications,2011,10(1):264-273.DOI:10.1109/twc.2010.102210.100548.
[8]Chen F,Liu A X.Privacy-and integrity-preserving range queries in sensor networks[J].IEEE/ACMTransactions on Networking,2012,20(6):1774-1787.DOI:10.1109/tnet.2012.2188540.
[9]张晓莹,董蕾,陈红.无线传感器网络隐私保护范围查询处理技术[J].华东师范大学学报(自然科学版),2015(5):1-13.DOI:10.3969/j.issn.1000-5641.2015.05.001.Zhang Xiaoying,Dong Lei,Chen Hong.Privacy-preserving range query processing in wireless sensor networks[J].Journal of East China Normal University(Natural Science),2015(5):1-13.DOI:10.3969/j.issn.1000-5641.2015.05.001.(in Chinese)
[10]Mouratidis K,Sacharidis D,Pang H.Partially materialized digest scheme:an efficient verification method for outsourced databases[J].The VLDB Journal,2009,18(1):363-381 DOI:10.1007/s00778-008-0108-z.
[2]Laffey D,Buckley J,O'Flynn B.The development of environmentally tested antennas for wireless sensor networks[C]//Proceedings of the 4th Workshop on Embedded Networked Sensors-EmNets'07.Cork,Ireland,2007:73-77.
[3]范永健,陈红.两层传感器网络中可验证隐私保护Top-k查询协议[J].计算机学报,2012,35(3):423-433.DOI:10.3724/SP.J.1016.2012.00423.Fan Yongjian,Chen Hong.Verifiable privacy-preserving Top-k query protocol in two-tiered sensor networks[J].Chinese Journal of Computers,2012,35(3):423-433.DOI:10.3724/SP.J.1016.2012.00423.(in Chinese)
[4]戴华,杨庚,秦小麟,等.面向隐私保护的两层传感网Top-k查询处理方法[J].计算机研究与发展,2013,50(6):1239-1252Dai Hua,Yang Geng,Qin Xiaolin,et al.Privacy-preserving Top-k query processing in two tiered wireless sensor networks[J].Journal of Computer Research and Development,2013,50(6):1239-1252.(in Chinese)
[5]李睿,林亚平,易叶青,等.两层传感器网络中安全top-k查询协议[J].计算机研究与发展,2012,49(9):1947-1958Li Rui,Lin Yaping,Yi Yeqing,et al.A secure top-k query protocol in two-tiered sensor networks[J].Journal of Computer Research and Development,2012,49(9):1947-1958.(in Chinese)
[6]Sheng B,Li Q.Verifiable privacy-preserving sensor network storage for range query[J].IEEE Transactions on Mobile Computing,2011,10(9):1312-1326.DOI:10.1109/tmc.2010.236.
[7]Shi J,Zhang R,Zhang Y.A spatiotemporal approach for secure range queries in tiered sensor networks[J].IEEE Transactions on Wireless Communications,2011,10(1):264-273.DOI:10.1109/twc.2010.102210.100548.
[8]Chen F,Liu A X.Privacy-and integrity-preserving range queries in sensor networks[J].IEEE/ACMTransactions on Networking,2012,20(6):1774-1787.DOI:10.1109/tnet.2012.2188540.
[9]张晓莹,董蕾,陈红.无线传感器网络隐私保护范围查询处理技术[J].华东师范大学学报(自然科学版),2015(5):1-13.DOI:10.3969/j.issn.1000-5641.2015.05.001.Zhang Xiaoying,Dong Lei,Chen Hong.Privacy-preserving range query processing in wireless sensor networks[J].Journal of East China Normal University(Natural Science),2015(5):1-13.DOI:10.3969/j.issn.1000-5641.2015.05.001.(in Chinese)
[10]Mouratidis K,Sacharidis D,Pang H.Partially materialized digest scheme:an efficient verification method for outsourced databases[J].The VLDB Journal,2009,18(1):363-381 DOI:10.1007/s00778-008-0108-z.