移动Ad Hoc网络密钥管理技术研究
|
摘要
移动自组网是由移动节点通过分布式协议自组织起来的一种无线网络,网络中没有基站等固定的基础设施,当有线网络不可使用时,如在战场通讯和紧急救援等任务中,移动自组网络提供了一种可行的地面通信和信息存取技术。随着移动自组网广泛应用于军事通信、户外会议、应急通信以及其他需要临时通信的场合,移动自组网安全技术研究越来越受到人们的重视。密钥管理是移动自组网安全研究中的基本问题,也是当前该领域研究热点之一,研究移动自组网密钥管理问题具有十分重要的意义。
针对目前移动自组网中分布式CA构建方案中,为防止移动对手攻击,需要更新节点的子密钥,存在计算复杂和需要通过安全旁路分发子密钥等问题。针对以上问题,基于多重秘密共享的思想提出了一种移动自组网分布式CA构建算法,该方法无需维持专门的安全信道,同时采用更新系统密钥而无需更新各节点的子密钥的方式来防止移动对手攻击,分析结果表明该方法在系统密钥更新时复杂度优于现有方案,具有易于实现的优点。
为减少证书和密钥管理的复杂性,基于身份的密码学提出一个移动自组网密钥管理方案。方案结合门限秘密共享与基于身份的密码学,避免了复杂的证书管理过程;与现有的基于身份的密钥管理方案相比,IDKM降低了运算开销与网络开销,并在一定程度上增强了安全性。
在基于身份的密钥管理方案基础上,基于MANET网络按需组播路由协议ODMRP(On-Demand Multicast Routing Protocol)和基于身份的公钥密码机制提出了一种安全组路由建立和组密钥生成算法SODMRP(Secure On-Demand Multicast RoutingProtocol),该算法在组播路由发现过程中加入了认证,同时在路由发现的过程中生成组密钥,减少由于组密钥生成带来的网络开销和延迟。仿真结果证明SODMRP在组密钥生成成功率和延迟方面明显好于现有组密钥生成算法。
为实现对方案的性能分析,在研究分析网络仿真工具NS-2特点的基础上,通过扩展NS-2中应用层、传输层、定时器、数据包等相关组件与数据结构,仿真实验了文中所提方案的初始化、私钥更新算法及密钥协商协议的性能,实验结果验证了所提方案的有效性。
A mobile ad hoc network (MANET) is a special wireless network that is self-organized by mobile nodes communicating with each other using distributed protocols. MANET can work in absence of fixed infrastructures, such as base stations. When wired networks are not available, e.g. in battlefield communication and emergent search-and-rescue scenarios, MANET provide a feasible way for communication and information access. With the growing military communication, outdoor meeting and emergency communication deployments of MANET, the security techonology receives increasing attention. Key management is the most essential issue and also one of the hotspots in MANET security research.
Existing distribute CA constructing mostly is based on (n,k) threshold scheme in mobile ad hoc networks, the scheme need update node's share for preventing mobile adversaries from attacks , which brings excessive overheads and need a secure channel to dispense secret share. Aiming at above problems, in this paper, a distribute CA constructing algorithm based on multi-secret sharing is proposed in mobile ad hoc networks. In this scheme, when system key is renewed, share does not need to be changed, furthermore it is unnecessary to maintain a secure channel in the period, and the analysis results show that the scheme proposed in this paper is simple, feasible and easy to be implemented.
An identity-based cryptography key management scheme IDKM using bilinear pairs is proposed. Combining id-based cryptography with threshold sharing, the proposed scheme avoids the complicated certificate management, comparing with existing id-based schemes, the most significant advantage of the proposed scheme lies in the enhancement of security and reducing communication overhead, storage overhead and computation efficiency.
SODMRP(Secure On-Demand Multicast Routing Protocol) is proposed based on ODMRP (on-demand multicast route protocol) and Identity-Based cryptography, which secures the multicast routing ,and establishes group key during the course of multicast routing discovery, it deceases overhead and delay greatly in the network. Simulation results demonstrate that SODMRP is better than current group key establishment algorithm in establishment success ratio and delay.
Following the analysis the simulation tool NS-2, we simulate the proposed schemes by extending relative components and data structures including the application layer, transport layer, timer, packet etc. The emulation and analysis results demonstrate that our schemes are effective.
针对目前移动自组网中分布式CA构建方案中,为防止移动对手攻击,需要更新节点的子密钥,存在计算复杂和需要通过安全旁路分发子密钥等问题。针对以上问题,基于多重秘密共享的思想提出了一种移动自组网分布式CA构建算法,该方法无需维持专门的安全信道,同时采用更新系统密钥而无需更新各节点的子密钥的方式来防止移动对手攻击,分析结果表明该方法在系统密钥更新时复杂度优于现有方案,具有易于实现的优点。
为减少证书和密钥管理的复杂性,基于身份的密码学提出一个移动自组网密钥管理方案。方案结合门限秘密共享与基于身份的密码学,避免了复杂的证书管理过程;与现有的基于身份的密钥管理方案相比,IDKM降低了运算开销与网络开销,并在一定程度上增强了安全性。
在基于身份的密钥管理方案基础上,基于MANET网络按需组播路由协议ODMRP(On-Demand Multicast Routing Protocol)和基于身份的公钥密码机制提出了一种安全组路由建立和组密钥生成算法SODMRP(Secure On-Demand Multicast RoutingProtocol),该算法在组播路由发现过程中加入了认证,同时在路由发现的过程中生成组密钥,减少由于组密钥生成带来的网络开销和延迟。仿真结果证明SODMRP在组密钥生成成功率和延迟方面明显好于现有组密钥生成算法。
为实现对方案的性能分析,在研究分析网络仿真工具NS-2特点的基础上,通过扩展NS-2中应用层、传输层、定时器、数据包等相关组件与数据结构,仿真实验了文中所提方案的初始化、私钥更新算法及密钥协商协议的性能,实验结果验证了所提方案的有效性。
A mobile ad hoc network (MANET) is a special wireless network that is self-organized by mobile nodes communicating with each other using distributed protocols. MANET can work in absence of fixed infrastructures, such as base stations. When wired networks are not available, e.g. in battlefield communication and emergent search-and-rescue scenarios, MANET provide a feasible way for communication and information access. With the growing military communication, outdoor meeting and emergency communication deployments of MANET, the security techonology receives increasing attention. Key management is the most essential issue and also one of the hotspots in MANET security research.
Existing distribute CA constructing mostly is based on (n,k) threshold scheme in mobile ad hoc networks, the scheme need update node's share for preventing mobile adversaries from attacks , which brings excessive overheads and need a secure channel to dispense secret share. Aiming at above problems, in this paper, a distribute CA constructing algorithm based on multi-secret sharing is proposed in mobile ad hoc networks. In this scheme, when system key is renewed, share does not need to be changed, furthermore it is unnecessary to maintain a secure channel in the period, and the analysis results show that the scheme proposed in this paper is simple, feasible and easy to be implemented.
An identity-based cryptography key management scheme IDKM using bilinear pairs is proposed. Combining id-based cryptography with threshold sharing, the proposed scheme avoids the complicated certificate management, comparing with existing id-based schemes, the most significant advantage of the proposed scheme lies in the enhancement of security and reducing communication overhead, storage overhead and computation efficiency.
SODMRP(Secure On-Demand Multicast Routing Protocol) is proposed based on ODMRP (on-demand multicast route protocol) and Identity-Based cryptography, which secures the multicast routing ,and establishes group key during the course of multicast routing discovery, it deceases overhead and delay greatly in the network. Simulation results demonstrate that SODMRP is better than current group key establishment algorithm in establishment success ratio and delay.
Following the analysis the simulation tool NS-2, we simulate the proposed schemes by extending relative components and data structures including the application layer, transport layer, timer, packet etc. The emulation and analysis results demonstrate that our schemes are effective.
引文
[1]Charles E.Perkins,Ad Hoc Networking.2001,Addison-Wesley,London;ISBN:0-201-30976-9 8-23
[2]L.Zhou,Z.J.Haas.Securing Ad Hoc Networks[J].IEEE Network Magazine,.Nov.1999
[3]郑少仁,王海涛,赵志峰,米志超,黎宁.《Ad Hoc网络技术》.人民邮电出版社,2005
[4]Aleksi Penttinen.Research on Ad Hoc Networking:Current Activity and Future Directions
[5]Yang H.Security in mobile Ad Hoc networks:Challengers and solutions[J].IEEE Wireless Communications,2004,11(1),pages:38-47
[6]William Stallings著,杨明,齐望东译.密码编码学与网络安全:原理与实践(第二版),电子工业出版社,2001
[7]况晓辉.移动自组网络组密钥管理关键技术研究[博士论文][D].长沙,国防科学技术大学计算机学院,2003
[8]Karpijoki Vesa,Security in Ad Hoc Networks,Telecommunication Software and Multimeida Laboratory 2002
[9]Whitfield Diffie and Martin E.Hellman.New directions in cryptography.IEEE Transactions of Information Theory 22(1976),no.6,pages:644-654
[10]Andrew Nash,William Duane,Celia Joseph,and Derek Brink著,张玉清,陈建奇等译.公钥基础设施(PKI)实现和管理电子安全,清华大学出版社,2002.
[11]J.Dankers,T.Garefalkis,R Schaffelhofer,and T.Wright.Public Key Infrastructure in Mobile Systems.IEEE Eletronic and Communication on Engineering Journal,14(5),pages:180-190,2002
[12]P Guttman,PKI:It's not dead,just resting[J].IEEE Computer,2002,35(8):41-49
[13]A.Shamir,Identity Based Cryptosystems and Signature Schemes,Proc.CRYPTO'84,pages:47-53,1984
[14]田野,张玉军,李忠诚.使用对技术的基于身份密码学研究综述[J],计算机研究与发展,2006,43(10),pages:1810-1819
[15]Boneh D.,Franklin M.,Identity-based encryption form the Weil pairing.In:Kilian J.ed..Advances in Cryptology-CRYPTO 2001,Lecture Notes in Computer Science 2139.Berlin:Springer-Verlag,2001,213-229
[16]N.Koblitz.Elliptic curve cryptosystems.Mathematics of Computation,Vol.48,pages:203-208,1987
[17]L Chen,C Kudla.Identity based authenticated key agreement form pairings[R].Crypology eprint Archive,Tech Rep:2002/184,2002.http://eprint.iarc.org/2002/184
[18]S.S.Al-Riyami and K.G.Paterson,Certificateless Public Key Cryptography,Advances in Cryptology ASIA CRYPT 20003,Springer-verlag LNCS 2894,pp.452-473,2003
[19]A Shamir.How to Share s Secret.Communication of the ACM,1979,22(11)
[20]G.R.Blakley.Sateguarding Cryptography Keys.Proceedings of the National Computer Conference, 1979,American Federation of Information Processing Societies,v.48,1979,pages:313-317
[21]胡华平,胡光明,董攀,陈新.大规模移动自组网安全技术综述[J].计算机研究与发展.2007,44(4),pages:545-552
[22]况晓辉,胡华平,吕世辉.移动Ad-hoc网络安全[J].小型微型计算机系统,2003,24(10),pages:1861-1864
[23]易平,蒋嶷川,张世永,钟亦平.移动ad hoc网络安全综述[J].电子学报,2005,33(5).pages:893-899
[24]Frank Stajano,Rose Anderson.The resurrecting duckling:security issues for Ad-Hoc wireless networks[A],Proc of 7~(th) International Workshop on Security Protocols[C].LNCS 1796,Springer-Verlag,Berlin Germany,Apirl 1999,pages:172-194
[25]N.Asokan,P.Ginzboorg.Key agreement in ad hoc networks[J].Computer Communications,2000,(23),pages:1627-1637
[26]P.Zimmermann.The Offical PGP User's Guide.MIT Press,1995
[27]Jean-Pierre Hubaux,Levente Buttyan,Srdjan Capkun.The quest for security in mobile Ad Hoc networks[A].Proc of the 2001 ACM International Symposium on Mobile ad hoc networking &computing 2001[C].Long Beach,CA,USA,2001,pages:146-155
[28]Srdjan Capkun,Levente Buttyan and Jean Pierre Hubaux.Self-Organized Public Key Management for Mobile Ad Hoc Networks.IEEE Transactions on Mobile Computing,2003,(2),pages:67-73
[29]洪帆,付才,崔永泉,陈晶,李俊.基于绝对信任模型的Ad Hoc网络自组织公钥管理机制[J].小型微型计算机系统,2007,28(2),pages:260-265
[30]L.Zhou,F.B.Schneider,and R.van Renesse.COCA:A Secure Distributed Online Certification Authority.ACM Trans.Computer Systems,2002,(20),pages:29-368
[31]熊焰,苗付友,张伟超,王行甫.移动自组网中基于多跳步加密签名函数签名的分布式认证[J].电子学报,2003,32(2),pages:161-165
[32]Seung.Yi,Robin Kravets.MOCA:Mobile certificate authority for wireledd Ad Hoc Networks.[A].Proc of 2nd Annual PKI Research Workshop Program(PKI)03[C].Gaithersburg,Maryland,April,2003,pages:65-79
[33]H.Luo,S.Lu,Ubiquitous and Robust Authentication Services for Ad Hoc Wtreless Networks,October 2000,U CLA-CSD-TR-200030
[34]J.Kong,P.Zerfos,H.Luo,S.Lu,and L.Zhang.Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks[A].In Proceedings of ICNP'01[C]
[35]H.Luo,P.Zerfos,J.Kong,S.Lu and L.Zhang,Self-securing Ad Hoc wireless networks.IEEE ISCC,2002
[36]Luo,H.,J.Kong,P.Zerfos,S.Lu and L.Zhang,URSA:Ubiquitous and Robust Access Control for Mobile Ad-hoc Networks,IEEE/ACM Transactions on Networking(TON) 12(2004),pages 1049-1063
[37]Gang Xu,Liviu Iftode.Locality Driven Key Management Architecture for Mobile Ad Hoe Networks.IEEE 2004,pages:436-446
[38]C.Davis.A localized trust management scheme for Ad Hoc networks.Proceedings of 3rd International Conference on Networking(ICN'04),Mar.2004
[39]M.Bechler,H.J.Hof,D.Kraft.A Cluster-Based Security Architecture for Ad Hoc Networks.IEEE INFOCOM.2004
[40]E.C.H.Ngai and M.R.Lyu.Trust and Clustering-Based Authentication Services in Mobile Ad Hoc Networks.Proc,24th International Conference on Distributed Computing Systems Workshops,W4:MDC(ICDCSW'04),2004
[41]S.Banerjee,S.Khuller.A clustering Scheme for Hierarchical Control in Multi-hop Wireless Networks[A].In proc.of IEEE INFOCOM[C],2001,pages1028-1037
[42]Khalili A,Katz J,Arbaugh W A.Toward Secure Key Distribution in Truly Ad Hoe Networks[A].Proc of The 2003 Symposium on Applicatioin and the Internet Workshops(SAINIT-w'03)[C],2003
[43]Deng H,Mukherjee A,Agrawal D.P.Threshold and Identity-based Key Management and Authentication for Wireless Ad Hoc Networks[A].Proc of IEEE International Conferences on Information Technology(ITCC'04)[C],2004
[44]顾纯祥,王磊,祝跃飞,无线自组网上基于身份的密钥生成协议[J],计算机工程,2005.31(24):166-168
[45]N.Saxena,G.Tsudik,and J.H.Yi,Identity-based Access Control for Ad Hoc Groups,Proc.Int'l Conf.Information Security and Cryptology,Dec.2004
[46]Y.Zhang,W.Liu,W.Lou,Y.Fang and Y.Kwon,AC-PKI:Anonymous and Certificate-less Public-Key Infrastructure for Mobile Ad Hoe Networks,Proc.IEEE Int'l Conf.Comm,pages 3515-3519.May 2005
[47]Hoeper,K.,G.Gong.Bootstrapping security in mobile ad hoc networks using identity-based schemes with key revocation.Technical report,University of Waterloo,Candada,2006
[48]曹爱霞,赵一鸣.Ad Hoc网络中基于身份的认证密钥交换协议[J].计算机工程,2007,33(10),pages:150-152
[49]徐倩.无线Ad Hoc网络中密钥管理方案的研究[硕士论文][D]南京,南京师范大学数学与计算机科学学院,2006
[50]邹娟.无线Ad Hoc网络中的密钥管理和接入认证研究[硕士论文][D].西安,西安电子科技大学,2005.
[51]R.Ostrovsky,M.Yung,How to withstand mobile virus attacks[A].Proc of the 10~(th) ACM Symposium on Principles of Distributed Computing[C],ACM press,New York,1992,pages:51-59
[52]B.Chor,S.Goldwaser,S.Micali,B.Awerbuch.Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults.in Proceedings of 26th,IEEE Symposium on foundation of Computer Science, pages:383-395,1985
[53]A.Herzberg,S.Jarecki,H.Krawczyk,and M.Yung,Prpcative Secret Sharing or:How to Cope with Perpetual Leakage,Proc.CRYPTO'95,pages:339-352,1995
[54]P.Feldman.A practical scheme for non-interactive verifiable secret sharing[A].In Proc.of IEEE Fund.Of Comp.,Sci.[C],pages:427-437,1987
[55]S.Jarecki,N.Saxena,and J.H.Yi,An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol,Proc.Second ACM Workshop Security of Ad Hoc and Sensor Networks(SASN'2004),Oct.2004
[56]J.R.Douceur,The Sybil Attack,Proc,First International Workshop Peer-to-Peer Systems(IPTPS),2002,pages:251-160
[57]Y.Zhang,W.Liu,W.Lou,and Y.Fang,MASK:Anonymous On-Demand Routing in Mobile ad hoc Networks,IEEE Tmns.Wireless Comm.Vol.5,no.9,pages 2376-2385,Sep.2006
[58]A J Menezes,M Qu,S Vanstone,Some new key agreement protocols providing mutual implict authentication[C].The 2nd Workshop on Selected Areas in Cryptography(SAC'95),Ottawa,1995
[59]Charles E Perkins,Elizabeth M Belding Royer,Samir R Das.Ad Hoc on-demand distance vector (AODV) routing[EB/OL].http://www.ietf.org/rfc/rfc3561.txt,2003-07
[60]K Shim.Efficient ID-based authenticated key agreement protocol based on the Weil pairing[J].IEEE Electronics Letters,2003,39(8),pages:653-654
[61]HWANG R J,CHANG C C.An on-line secret sharing scheme for mulit-secrets[J].Computer Communications,1998,21(13),pages:1170-1176
[62]UCN/LBL/VINT.Network simulator-NS2[EB/OL].http://www-mash.cs.berkeley.edu/ns,1995
[63]Cachin C On-line secret sharing[A].Proceedings of the 5~(th) IMA Conference on Cryptography and Coding[C].London,UK:Springer-Verlag,1995.190-198.
[64]Hwang Ren-Junn,Chang Chin-Chen.An on-line secret sharing scheme for multi-secrets[J].Computer Communications,1998,21(13):1170-1176.
[65]Feldman P.A practical scheme for non-interative verifiable secret sharing[C].In:Proc of the 28~(th) IEEE Ann Symp on Fourdations of Computer Science,IEEE,1987:427-437.
[66]Aho A,Hopcroft J,Ullman J.The Design and Analysis of Computer Algorithms[M].Massachusetts,US:Addison-wesley,1974.
[67]H.Harney and C.Muckenhirm.Group key management protocol(GKMP) architecture.RFC 2093 IETF,July 1997.
[68]Y.Amir,G.Ateniese,D.Hasse,Y.Kim,C.Nita-Rotaru,T.Schlossnagle,J.Schultz,J.Stanton and G.Tsudik.Secure Group Communication in Asynchronous Networks with Failures:Integration and Experiments.IEEE ICDCS 2000,pp 330-343 April 2000.
[69]S.Basagni,K.Herrin and D.Bruschi.Secure pebblenets.Proceedings of the 2001 ACM International Symposium on Mobile Ad Hoc Networking and Computing, pages 156-163. ACM Press, October 2001.
[70] Michael Steiner, Gene Tsudik, Michael Waidner. Diffle-hellman key distribution extended to group communication. In 3rd ACM Conference on Computer and Communications Security, pp. 31-37, New Delhi India, March 1996 ACM Press.
[71] E. Anton and 0. Duarte. Group key establishment in wireless ad hoc networks. Workshop on Quality of Service and Mobility (WQoSM) 2002.
[72] Y. Kim, A. Perrig, G. Tsudik. Simple and fault-tolerant key agreement for dynamic collaborative groups.Proceedings of 7th ACM Conference on Computer and Communications Security, pp. 235-244, ACM Press, November 2000.
[73] K. Becker, U. Wille. Communication complexity of group key distribution. proc. 5th ACM Conference on Computer and Communication Security. San Francisco, CA USA, November 1998. pp. 1-6, ACM Press.
[74] M. Burmester, Y. Desmedt. A secure and efficient conference key distribution system. Advances in Cryptology-EUROCRYPT'94, May 1994, 275-286.
[75] Sung-Ju Lee, MariO Gerla, Ching-Chuan Chiang. On-Demand Multicast Routing Protocol[C]. Proceedings of IEEE WCNC'99, New Orleans 1999:1298-1302.
[2]L.Zhou,Z.J.Haas.Securing Ad Hoc Networks[J].IEEE Network Magazine,.Nov.1999
[3]郑少仁,王海涛,赵志峰,米志超,黎宁.《Ad Hoc网络技术》.人民邮电出版社,2005
[4]Aleksi Penttinen.Research on Ad Hoc Networking:Current Activity and Future Directions
[5]Yang H.Security in mobile Ad Hoc networks:Challengers and solutions[J].IEEE Wireless Communications,2004,11(1),pages:38-47
[6]William Stallings著,杨明,齐望东译.密码编码学与网络安全:原理与实践(第二版),电子工业出版社,2001
[7]况晓辉.移动自组网络组密钥管理关键技术研究[博士论文][D].长沙,国防科学技术大学计算机学院,2003
[8]Karpijoki Vesa,Security in Ad Hoc Networks,Telecommunication Software and Multimeida Laboratory 2002
[9]Whitfield Diffie and Martin E.Hellman.New directions in cryptography.IEEE Transactions of Information Theory 22(1976),no.6,pages:644-654
[10]Andrew Nash,William Duane,Celia Joseph,and Derek Brink著,张玉清,陈建奇等译.公钥基础设施(PKI)实现和管理电子安全,清华大学出版社,2002.
[11]J.Dankers,T.Garefalkis,R Schaffelhofer,and T.Wright.Public Key Infrastructure in Mobile Systems.IEEE Eletronic and Communication on Engineering Journal,14(5),pages:180-190,2002
[12]P Guttman,PKI:It's not dead,just resting[J].IEEE Computer,2002,35(8):41-49
[13]A.Shamir,Identity Based Cryptosystems and Signature Schemes,Proc.CRYPTO'84,pages:47-53,1984
[14]田野,张玉军,李忠诚.使用对技术的基于身份密码学研究综述[J],计算机研究与发展,2006,43(10),pages:1810-1819
[15]Boneh D.,Franklin M.,Identity-based encryption form the Weil pairing.In:Kilian J.ed..Advances in Cryptology-CRYPTO 2001,Lecture Notes in Computer Science 2139.Berlin:Springer-Verlag,2001,213-229
[16]N.Koblitz.Elliptic curve cryptosystems.Mathematics of Computation,Vol.48,pages:203-208,1987
[17]L Chen,C Kudla.Identity based authenticated key agreement form pairings[R].Crypology eprint Archive,Tech Rep:2002/184,2002.http://eprint.iarc.org/2002/184
[18]S.S.Al-Riyami and K.G.Paterson,Certificateless Public Key Cryptography,Advances in Cryptology ASIA CRYPT 20003,Springer-verlag LNCS 2894,pp.452-473,2003
[19]A Shamir.How to Share s Secret.Communication of the ACM,1979,22(11)
[20]G.R.Blakley.Sateguarding Cryptography Keys.Proceedings of the National Computer Conference, 1979,American Federation of Information Processing Societies,v.48,1979,pages:313-317
[21]胡华平,胡光明,董攀,陈新.大规模移动自组网安全技术综述[J].计算机研究与发展.2007,44(4),pages:545-552
[22]况晓辉,胡华平,吕世辉.移动Ad-hoc网络安全[J].小型微型计算机系统,2003,24(10),pages:1861-1864
[23]易平,蒋嶷川,张世永,钟亦平.移动ad hoc网络安全综述[J].电子学报,2005,33(5).pages:893-899
[24]Frank Stajano,Rose Anderson.The resurrecting duckling:security issues for Ad-Hoc wireless networks[A],Proc of 7~(th) International Workshop on Security Protocols[C].LNCS 1796,Springer-Verlag,Berlin Germany,Apirl 1999,pages:172-194
[25]N.Asokan,P.Ginzboorg.Key agreement in ad hoc networks[J].Computer Communications,2000,(23),pages:1627-1637
[26]P.Zimmermann.The Offical PGP User's Guide.MIT Press,1995
[27]Jean-Pierre Hubaux,Levente Buttyan,Srdjan Capkun.The quest for security in mobile Ad Hoc networks[A].Proc of the 2001 ACM International Symposium on Mobile ad hoc networking &computing 2001[C].Long Beach,CA,USA,2001,pages:146-155
[28]Srdjan Capkun,Levente Buttyan and Jean Pierre Hubaux.Self-Organized Public Key Management for Mobile Ad Hoc Networks.IEEE Transactions on Mobile Computing,2003,(2),pages:67-73
[29]洪帆,付才,崔永泉,陈晶,李俊.基于绝对信任模型的Ad Hoc网络自组织公钥管理机制[J].小型微型计算机系统,2007,28(2),pages:260-265
[30]L.Zhou,F.B.Schneider,and R.van Renesse.COCA:A Secure Distributed Online Certification Authority.ACM Trans.Computer Systems,2002,(20),pages:29-368
[31]熊焰,苗付友,张伟超,王行甫.移动自组网中基于多跳步加密签名函数签名的分布式认证[J].电子学报,2003,32(2),pages:161-165
[32]Seung.Yi,Robin Kravets.MOCA:Mobile certificate authority for wireledd Ad Hoc Networks.[A].Proc of 2nd Annual PKI Research Workshop Program(PKI)03[C].Gaithersburg,Maryland,April,2003,pages:65-79
[33]H.Luo,S.Lu,Ubiquitous and Robust Authentication Services for Ad Hoc Wtreless Networks,October 2000,U CLA-CSD-TR-200030
[34]J.Kong,P.Zerfos,H.Luo,S.Lu,and L.Zhang.Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks[A].In Proceedings of ICNP'01[C]
[35]H.Luo,P.Zerfos,J.Kong,S.Lu and L.Zhang,Self-securing Ad Hoc wireless networks.IEEE ISCC,2002
[36]Luo,H.,J.Kong,P.Zerfos,S.Lu and L.Zhang,URSA:Ubiquitous and Robust Access Control for Mobile Ad-hoc Networks,IEEE/ACM Transactions on Networking(TON) 12(2004),pages 1049-1063
[37]Gang Xu,Liviu Iftode.Locality Driven Key Management Architecture for Mobile Ad Hoe Networks.IEEE 2004,pages:436-446
[38]C.Davis.A localized trust management scheme for Ad Hoc networks.Proceedings of 3rd International Conference on Networking(ICN'04),Mar.2004
[39]M.Bechler,H.J.Hof,D.Kraft.A Cluster-Based Security Architecture for Ad Hoc Networks.IEEE INFOCOM.2004
[40]E.C.H.Ngai and M.R.Lyu.Trust and Clustering-Based Authentication Services in Mobile Ad Hoc Networks.Proc,24th International Conference on Distributed Computing Systems Workshops,W4:MDC(ICDCSW'04),2004
[41]S.Banerjee,S.Khuller.A clustering Scheme for Hierarchical Control in Multi-hop Wireless Networks[A].In proc.of IEEE INFOCOM[C],2001,pages1028-1037
[42]Khalili A,Katz J,Arbaugh W A.Toward Secure Key Distribution in Truly Ad Hoe Networks[A].Proc of The 2003 Symposium on Applicatioin and the Internet Workshops(SAINIT-w'03)[C],2003
[43]Deng H,Mukherjee A,Agrawal D.P.Threshold and Identity-based Key Management and Authentication for Wireless Ad Hoc Networks[A].Proc of IEEE International Conferences on Information Technology(ITCC'04)[C],2004
[44]顾纯祥,王磊,祝跃飞,无线自组网上基于身份的密钥生成协议[J],计算机工程,2005.31(24):166-168
[45]N.Saxena,G.Tsudik,and J.H.Yi,Identity-based Access Control for Ad Hoc Groups,Proc.Int'l Conf.Information Security and Cryptology,Dec.2004
[46]Y.Zhang,W.Liu,W.Lou,Y.Fang and Y.Kwon,AC-PKI:Anonymous and Certificate-less Public-Key Infrastructure for Mobile Ad Hoe Networks,Proc.IEEE Int'l Conf.Comm,pages 3515-3519.May 2005
[47]Hoeper,K.,G.Gong.Bootstrapping security in mobile ad hoc networks using identity-based schemes with key revocation.Technical report,University of Waterloo,Candada,2006
[48]曹爱霞,赵一鸣.Ad Hoc网络中基于身份的认证密钥交换协议[J].计算机工程,2007,33(10),pages:150-152
[49]徐倩.无线Ad Hoc网络中密钥管理方案的研究[硕士论文][D]南京,南京师范大学数学与计算机科学学院,2006
[50]邹娟.无线Ad Hoc网络中的密钥管理和接入认证研究[硕士论文][D].西安,西安电子科技大学,2005.
[51]R.Ostrovsky,M.Yung,How to withstand mobile virus attacks[A].Proc of the 10~(th) ACM Symposium on Principles of Distributed Computing[C],ACM press,New York,1992,pages:51-59
[52]B.Chor,S.Goldwaser,S.Micali,B.Awerbuch.Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults.in Proceedings of 26th,IEEE Symposium on foundation of Computer Science, pages:383-395,1985
[53]A.Herzberg,S.Jarecki,H.Krawczyk,and M.Yung,Prpcative Secret Sharing or:How to Cope with Perpetual Leakage,Proc.CRYPTO'95,pages:339-352,1995
[54]P.Feldman.A practical scheme for non-interactive verifiable secret sharing[A].In Proc.of IEEE Fund.Of Comp.,Sci.[C],pages:427-437,1987
[55]S.Jarecki,N.Saxena,and J.H.Yi,An Attack on the Proactive RSA Signature Scheme in the URSA Ad Hoc Network Access Control Protocol,Proc.Second ACM Workshop Security of Ad Hoc and Sensor Networks(SASN'2004),Oct.2004
[56]J.R.Douceur,The Sybil Attack,Proc,First International Workshop Peer-to-Peer Systems(IPTPS),2002,pages:251-160
[57]Y.Zhang,W.Liu,W.Lou,and Y.Fang,MASK:Anonymous On-Demand Routing in Mobile ad hoc Networks,IEEE Tmns.Wireless Comm.Vol.5,no.9,pages 2376-2385,Sep.2006
[58]A J Menezes,M Qu,S Vanstone,Some new key agreement protocols providing mutual implict authentication[C].The 2nd Workshop on Selected Areas in Cryptography(SAC'95),Ottawa,1995
[59]Charles E Perkins,Elizabeth M Belding Royer,Samir R Das.Ad Hoc on-demand distance vector (AODV) routing[EB/OL].http://www.ietf.org/rfc/rfc3561.txt,2003-07
[60]K Shim.Efficient ID-based authenticated key agreement protocol based on the Weil pairing[J].IEEE Electronics Letters,2003,39(8),pages:653-654
[61]HWANG R J,CHANG C C.An on-line secret sharing scheme for mulit-secrets[J].Computer Communications,1998,21(13),pages:1170-1176
[62]UCN/LBL/VINT.Network simulator-NS2[EB/OL].http://www-mash.cs.berkeley.edu/ns,1995
[63]Cachin C On-line secret sharing[A].Proceedings of the 5~(th) IMA Conference on Cryptography and Coding[C].London,UK:Springer-Verlag,1995.190-198.
[64]Hwang Ren-Junn,Chang Chin-Chen.An on-line secret sharing scheme for multi-secrets[J].Computer Communications,1998,21(13):1170-1176.
[65]Feldman P.A practical scheme for non-interative verifiable secret sharing[C].In:Proc of the 28~(th) IEEE Ann Symp on Fourdations of Computer Science,IEEE,1987:427-437.
[66]Aho A,Hopcroft J,Ullman J.The Design and Analysis of Computer Algorithms[M].Massachusetts,US:Addison-wesley,1974.
[67]H.Harney and C.Muckenhirm.Group key management protocol(GKMP) architecture.RFC 2093 IETF,July 1997.
[68]Y.Amir,G.Ateniese,D.Hasse,Y.Kim,C.Nita-Rotaru,T.Schlossnagle,J.Schultz,J.Stanton and G.Tsudik.Secure Group Communication in Asynchronous Networks with Failures:Integration and Experiments.IEEE ICDCS 2000,pp 330-343 April 2000.
[69]S.Basagni,K.Herrin and D.Bruschi.Secure pebblenets.Proceedings of the 2001 ACM International Symposium on Mobile Ad Hoc Networking and Computing, pages 156-163. ACM Press, October 2001.
[70] Michael Steiner, Gene Tsudik, Michael Waidner. Diffle-hellman key distribution extended to group communication. In 3rd ACM Conference on Computer and Communications Security, pp. 31-37, New Delhi India, March 1996 ACM Press.
[71] E. Anton and 0. Duarte. Group key establishment in wireless ad hoc networks. Workshop on Quality of Service and Mobility (WQoSM) 2002.
[72] Y. Kim, A. Perrig, G. Tsudik. Simple and fault-tolerant key agreement for dynamic collaborative groups.Proceedings of 7th ACM Conference on Computer and Communications Security, pp. 235-244, ACM Press, November 2000.
[73] K. Becker, U. Wille. Communication complexity of group key distribution. proc. 5th ACM Conference on Computer and Communication Security. San Francisco, CA USA, November 1998. pp. 1-6, ACM Press.
[74] M. Burmester, Y. Desmedt. A secure and efficient conference key distribution system. Advances in Cryptology-EUROCRYPT'94, May 1994, 275-286.
[75] Sung-Ju Lee, MariO Gerla, Ching-Chuan Chiang. On-Demand Multicast Routing Protocol[C]. Proceedings of IEEE WCNC'99, New Orleans 1999:1298-1302.