基于椭圆曲线密码体制的Ad hoc网络安全组通信
|
摘要
Ad hoc网络是一种没有有线基础设施支持的移动网络,网络中的节点都由移动主机组成,每个节点还要具有路由器的功能,负责把数据包转发到目的节点。
Ad hoc网络组播是IP组播机制在Ad hoc网络上的实现,有效地降低了网络的通信带宽,节点的电池能量消耗,使得Ad hoc网络得到广泛的应用。
Ad hoc网络组播的保密性和访问控制主要是利用安全组播组来实现的。即通过组密钥管理算法和协议使得安全组播组共享一个组密钥,发送方利用组密钥对组播数据进行加密,然后组播出去,接收方利用组密钥解密获得组播内容。因此关于组密钥的生成、分发和更新的组密钥管理方案成为Ad hoc网络安全的重要研究内容。
ECC(Elliptic Curve Cryptosystem),即椭圆曲线密码体制,是基于椭圆曲线离散对数问题ECDLP(Elliptic Curve Discrete Logarithm Problem)的,是目前比较安全的公钥密码体制。另外椭圆曲线密码体制使用的密钥非常短,主要的运算是点加运算,因此在计算和时间复杂度方面具有极大地优势。
本文首先介绍了Ad hoc网络的组密钥管理算法研究现状,然后提出了两种基于椭圆曲线的组密钥管理算法,并通过实验分析比较了它们的性能。两种组密钥管理算法只根据用户的标志就能计算出它们的公钥,不需要CA(Certificate Authoriy)进行证书认证,提高了算法的安全性和计算性能。
Ad hoc network is a mobile network without wired infrastructure support, formed by the mobile hosts. Each node is responsible for creating network topology, gathering routing information and forwarding packets in Ad hoc network.
Ad hoc network multicast could reduce network transmission costs, network bandwidth and network latency, sending a message to multiple recipients at the same time. It has been widely applied.
Ad hoc network multicast confidentiality and access control is an important part of the Ad hoc network security. It could be implemented by Ad hoc network secure group.
ECC (Elliptic Curve Cryptosystem) is based on the elliptic curve discrete logarithm problem, that is, ECDLP and it is a more secure public key cryptosystem now. Key is very short and main operation is the point addition in the elliptic curve cryptosystem, so ECC has great advantages in the computation and time complexities.
Two group key management algorithms based on ECC have been proposed in this paper. These two algothms could calculate the public key from users’identities, so we don’t require store many CA(Certificate Authority) certificates in the every node in of Ad hoc network. It improves the security and computation performance of Ad hoc network multicast.
Ad hoc网络组播是IP组播机制在Ad hoc网络上的实现,有效地降低了网络的通信带宽,节点的电池能量消耗,使得Ad hoc网络得到广泛的应用。
Ad hoc网络组播的保密性和访问控制主要是利用安全组播组来实现的。即通过组密钥管理算法和协议使得安全组播组共享一个组密钥,发送方利用组密钥对组播数据进行加密,然后组播出去,接收方利用组密钥解密获得组播内容。因此关于组密钥的生成、分发和更新的组密钥管理方案成为Ad hoc网络安全的重要研究内容。
ECC(Elliptic Curve Cryptosystem),即椭圆曲线密码体制,是基于椭圆曲线离散对数问题ECDLP(Elliptic Curve Discrete Logarithm Problem)的,是目前比较安全的公钥密码体制。另外椭圆曲线密码体制使用的密钥非常短,主要的运算是点加运算,因此在计算和时间复杂度方面具有极大地优势。
本文首先介绍了Ad hoc网络的组密钥管理算法研究现状,然后提出了两种基于椭圆曲线的组密钥管理算法,并通过实验分析比较了它们的性能。两种组密钥管理算法只根据用户的标志就能计算出它们的公钥,不需要CA(Certificate Authoriy)进行证书认证,提高了算法的安全性和计算性能。
Ad hoc network is a mobile network without wired infrastructure support, formed by the mobile hosts. Each node is responsible for creating network topology, gathering routing information and forwarding packets in Ad hoc network.
Ad hoc network multicast could reduce network transmission costs, network bandwidth and network latency, sending a message to multiple recipients at the same time. It has been widely applied.
Ad hoc network multicast confidentiality and access control is an important part of the Ad hoc network security. It could be implemented by Ad hoc network secure group.
ECC (Elliptic Curve Cryptosystem) is based on the elliptic curve discrete logarithm problem, that is, ECDLP and it is a more secure public key cryptosystem now. Key is very short and main operation is the point addition in the elliptic curve cryptosystem, so ECC has great advantages in the computation and time complexities.
Two group key management algorithms based on ECC have been proposed in this paper. These two algothms could calculate the public key from users’identities, so we don’t require store many CA(Certificate Authority) certificates in the every node in of Ad hoc network. It improves the security and computation performance of Ad hoc network multicast.
引文
[1] Jubin J and Tornow J. The DARPA Packet Radio Network Protocols[C]. Proceedings of IEEE, 1987, 75(l):21-32
[2] Royer E M. A Review of Current Routing Protocols for Ad hoc Mobile Wireless Networks[J]. IEEE Personal Communication. 1999, 4(2):46-55
[3] IETF. Mobile Ad hoc Networks Charter. http://www.ietf.org/html.chart-ers/manet/charter.html, 1999, 7
[4] Corson S, Maeker J. Mobile Ad hoc Networking: Routing Protocols Performance Issues and Evaluation Considerations. http://www.ietf.org/rfc/rfc2501.txt, 1999
[5] Sinha P, Sivakumar R, Bharghavan V. Enhancing Ad hoc Routing with Dynamic Virtual Infrastructures[A]. IEEEINFOCOM2001, 2001, 3
[6] Das B, Sivakumar R, Bharghavan V. Routingin Ad hoc Networks using a Spine[A]. International Conferenceon Computers Communieations Networks’97. 1997
[7] Wieselthier E J, Nguyen D G, Ephremides A. On the Construction of Energy Efficient Broadcast and Multicast Trees in Wireless Network. in Proceedings IEEE INFOCOM2000, 2000:586-594
[8] Wu J, Li H. On Calculation Connected Dominating Set for Efficient Routing in Ad hoc Wireless Networks[A]. Proc. of the 3rd International Workshop on Discrete Algorithms and Methods for MOBILE Computing and Communications. 1999
[9] Yongdae Kim, Adrian Perrig, Gene Tsudik. Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Group. ACM, 2000, 1
[10] Kyung Hyune Rhee, Young Ho Park, Gene Tsudik. A Group Key Management Architecture for Mobile Ad hoc Wireless Networks. The 3rd Intemational Workshop on Information Security Application. 2002.
[11] Zhou L, Haas Z J. Securing Ad hoc Networking. IEEE Networks Special Issue on Network Security. 1999
[12] Djenouri D, Khelladi L, Badache A N. A Survey of Security Issues in Mobile Ad hoc and Sensor Networks. IEEE Communications Survers and Tutorials. 2005, 7(4):2-28
[13] Wong C K, Gouda M, Lam S S. Secure Group Communication Using Key Graph. SIGCOMM’98. 1998:68-79
[14] Harney H, Harder E. Logical Key Hierarchy Protocol. Internet Engineerin Task Force,1999
[15] McGrew D, David A, Sherman T. Key Establishment in Large Dynamic Groups using one-way-function Trees. TIS Labs at Network Associtiates, Inc., 1998
[16] Balenson D, McGrew D, Sherman A. Key management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. Internet Draft, 1999
[17] Rhee K H, Park Y H, Tsudik G. A Group Key Management Architecture for Mobile Ad hoc Wireless Networks. Journal of Information Science and Engineering, 2005, 21:415-428
[18] Zhang Jiang, Li Bin, Chen Chunxiao et al. EDKAS: A Efficient Distributed Key Agreement Scheme Using One Way Function Trees for Dymamic Collaborative Groups. IMACS Muticonference on“Computational Engineering in Systems Applications”, 2006
[19] Kim Y, Perrig A, Tsudik G. Tree-based Group Key Agreement. ACM Transactions on Information and System Security, 2004, 7(1):60-96
[20] Maria Striki, Baras S, Kyriakos Manousakis. A Robust, Distributed TGDH-based Scheme for Secure Group Communication in MANET. IEEE Communications Society, 2006:2249-2255
[21] Mark Manulis. Contributory Group Key Agreement Protocols, Revisited for Mobile Ad hoc Groups. International Workshop on Wireless and Sensor Network Security(WSNS 2005), 2005
[22] Wang Yong, Ramamurthy Byrav, Zou Xukai. The Performance of Elliptic Curve Based Group Diffie-Hellman Protocols for Secure Group Communication over Ad Hoc Network. IEEE Communication Society, 2006
[23] Joseph Chee Ming, Chik How Tan. Energy-Efficient and Scalable Group Key Agreement for Large Ad hoc Networks. PE-WASUN’05, 2005:114-121
[24] Zhang Liping, Cui Guohua, Yu Zhigang. An Efficient Group Key Agreement Protocol for Ad hoc Network. IEEE, 2008
[25] Wu Bing, Wu Jie, Eduardo B et al. Secure and Efficient Key Management in Mobile Ad hoc Networks[C]. Proeeedings of 19th IEEE International Parallel&Distributed Processing Symposium, 2005, 18:288-296
[26] Luo H, Lu S. Ubiquitous and Robust Authentication Services for Ad hoc Wireless Networks[R]. Technical Report TR-200030, Dept.of Computer Science, 2000
[27] Koblitz N. Elliptic Curve Cryptosystems. Mathematics of Computation, 1987, 8: 203-209
[28] Miller V. Use of Elliptic Curves in Cryptography. Advances in Cryptology-CRYPTO’85. 1986:417-426
[29] Siverman J H. The Arithmetic of Elliptic Curves. Springer Verlag. 1986:101-156
[30] Eisentrager K, Lauter K, Montgomery P L. Fast Elliptic Curve Arithmetic and Improved Weil pairing Evaluation. Proc. of the RSA Conf. 2003 Cryptographers’Track. 2003:343-356
[31] Menezes A J, Okamoto T, Vanstone S. Reducing Elliptic Curve Logarithm to a Finite Field. IEEE Transactions on Information Theory. 1993, 39(5):1639-1646
[32] Boneh D, Frankin M. Identity-based Encryption from Weil pairing[A]. JCRYPTO’01. 2001:213-229
[33] Aydos M, Yanik T, Kog CK. High-speed Implementation of an ECC based wireless authentication protocol on an ARM microprocessor. lEEE Proc. Commun.,Vol. 148 No. 5, 2001:273-279
[34] Kristin Lauter. The Advantages of Elliptic Cryptography for Wireless Security. IEEE Wireless Communications. 2006:62-67
[35] Shmir A. Identity-based Cryptosystems and Signature Schemes. Advances in Cryptology Proceedings of CRYPTO’84. 1985:47-53
[36] Cocks C. An Identity-based Encryption Scheme based on Quadratic Residues. Eighth IMA International Conference on Cryptography and Coding. 2001:200-212
[37] Canetti R, Halevi S, Katz J. Chosen-Ciphertext Security from Identity based Encryption. Advances in Cryptology of Eurocrypt’04. 2004:207-222
[38] Boneh D, Boyen X. Efficient Selective ID Secure Identity based Encryption without Random Oracles. Advances in Cryptology of Eurocrypt’04. 2004:223-238
[39] Boneh D, Boyen X. Secure Identity based Encryption without Random Oracles. Advances in Cryptology of Eurocrypt’04. 2004:443-459
[40] Waters B. Efficient Identity-based Encrytion without Random Oracles. Advances in Cryptology of Eurocrypt’05. 2005:114-124
[41] Gentry C, Silverberg A. Hierarchical ID-based crytography. Advances in Cryptology of Eurocrypt’02. 2002:466-481
[42] Boneh D, Boyen X, Goh E J. Hierarchical Identity based Encryption with Constant Size Ciphertext. Advanced in Cryptology of Eurocrypt’05. 2005:440-456
[43] Choi K Y, Hwang J Y, Lee D H. Efficient ID-based Group Key Agreement Protocols with Bilinear Maps. Public Key Cryptography, 2004:130-144
[44] Smart N P. An ID-base Authenticated Key Agreement Protocol based on the Weil pairing. IEEE Electronics Letter. 2002:630-632
[45] Shim K. Efficient ID-base Authenticated Key Agreement Protocol based on the Weil pairing. IEEE Electronics Letter, 2003:653-654
[46] Bouassida M, Chrisment I. Festor O. Efficient Key Management Protocol in MANET using Multipoint Relaying Technique. IEEE International Conference on Networking. 2006
[47] Bouassida M, Chrisment I, Festor O. Group Key Management in MANET. International Journal of Network Security, 2008:67-79
[48]南湘浩. CPK标志认证.北京:国防工业出版社, 2005
[49] Johnson D, Menezes A, Vanstone S. The Elliptic Curve Digital Signature Algorithm. International Journal of Information Security, 2001:36-63
[50] Brown D. Generic Groups, Collision Resistance, and ECDSA. Cryptology ePrint Archive: Report 2002/026. 2002
[51] Howgrave Graham N, Smart N. Lattice Attacks on Digital Signature Schemes. Designs, Codes and Cryptography. 2001:283-290
[52] Mahassni E El, Nguyen P, Shparlinski I. The Insecurity of Nyberg-Rueppel and Other DSA-like Signature Schemes with Partially Known Nonces. Cryptography and Lattices-CaLC2001, Spriger-Verlag, 2001
[53] Wieselthier J E, Nguyen G D, Ephremides A. On the Construction of Energy Efficient Broadcast and Multicast Trees in Wireless Network. Proceedings. IEEE INFOCOM2000. 2000:586-594
[54] Loukas Lazos, Radha Poovendran. Energy-aware Secure Multicast Communication in Ad hoc Networks using Geographic Location Information. ICASSP 2003. 2003:201-204
[2] Royer E M. A Review of Current Routing Protocols for Ad hoc Mobile Wireless Networks[J]. IEEE Personal Communication. 1999, 4(2):46-55
[3] IETF. Mobile Ad hoc Networks Charter. http://www.ietf.org/html.chart-ers/manet/charter.html, 1999, 7
[4] Corson S, Maeker J. Mobile Ad hoc Networking: Routing Protocols Performance Issues and Evaluation Considerations. http://www.ietf.org/rfc/rfc2501.txt, 1999
[5] Sinha P, Sivakumar R, Bharghavan V. Enhancing Ad hoc Routing with Dynamic Virtual Infrastructures[A]. IEEEINFOCOM2001, 2001, 3
[6] Das B, Sivakumar R, Bharghavan V. Routingin Ad hoc Networks using a Spine[A]. International Conferenceon Computers Communieations Networks’97. 1997
[7] Wieselthier E J, Nguyen D G, Ephremides A. On the Construction of Energy Efficient Broadcast and Multicast Trees in Wireless Network. in Proceedings IEEE INFOCOM2000, 2000:586-594
[8] Wu J, Li H. On Calculation Connected Dominating Set for Efficient Routing in Ad hoc Wireless Networks[A]. Proc. of the 3rd International Workshop on Discrete Algorithms and Methods for MOBILE Computing and Communications. 1999
[9] Yongdae Kim, Adrian Perrig, Gene Tsudik. Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Group. ACM, 2000, 1
[10] Kyung Hyune Rhee, Young Ho Park, Gene Tsudik. A Group Key Management Architecture for Mobile Ad hoc Wireless Networks. The 3rd Intemational Workshop on Information Security Application. 2002.
[11] Zhou L, Haas Z J. Securing Ad hoc Networking. IEEE Networks Special Issue on Network Security. 1999
[12] Djenouri D, Khelladi L, Badache A N. A Survey of Security Issues in Mobile Ad hoc and Sensor Networks. IEEE Communications Survers and Tutorials. 2005, 7(4):2-28
[13] Wong C K, Gouda M, Lam S S. Secure Group Communication Using Key Graph. SIGCOMM’98. 1998:68-79
[14] Harney H, Harder E. Logical Key Hierarchy Protocol. Internet Engineerin Task Force,1999
[15] McGrew D, David A, Sherman T. Key Establishment in Large Dynamic Groups using one-way-function Trees. TIS Labs at Network Associtiates, Inc., 1998
[16] Balenson D, McGrew D, Sherman A. Key management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. Internet Draft, 1999
[17] Rhee K H, Park Y H, Tsudik G. A Group Key Management Architecture for Mobile Ad hoc Wireless Networks. Journal of Information Science and Engineering, 2005, 21:415-428
[18] Zhang Jiang, Li Bin, Chen Chunxiao et al. EDKAS: A Efficient Distributed Key Agreement Scheme Using One Way Function Trees for Dymamic Collaborative Groups. IMACS Muticonference on“Computational Engineering in Systems Applications”, 2006
[19] Kim Y, Perrig A, Tsudik G. Tree-based Group Key Agreement. ACM Transactions on Information and System Security, 2004, 7(1):60-96
[20] Maria Striki, Baras S, Kyriakos Manousakis. A Robust, Distributed TGDH-based Scheme for Secure Group Communication in MANET. IEEE Communications Society, 2006:2249-2255
[21] Mark Manulis. Contributory Group Key Agreement Protocols, Revisited for Mobile Ad hoc Groups. International Workshop on Wireless and Sensor Network Security(WSNS 2005), 2005
[22] Wang Yong, Ramamurthy Byrav, Zou Xukai. The Performance of Elliptic Curve Based Group Diffie-Hellman Protocols for Secure Group Communication over Ad Hoc Network. IEEE Communication Society, 2006
[23] Joseph Chee Ming, Chik How Tan. Energy-Efficient and Scalable Group Key Agreement for Large Ad hoc Networks. PE-WASUN’05, 2005:114-121
[24] Zhang Liping, Cui Guohua, Yu Zhigang. An Efficient Group Key Agreement Protocol for Ad hoc Network. IEEE, 2008
[25] Wu Bing, Wu Jie, Eduardo B et al. Secure and Efficient Key Management in Mobile Ad hoc Networks[C]. Proeeedings of 19th IEEE International Parallel&Distributed Processing Symposium, 2005, 18:288-296
[26] Luo H, Lu S. Ubiquitous and Robust Authentication Services for Ad hoc Wireless Networks[R]. Technical Report TR-200030, Dept.of Computer Science, 2000
[27] Koblitz N. Elliptic Curve Cryptosystems. Mathematics of Computation, 1987, 8: 203-209
[28] Miller V. Use of Elliptic Curves in Cryptography. Advances in Cryptology-CRYPTO’85. 1986:417-426
[29] Siverman J H. The Arithmetic of Elliptic Curves. Springer Verlag. 1986:101-156
[30] Eisentrager K, Lauter K, Montgomery P L. Fast Elliptic Curve Arithmetic and Improved Weil pairing Evaluation. Proc. of the RSA Conf. 2003 Cryptographers’Track. 2003:343-356
[31] Menezes A J, Okamoto T, Vanstone S. Reducing Elliptic Curve Logarithm to a Finite Field. IEEE Transactions on Information Theory. 1993, 39(5):1639-1646
[32] Boneh D, Frankin M. Identity-based Encryption from Weil pairing[A]. JCRYPTO’01. 2001:213-229
[33] Aydos M, Yanik T, Kog CK. High-speed Implementation of an ECC based wireless authentication protocol on an ARM microprocessor. lEEE Proc. Commun.,Vol. 148 No. 5, 2001:273-279
[34] Kristin Lauter. The Advantages of Elliptic Cryptography for Wireless Security. IEEE Wireless Communications. 2006:62-67
[35] Shmir A. Identity-based Cryptosystems and Signature Schemes. Advances in Cryptology Proceedings of CRYPTO’84. 1985:47-53
[36] Cocks C. An Identity-based Encryption Scheme based on Quadratic Residues. Eighth IMA International Conference on Cryptography and Coding. 2001:200-212
[37] Canetti R, Halevi S, Katz J. Chosen-Ciphertext Security from Identity based Encryption. Advances in Cryptology of Eurocrypt’04. 2004:207-222
[38] Boneh D, Boyen X. Efficient Selective ID Secure Identity based Encryption without Random Oracles. Advances in Cryptology of Eurocrypt’04. 2004:223-238
[39] Boneh D, Boyen X. Secure Identity based Encryption without Random Oracles. Advances in Cryptology of Eurocrypt’04. 2004:443-459
[40] Waters B. Efficient Identity-based Encrytion without Random Oracles. Advances in Cryptology of Eurocrypt’05. 2005:114-124
[41] Gentry C, Silverberg A. Hierarchical ID-based crytography. Advances in Cryptology of Eurocrypt’02. 2002:466-481
[42] Boneh D, Boyen X, Goh E J. Hierarchical Identity based Encryption with Constant Size Ciphertext. Advanced in Cryptology of Eurocrypt’05. 2005:440-456
[43] Choi K Y, Hwang J Y, Lee D H. Efficient ID-based Group Key Agreement Protocols with Bilinear Maps. Public Key Cryptography, 2004:130-144
[44] Smart N P. An ID-base Authenticated Key Agreement Protocol based on the Weil pairing. IEEE Electronics Letter. 2002:630-632
[45] Shim K. Efficient ID-base Authenticated Key Agreement Protocol based on the Weil pairing. IEEE Electronics Letter, 2003:653-654
[46] Bouassida M, Chrisment I. Festor O. Efficient Key Management Protocol in MANET using Multipoint Relaying Technique. IEEE International Conference on Networking. 2006
[47] Bouassida M, Chrisment I, Festor O. Group Key Management in MANET. International Journal of Network Security, 2008:67-79
[48]南湘浩. CPK标志认证.北京:国防工业出版社, 2005
[49] Johnson D, Menezes A, Vanstone S. The Elliptic Curve Digital Signature Algorithm. International Journal of Information Security, 2001:36-63
[50] Brown D. Generic Groups, Collision Resistance, and ECDSA. Cryptology ePrint Archive: Report 2002/026. 2002
[51] Howgrave Graham N, Smart N. Lattice Attacks on Digital Signature Schemes. Designs, Codes and Cryptography. 2001:283-290
[52] Mahassni E El, Nguyen P, Shparlinski I. The Insecurity of Nyberg-Rueppel and Other DSA-like Signature Schemes with Partially Known Nonces. Cryptography and Lattices-CaLC2001, Spriger-Verlag, 2001
[53] Wieselthier J E, Nguyen G D, Ephremides A. On the Construction of Energy Efficient Broadcast and Multicast Trees in Wireless Network. Proceedings. IEEE INFOCOM2000. 2000:586-594
[54] Loukas Lazos, Radha Poovendran. Energy-aware Secure Multicast Communication in Ad hoc Networks using Geographic Location Information. ICASSP 2003. 2003:201-204