机会网络中基于社会属性的按需密钥管理方案

doi:10.3969/j.issn.1000-436x.2012.12.012

通信学报 ›› 2012, Vol. 33 ›› Issue (12): 93-99.doi: 10.3969/j.issn.1000-436x.2012.12.012

机会网络中基于社会属性的按需密钥管理方案

陈曦^1,²,李光松³,田有亮¹,马建峰¹

¹ 西安电子科技大学计算机网络与信息安全教育部重点实验室，陕西西安 710071
² 中国电子科技集团公司第二十研究所，陕西西安 710068
³ 解放军信息工程大学信息工程学院，河南郑州 450002

出版日期:2012-12-25 发布日期:2017-07-15
基金资助:
长江学者和创新团队发展计划基金资助项目;国家自然基金委员会——广东联合基金重点基金资助项目;国家科技部重大专项基金资助项目;中央高校基本科研业务费基金资助项目

On-demand key management based on social attribute for opportunistic networks

Xi CHEN^1,²,Guang-song LI³,You-liang TIAN¹,Jian-feng MA¹

¹ Key Laboratory of Computer Networks and Informatio urity(Ministry of Education),Xidian University,Xi’an 710071,China
² The Twentieth Research Institute of China Electronics Technology Group Corporation,Xi’an 710068,China
³ Department of Information Research,PLA Information Engineering University,Zhengzhou 450002,China

Online:2012-12-25 Published:2017-07-15
Supported by:
The Program for Changjiang Scholars and Innovative Research Team in University;The Key Program of NSFC-Guangdong Union Foundation;The Major National S＆T Program;The Fundamental Research Funds for the Central Universities

摘要/Abstract

摘要：

摘要：针对机会网络的间歇性连通、快速移动、自组织管理等特征，提出了基于社会属性的按需密钥管理方案。首先利用基于身份的门限签名方案，实现了节点社会属性的自认证。随后结合机会网络的路由特性，节点之间根据社会属性匹配度有选择地颁发身份证书，并建立可度量的信任网。算法在优化证书图的同时，避免了恶意节点可能导致的无效证书链路的生成。实验仿真表明，该方案可提供较高的证书链重构成功率与节点认证可达率，并有效地降低了密钥管理所需的网络开销。

关键词: 机会网络, 密钥管理, 身份密码学, 门限密码学, 社会属性, 证书图

Abstract:

An on-demand key management scheme was proposed based on social attributes,which could conform to the characteristics of intermittent connectivity,high mobility and self-organized management in opportunistic networks.By utilizing the identity-based threshold signature scheme,the authentication of nodes’social attributes was realized.Due to the specialty of the opportunistic routing protocols,nodes selectiv ly issued the identity certificates for each other to establish the Web of trust based on the matching of social attributes.Consequently,the performance of certificate graph was efficiently optimized comparing to the traditional met .Meanwhile,thanks to checking the social attribute evidences,the invalid certificate chains caused by malicious nodes were avoid to be built.Simulation result shows that,the scheme can provide high success ratio for reconstruction of certificate chains and high user reachability through low network costs in opportunistic networks.

Key words: opportunistic networks, key management, identity-based cryptography, threshold cryptography, social attribute, certificate graph

陈曦,李光松,田有亮,马建峰. 机会网络中基于社会属性的按需密钥管理方案[J]. 通信学报, 2012, 33(12): 93-99.

Xi CHEN,Guang-song LI,You-liang TIAN,Jian-feng MA. On-demand key management based on social attribute for opportunistic networks[J]. Journal on Communications, 2012, 33(12): 93-99.

图/表 4

参考文献 25

[1]	PELUSI L , PASSARELLA A , CONTI M . Opportunistic networking:data forwarding in disconnected mobile ad hoc networks[J]. IEEE Communications Magazine, 2006,44(11): 134-141.
[2]	CONTI M , GIORDANO S , MAY M ,et al. From opportunistic networks to opportunistic computing[J]. Communications Magazine,IEEE, 2010,48: 126-139.
[3]	CONTI M , KUMAR M . Opportunities in opportunistic computing[J]. Computer, 2010,43(1): 42-50.
[4]	SCOTT J , HUI P , CROWCROFT J ,et al. Haggle:A networking architecture designed around mobile users[A]. Proc of the Third Annual IFIP Conference on Wireless On-Demand Network Systems and Services (WONS)[C]. 2006.
[5]	HUI P , CHAINTREAU A , SCOTT J ,et al. Pocket switched networks and human mobility in conference environments[A]. Proc of ACM SIGCOMM Workshop on Delay-Tolerant Networking[C]. 2005. 244-251.
[6]	ZHANG Z . Routing in intermittently connected mobile ad hoc networks and delay tolerant networks:overview and challe ges[J]. IEEE Communications Surveys ＆Tutorials, 2006,8(1): 24-37.
[7]	SHAMIR A . Identity-based cryptosystems and signature schemes[A]. Proc of the CRYPTO 84 on Advances in Cryptology[C]. New York.Springer-Verlag, 1984. 47-53.
[8]	BONEH D , FRANKLIN M K . Identity-based encryption from the Weil pairing[A]. Proc of the 21st Annual International Cryptology Conference on Advances in Cryptology[C]. London: Springer-Verlag, 2001. 213-229.
[9]	SHAMIR A . How to share a secret[J]. Communications of the ACM, 1979,22(11): 612-613.
[10]	FELDMAN P . A practical scheme for non-interactive verifiable secret sharing[A]. Proc of the 28th Annual Symposium on Foundations of Computer Science[C]. 1987. 427-438.
[11]	HUBAUX J P , BUTTYAN L , CAPKUN S . The quest for security in mobile ad hoc networks[A]. Proc of the 2nd ACM International Symposium on Mobile Ad Hoc Networking＆Computing[C]. New York,USA, 2001. 146-155.
[12]	CAPKUN S , BUTTYAN L , HUBAUX J P . Self-organized public-key management for mobile ad hoc networks[J]. IEEE Transactions on Mobile Computing, 2003,2(1): 52-64.
[13]	NGUYEN H A , GIORDANO S , PUIATTI A . Probabilistic routing protocol for intermittently connected mobile ad hoc network (PROPICMAN)[A]. Proc of the IEEE International Symposium on World of Wireless,Mobile and Multimedia Networks(WoWMoM)[C]. 2007. 1-6.
[14]	BOLDRINI C , CONTI M , JACOPINI J ,et al. HiBOp:a history based routing protocol for opportunistic networks[A]. Proc of the IEEE International Symposium on World of Wireless Mobile and ultimedia Networks(WoWMoM)[C]. 2007. 1-12.
[15]	VERMA A , SRIVASTAVA A . Integrated routing protocol for opportunistic networks[J]. International Journal of Advanced Computer Science and Applications, 2011,2(3): 85-92.
[16]	SETH A , KESHAV S . Practical security for disconnected nodes[A]. Proc of the First Workshop on Secure Network Protocols (NPSec)[C]. 2005. 31-36.
[17]	ASOKAN N , KOSTIAINEN K , GINZBOORG P ,et al. applicability of identity-based cryptography for disruption-tolerant networking[A]. Proc of the 1st International MobiSys Workshop on Mobile Opportunistic Networking[C]. New York, 2007. 52-56.
[18]	ZHOU L , HAAS Z . Securing ad hoc networks[J]. IEEE Networks, 1999,13(6): 24-30.
[19]	KONG J , ZERFOS P , LUO H ,et al. Providing robust and ubiquitous security support for mobile ad-hoc networks[A]. Proc of the 9th International Conference on Network Protocols[C]. 2001. 251-260.
[20]	YI S , KRAVETS R . Composite key management for ad hoc networks[A]. Proc of the 1th International Conference on Mobile and Ubiquitous Systems:Networking and Services[C]. Urbana,USA, 2004. 52-61.
[21]	BAEK J , ZHENG Y . Identity-based threshold signature scheme from the bilinear pairings[A]. Proc of the International Conference on Information Technology:Coding and Computing (ITCC'04)[C]. 2004. 1-124.
[22]	KER?NEN A , OTT J , K?RKK?INEN T . The ONE simulator for DTN protocol evaluation[A]. Proc of the 2nd International Conference on Simulation Tools and Techniques[C]. 2009. 2834-2838.
[23]	EKMAN F , KER?NEN A , KARVO J ,et al. Working Day movement model[A]. Proc of the 1st ACM SIGMOBILE Workshop on Mobility models[C]. New York, 2008.
[24]	HUBAUX J P , BUTTYAN L , CAPKUN S . Small worlds in security systems:an analysis of the PGP certificate graph[A]. Proc of the ACM New Security Paradigms Workshop[C]. New York,USA, 2002. 28-35.
[25]	MILGRAM S . The small world problem[J]. Psychology Today, 1967,2(1): 60-67.

方案	平均最短路径	最大通信负载
按需密钥管理	5.81	25
自组织密钥管理	6.23	36

机会网络中基于社会属性的按需密钥管理方案

On-demand key management based on social attribute for opportunistic networks

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 25

相关文章 15

Metrics

推荐阅读 0

[1]	舒坚, 史佳伟, 刘琳岚, Manar Al-Kali. 基于时空卷积的机会网络拓扑预测[J]. 通信学报, 2023, 44(3): 145-156.
[2]	金伟, 李凤华, 余铭洁, 郭云川, 周紫妍, 房梁. 面向HDFS的密钥资源控制机制[J]. 通信学报, 2022, 43(9): 27-41.
[3]	应作斌, 斯元平, 马建峰, 刘西蒙. 基于区块链的分布式EHR细粒度可追溯方案[J]. 通信学报, 2021, 42(5): 205-215.
[4]	李学俊,张丹,李晖. 可高效撤销的属性基加密方案[J]. 通信学报, 2019, 40(6): 32-39.
[5]	金伟,余铭洁,李凤华,杨正坤,耿魁. 支持高并发的Hadoop高性能加密方法研究[J]. 通信学报, 2019, 40(12): 29-40.
[6]	陈志刚,殷滨安,吴嘉. 基于消息重要性的机会网络能量均衡路由算法[J]. 通信学报, 2018, 39(12): 91-101.
[7]	郭晓勇,付安民,况博裕,丁纬佳. 基于收敛加密的云安全去重与完整性审计系统[J]. 通信学报, 2017, 38(Z2): 156-163.
[8]	王真,马兆丰,罗守山. 基于身份的移动互联网高效认证密钥协商协议[J]. 通信学报, 2017, 38(8): 19-27.
[9]	李峰,司亚利,陈真,申利民. 基于马尔可夫链的轻量级机会路由转发策略[J]. 通信学报, 2017, 38(5): 108-120.
[10]	马学彬,李爱丽,张晓娟. 基于多目标优化的固定中继节点唤醒策略[J]. 通信学报, 2017, 38(10): 47-59.
[11]	姚建盛,马春光,袁琪. 基于效用的机会网络“物—物交换”激励机制[J]. 通信学报, 2016, 37(9): 102-110.
[12]	熊金波,李凤华,王彦超,马建峰,姚志强. 基于密码学的云数据确定性删除研究进展[J]. 通信学报, 2016, 37(8): 167-184.
[13]	王志飞,史培腾,邓苏,黄宏斌,吴亚辉. 基于节点社会特征的机会网络最优发送策略[J]. 通信学报, 2016, 37(6): 163-168.
[14]	任智,谭永银,李季碧,陈前斌. 可靠的机会网络自私节点检测算法[J]. 通信学报, 2016, 37(3): 1-6.
[15]	任智,索建伟,刘文朋,雷宏江,陈前斌. 基于多方议价博弈的机会网络高吞吐量低开销概率路由算法[J]. 通信学报, 2015, 36(6): 41-48.