【作者】 赵旸；

【导师】 范平志；

【作者基本信息】 西南交通大学 ， 通信与信息系统， 2003， 硕士

【摘要】 无线Ad-hoc网络是由一组带有无线收发装置的移动主机节点组成的多跳、没有固定基站和中心节点的临时性自治网络系统。由于Ad-hoc网络的临时、动态的拓扑结构，难以使用密钥分配中心分配密钥，从而使得其安全性备受关注。本文围绕无线Ad-hoc网络的安全问题，致力于设计与实现一个基于对等通信协议的网络安全平台，并就部分关键问题展开研究。 本文首先对M.Steiner等提出的扩展的Diffie-Hellman协议(GDH.2)进行分析，指出了它存在的一些安全隐患，并针对其漏洞讨论了一个由西南交通大学移动通信研究所的研究人员提出的改进“协商式”会议密钥分配协议--M-GDH.2协议。该协议对通信参与者的身份以及传输数据的完整性进行了验证，还对最后产生的会议密钥进行了确认，以增加很小的计算和通信负荷为代价，使得系统安全性能得到了提高。 接着，论文以Visual C++6.0为开发工具，设计开发了一个基于对等通信的网络安全平台。该平台以M-GDH.2协议为开发重点，实现了网络对等连接、动态显示网络拓扑结构、密钥生成、安全通信以及联机帮助等功能。该平台适用于在没有密钥分配中心的情况下，几个地位平等的用户临时的利用便携式电脑安全的进行信息交流。 由于M-GDH.2协议仅针对三个用户，为了使本网络安全平台更为实用，作者以适当降低安全性为代价，针对多用户设计了一个密钥分发方案，参与通信的每个用户都有能力产生一个随机密钥，并分发给其他用户。 最后，论文给出了研究工作总结，并对系统的改进和扩展提出了研究思路。更多还原

【Abstract】 A wireless Ad-hoc network is a collection of mobile hosts with wireless transceiver. It is a multi-hop and instant self-organization network without the aid of any established infrastructure or centralized administration. It is difficult to set up a center to distribute key because of its instant, dynamically changing topology, so the security of wireless Ad-hoc networks has become a hot spot. In this thesis, the security issues in wireless Ad-hoc networks are investigated, aiming at designing and implementing a secure communication platform for peer groups. Some related key problems are also studied.Firstly, the thesis analyses the GDH.2 (Group Diffie-Hellman) protocol, and points out its deficiencies, then discusses an extended contributory conference key agreement protocol--MGDH. 2 proposed by the researchers at the Institute of Mobile Communication in Southwest Jiaotong University. Compared with GDH.2, the identity of the participants and the integrality of transmitted data are verified in the scheme, the final conference key is affirmed. Moreover, the security of the new protocol is improved at a slight cost in computation and communication overheads.Secondly, a secure communication platform based on peer to peer network is designed and implemented, using Microsoft Visual C++6.0 as development tool. The platform puts emphasis on the implementation of M-GDH.2 protocol, and realizes such functions as follows: peer to peer network connection, dynamically displaying network topology , key generation, secure communication, help-online and so on. The platform is suitable to the condition that a small group of people would like to exchange the information instantly among their laptop computers without the key distribution center.Because M-GDH.2 is only designed for three users, in order to make the platform more practical, the author designs a key distribution strategy that isappropriated for multiuser environment at a slight cost of reducing the security, which allows each of the participants has the ability to generate a random key and distribute it to the others.Finally, the thesis summarizes the work done during the MSc research, and puts forward the possible extensions and improvements to the existing system.更多还原