【作者】 刘志宏；

【导师】 马建峰；

【作者基本信息】 西安电子科技大学 ， 密码学， 2009， 博士

【摘要】 无线传感器网络密钥管理极具挑战性,不仅因为传感器节点拥有的资源有限,不宜采用非对称密码技术;同时也因为传感器节点暴露在恶劣甚至敌对环境中,易于被敌手俘获。虽然目前提出许多密钥分配协议,但没有一个协议能在扩展性、共享密钥概率、存储代价和抵御节点俘获攻击等方面同时具有良好性能。密钥管理协议采用的技术必须与具体网络需求和传感器节点拥有的资源一致。本文有以下几点贡献。第一,提出基于区域的密钥预分配协议,利用部署知识提高共享密钥的概率;第二,受Leighton和Micali所提协议的启发,提出异构传感器网络的密钥建立协议。协议保持Leighton-Micali协议的优点,同时兼有概率方式的灵活性,能提高网络抵御节点俘获攻击的能力;第三,提出非对称密钥预分配协议,并给出其下界、构造方法及其在传感器网络中的应用;第四,提出可用于微型传感器网络的轻量级密钥建立与管理协议–密钥传播与进化;最后,针对无监护传感器网络中的安全问题,提出mAKPS协议,用于处理密钥的分发和移动sink特权的限制。同时,提出安全的传感器网络数据存储和访问策略。更多还原

【Abstract】 Key management in wireless sensor networks is a challenging problem because asym-metric key cryptosystems are unsuitable for use in resource constrained sensor nodes, andalso because the nodes could be physically compromised by an adversary. Even though anumber of key distribution protocols have been proposed, none of them can simultaneouslyachieve good performance in terms of scalability in network size, key sharing probability be-tween neighboring sensors, memory overhead for keying information storage, and resilienceagainst node capture attacks. The techniques employed must depend upon the requirementsof target applications and resources of each individual sensor network.This dissertation makes several contributions. First, we introduce a deployment knowl-edge based key management scheme, domain-based key predistribution, which can achievea high key sharing probability with low storage overhead; Second, motivated by a key agree-ment scheme proposed by Leighton and Micali, we present a key establishment mechanismfor heterogeneous sensor networks. This scheme retains all the nice features of Leighton-Micali scheme, yet takes advantage of ?exibility of probabilistic approaches to yield improvedresilience against node capture attacks; Third, an asymmetric key predistribution schemeand its lower bounds are presented. Besides, its constructions and applications for sensornetworks are given; Fourth, we present key infection and evolution, a lightweight key manage-ment mechanism that is applicable even to smart dust sensor networks; Finally, to address thesecurity problems in Unattended wireless sensor networks, we present mAKPS, an asymmet-ric key predistribution scheme with mobile sinks, to facilitate key distribution and the privilegerestriction of mobile sinks. In addition, a scheme for sensors to protect their collected data ispresented.更多还原