基于椭圆曲线的无线传感网认证技术研究

发布时间：2018-01-19 00:02

本文关键词： 无线传感网公钥密码体制匿名认证可追踪环签名批认证　出处：《安徽大学》2017年硕士论文　论文类型：学位论文

【摘要】：在无线传感网中,传感器节点布置在相应的应用领域,用于检测周边环境并发送检测值给Sink。由于传感器节点资源受限、部署环境恶劣而且采用无线多跳通信方式等特点,易受到攻击者攻击,引发严重的敏感信息和节点身份隐私泄露等问题。因此,消息在转发的过程中,消息的完整性及消息源的敏感信息应该受到保护。一方面,消息认证是阻止未经授权和损坏的消息转发的最有效的方法;另一方面,采用匿名通信的方式可以隐藏敏感节点的身份信息,实现节点的位置隐私保护。然而,匿名通信也给攻击者提供了利用匿名技术进行违法活动的机会。因此,追踪恶意节点的身份就显得尤为重要。针对以上无线传感网中存在的安全问题,本文主要从两个方面进行研究:一是对无线传感网中传输的消息提供完整性、不可抵赖性和保密性保护,并且在对节点的身份信息进行隐私保护的同时,进行可追踪恶意节点身份的研究;另一个是为了提高认证效率进行的无线传感网中基于椭圆曲线的高效批认证的研究。(1)为了解决无线传感网络中的发送节点身份隐私泄露和恶意节点追踪问题。提出了一种基于椭圆曲线的可追踪匿名认证方案,方案采用基于椭圆曲线密码机制的可链接环签名实现节点匿名通信,同时将一些额外的信息附加到环签名中,使其必要时可通过环中所有节点的协作追踪签名者的真实身份,用以解决无线传感网中的发送节点身份隐私泄露和恶意节点追踪问题。针对现有的一些方案存在的中间节点不能进行消息认证,只能转发消息直到消息最终被接收节点认证的不足,方案采用逐跳认证实现中间节点认证,并且利用环签名的可链接特性,实现对恶意节点的可追踪性。经过理论分析,提出的基于椭圆曲线的可追踪匿名认证方案可实现节点匿名通信,提供中间节点的认证。而且与对比方案比较显示,在签名产生和认证开销相当的情况下,利用环签名的可链接特性实现对恶意节点的可追踪性,从而提高了性能和网络的安全性。(2)为了提高认证效率及保护节点和感知对象的隐私,提出了无线传感网中基于椭圆曲线的高效批认证方案。方案采用椭圆曲线技术进行签名,无需使用双线性对的前提下实现批认证,若批认证未通过,可采用二分搜索技术对消息进行递归认证,消息的传输过程中不会暴露节点的身份信息,而且可以对可疑节点进行身份追踪。通过理论分析和仿真结果表明,该方案保证消息的可认证性、完整性和不可否认性,并且在时间开销、存储开销、消息的交付率以及消息传输时延等方面都具有优势。而且与其他方案相比,具有较高的安全性和较好的性能。
[Abstract]:In wireless sensor network, sensor nodes are arranged in the corresponding application field, which is used to detect the surrounding environment and send the detection value to Sink. because of the resource limitation of sensor nodes. The deployment environment is bad and wireless multi-hop communication is used, which is vulnerable to attack by attackers, causing serious problems such as sensitive information and node identity privacy disclosure, etc. Therefore, the message is transmitted in the process of transmission. The integrity of the message and the sensitive information of the message source should be protected. On the one hand, message authentication is the most effective way to prevent unauthorized and corrupted message forwarding. On the other hand, anonymous communication can hide the identity information of sensitive nodes and protect the location privacy of nodes. Anonymous communication also provides an opportunity for attackers to use anonymous technology to carry out illegal activities. Therefore, tracking the identity of malicious nodes is particularly important. This paper mainly studies from two aspects: the first is to provide integrity, non-repudiation and confidentiality protection for the message transmitted in the wireless sensor network, and at the same time to protect the privacy of the identity information of the node. Research on the identity of traceable malicious nodes; The other is the research of efficient batch authentication based on elliptic curve in wireless sensor networks to improve authentication efficiency. A traceable anonymous authentication scheme based on elliptic curve is proposed to solve the problem of identity privacy disclosure and malicious node tracking in wireless sensor networks. In the scheme, the linked ring signature based on elliptic curve cryptosystem is used to realize the anonymous communication of nodes, and some additional information is attached to the ring signature at the same time. Make it possible to trace the true identity of the signer through the collaboration of all nodes in the ring if necessary. It is used to solve the problem of identity privacy disclosure and malicious node tracing in wireless sensor network. Only the message can be forwarded until the message is finally authenticated by the receiving node. The scheme adopts hop authentication to realize the authentication of the intermediate node and utilizes the link property of ring signature. The traceability of malicious nodes is realized. Through theoretical analysis, the traceable anonymous authentication scheme based on elliptic curve can realize anonymous communication. The authentication of intermediate nodes is provided, and compared with the comparison scheme, it shows that when the signature generation and authentication cost are the same, the link property of ring signature can be used to realize the traceability of malicious nodes. In order to improve the authentication efficiency and protect the privacy of nodes and perceived objects, the performance and network security are improved. This paper presents an efficient batch authentication scheme based on elliptic curve in wireless sensor network. The scheme uses elliptic curve technology to sign and realize batch authentication without using bilinear pairs. The binary search technique can be used to authenticate the message recursively. The identity information of the node can not be exposed during the transmission of the message, and the identity of the suspicious node can be tracked. The theoretical analysis and simulation results show that. This scheme ensures the authentication, integrity and non-repudiation of messages, and has advantages in time overhead, storage overhead, message delivery rate and message transmission delay, and compared with other schemes. It has higher security and better performance.
【学位授予单位】：安徽大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP309;TP212.9;TN929.5

【参考文献】