【作者】 徐庆禹；

【导师】 何明星；

【作者基本信息】 西华大学 ， 计算机应用技术， 2009， 硕士

【摘要】 网络通信环境的开放性和不可靠性容易引发通信故障和安全问题,甚至给网络通信带来灾难性的后果。怎样防止安全问题的发生,以及安全问题发生后,怎样保证系统继续提供正常的服务,是现在研究的热点问题。传统系统安全的目标在于构建具有防御机制的系统,以使得系统可以免遭攻击者的非法入侵。然而现实经验表明,大多数应用系统存在着相当数量的脆弱点,特别是对于网络化的分布式系统,由于其部件间可能的复杂交互,脆弱点的防止会变得尤其困难,使得入侵行为无法避免。具有弹性的密钥分配协议充分考虑了通信环境的安全脆弱性。具有弹性性质的密钥分配协议设计目标是使得系统在受到攻击时,即使某些部件和部分已受到破坏,或者被恶意攻击者操控时,系统能够触发相应的防护机制,对用户继续提供正常和关键的服务。自愈密钥分配正是实现系统“弹性”的方式之一。自愈密钥分配特点是:当网络故障使得一些数据包(会话密钥)丢失时,群成员根据自身已有的信息能自行恢复出丢失的信息。时限等级密钥分配的特点是使密钥与时间相关。由于密钥随着时间的变化而变化,攻击者即使能掌握了某个时间点上密钥,也不能推出以后的密钥。实现密钥分配的自愈性需要付出高昂的维护成本。降低网络通信量和成员的密钥存储量是自愈密钥分配研究的热点之一。Dutta设计的具有常数级存储量的自愈密钥分配方案,极大地降低了成员密钥存储量。但是经过本文的分析,Dutta的方案是不安全的。本文对Dutta的方案进行了改进,并对改进的方案进行性能分析。改进的方案弥补了Dutta方案的漏洞,并且保持了成员密钥存储量为常数级的特点。为了进一步优化通信量,本文设计了一个计算性安全的常数级存储量的自愈密钥分配方案。同时,本文还在相应的模型下证明了两种方案的安全性,并且利用C++语言实现了方案的一个具体实例,说明了方案的可行性。时限等级密钥分配也是实现系统“弹性”的方式之一。该机制的特点是密钥能随着时间的变化而自行变化。这种特性使得攻击者即使获得某个时间点的密钥,也不能获得该时间点以后的密钥,极大提高了系统的安全性。Chien提出了一种基于防篡改装置和安全哈希函数的时限等级密钥分配方案,极大地减轻了运算负担。但是Chien的方案不能抵抗X.Yi三方攻击。本文提出了一个改进的时限等级密钥分配方案,该方案不仅能抵抗X.Yi三方攻击,而且与Chien的方案具有相同的执行效率。但是该方案只能适用于树形拓扑结构。为了满足一般偏序关系模型的要求,本文利用双性性对和中国剩余定理设计了两种种时限等级密钥分配方案,并且分析了方案的动态性和安全性。更多还原

【Abstract】 The openness and uncertainty of network communication environments easily result in communication failures, and even bring disastrous consequences to network communications. Now how to prevent the occurrence of communication failures, as well as how to enable the system to provide normal services when failure occurred is a hot topic. The security goal of traditional system is building a defensive mechanism of the system, so that systems can not be attacked from the illegal invasions. However, the actual experience has shown that there are a considerable number of vulnerable points in the majority of applications, especially in the network-based distributed systems. Because of the complexity of interactions between system components, the weak points are particularly difficult to prevent and the invasion can not be avoided. Hence, resilient key distribution schemes have fully taken into account the vulnerability. The goal of resilient the key distribution schemes is that when system is attacked, even if some components have been damaged, or manipulated by a malicious attacker, the system can trigger the appropriate protective mechanisms to continue to provide normal and key services for users.Self-healing key distribution and time-bound hierarchical key distribution are two ways to realize the resilience. The character of self-healing key distribution is that users who have missed up to a certain number of previous rekeying operations can recover the missing group keys without requesting additional transmissions from the group manager. The character of time-bound hierarchical key distribution is that key is related of the time. Since the keys change as time changes, an attacker even if gets hold on a key in one point of time, nor get the following keys.Implementation of self-healing key distribution needs to pay high maintenance costs. How to reduce network traffic and storage of group members in self-healing key distribution is one of hot research area. Dutta has designed constant storage self-healing key distribution scheme, which greatly reduces the storage of keys of members. But Dutta scheme is not secure throught our analysis. Hence, this paper improves Dutta’s scheme, and analyses its performance. Improved scheme makes up for the flaw of Dutta’s scheme, and keeps the key storage of members with constant-level. In order to further optimize the traffic, this paper designes a computational secure constant storage self-healing key kistribution scheme. At the same time, this paper proves the security of ICSKD scheme and CCSKD scheme in the corresponding models. Finally, examples of the proposed schemes by C++ illustrate the feasibility of the proposed schemes.Chien has proposed a time-bound hierarcal key distribution scheme based on tamper-resistant devices and hash function, which greatly reduces the burden of computation. However, Chien’s scheme can not resist to tripartite attack proposed by X. Yi. This paper presents an improved time-bound hierarchical key distribution scheme, which can not only resist the tripartite attack proposed by X. Yi, but also has same efficiency in the implementation with Chien’s scheme. In order to meet the requirements of the general partial order, based on Chinese Remainder Theorem and bilinear maps respectively, this paper designs a time-bound hierachical key distribution scheme, analyses the security of the proposed scheme, and gives examples of the proposed schemes.更多还原