基于身份密碼的機載自組織網絡動態(tài)密鑰管理

王宏; 李建華; 賴成喆

doi:10.11999/JEIT171148

基于身份密碼的機載自組織網絡動態(tài)密鑰管理

doi: 10.11999/JEIT171148

王宏^{1, 2, ,},
李建華¹,
賴成喆³

1.
空軍工程大學信息與導航學院 ??西安 ??710077
2.
國防科技大學信息通信學院 ??西安 ??710106
3.
西安郵電大學 ??西安 ??710121

基金項目: 國家自然科學基金(61401499, 61502386)

詳細信息

作者簡介:
王宏：男，1979年生，博士生，講師，研究方向為航空自組網信息安全

李建華：男，1965年生，博士，教授，博士生導師，研究方向為空天信息網絡建設

賴成喆：男，1985年生，博士，副教授，碩士生導師，研究方向為車載網絡信息安全

通訊作者:
王宏　 whongger2017@163.com

中圖分類號: TN918
計量
- 文章訪問數(shù): 2102
- HTML全文瀏覽量: 583
- PDF下載量: 52
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2017-12-06
- 修回日期: 2018-05-02
- 網絡出版日期: 2018-06-07
- 刊出日期: 2018-08-01

Identity Based Dynamic Key Management of Airborne Ad Hoc Network

Hong WANG^{1, 2
, ,},
Jianhua LI¹,
Chengzhe LAI³

1.
Information and Navigation College, Air Force Engineering University, Xi’an 710077, China
2.
Information and Communication College, National University of Defense Technology, Xi’an 710106, China
3.
Xi’an University of Posts & Telecommunications, Xi’an 710121, China

Funds: The National Natural Science Foundation of China (61401499, 61502386)

摘要

摘要: 針對現(xiàn)有機載自組織網絡密鑰管理存在的預分配密鑰更新困難、公鑰證書傳遞開銷大、分布式身份密鑰傳遞需要安全信道的問題，該文提出一種無需安全信道的基于身份密碼體制的動態(tài)密鑰管理方案。該方案包括系統(tǒng)密鑰自組織生成和用戶私鑰分布式管理兩個算法；采取遮蔽密鑰的辦法，確保私鑰在公共信道中全程安全傳遞，使得密鑰管理易于部署、方便擴展；最后分析了方案的正確性與安全性。結果證明方案理論正確，能夠抵抗假冒、重放、中間人攻擊。
- 機載網絡 /
- 身份密碼體制 /
- 密鑰管理 /
- 自組織 /
- 分布式
Abstract: Because of nowadays airborne network’s updating difficulty of pre-allocated symmetrical key, high communication cost of public key certificate and the requirement of security channel for distributed identity-based key management, identity-based dynamic key management of airborne network is proposed. It is composed of two algorithms: self-organized generation of master key without the trusted third party and distributed management of user’s private key. Moreover, the master key share and user private partition can be delivered without the pre-established security channel by blinding them so that the scheme is easy to develop and flexible to extend. Finally, the correctness and security of the proposed scheme are proved, it is shown that it can provide the ability to resist the impersonation attack, replay attack and man-in-the-middle attack.
- Airborne network /
- Identity-based cryptography /
- Key management /
- Self-organized /
- Distributed

HTML全文

圖 1 機載自組網密鑰管理結構圖

下載: 全尺寸圖片幻燈片

圖 2 機載網絡自組織系統(tǒng)密鑰生成

下載: 全尺寸圖片幻燈片

圖 3 機載網絡用戶密鑰管理

下載: 全尺寸圖片幻燈片

表 1 性能比較

方案	F1	F2	F3	F4	F5	F6
文獻[17]	是	否	否	$(m - 1)/n$	$4P + (7 + m)M$	$2m$
文獻[18]	是	是	否	$1/n$	$3P + (3 + m)M$	$3m$
文獻[19]	否	否	是	$\left( {m/2} \right)/n$	$2P + 7M$	${\rm{4}}m$
文獻[20]	是	是	否	$(m - 1)/n$	$6P + (3 + m)M$	$2 + 2m$
本文方案	是	是	是	$(m - 1)/n$	$6P + (4 + m)M$	$2 + 2m$

下載: 導出CSV

參考文獻(20)

李杰, 宮二玲, 孫志強, 等. 下一代機載網絡技術評述[J]. 指揮與控制學報, 2015, 1(3): 351–356. DOI: JCC.CN.2015.00351.

LI Jie, GONG Erling, SUN Zhiqiang, et al.. An overview of next generation airborne networks[J]. Journal of Command and Control, 2015, 1(3): 351–356. DOI: JCC.CN.2015.00351.

梁一鑫, 程光, 郭曉軍, 等. 機載網絡體系結構及其協(xié)議棧研究進展[J]. 軟件學報, 2016, 27(1): 96–111.DOI: 10.13328/j.cnki.jos.004925.

LIANG Yixin, CHENG Guang, GUO Xiaojun, et al.. Research progress on architecture and protocol stack of the airborne network[J]. Journal of Software, 2016, 27(1): 96–111. DOI: 10.13328/j.cnki.jos.004925.

SHANTHI K and MURUGAN D. Pair-wise key agreement and hop-by-hop authentication protocol for MANET[J]. Wireless Networks, 2016, 23(4): 1–9.DOI: 10.1007/s11276-015-1191-x.

PHUNG P H and MINH Q T. DASSR: A distributed authentication scheme for secure routing in wireless ad-hoc networks[C]. International Conference on Future Data and Security Engineering. Can Tho, Vietnam, 2016: 219–236.

DONG Ying, SUI Aifeng, YIU S M, et al.. Providing distributed certificate authority service in cluster-based mobile ad hoc networks[J]. Computer Communications, 2007, 30(11/12): 2442–2452. doi: 10.1016/j.comcom.2007.04.011.

韓磊, 劉吉強, 趙佳, 等. 移動ad hoc網絡分布式輕量級CA 密鑰管理方案[J].四川大學學報(工程科學版), 2011, 43(6): 133–139.DOI: 10.15961/j.jsuese.2011.06.021.

HAN Lei, LIU Jiqiang, ZHAO Jia, et al..Distributed lite CA key management scheme in mobile ad hoc networks[J].Journal of Sichuan University (Engineering Science Edition), 2011, 43(6): 133–139. doi: 10.15961/j.jsuese.2011.06.021.

DATKO B. Supporting secure, ad hoc joins for tactical networks[R]. Maryland: United States Naval Academy Trident Scholar Project Report, 2002.

CAPKUN S, NUTTYAN L, and HUBAUX J P. Self-organized public-key management for mobile ad hoc networks[J]. IEEE Transactions on Mobile Computing, 2003, 2(1): 52–64. DOI: 10.1109/TMC.2003.1195151.

RAFSANJANI M K and SHOJAIEMEHR B. Improvement of self-organized public key management for MANET[J]. Journal of American Science, 2012, 8(1): 197–202.

JANANI V S and MANIKANDAN M S K. Trust-based hexagonal clustering for efficient certificate management scheme in mobile ad hoc networks[R]. Sadhana, 2016.

OMAR M, BOUFAGHES H, MAMMERI L, et al.. Secure and reliable certificate chains recovery protocol for mobile ad hoc networks[J]. Journal of Network & Computer Applications, 2016, 62(C): 153-162. DOI: 10.1016/j.jnca.2016.01.007

SHAMIR. Identity-based cryptosystems and signature schemes[J]. LNCS, 1984, 21(2): 47–53.DOI: 10.1007/3-540-39568-7 5.

BONEH D and FRANKLIN M. Identity-based encryption from the weil pairing[C]. International Cryptology Conference on Advances in Cryptology. Santa Barbara, USA, 2001: 213–229.

曹丹, 王小峰, 王飛, 等. SA-IBE: 一種安全可追責的基于身份加密方案[J].電子與信息學報, 2011, 33(12): 2922–2928.DOI: 10.3724/SP.J.1146.2011.00399.

CAO Dan, WANG Xiaofeng, WANG Fei, et al.. SA-IBE: A secure and accountable identity-based encryption scheme[J] Journal of Electronics & Information Technology, 2011, 33(12): 2922–2928. doi: 10.3724/SP.J.1146.2011.00399.

ZHANG Tao, YUE Kang, and YAN Jinkui. A distributed anonymous authentication scheme for mobile ad hoc network from bilinear maps[C]. International Conference on Mechatronic Science, Electric Engineering and Computer. Jilin, China, 2011: 314–318.

NARAYANA V L and BHARATHI C R. Identity based cryptography for mobile ad hoc networks[J]. Journal of Theoretical and Applied Information Technology, 2017, 95(5): 1173–1182.

羅長遠, 李偉, 邢洪智, 等. 空間網絡中基于身份的分布式密鑰管理研究[J].電子與信息學報, 2010, 32(1): 183–188.DOI: 10.3724/SP.J.1146.2009.00461.

LUO Changyuan, LI Wei, XING Hongzhi, et al.. Research on identity-based distributed key management in space network[J]. Journal of Electronics & Information Technology, 2010, 32(1): 183–188. doi: 10.3724/SP.J.1146.2009.00461.

XIA Pengrui, WU Meng, WANG Kun, et al. Identity-based fully distributed certificate authority in an OLSR MANET[C]. International Conference on Wireless Communications, Networking and Mobile Computing. Dalian, China, 2008: 1–4.

任艷麗, 蔡建興, 黃春水, 等.基于身份加密中可驗證的私鑰生成外包算法[J].通信學報, 2015, 36(11): 61-66. DOI: 10.11959/j.issn.1000-436x.2015233.

REN Yanli, CAI Jianxing, HUANG Chunshui, et al.. Verifiable outsourcing private key generation algorithm in an identity-based encryption scheme[J]. Journal of Communications, 2015, 36(11): 61–66. DOI: 10.11959/j.issn.1000-436x.2015233.

李慧賢, 龐遼軍, 王育民. 適合ad hoc網絡無需安全信道的密鑰管理方案[J].通信學報, 2010, 31(1): 112–117.

LI Huixian, PANG Liaojun, and WANG Yumin. Key management scheme without secure channel for ad hoc networks[J]. Journal of Communications, 2010, 31(1): 112–117.

施引文獻

資源附件(0)

訪問統(tǒng)計