期刊文献+

物联网WSS簇间节点安全链路模型 被引量:2

A Secure Transmission Model Between the Nodes in Clusters of Wireless Service System for Internet of Things
下载PDF
导出
摘要 针对物联网无线服务系统通信中易遭受数据窃听、恶意行为攻击和用户平台隐私泄露问题,提出了一个基于可信第三方的簇间节点安全链路模型.该模型基于离散对数困难问题和双线性对映射建立节点可信匿名认证及簇形结构地址查询机制,利用杂凑函数和随机数生成的临时身份代替节点的真实身份以实现匿名性,将可信第三方嵌入认证机制以防止匿名认证机构与协调器共谋对用户平台实施Rudolph攻击,同时仅对控制中心授权的可信簇形结构提供查询服务.通过源簇形结构与链路中各节点的证书验证、密钥协商和填充机制实现数据的嵌套加解密及防流量分析服务,保证簇间节点数据传输安全.在此基础上,给出了链路模型的UC安全性证明.理论分析和实验结果表明:该模型在抑制数据窃听、流量分析和保护节点匿名性方面有明显优势. To overcome the problem that the security capabilities of the communication deteriorate significantly in the presence of eavesdropping,malicious behaviors and privacy disclosure of user platform in wireless service system of IoT,a secure transmission model among clusters is proposed based on the trusted third party.A model for trusted authentication and mechanism for the enquiry of cluster address are constructed based on the condition of discrete logarithm problem and the bilinear mapping.This model generates the temporary identity according to the Hash function and random number to achieve anonymity and only provides enquiry service to the trusted clusters authorized by control center.The suppression of Rudolph attack between user platform and coordinator is taken into consideration by setting the trusted third party in authentication mechanism.In accordance with the key agreement between source cluster and clusters in the link,certificate validation and data filling mechanism,the nested encryption and decryption and flow analysis defense are achieved to guarantee the transmission security among clusters.On this basis,the security proof of data transmission model is presented.The theoretical analysis and experimental results show that the developed model performs well in terms of eavesdropping suppression,flow analysis inhibition and anonymity protection.
作者 周伟伟 郁滨 Zhou Weiwei;Yu Bin(PLA Information Engineering University,Zhenzhou 450001)
出处 《计算机研究与发展》 EI CSCD 北大核心 2018年第7期1393-1408,共16页 Journal of Computer Research and Development
基金 国家自然科学基金项目(61602513)~~
关键词 物联网 无线服务系统 匿名查询 散列函数 双线性对映射 Internet of things (loT) wireless service system anonymous inquiry Hash function bilinear mapping
  • 相关文献

参考文献5

二级参考文献18

  • 1SHEN ChangXiang,ZHANG HuangGuo,FENG DengGuo,CAO ZhenFu,HUANG JiWu.Survey of information security[J].Science in China(Series F),2007,50(3):273-298. 被引量:40
  • 2IEEE Draft Amendment to Standard for Information Technology--Telecommunications and Information Exchange Between Systems--LAN/MAN Specific Requirements--Part 11,Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications:Amendment:ESS Mesh Networking:IEEE P 802.11s/D1.0[S].Piscataway,NJ,IEEE,2007.
  • 3IEEE Standard.Supplement to Standard for Telecommunications and Information Exchange Between Systems--LAN/MAN Specific Requirements--Part 11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications:Specification for Enhanced Security:IEEE 802.11i[S].Piscataway,NJ,IEEE,2004.
  • 4IEEE Standards for Local and Metropolitan Area Networks:Port Based Network Access Control:IEEE Std 802.1X-2004[S].Piscataway,NJ:IEEE,2004.
  • 5Aboba B,Blunk L,Vollbrecht J,et al.Extensible Authentication Protocol (EAP),RFC 3748[S].Fremont,CA,IETF,2004.
  • 6Bellare M,Rogaway P.Entity authentication and key exchange[G] //LNCS 773:Proc of the Advances in Cryptology-Crypto'93.Berlin:Springer.1993:232-249.
  • 7Bellare M,Canetti R,Krawccyk H.A modular approach to the design and analysis of authentication and key-exchange protocols[C]//Proc of the 30th Annual Syrup on the Theory of Computing.New York,ACM,1998:419-428.
  • 8Canetti R.Universally composable security:A new paradigm for cryptographic protocols[C] //Proc of the 42nd IEEE Syrup on Foundations of Computer Science.Piscataway,NJ; IEEE.2001:136-145.
  • 9Canetti R.Krawczyk H.Universally composable notions of key exchange and secure channels[G]//LNCS 2332:Proc of the Advances in Cryptology--EUROCRYPT'02.Berlin:Springer,2002,337-3515.
  • 10Goldwasser S,Micali S,Rivest R.A digital signature scheme secure against adaptive chosen-message attacks[J].SIAM Journal on Computing,1998,17(2):281-308.

共引文献35

同被引文献21

引证文献2

二级引证文献5

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部