跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 鄭睿哲
Jui-Che Cheng
論文名稱: 無線感測網路中對稱路徑金鑰之建立
Pair-wise path key establishment in wireless sensor network
指導教授: 許健平
Jang-Ping Sheu
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系
Department of Computer Science & Information Engineering
畢業學年度: 94
語文別: 英文
論文頁數: 43
中文關鍵詞: 資訊安全路徑金鑰建立拜占庭攻擊無線感測網路
外文關鍵詞: Byzantine attack, path key establishment, wireless sensor networks, security
相關次數: 點閱:14下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 在無線感測網路中,如果當感測節點佈置在無人照顧的敵方地區時,為了能使感測節點之間的通訊是安全的,必須要有秘密的金鑰做為他們之間的通訊。到目前為止已經有許多金鑰建立的方法,被提出用在大型的無線感測網路中。目前的方法中,藉由事先配置的方式,每個感測節點能跟他周圍鄰居分享一把秘密金鑰。但這個方法,有可能兩個端點節點沒有共享一把金鑰,這時需要透過一條安全的路徑來分享他們之間的秘密金鑰。然而在傳送秘密金鑰時,這把秘密金鑰可能會被暴露在路徑經過的節點。許多研究者提出透過多條路徑,來建立金鑰以防止少數被俘虜的感測節點知道這把秘密金鑰,但是這些方法卻容易遭受拜占庭攻擊。為了對付這種攻擊,我們提出一種驗證方法,在利用多條路徑建立金鑰時,來阻止拜占庭攻擊。跟之前的方法比較,我們提出的方法可以減低惡意的感測節點,發動拜占庭攻擊,而且感測節點可以判斷出誰是具有惡意行為的感測節點。除此之外,我們的方法能達到省電的效果,因為我們能偵測且過濾錯誤的資料不超過兩步,使得資料不會繼續無意義的傳送下去。

    When sensor network deployed in unattended and hostile environments, for securing communication between sensors, secret keys must be established between them. Many key establishment schemes have been proposed for large scale sensor networks. In these schemes, each sensor shares a common key with its neighbors via preinstalled keys. But it may be occur that two end nodes which do not share a key with each other. They can use a secure path to share a session key between them. However during transmitting the session key, the session key will be revealed to each node along the secure path. Many researchers proposed multi-path key establishment to prevent a few compromised sensors to know the session key, but it is vulnerable to stop forwarding attack or Byzantine attack. To counter these attacks, we propose a hop by hop authentication scheme multi-path key establishment prevent Byzantine attack with. Compare with conventional protocols, our proposed scheme can mitigate the impact of malicious nodes to do Byzantine attack and sensor can identify the malicious nodes. In addition, our scheme can achieve energy saving since it can detect and filter false data no beyond two hops.

    1 Introduction 11 2 Related Work 15 3 Preliminaries 19 3.1 Attack Model 19 3.2 (t, n) Threshold Secret Sharing Method 20 3.3 TWOACK Scheme 21 3.4 One-Way Hash Chain 21 4 Pair-wise Path Key Establishment Protocol 23 4.1 Overview of Our protocol 23 4.2 Key Pre-distribution Scheme with Deployment Knowledge 24 4.3 Shared Key Discover Phase 26 4.4 Path Key Establishment Phase 27 4.5 Multiple Paths End-to-End Pair-wise Key Establishment 28 4.6 Hop by Hop Authentication Scheme 32 5 Security Analysis and Performance Evaluation 39 5.1 Security Analysis 39 5.2 Evaluation Metrics 42 5.3 Performance Evaluation 46 5.4 Energy Saving 49 6 Conclusion 50 References 51

    [1] L. Eschenauer and V. D. Gligor, “A key-management scheme for distributed sensor networks,” in Proceedings of the 9th ACM conference on Computer and Communication Security, pages 41- 47, November 2002.
    [2] H. Chan, A. Perrig and D. Song, “Random key pre-distribution schemes for sensor networks,” in Proceedings of IEEE Symposium on Security and Privacy, pages 197–213, May 2003.
    [3] W. Du, J. Deng, Y. S. Han and P. K. Varshney, “A pair-wise key pre-distribution scheme for wireless sensor networks,” in Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS), pages 42–51, October 2003.
    [4] D. Liu and P. Ning, “Establishing pair-wise key establishments for static sensor networks,“ in Proceedings of 10th ACM Conference on Computer and Communications Security (CCS’03), pages 52-61, October 2003.
    [5] W. Du, J. Deng, Y. S. Han, S. Chen and P. K. Varshney, “A key management scheme for wireless sensor networks using deployment knowledge,” in Proceedings of IEEE INFOCOM, March 2004.
    [6] D. Liu and P. Ning, ” Location based pair-wise key establishments for static sensor networks,” in Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks (CCS’03), pages 72-82, 2003.
    [7] D. Huang, M. Mehta, D. Medhi and H. Lein, ”Location aware key management scheme for wireless sensor networks,” in Proceedings of ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN ’04), pages 29-42, October 2004.
    [8] Y. Zhou, Y. Zhang and Y. Fang, ”LLK: A link layer key establishment scheme in wireless sensor networks,” in Proceedings of IEEE Wireless Communications and Networking Conference (WCNC), pages 29-42, March 2005.
    [9] Z. Yu and Y. Guan, ”A robust group-based key management scheme for wireless sensor networks,” in Proceedings of IEEE Wireless Communications and Networking Conference (WCNC), 2005.
    [10] H. Chan and A. Perrig, ”PIKE: Peer intermediaries for key establishment in sensor network,” in Proceedings of IEEE INFOCOM, March 2005.
    [11] S. Zhu, S. Xu, S. Setia, and S. Jajodia, ”Establishing pair-wise keys for secure communication in ad hoc networks: A probabilistic approach,” in Proceedings of 11th IEEE International Conference on Network Protocols (ICNP), November 2003.
    [12] H. Ling and T. Znati, “End-to-end pair-wise key establishment using multi-path in wireless sensor network,” in Proceedings of the IEEE Global Communications Conference (GLOBECOM), December 2005.
    [13] G. Li, H. Ling and T. Znati, ”Path key establishment using multiple secured paths in wireless sensor networks,” in Proceedings of the 2005 ACM Conference on Emerging Network Experiment and Technology (CoNEXT''05), pages 43–49, 2005.
    [14] L. Zhou, J. Ni and C. V. Ravishankar, ”Efficient key establishment for group-based wireless sensor deployments,” in Proceedings of the 4th ACM Workshop on Wireless security (WiSe), pages 1-10, September 2,2005
    [15] A. Shamir, “How to share a secret,” in Proceedings of Communications of the ACM, Vol. 22, pages 612-613, November 1979.
    [16] T. C. Wu, T. S. Wu, ”Cheating detection and cheater identification in secret sharing schemes,” in Proceedings of IEE Transaction on Computers and Digital Techniques, Vol. 142, pages 367-369, September 1995.
    [17] K. Balakrishnan, J. Deng and P. K. Varshney, “TWOACK: Preventing selfishness in mobile ad hoc networks,” in Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), Vol. 4, pages 2137-2142, 2005.
    [18] X. Li, L. Cuthbert, ”Node-disjointness based multi-path routing for mobile ad hoc networks,” in Proceedings of the 1st ACM international workshop on Performance evaluation of wireless ad hoc, sensor, and ubiquitous networks (PE-WASUN), October 2004.
    [19] A. Wacker, M Knoll, T. Heiber and K. Rothermel, “A new approach for establishing pair-wise keys for securing wireless sensor networks,” in
    Proceedings of the 3rd International Conference on Embedded Networked Sensor Systems, pages 27 – 38, November 2005.
    [20] R. L. Rivest, A. Shamir and L. M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” in Proceedings of Communications of the ACM, pages 120-126, 1987.
    [21] F. Ye, H. Luo, S. Lu, L. Zhang, ”Statistical en-route filtering of injected false data in sensor networks,” in Proceedings of the IEEE INFOCOM, pages 2446-2447, March 2004.
    [22] D. Huang, D. Medhi, ”A Byzantine resilient multi-path key establishment scheme and its robustness analysis for sensor networks,” in Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium(IPDPS’05), April 2005.
    [23] W. Diffie and M. E. Hellman, “New directions in cryptography,” in Proceedings of IEEE Transactions on Information Theory, Vol. 22, pages 644-654, November 1976.
    [24] L. Lamport., “Password authentication with insecure communication,” in Proceedings of Communications of the ACM, pages 770-772, November 1981.
    [25] M. Bellare, R. Canetti, and H. Krawczyk, ”Keying hash functions for message authentication” in Proceedings of Advances in Cryptology- Crypto ’96, pages 1-15, Vol. 1109, 1996.

    QR CODE
    :::