基于AKB-OTS的传感器网络广播认证协议

Journal of Systems Engineering and Electronics ›› 2009, Vol. 31 ›› Issue (8): 2008-2012.

基于AKB-OTS的传感器网络广播认证协议

杜志强^1,2, 沈玉龙¹, 马建峰¹, 周利华^1,2

1. 计算机网络与信息安全教育部重点实验室, 陕西, 西安, 710071;
2. 西安电子科技大学多媒体技术研究所, 陕西, 西安, 710071

收稿日期:2008-03-13 修回日期:2008-12-15 出版日期:2009-08-20 发布日期:2010-01-03
作者简介:杜志强(1977- ),男,博士研究生,主要研究方向为计算机网络与信息安全.E-mail:nisec_du@163.com
基金资助:
陕西省自然科学基础研究计划(2005F28);西安市科技攻关计划(GG06017);西安电子科技大学研究生创新基金(创07006)资助课题

AKB-OTS based broadcast authentication protocol for sensor networks

DU Zhi-qiang^1,2, SHEN Yu-long¹, MA Jian-feng¹, ZHOU Li-hua^1,2

1. Key Lab. of Computer Networks & Information Security, Ministry of Education, Xi'an 710071, China;
2. Multimedia Technology Inst., Xidian Univ., Xi'an 710071, China

Received:2008-03-13 Revised:2008-12-15 Online:2009-08-20 Published:2010-01-03

摘要/Abstract

摘要： 现有的基于一次性签名的传感器网络广播认证协议因存储开销较大,较难适用于大规模尤其是多广播节点网络.提出基于辅助密钥的一次性签名方案(assistant-key based-onetime signature,AKB-OTS),引入辅助密钥和Merkle树机制对HORS进行改进,降低其公钥和私钥尺寸.提出基于AKB-OTS的多广播节点传感器网络广播认证协议.分析和验证表明,本协议存储、通信和计算开销低,能够抵抗穷举、选择明文、DoS等攻击,适用于大规模多广播节点传感器网络.

Abstract: The current wireless sensor network(WSN) broadcast authentication protocol based on onetime signature(OTS) can hardly meet the requirement of large-scale sensor networks,especially that of multi-sender networks,owing to its high cost of storing and communicating.To reduce the size of private-key and public-key of HORS,a scheme named assistant-key based-onetime signature(AKB-OTS) is presented which introduces an assistant-key and Merkle tree mechanism,and a broadcast authentication protocol for multi-sender sensor networks based on AKB-OTS is also presented.Analyses and experiments show that the proposed protocol is low in overhead consumed by computation,communication and storage,can resist attacks including brute-force,chosen message and DoS,and is more applicable to large-scale multi-sender sensor networks.

中图分类号:

TP393

杜志强, 沈玉龙, 马建峰, 周利华. 基于AKB-OTS的传感器网络广播认证协议 [J]. Journal of Systems Engineering and Electronics, 2009, 31(8): 2008-2012.

DU Zhi-qiang, SHEN Yu-long, MA Jian-feng, ZHOU Li-hua. AKB-OTS based broadcast authentication protocol for sensor networks [J]. Journal of Systems Engineering and Electronics, 2009, 31(8): 2008-2012.

参考文献

[1] Ren K,Zeng K,Lou W,et al.On broadcast authentication in wireless sensor networks[J].IEEE Trans.on Wireless Communications,2007,6(11):4136-4144.
[2] Ayday E,Delgosha F,Fekri F.Efficient broadcast authentication for wireless sensor networks[C]//Networking Technologies for Software Define Radio Networks,2nd IEEE Workshop,2007:61-62.
[3] Chang S,Shieh S,Lin W W.An efficient broadcast authentication scheme in wireless sensor networks[C]//Proc.of the ACM Symposium on Information,Computer and Communications Security,2006:311-320.
[4] Reyzin L,Reyzin N.Better than BiBa:short onetime signatures with fast signing and verifying[C]//7th Australasian Conference on Information Security and Privacy,2002:114-153.
[5] Perrig A,Szewczyk R.SPINS;security protocols for sensor networks[J].Wireless Networks Journal,2003,8(5):521-534.
[6] Liu D,Ning P.Multi-level μTESLA:broadcast authentication for distributed sensor networks[J].ACM Trans.on Embedded Computing Systems,2004,3(4):800-836.
[7] Liu D,Ning P.Efficient distribution of key chain commitments for broadcast authentication in distributed sensor networks[C]//Proc.of the 10th Annual Network and Distributed System Security Symposium,2003:263-276.
[8] Liu D,Ning P,Zhu S.Practical broadcast authentication in sensor networks[C]//Proc.of the 2nd Annual International Conference on Mobile and Ubiquitous Systems Networking and Services,Piscataway,USA:IEEE,2005:118-129.
[9] Drissi J,Gu Q.Localized broadcast authentication in large sensor networks[C]//Proc.of the International Conference on Networking and Services,2006:25.
[10] 沈玉龙,裴庆棋,马建峰.MMμTESLA:多基站传感器网络广播认证协议[J].计算机学报,2007,30(4):539-546.
[11] Hu Y,Perrig A,Johnson D.Packet leashes:a defense against wormhole attacks in wireless ad hoc networks[C]//Proc.of INFOCOM,2003:223-230.
[12] Ning P,Liu A,Du W.Mitigating DoS attacks against broadcast authentication in wireless sensor networks[J].ACM Trans.on Sensor Networks,2008,4(1):1-31.

[1]	金志刚, 段晨旭, 羊秋玲, 苏毅珊. 基于水下云边协同架构的珊瑚礁监测新机制[J]. 系统工程与电子技术, 2022, 44(12): 3829-3836.
[2]	唐玺博, 张立民, 钟兆根. 基于ADASYN与改进残差网络的入侵流量检测识别[J]. 系统工程与电子技术, 2022, 44(12): 3850-3862.
[3]	刘高赛, 姜兴龙, 李华旺, 梁广. 基于位置感知的大规模LEO星座分布式路由算法[J]. 系统工程与电子技术, 2022, 44(11): 3529-3536.
[4]	宋鑫康, 赵尚弘, 王翔, 郝少伟. 航空信息网络服务功能链协同构建与映射策略[J]. 系统工程与电子技术, 2022, 44(11): 3556-3563.
[5]	付有斌, 康巧燕, 王建峰, 胡海岩, 赵朔. 标签分割的软件定义飞行自组网控制器智能部署方法[J]. 系统工程与电子技术, 2022, 44(10): 3249-3257.
[6]	龚建兴, 朱雷, 王华兵, 丁佩元, 路程昭. 基于功能图的作战体系关键节点分析[J]. 系统工程与电子技术, 2022, 44(8): 2515-2521.
[7]	马泽煊, 李进, 路艳丽, 陈晨. 融合WaveNet和BiGRU的网络入侵检测方法[J]. 系统工程与电子技术, 2022, 44(8): 2652-2660.
[8]	赵长啸, 李二帅, 何锋, 王鹏. TSN时间敏感流量带宽分配与优化[J]. 系统工程与电子技术, 2022, 44(6): 2027-2034.
[9]	李宁, 霍兵, 宋瑞良, 任智. 多PAN太赫兹无线个域网边缘节点信息高效报告方法[J]. 系统工程与电子技术, 2022, 44(5): 1709-1716.
[10]	蚁佳才, 刘斌, 姚莉, 赵文涛. 基于知识推理的卫星网络态势理解[J]. 系统工程与电子技术, 2022, 44(5): 1562-1571.
[11]	姚玉坤, 任丽丹, 任智, 冯鑫, 杜文正. MSC中基于SDN的拓扑感知RLNC重传方案[J]. 系统工程与电子技术, 2022, 44(4): 1393-1400.
[12]	王练, 朱朝辉, 吴海莲, 殷豪. 不完美反馈下基于立即可解网络编码的多播重传机制[J]. 系统工程与电子技术, 2021, 43(12): 3703-3708.
[13]	阳勇, 孟相如, 康巧燕, 赵文文. 基于流量优化的可靠服务功能链部署方法[J]. 系统工程与电子技术, 2021, 43(10): 3017-3025.
[14]	陈坤, 吕娜, 朱海峰, 方宇. 基于定时的航空集群机载网络更新方法[J]. 系统工程与电子技术, 2021, 43(9): 2642-2648.
[15]	韩晓阳, 孟相如, 康巧燕, 翟东, 刘鹏飞. 可靠性与拓扑感知的服务功能链备份保护方法[J]. 系统工程与电子技术, 2021, 43(7): 1961-1970.