ZigBee安全体系结构及密钥分布关键技术研究

发布时间：2018-03-07 12:37

  本文选题：ZigBee网络　切入点：安全体系结构　出处：《解放军信息工程大学》2014年硕士论文　论文类型：学位论文

【摘要】：ZigBee是一种新兴的短距离无线网络技术,目前已广泛应用于人们生产生活的各个领域。随着ZigBee技术的发展和和应用范围的不断扩大,ZigBee网络的安全已成为产业界和学术界日益关注的问题。本文通过深入分析ZigBee安全服务规范,研究了ZigBee协议MAC层安全体系、网络层安全体系和应用层安全体系,找出ZigBee原有规范中安全体系结构存在的不足,并建立ZigBee安全增强架构,在此基础上设计安全的主密钥预分布方案和链接密钥分布方案。首先,通过深入分析ZigBee协议MAC层安全体系、网络层安全体系和应用层安全体系,研究ZigBee安全体系结构,针对ZigBee现有安全服务规范的不足,改进ZigBee协议栈应用层及安全服务提供者,针对ZigBee网络设计了安全性增强的体系架构,为ZigBee密钥分布方案的设计提供指导思路。其次,依据ZigBee网络中的密钥分布模型,分析了ZigBee网络条件下原有主密钥预分布方案的不足,深入研究了基于Blom的密钥预分布模型,以多密钥空间的Blom密钥对预分布模型为基础,依据ZigBee网络拓扑结构的不同,设计了ZigBee网络主密钥预分布方案并对方案进行了分析,提高了主密钥预分布的安全性。最后,针对ZigBee节点组网时身份认证不强的问题,利用椭圆曲线加法群构造了一种基于身份的ZigBee节点身份认证及链接密钥分布方案。该方案能在完成链接密钥分布的同时有效实现ZigBee节点双向身份认证功能,具有较高的安全性和可扩展性。本文基于对ZigBee规范的深入分析,研究ZigBee网络条件下的密钥分布方案,有利于提高ZigBee技术的安全水平。
[Abstract]:ZigBee is a new short-range wireless network technology. At present, it has been widely used in various fields of people's production and life. With the development of ZigBee technology and the continuous expansion of its application scope, the security of ZigBee network has become an increasingly concerned problem in industry and academic circles. Analysis of ZigBee Security Service Specification, This paper studies the security architecture of MAC layer, network layer and application layer of ZigBee protocol, finds out the shortcomings of the security architecture in the original ZigBee specification, and establishes the security enhancement architecture of ZigBee. On this basis, we design a secure master key predistribution scheme and a link key distribution scheme. Firstly, through in-depth analysis of the ZigBee protocol MAC layer security architecture, network layer security architecture and application layer security architecture, we study the ZigBee security architecture. Aiming at the deficiency of the existing security service specification of ZigBee, the application layer and security service provider of ZigBee protocol stack are improved, and the architecture of security enhancement is designed for ZigBee network, which provides a guiding idea for the design of ZigBee key distribution scheme. According to the key distribution model in ZigBee network, the shortcomings of the original master key predistribution scheme under the condition of ZigBee network are analyzed, and the key predistribution model based on Blom is studied in depth. The model is based on the Blom key pair predistribution model in multi-key space. According to the different topological structure of ZigBee network, the scheme of master key predistribution in ZigBee network is designed and analyzed, which improves the security of master key predistribution. Finally, aiming at the problem that the identity authentication of ZigBee node is not strong, An identity-based ZigBee node identity authentication and link key distribution scheme is constructed by using elliptic curve addition group. This scheme can effectively realize the bidirectional authentication function of ZigBee node while completing the link key distribution. Based on the deep analysis of ZigBee specification, this paper studies the key distribution scheme under the condition of ZigBee network, which is helpful to improve the security level of ZigBee technology.
【学位授予单位】：解放军信息工程大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN92

【参考文献】

相关期刊论文 前7条

1 杨斌;;基于AES的ZigBee标准安全机制分析[J];计算机工程与科学;2010年07期

2 李德仁;龚健雅;邵振峰;;从数字地球到智慧地球[J];武汉大学学报(信息科学版);2010年02期

3 刘博;戴国骏;申兴发;;基于TinyOS的ZigBee协议MAC层设计与实现[J];杭州电子科技大学学报;2008年05期

4 施汝杰;高佩君;田佳音;闵昊;;ZigBee网络节点基带处理器的设计与实现[J];计算机工程;2008年17期

5 虞志飞;邬家炜;;ZigBee技术及其安全性研究[J];计算机技术与发展;2008年08期

6 杨庚;王江涛;程宏兵;容淳铭;;基于身份加密的无线传感器网络密钥分配方法[J];电子学报;2007年01期

7 曾志峰;邱慧敏;朱龙海;;无线传感器网络中的安全威胁分析及对策[J];计算机应用研究;2007年01期

，

本文编号：1579327