命名数据网络中快速批认证机制研究

发布时间：2018-05-31 06:50

  本文选题：命名数据网络 + 短签名　； 参考：《西安电子科技大学》2014年硕士论文

【摘要】：命名数据网络(named data network，NDN)以数据为中心，旨在替换当前以主机为中心的IP架构，克服地址枯竭以及提高网络的通信性能，近年来越来越受到关注。在NDN网络中，用户可以从附近缓存信息的路由节点获得信息副本。尽管这种方式可以避免从数据源处获得所需信息，但是这种非端到端的通信模式会面临消息可靠性问题。本文针对这一安全问题，提出两种安全的轻量消息批认证机制：基于证书的批认证机制和基于无证书的批认证机制。 本文设计的快速批认证机制对缓存中的数据进行认证，确保数据的认证性和完整性，防止消息篡改、伪造。基于证书的快速批认证机制，，采用基于证书的方法验证用户身份的有效性，结合短签名和批认证技术，允许路由器同时认证多个数据包从而减少认证时间。同时对该机制的安全性和效率进行分析。基于无证书的快速批认证机制，采用无证书公钥密码机制，结合短签名和批认证技术，同样可以解决命名数据网络中的快速认证问题，安全分析和性能分析表明第二种机制也是安全高效的。
[Abstract]:Named data network (NDN), which is data centric, aims to replace the current host centric IP architecture, overcome address exhaustion and improve network communication performance in recent years. In NDN networks, users can obtain copies of information from the routing nodes that cache information nearby. To avoid obtaining the required information from the data source, the non end to end communication mode will face the problem of message reliability. In this paper, two safe and light weight message batch authentication mechanisms are proposed for this security problem: certificate based batch authentication mechanism and certificate based batch authentication mechanism.
In this paper, the fast batch authentication mechanism is designed to authenticate the data in the cache, to ensure the authentication and integrity of the data, to prevent the tampering and forgery of the messages. The certificate based method is used to verify the validity of the user's identity based on the certificate, and to allow the router to authenticate multiple numbers at the same time by combining the short signature and batch authentication technology. The security and efficiency of the mechanism are analyzed. Based on a certificate free fast batch authentication mechanism, a certificate free public key cryptosystem, a short signature and batch authentication technology, can also be used to solve the fast authentication questions in the named data network, and the security analysis and performance analysis show that second kinds of machines are used. The system is also safe and efficient.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.02


本文编号：1958709