上海交通大学硕士学位论文无线传感器网络安全问题研究--对密钥管理研究姓名:陈菲申请学位级别:硕士专业:计算机系统结构指导教师:陈克非20050101WirelessSensornetworkiscomposedoflotsofsensornodes,whichworktogetherforacquiring,processinginformation,andtransferringittoobservers.Meanwhile,sensornetworkisresource-limited.Suchlimitationsincludecomputationability,memorycapability,powerlimitationandcommunicationbandwidth&range.Thoselimitationsofsensornetworksmakeachievingsecuritydifficult.Toachievesecurityinsensornetworks,securityservicessuchasauthenticationandencryptionarefundamentalandnecessary.Keymanagementisthekeyissueofauthenticationandencryptiontechnologies,sotheestablishmentofasymmetricpair-wisekeysharedbetweentwosensorsisthemostimportant.Theninthispaper,wedosomeresearchonpair-wisekeymanagementofwirelesssensornetwork.BasedonthesecuritychallengesandgoalsinWSN,wegivemoreintroductionaboutmanypair-wisekeyestablishmentschemes,includingpre-distributionpair-wisekeymanagementandKDC-basedpair-wisekeymanagement.Accordingtothosesensornetworklimitationswhichinfluencetheadoptionofsecuritytechnologies,wepresenttheevaluationmetricsaboutpair-wisekeymanagementschemes,thenanalyzeandcomparethecurrentschemesaccordingtotheevaluationmetrics.Basedonthecomparisonandanalysis,thepropersecurityschemeinspecificapplicationcanbechosen.Afterthat,weintroducetwonewsecureandeffectivepair-wisekeymanagementschemes.Thefirstoneis“semi-randompair-wisekeyscheme”,whichisanimprovementof“randompair-wisekeyscheme”.Asaresult,wefindoutthatourschemeoptimizesnetworkscale,memoryusageandnetworkconnectionincomparisonwiththepreviousscheme.Sothenewschemeismorepractical.ThesecondoneisKDC-basedpair-wisekeyscheme,whichistheintegrationofpair-wisekeymanagementandMIMroutingprotocols.Thisschemecanrealizepair-wisekeyinitializationandupdatingwithoutincreasingadditionalnetworkload.Finally,wedescribethesimulationimplementationofMIMbyNS2andanalyzetheresults,whichshowthatMIMissecureandtheintegrationwithkeymanagementiseffective.Wirelesssensornetwork,networksecurity,keymanagement,pre-deployed,NS220053882005-1-1988MarkWeiser”UbiquitousComputingUbicompUC”PervasiveComputing21WirelessSensorNetworksWSNs[1]Adhoc[2][3][1][2][3][6]-2-MIMMIM-3-,4CPU,,UCBmotesuAMPSPC104GNOMESSmartDustWINSK1SmartDust[6]CPUStorageCommunication8-bit,4MHz8Kbytesinstructionfl-ash512bytesRAM512bytesEEPROM-4-Bandwidth916MHzradio10Kbps(sink)(gateway)basestationInternet[1][5]2-2Fig.2-2TheArchitectureofWirelessSensorNetwork-5--6--7--8-[2][5](2)(3)(4)(5)(6)[6]-9-Pre-DeploymentKDCKDCKDCKDC-10-network-widepre-deployedkeyingnode-specificpre-deployedkeying[6][6]IDEschenauerandGligorBasicRandomKeyScheme[9]HaowenChan,AdrianPerrig,DawnSongQ-compositescheme[10]AndersonandPerrigMultipathKeyReinforcement[10]DonggangLiuandPengNingPolynomialPoolBasedKeyScheme[11]WengliangDuandJingDengMultipleSpaceKeyScheme[12][13][14][15][22][23][24][25]-11-BasicRandomKeyScheme[9]EschenauerGligorBasicRandomKeySchemekeypoolSMPPIDIDIDID-12-HaowenChan,AdrianPerrig,DawnSong[10]Q-compositeschemeMulti-pathKeyReinforcementSchemeQ-compositeschemeBasicRandomePair-wiskekeySchemePPK=hash(k1||k2||……||kq)PMulti-pathKeyReinforcementSchemePPPolynomialBasedKeyScheme[11]Fqtf(x,y)=aijxiyjf(x,y)=f(y,x)i,if(i,y)ij,ijf(i,y)f(i,j)jif(j,y)f(j,i)f(i,j)=f(j,i)t(t+1)logqttDonggangLiuPengNingPolynomialPoolBasedKeyScheme-13-FqtFIDiFFiF,Fi(i,y)iIDIDIDIDKEYPREDISTRIBUTIONUSINGRANDOMSUBSETASSIGNMENTFGRIDBASEDKEYPREDISTRIBUTIONm×m2m{fci(x,y),fri(x,y)}i=0,...,m-1m=Nifri(x,y)ifci(x,y)(i,j)fci(x,y)fri(x,y)-14-Blomëë[12](ë+1)*NGNG(ë+1)*(ë+1)DN*(ë+1)A=(D·G)TDDA·G=(D·G)T·G=GT·DT·G=GT·D·G=(A·G)TK=A·G,KKij=Kjik1AK2GK3-1Fig.3-1pair-wisekeygenerating-15-ijGAKijandKjiGGë+1ëëBasicRandomKeySchemeWengliangDuandJingDengMultipleSpaceKeyScheme[13]BlomMultipleSpaceKeyScheme:GGF(q)(ë+1)·N.GG(j)GjG(j)jDù(ë+1)·(ë+1),DiA=(D·G)TA(j)AjSi=(Di,G)ùæjSiAi(i.e.Ai(j))j1ID23GijSc,BlomKij=Kji=Ac(i)·G(j)=Ac(j)·G(i)-16-[14]3-2[14]Fig.3-2Pre-deployedpoint[14]{Cic,ir}t{fic,ir(x,y)}fic,ir(x,y)Cic,ir-17-KerberosProtocol-18-Otway-ReesProtocolOtway-Reesprotocol[17]Kerberosnonces4NodeANodeB:KDCj||M||IDA||IDB||E(KAj,NA||M||IDA||IDB)AE(KAj,NA||M||IDA||IDB),NAMABNodeBNodeKDCj:KDCj||M||IDA||IDB||E(KAj,NA||M||IDA||IDB)||E(KBj,NB||M||IDA||IDB)BAE(KBj,NA||M||IDA||IDB)AKDCNodeKDCjNodeB:IDB||E(KAj,NA||Kpair)||E(KBj,NB||Kpair)BABIDnonceMKDCKKB-19-NodeBNodeA:IDA||E(KAj,NA||Kpair)||[E(Kpair,NA||NB)]BE(KBj,NB||Kpair),NBKpairKpairNANBAAE(KAj,NA||Kpair),NAKpair-20-[2][6]1.2.Diffie-HellmanRSA3.4.5.6.[26][28]1.2.-21-3.4.5.[2]6.7.-22-(3.2.1)IDKDCKDCKDC-23-BasicRandomKeyScheme[9]Q-compositescheme[10]Multi-pathKeyReinforcementScheme[10]KeyPre-distributionUsingSensorPre-deploymentknowledgeScheme[20]BasicRandomKeyScheme-24-BasicRandomKeySchemeQ-compositeschemeMulti-pathKeyReinforcementSchemePPPPKeyPre-distributionUsingSensorPre-deploymentknowledgeSchemePolynomialPoolBasedKeyScheme[11]Location-BasedPair-wisekeyestablishmentsscheme[14]C.Blundoetc.polynomial-basedkeypre-distributionprotocolt,-25-IDID(),fiy(inodesID∈)ttBloom’skeyscheme[12]MultipleSpaceKeyScheme[13]ëMultipleSpaceKeySchemeIDIDIDBLOMëë