无线传感器网络的群组密钥管理研究
|
摘要
无线传感器网络是一种融合了计算机、微电子和通信的新兴技术,广泛应用在国防军事、环境监测和医疗监控等领域。随着无线传感器网络的广泛应用,其安全问题显得愈加重要,而密钥管理是保证网络安全的一个重要技术。由于传感器节点在数据处理能力、存储能力、电池能量等方面的受限特性,传统的密钥管理方法无法直接应用于无线传感器网络。因而,研究高效低能耗的无线传感器网络的密钥管理方案具有重要的意义。
论文在总结现有的无线传感器网络群组密钥管理方案的基础上,研究了具有自愈能力的群组密钥管理方案,并提出了一种通信开销较小的自愈群组密钥管理方案。所提出的方案引入了密钥链树结构,根据每个传感器节点在密钥链树叶子上的位置分配节点私钥,并根据所有撤销节点在叶子上的分布情况构造广播包,有效的减少了更新会话密钥引起的通信开销。仿真结果验证了论文提出的自愈群组密钥管理方案的有效性。
论文还对基于分簇结构的无线传感器网络群组密钥管理方案进行了研究,提出了一种新的通信开销较小的分簇密钥管理方案。在一个有多个簇头节点的簇内,簇头由一个簇头节点担任,进行密钥管理,并及时向其他簇头节点发送簇内密钥这些更新信息,简化了簇头更换后的重新成簇与初始化过程,减少了网络的通信开销。仿真结果验证了论文提出的分簇密钥管理方案的有效性。
Wireless sensor network (WSN) is a new technology, combining with computer science, microelectronics and telecommunications. It is widely applied in many fields like national defense and military, environment and medical monitoring. With the broad application of WSN, security issue is becoming more important. To ensure the security, key management is the crux. However, classic algorithms of key management can't be applied in WSN directly because of the limitation on data processing, storage capacity, battery energy and so on. Therefore, it is important to study the energy-efficient key management schemes in a WSN.
On the basis of summarizing the current group key management schemes over WSN, self-healing scheme is studied in this paper. Furthermore, a new scheme which has low communication cost is proposed. The new scheme introduces the structure of key chain tree (KCT). Private keys of the sensor nodes are assigned according to their locations on the leaf of KCT. Due to the locations of revoke nodes, broadcast packets are constructed. In this way, communication cost is decreased caused by the update of session keys. Simulation results show that the proposed scheme of self-healing group key management is efficient.
This paper also discusses clustering group key management, and presents a new scheme of group key management based on clustering. Many cluster head nodes exist in a clustering group, and one of them acts as cluster head. Cluster head takes charge of key management, and transmits key management information to other cluster nodes. The scheme simplifies the process of re-clustering and initialization, then decreases the communication cost caused by cluster head alternating. Simulation results show that the proposed scheme of clustering group key management is efficient.
论文在总结现有的无线传感器网络群组密钥管理方案的基础上,研究了具有自愈能力的群组密钥管理方案,并提出了一种通信开销较小的自愈群组密钥管理方案。所提出的方案引入了密钥链树结构,根据每个传感器节点在密钥链树叶子上的位置分配节点私钥,并根据所有撤销节点在叶子上的分布情况构造广播包,有效的减少了更新会话密钥引起的通信开销。仿真结果验证了论文提出的自愈群组密钥管理方案的有效性。
论文还对基于分簇结构的无线传感器网络群组密钥管理方案进行了研究,提出了一种新的通信开销较小的分簇密钥管理方案。在一个有多个簇头节点的簇内,簇头由一个簇头节点担任,进行密钥管理,并及时向其他簇头节点发送簇内密钥这些更新信息,简化了簇头更换后的重新成簇与初始化过程,减少了网络的通信开销。仿真结果验证了论文提出的分簇密钥管理方案的有效性。
Wireless sensor network (WSN) is a new technology, combining with computer science, microelectronics and telecommunications. It is widely applied in many fields like national defense and military, environment and medical monitoring. With the broad application of WSN, security issue is becoming more important. To ensure the security, key management is the crux. However, classic algorithms of key management can't be applied in WSN directly because of the limitation on data processing, storage capacity, battery energy and so on. Therefore, it is important to study the energy-efficient key management schemes in a WSN.
On the basis of summarizing the current group key management schemes over WSN, self-healing scheme is studied in this paper. Furthermore, a new scheme which has low communication cost is proposed. The new scheme introduces the structure of key chain tree (KCT). Private keys of the sensor nodes are assigned according to their locations on the leaf of KCT. Due to the locations of revoke nodes, broadcast packets are constructed. In this way, communication cost is decreased caused by the update of session keys. Simulation results show that the proposed scheme of self-healing group key management is efficient.
This paper also discusses clustering group key management, and presents a new scheme of group key management based on clustering. Many cluster head nodes exist in a clustering group, and one of them acts as cluster head. Cluster head takes charge of key management, and transmits key management information to other cluster nodes. The scheme simplifies the process of re-clustering and initialization, then decreases the communication cost caused by cluster head alternating. Simulation results show that the proposed scheme of clustering group key management is efficient.
引文
[1]S.P.Sausen, A.M.Spohn M A. Broadcast routing in wireless sensor networks with dynamic power management and multi-coverage backbones.Information Sciences,2010,653-663.
[2]M.K.Khan. Fingerprint Biometric-based Self and Deniable Authentication Schemes for the Electronic World.IETE Technical Review,2009,191-195.
[3]S.Marinkovic, E.Popovici. Network coding for efficient error recovery in wireless sensor networks for medical applications.International Conference on Emerging Network Intelligence. IEEE Computer Society,2009,15-20.
[4]R.Steele, C.Secombe. Elderly persons'perception and acceptance of using wireless sensor networks to assist healthcare.International Journal of Medical Informatics,2009,788-801.
[5]G.Garcia-Saez, M.E.Hernando, I.Martinez-Sarriegui.Architecture of a wireless personal assistant for telemedical diabetes care.International Journal of Medical Informatics,2009, 391-403
[6]J.Yoo, L.Yan, S.Lee. A new self-configured wearable body sensor network controller and a low wirelessly powered sensor for a continuous health monitoring system. IEEE Journal of Solid-State Circuits,2010,178-188.
[7]J.Lopez, R.Roman, C.Alcaraz. Analysis of security threats,requirements,technologies and standards in wireless sensor network. In Foundations of SecurityAnalysis and Design(LNCS 5705). Berlin, Germany:Springer-Verlag,2009,289-338.
[8]C.Xiangqian, K.Makki, Y.Kang. Sensor network security:a survey. IEEE Communications Surveys&Tutorials,2009,52-70.
[9]P.W.Palaniswami, M.Hoesel, L.V.Doumen. Energy-Efficient link-layer jamming attacks against wireless sensor network mac protocols.ACMTrans.Sensor Netw,2009,5(1):1-38.
[10]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10),1743-1756.
[11]J.Albath, S.Madria. Secure Hierarchical Aggregation in Sensor Networks.In Proceedings of IEEE Wireless Communications and Networking Conference,2009.
[12]代航阳,徐红兵.无线传感器网络密钥分布方案研究.传感器世界,2009,2:40-47.
[13]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议[J].软件学报,2007,18(5):1218-1231.
[14]NIST. Advanced Encrytions Standard AES Development Effert. http://csre.nist.gnv/aes/, 2000.
[15]L.Eschenauer, V.D.Gligor. A key-management scheme for distributed sensor networks. Proceedings of the 9th ACM conference on Computer and Communication Security. Washington DC, USA, ACM Press,2002,41-47.
[16]H.Chan, A.Perrig, D.Song. Random key Pre-distribution schemes for sensor networks. In: Proc.of the IEEE Symp. On Research in Security and Privacy. Oakland:IEEE Computer Security,2003,197-213.
[17]杨庚,王江涛,程宏兵,容淳铭.基于身份加密的无线传感器网络密钥分配方法.电子学报.2007,35(1):180-254.
[18]R.Blom. An optimal class of symmetric key generation systems. In Proceedings of EUROCRYPT'84, Lecture Notes in Computer Science,1984,335-338.
[19]C.Blundo, D.A.Santis, A.Herzberg, S.Kutten, U.Vaccro, M.Yung. Perfectly secure key distribution for dynamic conferences, In Advances in Cryptology-CRYPTO'92, LNCS740, 1992,471-486.
[20]D.Liu, P.Ning. Establishing Pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM conference on Computer and Communications Security,2003,52-61.
[21]S.Y.Wu, S.P.Shieh. Adaptive random key distribution schemes for wireless sensor networks. In Proceedings of Int'l Workshop on Advanced Developments in Software and Systems Security,2003,91-105.
[22]D.Wenliang, D.Jing, Y.S Han, C.Shigang. A key management scheme for wireless sensor networks using deployment knowledge. In Proceedings of IEEE INFOCOM2004,2004, 7-11.
[23]J.Staddon, S.Miner, M.Franklin, D.Balfanz. Self-healing key distribution with revocation. Security and Privacy,2002. Proceedings.2002 IEEE Symposium on,2002,241-257.
[24]M.J.Bohio, A.Miri. Self-healing in Group Key Distribution Using Subset Difference Method. Network Computing and Applications,2004,2004,405-408.
[25]H.Dowon, K.Ju-Sung. An efficient key distribution scheme with self-healing property. Communications Letters, IEEE2005,2005,759-761.
[26]K.Firdous, H.Sajid. Secure Group Communication with Self-healing and Rekeying in Wireless Sensor Networks. In Proceedings of the 3rd international conference on Mobile ad-hoc and sensor networks,2007.
[27]K.Fan-Rui, L.Chun Wen, D.QingQing. Collusion Problem of the EBS-Based Dynamic Key Management Scheme. Journal of Software, Vol.20, No.9, September 2009,2531-2541.
[28]Y.Zhang, W.Liu, W.Lou, Y.Fang. Location-based compromise tolerant security mechanisms for wireless sensor networks. IEEEJSAC, Special Issue on Security in Wireless Ad Hoc Networks,2006,24(2):47-60.
[29]M.F.Younis, K.Ghumman, M.Eltoweissy. Location-aware combinatorial key management scheme for clustered sensor networks. Parallel and Distributed Systems, IEEE Transactions on,2006.
[30]M.Eltoweissy, M.Moharrum, R.Mukkamala. Dynamic Key Management in Sensor Networks. IEEE Communications Magazine,2006,122-130.
[31]S.Zhu, S.Setia, S.Jajodia. LEAP:efficient security mechanisms for large distributed sensor networks:proceedings of the 10th ACM Conference on Computer and Communication Security. Washington DC,2003,62-272.
[32]D.J.Malan, M.Welsh, M.D.Smith. A Public-key infrustructure for key distribution in Tiny OS based on elliptic curve cryptography. First IEEE International Conference on Sensor and Ad hoc Communications and Networks, Santa Clara, California,2009,58-67.
[33]G.Gaubatz, J.Kaps, B.Sunar. Public keys cryptography in sensor networks revisited. In Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks, Heidelberg, LNCS,2005,3313,2-18.
[34]L.Xiaolong, L.Yaping, Y.Siqing, Y.Yeqing, Y.Jianping, L.Xinguo. A Key Distribution Scheme Based on public Key Cryptography for Sensor Networks. In Proceeding of CIS2006, LNAI4456, Springer-Verlag, Berlin,2007,725-732.
[35]E.Bresson, O.Chevassut, A.Essiari, D.Pointeheval. Mutual Authentication and Group Key Agreement for Low-Power Mobile Devices. In 5th IEEE International Conference on Mobile and Wireless Communications Networks,2003,59-63.
[36]J.Y.Hwang, S.M.Lee and D.H.Lee. Sclable key exchange transformation from two Party to group. Electronics Letters,2010.
[37]A.Shamir. Identity-based cryptology and signature schemes. Advances in Cryptology, CRYPTO'84, Lecture Notes in Computer Science. Berlin, Springer-Verlag,1985,196:47-53.
[38]D.Boneh, M.Franklin. Identity-based encryption from the Pairing. Advances in Cryptology, CRYPTO2001, Lecture Notes in Computer Science. Berlin, Springer-Veriag,2001, 2139:213-229.
[39]R.Dutta, R.Barua. Constant Round Dynamic Group Key Agreement. Cryptology Print Archive, Report2005/221,2005.
[40]C.Huang, D.Du. New constructions on broadcast encryption and key pre-distribution schemes[C]. In Proceedings of IEEE INFOCOM05, Miami, IEEEPress,2005:515-523.
[41]M.Eltoweissy, M.Younis, K.G.humman. Lightweight Key Management for Wireless Sensor Networks. IEEE International Conference on Performance Computing and Communications, 2010,813-818.
[42]D.Liu, P.Ning. Improving key pre-distribution with deployment knowledge in static sensor networks[J]. ACM Transactions on Sensor Networks,2005,1(2):204-239.
[43]J.Lee, D.R.Stinson. Deterministic key pre-distribution schemes for distributed sensor networksfC]. In Proceedings of ACM symposium on applied computing 2004, Lecture notes in computer science,2005:294-307.
[44]D.Wallner, E.Harder, R.Agee. Key management for multicast:issues andarchitectures[S]. RFC2627, June 1999.
[45]R.D.Pietro, L.V.Mancini, Y.W.Law, S. Etalle, P. Havinga. LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks[C]. In First international workshop on wireless security and privacy (WiSPr03),2003.
[46]J.Staddon, S.Miner, M.Franklin, D.Balfanz. Self-healing key distribution with revocation. Security and Privacy,2002. Proceedings.2002 IEEE Symposium on,2002,241-257.
[47]J.Zhang, V.Varadharajan. Wireless sensor network key management survey and taxonomy. Journal of Network and Computer Applications,2010,33(2):63-75.
[48]H.Chan, A.Perrig. PIKE:peer intermediaries for key establishment in sensor networks[C]. In Proceedings of the 24th annual joint conference of the IEEE computer and communications societies(INFOCOM'05), Miami, FL, USA, March 2005:524-35.
[49]K.Langendoen, N.Reijers. Distributed Localization in Wireless Sensor Networks:A Quantitative Comparison, Computer Networks, vol.43, no.4,499-518,2003.
[50]G.Gupta, M.Younis, Load-Balanced Clustering in Wireless Sensor Networks, In Proc. Int'l Conf. Comm. (ICC'03),2003.
[51]Younis, S.Fahmy, HEED:A Hybrid, Energy-Efficient, Distributed Clustering Approach for Ad Hoc Sensor Networks, In IEEE Trans. Mobile Computing, vol.3, no.4,2004,366-379.
[52]王巍.群组密钥管理的理论与关键技术研究.计算机工程与设计,2008
[53]M.Eltoweissy, H.Heydari, L.Morales, Combinatorial optimization of Group key management. Journal of Network and System Management,2004.
[2]M.K.Khan. Fingerprint Biometric-based Self and Deniable Authentication Schemes for the Electronic World.IETE Technical Review,2009,191-195.
[3]S.Marinkovic, E.Popovici. Network coding for efficient error recovery in wireless sensor networks for medical applications.International Conference on Emerging Network Intelligence. IEEE Computer Society,2009,15-20.
[4]R.Steele, C.Secombe. Elderly persons'perception and acceptance of using wireless sensor networks to assist healthcare.International Journal of Medical Informatics,2009,788-801.
[5]G.Garcia-Saez, M.E.Hernando, I.Martinez-Sarriegui.Architecture of a wireless personal assistant for telemedical diabetes care.International Journal of Medical Informatics,2009, 391-403
[6]J.Yoo, L.Yan, S.Lee. A new self-configured wearable body sensor network controller and a low wirelessly powered sensor for a continuous health monitoring system. IEEE Journal of Solid-State Circuits,2010,178-188.
[7]J.Lopez, R.Roman, C.Alcaraz. Analysis of security threats,requirements,technologies and standards in wireless sensor network. In Foundations of SecurityAnalysis and Design(LNCS 5705). Berlin, Germany:Springer-Verlag,2009,289-338.
[8]C.Xiangqian, K.Makki, Y.Kang. Sensor network security:a survey. IEEE Communications Surveys&Tutorials,2009,52-70.
[9]P.W.Palaniswami, M.Hoesel, L.V.Doumen. Energy-Efficient link-layer jamming attacks against wireless sensor network mac protocols.ACMTrans.Sensor Netw,2009,5(1):1-38.
[10]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10),1743-1756.
[11]J.Albath, S.Madria. Secure Hierarchical Aggregation in Sensor Networks.In Proceedings of IEEE Wireless Communications and Networking Conference,2009.
[12]代航阳,徐红兵.无线传感器网络密钥分布方案研究.传感器世界,2009,2:40-47.
[13]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议[J].软件学报,2007,18(5):1218-1231.
[14]NIST. Advanced Encrytions Standard AES Development Effert. http://csre.nist.gnv/aes/, 2000.
[15]L.Eschenauer, V.D.Gligor. A key-management scheme for distributed sensor networks. Proceedings of the 9th ACM conference on Computer and Communication Security. Washington DC, USA, ACM Press,2002,41-47.
[16]H.Chan, A.Perrig, D.Song. Random key Pre-distribution schemes for sensor networks. In: Proc.of the IEEE Symp. On Research in Security and Privacy. Oakland:IEEE Computer Security,2003,197-213.
[17]杨庚,王江涛,程宏兵,容淳铭.基于身份加密的无线传感器网络密钥分配方法.电子学报.2007,35(1):180-254.
[18]R.Blom. An optimal class of symmetric key generation systems. In Proceedings of EUROCRYPT'84, Lecture Notes in Computer Science,1984,335-338.
[19]C.Blundo, D.A.Santis, A.Herzberg, S.Kutten, U.Vaccro, M.Yung. Perfectly secure key distribution for dynamic conferences, In Advances in Cryptology-CRYPTO'92, LNCS740, 1992,471-486.
[20]D.Liu, P.Ning. Establishing Pairwise keys in distributed sensor networks. In Proceedings of the 10th ACM conference on Computer and Communications Security,2003,52-61.
[21]S.Y.Wu, S.P.Shieh. Adaptive random key distribution schemes for wireless sensor networks. In Proceedings of Int'l Workshop on Advanced Developments in Software and Systems Security,2003,91-105.
[22]D.Wenliang, D.Jing, Y.S Han, C.Shigang. A key management scheme for wireless sensor networks using deployment knowledge. In Proceedings of IEEE INFOCOM2004,2004, 7-11.
[23]J.Staddon, S.Miner, M.Franklin, D.Balfanz. Self-healing key distribution with revocation. Security and Privacy,2002. Proceedings.2002 IEEE Symposium on,2002,241-257.
[24]M.J.Bohio, A.Miri. Self-healing in Group Key Distribution Using Subset Difference Method. Network Computing and Applications,2004,2004,405-408.
[25]H.Dowon, K.Ju-Sung. An efficient key distribution scheme with self-healing property. Communications Letters, IEEE2005,2005,759-761.
[26]K.Firdous, H.Sajid. Secure Group Communication with Self-healing and Rekeying in Wireless Sensor Networks. In Proceedings of the 3rd international conference on Mobile ad-hoc and sensor networks,2007.
[27]K.Fan-Rui, L.Chun Wen, D.QingQing. Collusion Problem of the EBS-Based Dynamic Key Management Scheme. Journal of Software, Vol.20, No.9, September 2009,2531-2541.
[28]Y.Zhang, W.Liu, W.Lou, Y.Fang. Location-based compromise tolerant security mechanisms for wireless sensor networks. IEEEJSAC, Special Issue on Security in Wireless Ad Hoc Networks,2006,24(2):47-60.
[29]M.F.Younis, K.Ghumman, M.Eltoweissy. Location-aware combinatorial key management scheme for clustered sensor networks. Parallel and Distributed Systems, IEEE Transactions on,2006.
[30]M.Eltoweissy, M.Moharrum, R.Mukkamala. Dynamic Key Management in Sensor Networks. IEEE Communications Magazine,2006,122-130.
[31]S.Zhu, S.Setia, S.Jajodia. LEAP:efficient security mechanisms for large distributed sensor networks:proceedings of the 10th ACM Conference on Computer and Communication Security. Washington DC,2003,62-272.
[32]D.J.Malan, M.Welsh, M.D.Smith. A Public-key infrustructure for key distribution in Tiny OS based on elliptic curve cryptography. First IEEE International Conference on Sensor and Ad hoc Communications and Networks, Santa Clara, California,2009,58-67.
[33]G.Gaubatz, J.Kaps, B.Sunar. Public keys cryptography in sensor networks revisited. In Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks, Heidelberg, LNCS,2005,3313,2-18.
[34]L.Xiaolong, L.Yaping, Y.Siqing, Y.Yeqing, Y.Jianping, L.Xinguo. A Key Distribution Scheme Based on public Key Cryptography for Sensor Networks. In Proceeding of CIS2006, LNAI4456, Springer-Verlag, Berlin,2007,725-732.
[35]E.Bresson, O.Chevassut, A.Essiari, D.Pointeheval. Mutual Authentication and Group Key Agreement for Low-Power Mobile Devices. In 5th IEEE International Conference on Mobile and Wireless Communications Networks,2003,59-63.
[36]J.Y.Hwang, S.M.Lee and D.H.Lee. Sclable key exchange transformation from two Party to group. Electronics Letters,2010.
[37]A.Shamir. Identity-based cryptology and signature schemes. Advances in Cryptology, CRYPTO'84, Lecture Notes in Computer Science. Berlin, Springer-Verlag,1985,196:47-53.
[38]D.Boneh, M.Franklin. Identity-based encryption from the Pairing. Advances in Cryptology, CRYPTO2001, Lecture Notes in Computer Science. Berlin, Springer-Veriag,2001, 2139:213-229.
[39]R.Dutta, R.Barua. Constant Round Dynamic Group Key Agreement. Cryptology Print Archive, Report2005/221,2005.
[40]C.Huang, D.Du. New constructions on broadcast encryption and key pre-distribution schemes[C]. In Proceedings of IEEE INFOCOM05, Miami, IEEEPress,2005:515-523.
[41]M.Eltoweissy, M.Younis, K.G.humman. Lightweight Key Management for Wireless Sensor Networks. IEEE International Conference on Performance Computing and Communications, 2010,813-818.
[42]D.Liu, P.Ning. Improving key pre-distribution with deployment knowledge in static sensor networks[J]. ACM Transactions on Sensor Networks,2005,1(2):204-239.
[43]J.Lee, D.R.Stinson. Deterministic key pre-distribution schemes for distributed sensor networksfC]. In Proceedings of ACM symposium on applied computing 2004, Lecture notes in computer science,2005:294-307.
[44]D.Wallner, E.Harder, R.Agee. Key management for multicast:issues andarchitectures[S]. RFC2627, June 1999.
[45]R.D.Pietro, L.V.Mancini, Y.W.Law, S. Etalle, P. Havinga. LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks[C]. In First international workshop on wireless security and privacy (WiSPr03),2003.
[46]J.Staddon, S.Miner, M.Franklin, D.Balfanz. Self-healing key distribution with revocation. Security and Privacy,2002. Proceedings.2002 IEEE Symposium on,2002,241-257.
[47]J.Zhang, V.Varadharajan. Wireless sensor network key management survey and taxonomy. Journal of Network and Computer Applications,2010,33(2):63-75.
[48]H.Chan, A.Perrig. PIKE:peer intermediaries for key establishment in sensor networks[C]. In Proceedings of the 24th annual joint conference of the IEEE computer and communications societies(INFOCOM'05), Miami, FL, USA, March 2005:524-35.
[49]K.Langendoen, N.Reijers. Distributed Localization in Wireless Sensor Networks:A Quantitative Comparison, Computer Networks, vol.43, no.4,499-518,2003.
[50]G.Gupta, M.Younis, Load-Balanced Clustering in Wireless Sensor Networks, In Proc. Int'l Conf. Comm. (ICC'03),2003.
[51]Younis, S.Fahmy, HEED:A Hybrid, Energy-Efficient, Distributed Clustering Approach for Ad Hoc Sensor Networks, In IEEE Trans. Mobile Computing, vol.3, no.4,2004,366-379.
[52]王巍.群组密钥管理的理论与关键技术研究.计算机工程与设计,2008
[53]M.Eltoweissy, H.Heydari, L.Morales, Combinatorial optimization of Group key management. Journal of Network and System Management,2004.