无线自组织网络组播密钥管理研究
|
摘要
随着无线自组织网络研究的逐渐深入,无线自组织网络的组播安全问题成为研究的热点之一,无线自组织网络中,很多网络功能,包括路由、邻居发现、密钥分发和拓扑控制都是面向群组的,需要一个发送节点将相同的信息发送给多个接收节点,对于需要机密传输的敏感信息,采用安全组播通信模式,能有效的降低网络传输负载,提高带宽利用率,因而在网络会议、车载通信、无线MESH网、战地自组织网等领域有着广泛的应用。组播密钥管理是组播安全研究的核心问题,在无线自组织网络中,由于其特有的移动性和开放性等特点,使得无线自组织网络的组密钥管理面临很大的挑战。
首先,由于无线自组织网络无中心节点,无固定基础设施支持,如何在分布式的环境中对节点身份进行认证,是无线自组织网络组密钥管理面临的首要问题。对于大规模自组织网络,采用完全集中式或完全分布式的组密钥管理的方式容易形成系统单一失效点、产生网络分割、不同步等问题,实际应用中宜采用结合集中式和分布式优点的分散式的组密钥管理框架,子组中心管理和用户子组管理是框架的两个管理层次,对子组中心管理关注的是组密钥分发的安全性和效率,如何实现分布式身份可验证的组密钥分发是自组织网络组密钥管理的关键问题。
其次,对于用户子组管理,由于只是在子组范围内的局部区域中进行的,一般采用树型的集中式管理方法,组密钥更新问题是目前该领域研究的重点,现有的方案大多基于平衡密钥树的思想进行构建,组密钥的更新问题主要是为了解决在成员加入和退出组时,能够提供满足组密钥更新的前向安全性和后向安全性条件下,如何提高组密钥更新的效率,尽量降低组密钥的更新开销,是自组织网络平衡树组密钥更新研究的核心问题之一。
最后,采用非平衡的Huffman树可以保证理论上最佳的组密钥更新效率,实现平均用户密钥更新代价最低,但在实际应用中,由于成员加入或退出组的概率无法准确预估,而且Huffman树实际上是一个静态树,无法随着成员进出组的预估概率进行动态变化,如何提高Huffman树的动态性,提供实际可性的用户概率模型,是自组织网组密钥更新研究的另一个重要方向。
本文针对上述问题,从如下三个方面研究无线自组织网络的组播密钥管理问题:(1)无线自组织网络组播密钥生成研究;(2)平衡树组播密钥更新研究(3)Huffman树组播密钥更新研究。以上工作得到了国家自然科学基金“基于网络效用最大化的无线传感器网络研究”(No.90104033)和“自组织认知无线电网络关键技术研究“(No.60602029)的资助。
本文取得研究成果包括如下几个方面:
1.无线自组织网络组密钥分发技术:对无线自组织网络的身份认证机制进行研究,针对无线自组织网络分布式无中心的特点,提出一种本地化的基于身份密码体制,简化身份认证过程;对无线自组织网络组密钥管理框架进行研究,并分析了子组中心管理、用户子组管理和子组间切换这三个关键技术,对子组中心管理问题,提出了一种分布式可容错的组密钥分发和重构算法,增强了分发的安全性和效率。
2.平衡树组密钥更新技术:对子组中心管理方法进行分析,针对目前组密钥更新方案中离开节点更新开销大的问题,提出了一种基于M维几何球形的组密钥更新算法,并提出一种批量更新策略,降低了组密钥更新开销。
3.Huffman树组密钥更新技术:针对现有算法中Huffman密钥树只能静态创建,而无法动态调整的问题,提出了一种根据用户进出组的频率而自适应调整的Huffman树组密钥更新算法,使得用户动态进出组时,实现在保证组密钥更新安全性前提下,能始终保持Huffman树用户平均密钥更新代价最小。
With the rapid development of Mobile Ad hoc Network(MANET) and multicastcommunication techniques, the security of multicast key for MANET has attractedmore and more attention. How to realize a secure, efficient and facile group keymanagement for MANET via insecure wireless network is a challenge for research,Some typical scheme for group key management can't be used in MANET directly.there are some problems existing in group key management for MANET asfollowing:
Firstly, because the character of MANET is no central node for distributing andmanaging CA, and no node can be trusted by all other nodes in networks, how togenerate group key and distribute it to all members of group, securely and efficiently,fault torrent and distributed as well, is the most field be worth researching. For alarge-scale Ad hoe networks, because the number of nodes is numerous and mobile, itis easy to gernerate network split and un-synchronization, A cluster-based structurenetwork is often used to manage the route and member of group, but the roamproblem caused by hostility nodes who roam from one cluster to another frequently,will immerse network performance deteriorated deeply. How to provide security andusability of group key when some nodes roaming is an important challenge.
Secondly, most of typical scheme for MANET multicast reking are based inbalanceable key tree, the most import problem of multicast reking is providingforward security when member leaves and backward security when member join, then,how to improve efficient of multicast reking, decrease the cost of reking, is the coreproblem of balanceable key tree for MANET multicast reking.
Thirdly, Huffman key tree is used for providing the most efficent of grouprekeying theoretically, who can realize the least average cost of group rekeying. Butin fact, because the probability of leaving member can't be predicted accurately, andthe Huffman tree is a static tree, How to provide an dynamitic and adaptive Huffmankey tree, is another important field of multicast rekeying.
For solution of above three problem, this paper is focus on group keymanagement in MANET as follows: (1) research on generation and distribution ofgroup key for MANET; (2) research on balanceable key tree for group rekeying;(3) research on Huffman tree for group rekeying.
(1) research on generation and distribution of group key: First we use secretshare and Id-based key technique to estabilish Id-based key system in MANET, inwhich system every node has an pair of key, the public key of nodes is his ID. Thenwe propose a fault-torrent and distributed group key generation and distributionscheme, by this scheme, we propose a group key management for cluster-based Adhoc network.
(2) research on balanceable key tree for group rekeying: Because most ofrekeying cost is caused by leaving member, we propose an M-dimension spheremulticast rekeying scheme, in this scheme, cooperation of brother nodes can improvethe efficient of rekeying cost when leaving member. Then we propose an batchrekeying scheme by M-dimension sphere.
(3) research on Huffman tree for group rekeying: For solving the problem thatHuffman key tree can't be adjusted dynamically but be statically established inscheme by now, in this paper we propose an adaptive Huffman key tree scheme formulticast rekeying, in our scheme, we can adjust the structure Huffman key treeadaptively with the frequent of users join in or leave from multicast group before now,because that the frequent denote the probability of this group member who shouldjoin in or leave from group in future. By the analysis, we prove that our scheme canprovide the security of multicast rekeying, as well as can ensure the condition that theaverage cost of rekeying is minimum value, even when adjusting Huffman key treedynamically.
首先,由于无线自组织网络无中心节点,无固定基础设施支持,如何在分布式的环境中对节点身份进行认证,是无线自组织网络组密钥管理面临的首要问题。对于大规模自组织网络,采用完全集中式或完全分布式的组密钥管理的方式容易形成系统单一失效点、产生网络分割、不同步等问题,实际应用中宜采用结合集中式和分布式优点的分散式的组密钥管理框架,子组中心管理和用户子组管理是框架的两个管理层次,对子组中心管理关注的是组密钥分发的安全性和效率,如何实现分布式身份可验证的组密钥分发是自组织网络组密钥管理的关键问题。
其次,对于用户子组管理,由于只是在子组范围内的局部区域中进行的,一般采用树型的集中式管理方法,组密钥更新问题是目前该领域研究的重点,现有的方案大多基于平衡密钥树的思想进行构建,组密钥的更新问题主要是为了解决在成员加入和退出组时,能够提供满足组密钥更新的前向安全性和后向安全性条件下,如何提高组密钥更新的效率,尽量降低组密钥的更新开销,是自组织网络平衡树组密钥更新研究的核心问题之一。
最后,采用非平衡的Huffman树可以保证理论上最佳的组密钥更新效率,实现平均用户密钥更新代价最低,但在实际应用中,由于成员加入或退出组的概率无法准确预估,而且Huffman树实际上是一个静态树,无法随着成员进出组的预估概率进行动态变化,如何提高Huffman树的动态性,提供实际可性的用户概率模型,是自组织网组密钥更新研究的另一个重要方向。
本文针对上述问题,从如下三个方面研究无线自组织网络的组播密钥管理问题:(1)无线自组织网络组播密钥生成研究;(2)平衡树组播密钥更新研究(3)Huffman树组播密钥更新研究。以上工作得到了国家自然科学基金“基于网络效用最大化的无线传感器网络研究”(No.90104033)和“自组织认知无线电网络关键技术研究“(No.60602029)的资助。
本文取得研究成果包括如下几个方面:
1.无线自组织网络组密钥分发技术:对无线自组织网络的身份认证机制进行研究,针对无线自组织网络分布式无中心的特点,提出一种本地化的基于身份密码体制,简化身份认证过程;对无线自组织网络组密钥管理框架进行研究,并分析了子组中心管理、用户子组管理和子组间切换这三个关键技术,对子组中心管理问题,提出了一种分布式可容错的组密钥分发和重构算法,增强了分发的安全性和效率。
2.平衡树组密钥更新技术:对子组中心管理方法进行分析,针对目前组密钥更新方案中离开节点更新开销大的问题,提出了一种基于M维几何球形的组密钥更新算法,并提出一种批量更新策略,降低了组密钥更新开销。
3.Huffman树组密钥更新技术:针对现有算法中Huffman密钥树只能静态创建,而无法动态调整的问题,提出了一种根据用户进出组的频率而自适应调整的Huffman树组密钥更新算法,使得用户动态进出组时,实现在保证组密钥更新安全性前提下,能始终保持Huffman树用户平均密钥更新代价最小。
With the rapid development of Mobile Ad hoc Network(MANET) and multicastcommunication techniques, the security of multicast key for MANET has attractedmore and more attention. How to realize a secure, efficient and facile group keymanagement for MANET via insecure wireless network is a challenge for research,Some typical scheme for group key management can't be used in MANET directly.there are some problems existing in group key management for MANET asfollowing:
Firstly, because the character of MANET is no central node for distributing andmanaging CA, and no node can be trusted by all other nodes in networks, how togenerate group key and distribute it to all members of group, securely and efficiently,fault torrent and distributed as well, is the most field be worth researching. For alarge-scale Ad hoe networks, because the number of nodes is numerous and mobile, itis easy to gernerate network split and un-synchronization, A cluster-based structurenetwork is often used to manage the route and member of group, but the roamproblem caused by hostility nodes who roam from one cluster to another frequently,will immerse network performance deteriorated deeply. How to provide security andusability of group key when some nodes roaming is an important challenge.
Secondly, most of typical scheme for MANET multicast reking are based inbalanceable key tree, the most import problem of multicast reking is providingforward security when member leaves and backward security when member join, then,how to improve efficient of multicast reking, decrease the cost of reking, is the coreproblem of balanceable key tree for MANET multicast reking.
Thirdly, Huffman key tree is used for providing the most efficent of grouprekeying theoretically, who can realize the least average cost of group rekeying. Butin fact, because the probability of leaving member can't be predicted accurately, andthe Huffman tree is a static tree, How to provide an dynamitic and adaptive Huffmankey tree, is another important field of multicast rekeying.
For solution of above three problem, this paper is focus on group keymanagement in MANET as follows: (1) research on generation and distribution ofgroup key for MANET; (2) research on balanceable key tree for group rekeying;(3) research on Huffman tree for group rekeying.
(1) research on generation and distribution of group key: First we use secretshare and Id-based key technique to estabilish Id-based key system in MANET, inwhich system every node has an pair of key, the public key of nodes is his ID. Thenwe propose a fault-torrent and distributed group key generation and distributionscheme, by this scheme, we propose a group key management for cluster-based Adhoc network.
(2) research on balanceable key tree for group rekeying: Because most ofrekeying cost is caused by leaving member, we propose an M-dimension spheremulticast rekeying scheme, in this scheme, cooperation of brother nodes can improvethe efficient of rekeying cost when leaving member. Then we propose an batchrekeying scheme by M-dimension sphere.
(3) research on Huffman tree for group rekeying: For solving the problem thatHuffman key tree can't be adjusted dynamically but be statically established inscheme by now, in this paper we propose an adaptive Huffman key tree scheme formulticast rekeying, in our scheme, we can adjust the structure Huffman key treeadaptively with the frequent of users join in or leave from multicast group before now,because that the frequent denote the probability of this group member who shouldjoin in or leave from group in future. By the analysis, we prove that our scheme canprovide the security of multicast rekeying, as well as can ensure the condition that theaverage cost of rekeying is minimum value, even when adjusting Huffman key treedynamically.
引文
[1] 穆海冰,“移动Ad hoc网络组播安全研究”,北京交通大学博士学位论文,2007.6
[2] 王浩,“无线移动自组网的分布式密钥管理和认证研究”,重庆大学博士学位论文,2007.4
[3] 徐邦海“移动自组织网络环境下密钥管理及安全组播研究”西北工业大学博士学位论文,2006.3
[4] K.Sanzgiri, B.Dahill, B.N.Levine, C.Shields, and E.M.Belding-Royer.A. "Secure Routing Protocol for ad hoc networks." In Proceedings of the International Conference on Networks Protocols(ICNP), November 2002.
[5] M.Guerrero ZaPata and N.Asokan. "Securing ad hoc routing Protocols." In Proceedings of the ACM Workshop on Wireless Security(WiSe), September 2002. Atlanta,Georgia,USA.
[6] Y.Hu, D.Johnson, A.Perrig. "SEAD:Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoe Networks." Proceedings of the 4th IEEE Workshop on Mobile Computing Systems & Applications (WMCSA2002), IEEE, Calieoon, NY, June 2002.
[7] P.Papadimitratos and Z.Haas. "Secure routing for mobile Ad Hoe networks." In Proceedings of SCS Communication Networks and Distributed Systems Modeling and Simulation Conference(CNDS),2002.
[8] 况晓辉,“移动自组织网络组播密钥管理关键技术研究”,国防科技大学博士学位论文,2003.10
[9] P.Kyasanur and N.H.Vaidya. "Detection and Handling of MAC Layer Misbehavior in Wireless Networks." In Proceedings of the 2003 International Conference on Dependable Systems and Networks, Pages 173-182, San Franeisco, CA, June 2003.
[10] P.Kyasanur. "Selfish misbehavior at medium access control layer in wireless networks." Master's thesis, University of Illinois at Urbana-Champaign, December 2003.
[11] A.B.Mackenzie and S.B.Wicker. "Game Theory and the Design of Self-Configuring, Adaptive Wireless Networks." IEEE Communications Magazine, 39(11):126-131, 2000.
[12] Sonja Buchegger, Jean Ives Le Boundec. "Coopertive Routing in Mobile Ad-hoc Networks: Current Efforts Against Malice and Selfishness." G1 Jahrestagung 2002:513-517.
[13] Pietro Michiardi, Refik Molva. "Prevention of Denial of Service Attacks and selfishness in Mobile Ad Hoc Networks." Research Report RR-02-063-Jan 2002.
[14] Y.C.Hu, A.Perrig, and D.B.Johnson. "packet Leashes: A defense against Wormhole Attacks in Wireless Ad Hoe Networks." Proceedings of the Twentysecond Annual Joint Conference of the IEEE Computer and communications Societies (INFOCOM2003), IEEE, SanFrancisco, CA, April 2003.
[15] L.Butty and J.P.Hubaux. "Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks." ACM/Kluwer Mobile Networks and Applications (MONET),Vol.8 No.5, October 2003.
[16] P.Michiardi, R.Molva. "Core: A Collaborative Reputation mechanism to enforce node cooperation in Mobile Ad Hoc Networks." Communication and Multimedia Security 2002, Portoroz, Slovenia, September,2002.
[17] Hwang J, Kim Y. "Revisiting random key pre-distribution schemes for wireless sensor networks." In: Proc. of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks. New York: ACM Press, 2004. 43-52.
[18] R.Ramanujan, S.Kudige, T.Nguyen, S.Takkella, and F.Adelstein. "Intrusion-Resistant Ad Hoc Networks." Proceedings of MILCOM2002, Oct. 2002.
[19] Y.Zhang, W.Lee. "Intrusion Detection in WirelesS Ad-hoc Networks." Proceedings of the 6th International Conference on Mobile Computing and Networking (MobiCom2000), Boston, MA, August 2000.
[20] Eschenauer L, Gligor V D. "A key-management scheme for sensor networks[A]." The 9th ACM Conference on Computer and Communication Security (CCS) [C]. Washington DC, USA, Nov. 2002:41-47.
[21] 苏忠,林闯,封富君,任丰原.”无线传感器网络密钥管理的方案和协议”软件学报,2007,Vol.18,No.5,P1218-1231
[22] Chen H, Perrig A, Song D. "Random key pre-distribution schemes for sensor networks [A]." IEEE Symposium on Security and Privacy [C]. Berkeley, California, May 2003: 285-289.
[23] W Du, L Fang, R Wang and S G Chen. "Key Pre-Distribution Using Sensor Pre-Deployment Knowledge." Peer reviewed poster session in ACM Workshop on Wireless Security (WiSe), in conjunction with ACMMobiCom 2003. San Diego , CA , USA. September 19, 2003.
[24] Liu D, Ning P. "Establishing pairwise keys in distributed sensor networks." Proc. of the 10th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2003. 52-61.
[25] Blundo C, Santis AD,etc. "Perfectly secure key distribution for dynamic conferences." Information and Computation, 1998,146(1):1-23.
[26] D Liu , P Ning. "Location-Based Pairwise Key Establishments for Static Sensor Networks."in 2003 ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN'03) , October 2003.72-82.
[27] Du W, Deng J, Han YS, Varshney PK. "A pairwise key pre-distribution scheme for wireless sensor networks." In:Proc. of the 10th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2003. 42-51.
[28] Blom R. "An optimal class of symmetric key generation systems." Proc. of the EUROCRYPT'84. New York: Springer-Verlag, 1984. 335-338.
[29] Huang D, Mehta M, Medhi D, Ham L. "Location-Aware key management scheme for wireless sensor networks." In: Proc. of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks. New York: ACM Press, 2004. 29-42.
[30] Perrig A, Szewczyk R, Tygar J, Wen V, Culler D. "SPINS: Security protocols for sensor networks." ACM Wireless Network, 2002,8(5):521-534.
[31] Zhu S, Setia S, Jajodia S. "LEAP: Efficient security mechanisms for large-scale distributed sensor networks." In: Proc. of the 10th ACM Conf. on Computer and Communications Security.New York: ACM Press, 2003. 62-72.
[32] Younis M, Ghumman K, Eltoweissy M. "Location-Aware combinatorial key management scheme for clustered sensor networks." IEEE Trans. on Parallel and Distribution System, 2006,17(8):865-882.
[33] Liu D, Ning P. "Multilevel μ TESLA: Broadcast authentication for distributed sensor networks." ACM Trans. on Embedded Computing Systems, 2004,3(4):800-836.
[34] Liu D, Ning P, Zhu S, Jajodia S. "Practical broadcast authentication in sensor networks." In: Proc. of the 2nd Annual Int'l Conf. on Mobile and Ubiquitous Systems: Networking and Services. Washington: IEEE Computer Society, 2005.118-129.
[35] 易平,蒋嶷川,张世永,钟亦平.“移动ad hoc网络安全综述”,电子学报,2005,Vol.33 No.5 P893-899
[36] Frank Stajano, Ross Anderson. "The resurrecting duckling : security issues for Ad-hoc wireless networks [A]." Proc. of the 7th International Workshop on Security Protocols [C]. LNCS 1796, Springer-Verlag, Berlin Germany, April 1999. 172-194.
[37] Alfarez Abdul-Rahman, Stephen Halles. "A Distributed Trust Model." 1997 New Security Paradigms Workshop Langdale, Cumbria UK, Copyright ACM 1998, 48-60.
[38] Edith C. H. Ngai, Michael R. Lyu. "An Authentication Service Against Dishonest Users in Mobile Ad Hoe Networks." 2004 IEEE Aerospace Conference Proceedings,1275-1285.
[39] N Asokan, Philip Ginzboorg. "Key agreement in ad hoc networks." Computer Communications, 2000, 23 (17) :1627-1637.
[40] Lidong Zhou, Zygmunt J Haas. "Securing ad hoc networks." IEEE Networks Special Issue on Network Security, 1999, 13(6): 24-30.
[41] R Ostrovsky ,M Yung. "How to withstand mobile virus attack." Proc of the 10th ACM Symposium on Principles of Distributed Computing [C]. ACMpress, New York, 1991. 51-59.
[42] Seung Yi, Robin Kravets. "MOCA:Mobile certificate authority for wireless Ad Hoc Networks." Proc of 2nd Annual PKI Research Workshop Program (PKI03). Gaithersburg, Maryland. April. 2003. 65-79.
[43] 熊焰,苗付友,张伟超,王行甫.移动自组网中基于多跳步加密签名函数签名的分布式认证.电子学报,2003,31(2):161-165.
[44] Jiejun Kong, Petros Zerfos, et al. "Providing robust and ubiquitous security support for mobile Ad Hoe networks." IEEE 9th International Conference on Network Protocols (ICNP'01). Riverside, California, 2001. 251-260.
[45] Haiyun Luo, Jiejun Kong, et al. "Self-securing Ad Hoe wireless networks." Proc of the Seventh IEEE Symposiumon Computers and Communications (ISCC'02) . Italy, 2002。567-574.
[46] Jean-Pierre Hubaux, Levente Buttyan, Srdjan Capkun. "The quest for security in mobile Ad Hoc networks." Proc of the 2001 ACM International Symposiumon Mobile ad hoc networking &computing 2001[C]. Long Beach, CA, USA, 2001. 146-155.
[47] Srdjan Capkun, Levente Nuttyan, Jean-Pierre Hubaux. "Self-organized public-key Management for mobile ad hoc networks." IEEE Transactions on mobile computing, January-March, 2003,2(1) :52-64.
[48] Zheng Yan. "Security in Ad Hoc Networks." http://citeseer.nj.nec.com/536945.html.
[49] Srdjan Capkun, Jean-Pierre Hubaux, Levente Buttyan. "Mobility helps security in Ad Hoc networks." The Fourth ACM International Symposiumon Mobile Ad Hoc Networking and Computing[C]. Annapolis ,Maryland ,USA ,June 1 - 3,2003.46 - 56.
[50] 徐守志.“多服务安全组播组密钥管理技术研究”,华中科技大学博士学位论文,2006
[51] Harney H, Muckenhim C, and T Rivers. "Gorup Kye Management Portocol Architecture", RFC2094, September 1994.
[52] Harney H, Muckenhim C, and T Rivers. "Gorup Key Management Protocol Specification", RFC2093, September 1994.
[53] 屈劲,葛建华,蒋铭.安全组播密钥批更新算法研究[J].电子学报.2003,31(7):1046-1048
[54] BALENSON D, MCGREW D, SHERMAN A. "Key management for large dynamic groups: One-Way function trees and amortized initialization[Z]". IETF Internet Draft (work in p rogress), 2000.
[55] Canetti R, Malkin T, Nissim K. "Efficient communicato-storgage tradeoffs for multicast encryption[J]." Advances in Cryptotoly-EUROCRYPT'99, vol.1599:459-474.
[56] WALDVOGEL M, GARONNIG, SUN D, et al. "The VersaKey framework: Versatile group key management". [J]. IEEE Journal on Selected Areas in Communications (Special Issue onMiddleware) ,1999, 17 (9) : 1614 - 1631.
[57] C. K. Wong, M. Gouda, and S. S. Lam, "Security group communication using key graph," IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 16-30,Feb. 2000.
[58] Pegueroles J, Rico-Novella F, Hernandez-Serrano J, et al. "Improved LKH for batch rekeying in multicast groups[A]." IEEE International Conference on Information Technology[C]. New York(USA), 2003. 269-273.
[59] Ghanem S.M, Abdel-Wahab H. "Secure group key management framework: design and rekey issues[A]." 8th IEEE International Symposium on Computers and Communication[C]. Los Alamitos(USA), CA:IEEE Computer Society Press, 2003. 797-802.
[60] Ghanem S.M, Abdel-Wahab H. "A simple XOR-based technique for distributing group key in secure multicasting[A]." Fifth IEEE Symposium on Computers and Communications[C].Los Alamitos(USA),CA:IEEE Computer Society Press, 2000.166-171.
[61] Sherman A.T, McGrew D.A. "Key establishment in large dynamic groups using one-way function trees[J]." IEEE Trans.on Software Engineering,2003,vol.29(5):444-458.
[62] Ku WeiChi,Chen ShuaiMin. "An improved key management scheme for large dynamic groups using one-way function trees[A]." IEEE International Conference on Parallel Processing Workshops[C],2003.391-396.
[63] Liu Jing,Zhou Mingtian. "Secure Group Communications For Large Dynamic Multicast Group[J]." Journal of Electronics.2003,20(4):265-273
[64] 刘景,周明天.大型动态多播群组的密钥管理和访问控制[J],软件学报.2002,13(2):291-297.
[65] Setia S,Koussih S,Jajodia S et al. "Kronos:a scalable group re-keying approach for secure multicast[A]." in:IEEE Symposium on Security and Privacy[C]." Oakland(USA)CA:IEEE Computer Society Press,2000.215-228.
[66] MITTRA S. "Iolus : A framework for scalable secure multicasting[J]". New York: ACM Press,ACM SIGCOM Computer Communication Review, 1997, 27 (4) : 277-288.
[67] Ateniese, Giuseppe Steiner, Michael Tsudik. et al. "New multiparty authentication services and key agreement protocols[J]." IEEE Journal on Selected Areas in Communications,vol. 18(4):628-639.
[68] Perrig A. "Efficient Collaborative Key Management Protocols for Secure Autonimous Group Communication[A]." in:International Workshop on Cryptographic Techniques and E-Commerce[C], 1999.192-202.
[69] Rekesh Babu Bobba, Laurent Eschenauer, Virgil Gligor, William Arbaugh. "Bootstrapping Security Associations for Routing in Mobile Ad Hoc Networks[R]." Technical Report 2002-44, University of Maryland, 2002.
[70] Shamir A. "How to share a secret". Comm ACM, 1979, 22:612-613
[71] R.J.McEliece,D.V.Sarwate."On Sharing Secrets and Reed-Solomon Codes." [J].Communication of the ACM, 1981,Vol.24(8):583-584。
[72] Benaloh J C. "Secret Sharing Homomorphisms: Keeping Shares of a Secret[C]", Proc of CRYPTO'86, Berlin:Springer, 1986:412-417.
[73] M.Ito, A.Saito, T Nishizeki, "Secret sharing scheme realizing general access structure, Proceedings IEEE Globcom'87 Tokyo,Japan, 1987, PP99-102.
[74] J.He, and E.Dawson, "Multistage secret sharing based on one-way function", Electron.Lett, Vol.3o, No.19(1994), pp.1591-1592.
[75] Chor B, Goldwasser S, Micali S, Awerbuch B. "Verifiable secret sharing and achieving simultaneity in the Presence of faults", in Proceedings of 26 IEEE symposium on Foundations of computer science, 1985:383-395.
[76] M.Stadler."Publicly verifiable secret sharing", In Advances in Cryptology-EURO-CRYPT, 96, Berlin, SPringer-Verlag, PP.190-199.
[77] Shamir A. "Identity-based Cryptosystems and Signature Schemes." Proceedings of Crypto 1984. Providence, USA: Springer-Verlag, 47-53,1984.
[78] Verheul E R. "Evidence That XTR Is More Secure Than Supersingular Elliptic Curve Cryptosystems." Advances in Cryptology-Proceedings of EUROCRYPT'01, Spring-Verlag,195-210, 2001.
[79] Boneh D, Franklin M. "Identity Based Encryption From The Weil Pairing." Advances in Cryptology-Proceedings of CRYPTO'01, Spring-Verlag, 213-229, 2001.
[80] 杨宗凯,谢海涛,程文青,谭运猛“一种基于身份的分布式会议密钥分发方案”《计算机科学》2007 Vol.34 No.1 P115-143.
[81] Aram Khalili, Jonathan Katz, William A. Araaugh. Toward Secure Key Distribution in Truly Ad-hoc Networks. Applications and the Internet Workshops, 2003. Proceedings. 2003Symposium on 27-31 Jan. 2003 Page(s):342-346
[82] Tzeng W G. A Secure Fault-tolerant Conference-key Agreement Protocol. IEEE Trans. Computers, vol.51, no 4, pp.373-379, Apr. 2002
[83] Xu Y. Identity-Based Fault-Tolerant Conference Key Agreement. IEEE Trans. Dependable and Secure Computing, vol. 1, no. 3, pp.170-178, July 2004
[84] Lin J C, Lai F P, Lee H C. Efficient Group Key Management Protocol with One-Way Key Derivation, Proceedings of the IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05).
[85] Qu J, Ge J.H, Jiang M. Key Management for Secure Multicast Using Huffman Hierarchy. Journal of Software 2003, Vol.14, No.1.
[86] Zhu L.H, Cao Y.D. "Multicast Rekeying Protocol Based on Huffman One-Way Function Tree." Transactions of Beijing Institute of Technology. 2004, Vol.24, No.6.
[87] Sun D, Huang T.S, Sun F.X, "DS-HOFKCT: A Multicast Re-keying Protocol Based on Huffman One-way Function Key Chain Tree." IEEE ICC2005, pp.1132-1135.
[2] 王浩,“无线移动自组网的分布式密钥管理和认证研究”,重庆大学博士学位论文,2007.4
[3] 徐邦海“移动自组织网络环境下密钥管理及安全组播研究”西北工业大学博士学位论文,2006.3
[4] K.Sanzgiri, B.Dahill, B.N.Levine, C.Shields, and E.M.Belding-Royer.A. "Secure Routing Protocol for ad hoc networks." In Proceedings of the International Conference on Networks Protocols(ICNP), November 2002.
[5] M.Guerrero ZaPata and N.Asokan. "Securing ad hoc routing Protocols." In Proceedings of the ACM Workshop on Wireless Security(WiSe), September 2002. Atlanta,Georgia,USA.
[6] Y.Hu, D.Johnson, A.Perrig. "SEAD:Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoe Networks." Proceedings of the 4th IEEE Workshop on Mobile Computing Systems & Applications (WMCSA2002), IEEE, Calieoon, NY, June 2002.
[7] P.Papadimitratos and Z.Haas. "Secure routing for mobile Ad Hoe networks." In Proceedings of SCS Communication Networks and Distributed Systems Modeling and Simulation Conference(CNDS),2002.
[8] 况晓辉,“移动自组织网络组播密钥管理关键技术研究”,国防科技大学博士学位论文,2003.10
[9] P.Kyasanur and N.H.Vaidya. "Detection and Handling of MAC Layer Misbehavior in Wireless Networks." In Proceedings of the 2003 International Conference on Dependable Systems and Networks, Pages 173-182, San Franeisco, CA, June 2003.
[10] P.Kyasanur. "Selfish misbehavior at medium access control layer in wireless networks." Master's thesis, University of Illinois at Urbana-Champaign, December 2003.
[11] A.B.Mackenzie and S.B.Wicker. "Game Theory and the Design of Self-Configuring, Adaptive Wireless Networks." IEEE Communications Magazine, 39(11):126-131, 2000.
[12] Sonja Buchegger, Jean Ives Le Boundec. "Coopertive Routing in Mobile Ad-hoc Networks: Current Efforts Against Malice and Selfishness." G1 Jahrestagung 2002:513-517.
[13] Pietro Michiardi, Refik Molva. "Prevention of Denial of Service Attacks and selfishness in Mobile Ad Hoc Networks." Research Report RR-02-063-Jan 2002.
[14] Y.C.Hu, A.Perrig, and D.B.Johnson. "packet Leashes: A defense against Wormhole Attacks in Wireless Ad Hoe Networks." Proceedings of the Twentysecond Annual Joint Conference of the IEEE Computer and communications Societies (INFOCOM2003), IEEE, SanFrancisco, CA, April 2003.
[15] L.Butty and J.P.Hubaux. "Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks." ACM/Kluwer Mobile Networks and Applications (MONET),Vol.8 No.5, October 2003.
[16] P.Michiardi, R.Molva. "Core: A Collaborative Reputation mechanism to enforce node cooperation in Mobile Ad Hoc Networks." Communication and Multimedia Security 2002, Portoroz, Slovenia, September,2002.
[17] Hwang J, Kim Y. "Revisiting random key pre-distribution schemes for wireless sensor networks." In: Proc. of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks. New York: ACM Press, 2004. 43-52.
[18] R.Ramanujan, S.Kudige, T.Nguyen, S.Takkella, and F.Adelstein. "Intrusion-Resistant Ad Hoc Networks." Proceedings of MILCOM2002, Oct. 2002.
[19] Y.Zhang, W.Lee. "Intrusion Detection in WirelesS Ad-hoc Networks." Proceedings of the 6th International Conference on Mobile Computing and Networking (MobiCom2000), Boston, MA, August 2000.
[20] Eschenauer L, Gligor V D. "A key-management scheme for sensor networks[A]." The 9th ACM Conference on Computer and Communication Security (CCS) [C]. Washington DC, USA, Nov. 2002:41-47.
[21] 苏忠,林闯,封富君,任丰原.”无线传感器网络密钥管理的方案和协议”软件学报,2007,Vol.18,No.5,P1218-1231
[22] Chen H, Perrig A, Song D. "Random key pre-distribution schemes for sensor networks [A]." IEEE Symposium on Security and Privacy [C]. Berkeley, California, May 2003: 285-289.
[23] W Du, L Fang, R Wang and S G Chen. "Key Pre-Distribution Using Sensor Pre-Deployment Knowledge." Peer reviewed poster session in ACM Workshop on Wireless Security (WiSe), in conjunction with ACMMobiCom 2003. San Diego , CA , USA. September 19, 2003.
[24] Liu D, Ning P. "Establishing pairwise keys in distributed sensor networks." Proc. of the 10th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2003. 52-61.
[25] Blundo C, Santis AD,etc. "Perfectly secure key distribution for dynamic conferences." Information and Computation, 1998,146(1):1-23.
[26] D Liu , P Ning. "Location-Based Pairwise Key Establishments for Static Sensor Networks."in 2003 ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN'03) , October 2003.72-82.
[27] Du W, Deng J, Han YS, Varshney PK. "A pairwise key pre-distribution scheme for wireless sensor networks." In:Proc. of the 10th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2003. 42-51.
[28] Blom R. "An optimal class of symmetric key generation systems." Proc. of the EUROCRYPT'84. New York: Springer-Verlag, 1984. 335-338.
[29] Huang D, Mehta M, Medhi D, Ham L. "Location-Aware key management scheme for wireless sensor networks." In: Proc. of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks. New York: ACM Press, 2004. 29-42.
[30] Perrig A, Szewczyk R, Tygar J, Wen V, Culler D. "SPINS: Security protocols for sensor networks." ACM Wireless Network, 2002,8(5):521-534.
[31] Zhu S, Setia S, Jajodia S. "LEAP: Efficient security mechanisms for large-scale distributed sensor networks." In: Proc. of the 10th ACM Conf. on Computer and Communications Security.New York: ACM Press, 2003. 62-72.
[32] Younis M, Ghumman K, Eltoweissy M. "Location-Aware combinatorial key management scheme for clustered sensor networks." IEEE Trans. on Parallel and Distribution System, 2006,17(8):865-882.
[33] Liu D, Ning P. "Multilevel μ TESLA: Broadcast authentication for distributed sensor networks." ACM Trans. on Embedded Computing Systems, 2004,3(4):800-836.
[34] Liu D, Ning P, Zhu S, Jajodia S. "Practical broadcast authentication in sensor networks." In: Proc. of the 2nd Annual Int'l Conf. on Mobile and Ubiquitous Systems: Networking and Services. Washington: IEEE Computer Society, 2005.118-129.
[35] 易平,蒋嶷川,张世永,钟亦平.“移动ad hoc网络安全综述”,电子学报,2005,Vol.33 No.5 P893-899
[36] Frank Stajano, Ross Anderson. "The resurrecting duckling : security issues for Ad-hoc wireless networks [A]." Proc. of the 7th International Workshop on Security Protocols [C]. LNCS 1796, Springer-Verlag, Berlin Germany, April 1999. 172-194.
[37] Alfarez Abdul-Rahman, Stephen Halles. "A Distributed Trust Model." 1997 New Security Paradigms Workshop Langdale, Cumbria UK, Copyright ACM 1998, 48-60.
[38] Edith C. H. Ngai, Michael R. Lyu. "An Authentication Service Against Dishonest Users in Mobile Ad Hoe Networks." 2004 IEEE Aerospace Conference Proceedings,1275-1285.
[39] N Asokan, Philip Ginzboorg. "Key agreement in ad hoc networks." Computer Communications, 2000, 23 (17) :1627-1637.
[40] Lidong Zhou, Zygmunt J Haas. "Securing ad hoc networks." IEEE Networks Special Issue on Network Security, 1999, 13(6): 24-30.
[41] R Ostrovsky ,M Yung. "How to withstand mobile virus attack." Proc of the 10th ACM Symposium on Principles of Distributed Computing [C]. ACMpress, New York, 1991. 51-59.
[42] Seung Yi, Robin Kravets. "MOCA:Mobile certificate authority for wireless Ad Hoc Networks." Proc of 2nd Annual PKI Research Workshop Program (PKI03). Gaithersburg, Maryland. April. 2003. 65-79.
[43] 熊焰,苗付友,张伟超,王行甫.移动自组网中基于多跳步加密签名函数签名的分布式认证.电子学报,2003,31(2):161-165.
[44] Jiejun Kong, Petros Zerfos, et al. "Providing robust and ubiquitous security support for mobile Ad Hoe networks." IEEE 9th International Conference on Network Protocols (ICNP'01). Riverside, California, 2001. 251-260.
[45] Haiyun Luo, Jiejun Kong, et al. "Self-securing Ad Hoe wireless networks." Proc of the Seventh IEEE Symposiumon Computers and Communications (ISCC'02) . Italy, 2002。567-574.
[46] Jean-Pierre Hubaux, Levente Buttyan, Srdjan Capkun. "The quest for security in mobile Ad Hoc networks." Proc of the 2001 ACM International Symposiumon Mobile ad hoc networking &computing 2001[C]. Long Beach, CA, USA, 2001. 146-155.
[47] Srdjan Capkun, Levente Nuttyan, Jean-Pierre Hubaux. "Self-organized public-key Management for mobile ad hoc networks." IEEE Transactions on mobile computing, January-March, 2003,2(1) :52-64.
[48] Zheng Yan. "Security in Ad Hoc Networks." http://citeseer.nj.nec.com/536945.html.
[49] Srdjan Capkun, Jean-Pierre Hubaux, Levente Buttyan. "Mobility helps security in Ad Hoc networks." The Fourth ACM International Symposiumon Mobile Ad Hoc Networking and Computing[C]. Annapolis ,Maryland ,USA ,June 1 - 3,2003.46 - 56.
[50] 徐守志.“多服务安全组播组密钥管理技术研究”,华中科技大学博士学位论文,2006
[51] Harney H, Muckenhim C, and T Rivers. "Gorup Kye Management Portocol Architecture", RFC2094, September 1994.
[52] Harney H, Muckenhim C, and T Rivers. "Gorup Key Management Protocol Specification", RFC2093, September 1994.
[53] 屈劲,葛建华,蒋铭.安全组播密钥批更新算法研究[J].电子学报.2003,31(7):1046-1048
[54] BALENSON D, MCGREW D, SHERMAN A. "Key management for large dynamic groups: One-Way function trees and amortized initialization[Z]". IETF Internet Draft (work in p rogress), 2000.
[55] Canetti R, Malkin T, Nissim K. "Efficient communicato-storgage tradeoffs for multicast encryption[J]." Advances in Cryptotoly-EUROCRYPT'99, vol.1599:459-474.
[56] WALDVOGEL M, GARONNIG, SUN D, et al. "The VersaKey framework: Versatile group key management". [J]. IEEE Journal on Selected Areas in Communications (Special Issue onMiddleware) ,1999, 17 (9) : 1614 - 1631.
[57] C. K. Wong, M. Gouda, and S. S. Lam, "Security group communication using key graph," IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 16-30,Feb. 2000.
[58] Pegueroles J, Rico-Novella F, Hernandez-Serrano J, et al. "Improved LKH for batch rekeying in multicast groups[A]." IEEE International Conference on Information Technology[C]. New York(USA), 2003. 269-273.
[59] Ghanem S.M, Abdel-Wahab H. "Secure group key management framework: design and rekey issues[A]." 8th IEEE International Symposium on Computers and Communication[C]. Los Alamitos(USA), CA:IEEE Computer Society Press, 2003. 797-802.
[60] Ghanem S.M, Abdel-Wahab H. "A simple XOR-based technique for distributing group key in secure multicasting[A]." Fifth IEEE Symposium on Computers and Communications[C].Los Alamitos(USA),CA:IEEE Computer Society Press, 2000.166-171.
[61] Sherman A.T, McGrew D.A. "Key establishment in large dynamic groups using one-way function trees[J]." IEEE Trans.on Software Engineering,2003,vol.29(5):444-458.
[62] Ku WeiChi,Chen ShuaiMin. "An improved key management scheme for large dynamic groups using one-way function trees[A]." IEEE International Conference on Parallel Processing Workshops[C],2003.391-396.
[63] Liu Jing,Zhou Mingtian. "Secure Group Communications For Large Dynamic Multicast Group[J]." Journal of Electronics.2003,20(4):265-273
[64] 刘景,周明天.大型动态多播群组的密钥管理和访问控制[J],软件学报.2002,13(2):291-297.
[65] Setia S,Koussih S,Jajodia S et al. "Kronos:a scalable group re-keying approach for secure multicast[A]." in:IEEE Symposium on Security and Privacy[C]." Oakland(USA)CA:IEEE Computer Society Press,2000.215-228.
[66] MITTRA S. "Iolus : A framework for scalable secure multicasting[J]". New York: ACM Press,ACM SIGCOM Computer Communication Review, 1997, 27 (4) : 277-288.
[67] Ateniese, Giuseppe Steiner, Michael Tsudik. et al. "New multiparty authentication services and key agreement protocols[J]." IEEE Journal on Selected Areas in Communications,vol. 18(4):628-639.
[68] Perrig A. "Efficient Collaborative Key Management Protocols for Secure Autonimous Group Communication[A]." in:International Workshop on Cryptographic Techniques and E-Commerce[C], 1999.192-202.
[69] Rekesh Babu Bobba, Laurent Eschenauer, Virgil Gligor, William Arbaugh. "Bootstrapping Security Associations for Routing in Mobile Ad Hoc Networks[R]." Technical Report 2002-44, University of Maryland, 2002.
[70] Shamir A. "How to share a secret". Comm ACM, 1979, 22:612-613
[71] R.J.McEliece,D.V.Sarwate."On Sharing Secrets and Reed-Solomon Codes." [J].Communication of the ACM, 1981,Vol.24(8):583-584。
[72] Benaloh J C. "Secret Sharing Homomorphisms: Keeping Shares of a Secret[C]", Proc of CRYPTO'86, Berlin:Springer, 1986:412-417.
[73] M.Ito, A.Saito, T Nishizeki, "Secret sharing scheme realizing general access structure, Proceedings IEEE Globcom'87 Tokyo,Japan, 1987, PP99-102.
[74] J.He, and E.Dawson, "Multistage secret sharing based on one-way function", Electron.Lett, Vol.3o, No.19(1994), pp.1591-1592.
[75] Chor B, Goldwasser S, Micali S, Awerbuch B. "Verifiable secret sharing and achieving simultaneity in the Presence of faults", in Proceedings of 26 IEEE symposium on Foundations of computer science, 1985:383-395.
[76] M.Stadler."Publicly verifiable secret sharing", In Advances in Cryptology-EURO-CRYPT, 96, Berlin, SPringer-Verlag, PP.190-199.
[77] Shamir A. "Identity-based Cryptosystems and Signature Schemes." Proceedings of Crypto 1984. Providence, USA: Springer-Verlag, 47-53,1984.
[78] Verheul E R. "Evidence That XTR Is More Secure Than Supersingular Elliptic Curve Cryptosystems." Advances in Cryptology-Proceedings of EUROCRYPT'01, Spring-Verlag,195-210, 2001.
[79] Boneh D, Franklin M. "Identity Based Encryption From The Weil Pairing." Advances in Cryptology-Proceedings of CRYPTO'01, Spring-Verlag, 213-229, 2001.
[80] 杨宗凯,谢海涛,程文青,谭运猛“一种基于身份的分布式会议密钥分发方案”《计算机科学》2007 Vol.34 No.1 P115-143.
[81] Aram Khalili, Jonathan Katz, William A. Araaugh. Toward Secure Key Distribution in Truly Ad-hoc Networks. Applications and the Internet Workshops, 2003. Proceedings. 2003Symposium on 27-31 Jan. 2003 Page(s):342-346
[82] Tzeng W G. A Secure Fault-tolerant Conference-key Agreement Protocol. IEEE Trans. Computers, vol.51, no 4, pp.373-379, Apr. 2002
[83] Xu Y. Identity-Based Fault-Tolerant Conference Key Agreement. IEEE Trans. Dependable and Secure Computing, vol. 1, no. 3, pp.170-178, July 2004
[84] Lin J C, Lai F P, Lee H C. Efficient Group Key Management Protocol with One-Way Key Derivation, Proceedings of the IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05).
[85] Qu J, Ge J.H, Jiang M. Key Management for Secure Multicast Using Huffman Hierarchy. Journal of Software 2003, Vol.14, No.1.
[86] Zhu L.H, Cao Y.D. "Multicast Rekeying Protocol Based on Huffman One-Way Function Tree." Transactions of Beijing Institute of Technology. 2004, Vol.24, No.6.
[87] Sun D, Huang T.S, Sun F.X, "DS-HOFKCT: A Multicast Re-keying Protocol Based on Huffman One-way Function Key Chain Tree." IEEE ICC2005, pp.1132-1135.