èŠ‚ç‚¹æ–‡çŒ®

å®‰å…¨ç¾¤ç»„é€šä¿¡ä¸çš„åˆ†å±‚å¯†é’¥ç®¡ç†æŠ€æœ¯ç ”ç©¶

Hierarchical Key Management for Secure Group Communications

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ é˜Žå†›æ™ºï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ è¥¿å®‰ç”µåç§‘æŠ€å¤§å¦ ï¼Œ å¯†ç å¦ï¼Œ 2009ï¼Œ åšå£«

ã€æ‘˜è¦ã€‘ éšç€æ•°å—é€šä¿¡æŠ€æœ¯ã€è®¡ç®—æœºæŠ€æœ¯å’Œä¿¡æ¯æŠ€æœ¯çš„è¿…é€Ÿå‘å±•,ç¾¤ç»„é€šä¿¡è¢«å¹¿æ³›åº”ç”¨äºŽå¤šç§ç½‘ç»œä¸šåŠ¡,ä»¥æœ‰æ•ˆå®žçŽ°ä¸€å¯¹å¤šã€å¤šå¯¹å¤šçš„ä¿¡æ¯äº¤æ¢ã€‚ä¸ºäº†ä¿éšœç¾¤ç»„é€šä¿¡çš„å®‰å…¨,é€šå¸¸åœ¨ç¾¤ç»„æˆå‘˜ä¹‹é—´ä½¿ç”¨ç¾¤ç»„å¯†é’¥åŠ å¯†é€šä¿¡ä¿¡æ¯,åŒæ—¶ç¾¤ç»„æˆå‘˜çš„åŠ¨æ€å˜åŒ–è¦æ±‚å¯¹ç¾¤ç»„å¯†é’¥è¿›è¡Œå®‰å…¨æœ‰æ•ˆçš„æ›´æ–°ã€‚åœ¨å®‰å…¨ç¾¤ç»„é€šä¿¡ä¸,å¯†é’¥ç®¡ç†æœºåˆ¶çš„ä¼˜åŠ£ç›´æŽ¥å…³ç³»åˆ°ä¼ è¾“çš„å®‰å…¨æ€§ã€ç¨³å®šæ€§å’Œå¯é æ€§,å¯¹ç¾¤ç»„å¯†é’¥ç®¡ç†æœºåˆ¶çš„ç ”ç©¶å…·æœ‰é‡è¦æ„ä¹‰ã€‚æœ¬æ–‡ç ”ç©¶äº†å®‰å…¨ç¾¤ç»„é€šä¿¡ä¸çš„åˆ†å±‚å¯†é’¥ç®¡ç†æŠ€æœ¯,ä¸»è¦åŒ…æ‹¬ä»¥ä¸‹å†…å®¹:1.æå‡ºäº†ä¸€ç§åŸºäºŽDiffe-Hellmanç®—æ³•çš„åˆ†å±‚å¯†é’¥åˆ†é…æ–¹æ¡ˆ,è¯¥æ–¹æ¡ˆåˆ†ä¸ºç³»ç»Ÿå»ºç«‹ã€æˆå‘˜å˜åŒ–ã€æ‹“æ‰‘å˜åŒ–ç‰ä¸‰ä¸ªéƒ¨åˆ†,èƒ½å¤Ÿæ”¯æŒæˆå‘˜ä»¥åŠåˆ†å±‚æ‹“æ‰‘ç»“æž„çš„åŠ¨æ€å˜åŒ–,å…·æœ‰å®žçŽ°ç®€å•ã€æ˜“äºŽæ‰©å±•ç‰ç‰¹ç‚¹,å¯ç”¨äºŽè§£å†³åŸºäºŽå†…å®¹çš„åˆ†å±‚è®¿é—®æŽ§åˆ¶é—®é¢˜ã€‚2.ç ”ç©¶äº†åˆ†å±‚è®¿é—®æŽ§åˆ¶ä¸çš„å¯†é’¥å±‚æ¬¡ç»“æž„,å°†è¯¥ç»“æž„å½’çº³ä¸ºä¸‰ç±»,å³åŸºäºŽç”¨æˆ·çš„ã€åŸºäºŽèµ„æºçš„ä»¥åŠæ··åˆåž‹å¯†é’¥ç»“æž„,åŒæ—¶ç ”ç©¶äº†è¿™äº›ç»“æž„ä¹‹é—´çš„ç›¸äº’å…³ç³»,å¹¶å°†æå‡ºçš„å¯†é’¥ç»“æž„ä¸ŽçŽ°æœ‰çš„åˆ†å±‚å¯†é’¥åˆ†é…æ¨¡åž‹ç›¸ç»“åˆ,åˆ†æžäº†çŽ°æœ‰åˆ†å±‚å¯†é’¥åˆ†é…æ¨¡åž‹åœ¨è¿™äº›å¯†é’¥ç»“æž„ä¸çš„æ€§èƒ½ã€‚3.è®¾è®¡äº†ä¸€ç§é€‚ç”¨äºŽæ— çº¿ä¼ æ„Ÿå™¨ç½‘ç»œä¸èŠ‚ç‚¹æ’¤é”€çš„åˆ†å±‚å¯†é’¥é¢„åˆ†é…æ–¹æ¡ˆã€‚è¯¥æ–¹æ¡ˆåˆ©ç”¨é€»è¾‘å¯†é’¥æ ‘,é‡‡ç”¨ä¸€ç§åˆ†å±‚çš„å¯†é’¥åˆ†é…æ–¹æ³•å®žçŽ°èŠ‚ç‚¹çš„æ’¤é”€,å…·ä½“åˆ†ä¸ºç³»ç»Ÿå»ºç«‹ã€å¯¹å¶å¯†é’¥åå•†ã€æˆå‘˜æ’¤é”€å’Œæˆå‘˜åŠ å…¥ç‰éƒ¨åˆ†ã€‚åˆ†æžè¡¨æ˜Ž,è¯¥æ–¹æ¡ˆå…·æœ‰è¾ƒå°çš„å˜å‚¨ã€é€šä¿¡å’Œè®¡ç®—å¼€é”€ã€‚4.åœ¨é€šä¿¡è´¨é‡è¾ƒå·®çš„æ— çº¿ç½‘ç»œä¸,ä¸èƒ½ä¿è¯ç¾¤ç»„ä¸æ¯ä¸ªæˆå‘˜éƒ½èƒ½æ£ç¡®åœ°æŽ¥æ”¶åˆ°æ¯æ¬¡ç¾¤ç»„å¯†é’¥æ›´æ–°æ—¶çš„æ•°æ®åŒ…,å› æ¤è®¾è®¡äº†ä¸€ç§æ— çŠ¶æ€çš„åˆ†å±‚å¯†é’¥é¢„åˆ†é…æ–¹æ¡ˆã€‚è¯¥æ–¹æ¡ˆä»¥é€»è¾‘å¯†é’¥æ ‘çš„å½¢å¼å¯¹å¯†é’¥è¿›è¡Œç»„ç»‡ç®¡ç†,åˆ©ç”¨æœ€å¤§åæ ‘çš„å…±äº«å¯†é’¥æ’¤é”€è¢«æ•èŽ·çš„æˆå‘˜èŠ‚ç‚¹ã€‚æœ€åŽ,åˆ†åˆ«åˆ©ç”¨Akl-Taylorç®—æ³•å’ŒåŸºäºŽDiffe-Hellmanç®—æ³•çš„åˆ†å±‚å¯†é’¥åˆ†é…æ–¹æ³•å¯¹æœ¬æ–¹æ¡ˆè¿›è¡Œäº†æ”¹è¿›ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ The development of digital communication, computer and information technolo-gies have made group communications widely applied into various kinds of networkservices to achieve effective one-to-many and many-to-many information exchanges.The general method to secure the group communication is encrypting the commu-nication messages by a group key shared among all the group members. The groupkey should be updated securely and effciently during the group member dynamics.In secure group communications, the key management mechanism determines thesecurity, stability and reliability of the communication, and thus, the study of groupkey management mechanism is of significance. The main contributions of this thesisare as follows:1. A hierarchical key assignment scheme based on Diffe-Hellman algorithm isproposed, which consists of the phases of system initialization and key updating,and supports user dynamics and topology changes. This scheme is ffexible and easyto deploy. It can be used for content access control.2. The key hierarchies in hierarchical access control systems are studied, andthey are divided into user-based, resource-based and unified key hierarchies. Therelationships among these different kinds of hierarchies are studied. The existinghierarchical key assignment models are combined with these hierarchies, and theireffciency is evaluated.3. An hierarchical key pre-distribution scheme which aims to revoke the com-promised sensor nodes in wireless sensor networks is proposed. This scheme is basedon a novel application of an a-ary logical key tree, and it consists of the phases of sys-tem initialization, pairwise key establishment, node revocation and addition. Theperformance analysis shows this scheme could provide suffcient secrecy with lowstorage, communication and computational overheads.4. In wireless networks with poor communication conditions, it cannot beguaranteed that every user could receive all the rekey packages. A logical key treebased and stateless hierarchical key pre-distribution scheme is proposed, which usesthe shared key of a maximum subtree to revoke the promised nodes. At last, theproposed scheme is improved by using Akl-Taylor and Hiffe-Hellman hierarchicalkey assignment algorithms respectively.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ ç¾¤ç»„å¯†é’¥ç®¡ç†ï¼› å®‰å…¨ç¾¤ç»„é€šä¿¡ï¼› åˆ†å±‚è®¿é—®æŽ§åˆ¶ï¼› å¯†é’¥ç»“æž„ï¼› åˆ†å±‚å¯†é’¥ç®¡ç†ï¼› é€»è¾‘å¯†é’¥æ ‘ï¼› å¯†é’¥é¢„åˆ†é…ï¼›
ã€Key wordsã€‘ group key managementï¼› secure group communicationï¼› hierarchical access controlï¼› key hierarchyï¼› hierarchical key managementï¼› logical key treeï¼› key pre-distributionï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ è¥¿å®‰ç”µåç§‘æŠ€å¤§å¦

ã€åˆ†ç±»å·ã€‘TN918.2
ã€è¢«å¼•é¢‘æ¬¡ã€‘3
ã€ä¸‹è½½é¢‘æ¬¡ã€‘322
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

å®‰å…¨ç¾¤ç»„é€šä¿¡ä¸­çš„åˆ†å±‚å¯†é’¥ç®¡ç†æŠ€æœ¯ç ”ç©¶

Hierarchical Key Management for Secure Group Communications

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

å®‰å…¨ç¾¤ç»„é€šä¿¡ä¸çš„åˆ†å±‚å¯†é’¥ç®¡ç†æŠ€æœ¯ç ”ç©¶