CN101588235B - MIPv6 based security multicast method and steps - Google Patents
MIPv6 based security multicast method and steps Download PDFInfo
- Publication number
- CN101588235B CN101588235B CN 200910021030 CN200910021030A CN101588235B CN 101588235 B CN101588235 B CN 101588235B CN 200910021030 CN200910021030 CN 200910021030 CN 200910021030 A CN200910021030 A CN 200910021030A CN 101588235 B CN101588235 B CN 101588235B
- Authority
- CN
- China
- Prior art keywords
- gcks
- group
- multicast
- key
- group membership
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000004891 communication Methods 0.000 claims abstract description 18
- 230000008569 process Effects 0.000 claims description 8
- 230000005540 biological transmission Effects 0.000 claims description 5
- 239000004576 sand Substances 0.000 claims description 5
- 238000013507 mapping Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims description 2
- 230000004044 response Effects 0.000 claims description 2
- 238000012163 sequencing technique Methods 0.000 claims description 2
- 230000006870 function Effects 0.000 abstract description 12
- 238000005516 engineering process Methods 0.000 abstract description 10
- 238000010295 mobile communication Methods 0.000 abstract description 2
- 239000010410 layer Substances 0.000 description 8
- 230000014509 gene expression Effects 0.000 description 5
- 239000000463 material Substances 0.000 description 5
- 230000008901 benefit Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 101000896740 Solanum tuberosum Cysteine protease inhibitor 9 Proteins 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- JEIPFZHSYJVQDO-UHFFFAOYSA-N ferric oxide Chemical compound O=[Fe]O[Fe]=O JEIPFZHSYJVQDO-UHFFFAOYSA-N 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000000638 solvent extraction Methods 0.000 description 2
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005315 distribution function Methods 0.000 description 1
- 239000011229 interlayer Substances 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Abstract
The invention belongs to the field of communication network security, and relates to an MIPv6 based security multicast method applied to a mobile communication network, which is characterized in that: the method comprises an authentication center 1, a group member 2, a multicast source 3 and GCKS 4, wherein the authentication center is used for authenticating the group member, the multicast source and the GCSK and distributing certificates; the GCKS is used for authenticating access registration and distributing key update messages for the group member to forward an information list of the group member 2 to an access router, is used for performing security association negotiation with the multicast source, and is used for negotiating and constructing a group key among GCKS; the multicast source 3 is used for sending a multicast data packet to the group member 2 through an intermediate router; and the group member 2 is used for acquiring the multicast data packet. The method makes that the security multicast technology can be used for actual multicast application become possible, improves the security of multicast communication, separates functions of the GCKS and the router, and can well avoid the problem of single point of failure to improve the multicast management efficiency obviously.
Description
Technical field
The invention belongs to field of communication network security, relate to a kind of safe multicasting method that is applied in the mobile communications network based on MIPv6.
Background technology
Multicasting technology is a kind of traffic model for multicast communication and multiparty collaboration application.Refer to that transmit leg only transmits a piece of data, by allowing networking element (such as multicast router and switch) copy the data of required umber to the recipient, then packet suitable be forwarded to all users.The advantage of multicast is to reduce the calculated load of transmit leg, also can reduce the umber of online data, thereby utilizes efficiently Internet resources.A lot of application has been arranged at present: satellite television is relayed, the online distribution of software and upgrading, quotations on the stock market stream, Web ultrahigh speed buffering storage, MFTP, Internet Protocol Television is long-range and video conference, multimedia conferencing, video request program, multi-party network game, collaborative computer work all need 1 to arrive how or to arrive many cast communication technology more.
Yet the safety problem of multicast has but hindered being widely used of multicasting technology.The SMuG of IRTF and the MSEC of IETF think: Secure multicast data handling, cryptographic cipher key material management and security of multicast strategy are three aspects of security of multicast.Present research mainly concentrates on the management of Secure multicast data handling and cryptographic cipher key material, and wherein Secure multicast data handling mainly is to use to encrypt and authentication techniques, and the cryptographic cipher key material management then mainly contains centralized, distributed and shares the method for formula.
Although the method that clear and definite multicast packet is processed, encryption and authentication techniques have just been paid close attention in present research, but do not specify how to finish in the network of reality to encrypt and authenticate.And three kinds of modes of cryptographic cipher key material management respectively have quality, be chosen according to the actual conditions of use, also have with top same problem to be exactly, no matter how which kind of key management mode of use is applied to real network with the administrative model of studying also also indefinite.
And IPv6 and mobile network's development is the inexorable trend of network service.The data processing and the multicast key management technology that how to design the safe multicasting that can satisfy the application requirements that meets mobile IP v 6 are one of the targets in security of multicast field.
Present research or only pay close attention to authentication and cryptographic algorithm itself perhaps from illustrating how to finish efficiently group key management in logic, or is only applicable under fixed network or the IPv4 environment.For multicasting technology can be used in the next generation network environment fully, in the urgent need to designing a kind of security of multicast technology that satisfies under the IPv 6 environment.
Summary of the invention
The objective of the invention is under mobile IP v 6, a kind of overall plan of feasible safe multicasting is provided, and from the feasibility of this scheme of communication mechanism explanation; Propose on this basis a kind of dynamic layered multicast key management technology, and a kind of multicast encryption method, GC/KS (group controller/key server), multicast group and the multicast source that have provided under this model form.
The object of the present invention is achieved like this, and a kind of safe multicasting method and step based on MIPv6 is characterized in that: it comprises CA (authentication center) 1, group membership 2, multicast source 3 and GCKS4;
Wherein, CA (authentication center) 1 is for authentication and distributing certificates to group membership and multicast source and GCKS;
GCKS4 is used for group membership 2 is carried out the distribution of access registration authentication, key updating message, is used for transmitting to couple in router group membership 2 information list; Being used for carrying out SA (security association) with multicast source consults; Be used for consulting between GCKS to make up group key;
Multicast source 3 is used for sending multicast packet by intermediate router to group membership 2;
Group membership 2 is used for obtaining multicast packet.
The CA dispositions method of PKI PKIX is adopted at described CA center; The form of distributing certificates adopts based on form X.509.
Be used among the described GCKS carrying out the cryptographic algorithm that SA (security association) consults to comprise use with multicast source, encryption key, and the parameter of SA is such as { source ip, purpose ip, spi} etc., and specify spi by GCKS.
Described GCKS finishes after the authentication of group membership's access registration, is to send group membership's tabulation to couple in router.
Described couple in router can be a plurality of.
A kind of safe multicasting step based on MIPv6, its step comprises:
A) at first the CA center authenticates and distributing certificates GCKS;
B) the CA center is to potential group membership and multicast source authentication and distributing certificates;
C) couple in router sends MLD (Multicast Routing is intercepted) message;
D) potential group membership sends login request message to GCKS, shows to add multicast group;
E) GCKS sends the registration request response message to potential group membership, makes potential group membership become the group membership;
F) GCKS is to group membership's multicast group key k
Group
G) GCKS applies for that to the group membership Router that adds sends believable member's tabulation;
H) couple in router transmission MLD replys and determines that potential group membership adds multicast group;
I) GCKS and multicast source consult to set up SA (security association);
J) multicast source k
GroupThe encrypted group broadcast data communication device is crossed couple in router to the multicast group multicast data forwarding.
Described step a), b) in, GCKS and member obtain to finish when certificate can be real time communication, also can finish in advance at one's leisure; Described step b) in, comprises the GCKS information of step in a); Described steps d) in, can be by b) in GCKS information determine that this files an application to those GCKS; Described steps d), e) be the mutual authentication of under GCKS and member obtain situation at the certificate at CA center, carrying out; Described step f), g) do not have obvious sequencing, even can finish simultaneously.
Described safe multicasting step comprises that also potential group membership's adding and the group membership through the CA center certification leaves.
Described potential group membership adds step and comprises:
A) the potential group membership who obtains certificate makes it become the group membership to multicast group of GCKS application requirement adding;
B) group membership sends m to GCKS
i, GCKS recomputates f(x)=(∏ (x-H (r
sm
i))+k
Group) modq, comprising the new group key of GCKS negotiation structure on upper strata;
C) GCKS and multicast source are consulted to set up new SA, and comprise new group key;
D) GCKS upgrades group membership's tabulation to couple in router;
E) multicast source sends multicast packet to the group membership.
Described member leaves step:
A) GCKS recomputates f (x)=(∏ (x-H (r
sm
i))+k
Group) modq, comprising the new group key of GCKS negotiation structure on upper strata;
B) GCKS and multicast source are consulted to set up new SA, and comprise new group key;
C) GCKS upgrades group membership's tabulation to couple in router;
D) multicast source sends multicast packet to the group membership.
Described group key k
GroupBy the following method management, at first determine by the situation of network whether GCKS is divided into GCKS and the virtual GCKS in upper strata of bottom reality, when the situation of network determined that GCKS is divided into the virtual GCKS in the GCKS of bottom reality and upper strata, the group cipher key negotiation between the virtual GCKS in upper strata and the negotiation of carrying out SA with multicast source were finished by the GCKS of bottom reality; The virtual GCKS in upper strata builds up complete binary tree; When the situation of network do not need to determine to make up the virtual GCKS in upper strata, then the GCKS by the bottom reality finished the negotiation of carrying out SA with multicast source.
The situation of described network is to stipulate according to the logical partitioning of region or multicast address or safe class or above-mentioned three's combination.
Described group key k
GroupConstruction method is:
A) group membership sends the key material m that makes up subgroup key to GCKS
i, corresponding GCKS makes up
F (x)=(∏ (x-H (r
sm
i))+k
Group) form of modq comprises group key k
Group
B) make up group key between GCKS;
C) GCKS of bottom is obtaining b) in behind the group key that builds, as the k in a)
Group, and with r
sAnd f (x)=(∏ (x-H (r
sm
i))+k
Group) modq issues the group membership.
In the described steps A, carry out as follows:
A1. the group membership by the GCKS authentication sends a random number m to GCKS
i, the GCKS m of all members in the group
iAnd selection random number r
sMake up f (x)=(∏ (x-H (r
sm
i))+k
Group) multinomial that comprises group key of modq form, wherein, r
sTo group membership's multicast (or broadcasting); And k
GroupFrom the group key that makes up among the step b;
A2. ought there be the member to add fashionable, such as M
I+1Add multicast group, then GCKS selects new r '
sAnd rebuild f ' (x)=((x-H (r '
sm
I+1)) ∏ (x-H (r '
sm
i))+k '
Group) modq, wherein, r '
sAgain chosen by GCKS, and to new group member's multicast (or broadcasting), and k '
GroupAgain negotiation from following step b makes up;
A3. ought there be the member to leave, such as M
kLeave, then GCKS makes up the new M that do not comprise
kInformation
Wherein, r "
sAgain chosen by GCKS, and to group member's multicast (or broadcasting), and k "
GroupThen come from following step b) in again consult to make up.
Carry out as follows among the step b that described key makes up:
GCKS when bottom
iWhen not having the brotgher of node, GCKS
iDirectly finish negotiation with the corresponding brotgher of node with own as the father node of oneself; When not having the brotgher of node and during as root node, selecting at random s
i(s
i∈ (1,2 ..., q-1)) and calculate k
Group=H (s
iP) as group key;
GCKS when bottom
iWhen having the brotgher of node, GCKS
iWith the own certificate that obtains from the CA center the other side is authenticated first, authentication is passed through, and then finishes: GCKS
iThe random s that selects
i∈ (1,2 .., q-1), and calculate s
iP, P are that exponent number is a certain elliptic curve module G on the finite field of q
1In a bit, exchange s between the brotgher of node
iP also calculates shared key between the two, and account form adopts to advance based on the Bilinear Method of elliptic curve, namely
Wherein H satisfies:
A hash function that uses SHA-1 or MD5, Z
q *A finite field on the q, G
2To satisfy mapping
The exponent number of bilinear map be a certain elliptic curve multiplicative group on the finite field of q; The GCKS on upper strata
Ij(expression GCKS
iBetween the upper strata GCKS that consults) between when consulting to make up the GCKS on its upper strata, select
Finish in the same way, until arrive the center GCKS of top layer, produce
The step C that described key makes up is included in GCKS and sends when comprising the information of group key to the group membership, sends simultaneously the f (x) that GCKS makes up=(∏ (x-H (r
sm
i))+k
Group) employed current r during modq
s, the group membership is obtaining current r
sAfter calculate H (r
sm
i) could calculate the acquisition group key.
The present invention has following advantage:
1. the present invention has provided feasible safe multicasting deployment scheme owing to considering from the network design of reality, has provided the initial procedure that cast communication is set up, and making the safe multicasting technology can be used in actual multicast application becomes possibility.
2. the present invention is owing to the authentication mechanism that has used when initial based on the certificate at CA center, when adding concrete multicast group, used with GCKS the group membership has been carried out access authentication again one time, used the key that is fit to safely and efficiently the mobile device application to make up algorithm, the fail safe that has improved cast communication in cryptographic algorithm.
3. the present invention is owing to having limited the subgroup number of members, and select at random GCKS to finish upper strata GCKS function at the key management layer, the function of also having separated GCKS and router, can be good at avoiding the single point failure problem, and reduced to a certain extent the possibility that DoS (denial of service) attacks.
4. the present invention uses GCKS to hold consultation as agency and the multicast source of multicast group, determines SA parameter s pi by GCKS, has solved how about carry out the problem that SA consults in cast communication.
5. the present invention is owing to having used dynamic layered key management algorithm, the obvious raising that multicast management efficient is obtained.
6. the present invention sets up the group membership's who comprises in the process adding and the situation of leaving owing to having used a kind of new cryptographic algorithm in conjunction with cast communication, uses the encryption method based on the real-time change of polynomial hash function in subgroup; Used before this certificate of GCKS that the other side is authenticated at the GCKS layer, used afterwards based on the bilinear key schedule of elliptic curve and generated key and use Message Digest 5 group cipher key generating based on SHA-1 or MD5, make the fail safe of whole system very high, accomplished forward secrecy and backward maintain secrecy, or even key independence completely.And in amount of calculation and the traffic a well compromise is arranged, make this method be fit to the application of mobile multicast communication equipment.
For purpose of the present invention, feature and advantage can be become apparent, implement embodiment of the present invention is done to say in detail below in conjunction with accompanying drawing.
Description of drawings
Fig. 1 is embodiment of the invention principle schematic;
Fig. 2 is the procedure chart of setting up of cast communication of the present invention;
Fig. 3 is processing member adition process figure of the present invention;
Fig. 4 is processing member departure process figure of the present invention;
Fig. 5 is key management model figure of the present invention.
Among the figure: 1, CA (authentication center); 2, group membership; 3, multicast source; 4, GCKS.
Embodiment
With reference to Fig. 1, the present invention includes 4 parts, namely the CA center 1, GCKS 4 (group controller/key server), group membership's (multicast group) 2 and multicast source 3.Wherein, CA (authentication center) 1 is for authentication and distributing certificates to group membership and multicast source and GCKS; GCKS4 is used for group membership 2 is carried out the distribution of access registration authentication, key updating message, is used for transmitting to couple in router group membership 2 information list; Being used for carrying out SA (security association) with multicast source consults; Be used for consulting between GCKS to make up group key; Multicast source 3 is used for sending multicast packet by intermediate router to group membership 2; Group membership 2 is used for obtaining multicast packet.
As can be seen from Figure 1, the CA center authenticates the also CA dispositions method of distributing certificates employing PKI PKIX to multicast source, GCKS and group membership, the form of certificate adopts general in form X.509, comprises in signature algorithm and user's public key algorithm: the q rank module G on a certain large prime number q (being not less than 128), the elliptic curve
1, the q rank multiplicative group G on the elliptic curve
2,
Bilinear map,
Use SHA-1 or the hash function of MD5; Out of Memory as ID etc. with X.509 the same.And multicast source is when sending data to the group membership, and the SA of use (security association) is and organizes corresponding GCKS and consult; GCKS is responsible for group membership's registration, sends key updating message and makes up group key to the group membership; Multicast source can be the outer member of group, also can be the group member.
The present invention also can be divided into three parts by the secure group communication mode, is respectively communication module, key management module and authentication module.Wherein I is IP multicast module, and heavy line represents the transmission path of multicast packet; II represents the group key management part.Fine line represents to organize GCKS and group membership's negotiation and to group membership's management, and chain-dotted line refers to the key agreement that may exist between GCKS.The corresponding a plurality of routers of possibility under the GCKS4; III is authentication module.
Wherein, the multicast module refers to IP cast communication part, and multicast source sends multicast packet, and by intermediate router (perhaps switch) forwarding data bag, until multicast packet is sent to the group membership (recipient) 2 of requirement; Key management module is finished by GCKS, is responsible for the access authentication to group membership 2, the more transmission of new key, and consult to make up group key (detailed content illustrates below); Authentication module (CA center) is responsible for providing certificate with the legitimacy of proof GCKS4 (group controller/key server), group membership's (multicast group) 2 and multicast source 3 to group membership 2.Mode about authentication adopts existing ca authentication mode to finish, and the present invention does not do too much explanation.
With reference to Fig. 2, a kind of safe multicasting step based on MIPv6 is divided into 10 steps, these 10 steps are not each step to represent an information, but the content that will finish, four-headed arrow wherein represents a two-way reciprocal process, and unidirectional arrow is a unidirectional information process of transmitting: 10 concrete steps are:
Represent that such as step 201 the mutual of GCKS and CA center: GCKS must obtain in the CA center certificate, so that proof oneself is legal GCKS in following step 205, to prevent the GCKS deception;
Shown in step 202, the group membership also must carry out alternately with the CA center before becoming the member of multicast group, to become potential group membership, namely, only finished the operation in this step, and arbitrary group membership just possesses the qualification that adds multicast group.Wherein, obtain in the certificate the group membership, comprise the information of GCKS, namely the member can determine at the CA center to be authenticated by the again adding that those GCKS can finish oneself;
Step 203 is that the multicast router in a scope sends MLD (Multicast Routing is intercepted) or relevant information, to allow potential group membership can join in the multicast group;
Step 204,205, the potential group membership of 206 expressions must and GCKS mutually authenticate the potential group membership of guarantee and become real group membership, and comprise the information of multicast key to group membership's transmission; When wherein step 205 represented that also GCKS confirms to the group membership, GCKS was used in certificate that the CA center obtains and proves the legitimacy of oneself;
Step 207,208 expression GCKS also need to be responsible for finishing the tabulation that sends the group membership to couple in router, with allow the clear and definite information of couple in router this be sent to those group memberships, couple in router sends an acknowledge message to the group membership receiving after the group membership tabulates, and requires to add multicast group to allow the group membership confirm to receive multicast packet and can not repeat to GCKS;
Step 209,210 expressions, GCKS and multicast source consult to set up multicast source to the SA of this multicast group, the negotiation of this SA and the SA of clean culture consult similar, just the destination address of this SA use is group address, after all security related informations consult, multicast source just can be finished to the multicast group forwarding data, and the encryption key of data is the group keys that use the GCKS layer to consult.
The safe multicasting step comprises that potential group membership's adding and the group membership through the CA center certification leaves.Fig. 3 has provided potential group membership and has added step:
Step 301 is finished the CA center to arbitrary member authentication and distributing certificates;
Step 304 is finished GCKS and is upgraded group membership's tabulation to couple in router;
Step 305 is finished couple in router and is sent multicast packet to the group membership;
Dotted line represents the current group membership under the GCKS.
With reference to Fig. 4, the member leaves step and is:
Step 401 is finished group membership Mleave and is left multicast group;
Step 402 is finished GCKS and is upgraded group membership's tabulation to couple in router, and GCKS recomputates f (x)=(∏ (x-H (r
sm
i))+k
Group) modq, comprising the new group key of GCKS negotiation structure on upper strata;
Step 403 is finished couple in router and is sent multicast packet to the group membership;
Dotted line represents the current group membership under the GCKS.
The dynamic layered multicast key management illustraton of model that the present invention uses as shown in Figure 5, solid line partly is group membership and the bottom GCKS that conscientiously exists, group membership such as M1, M2, Mn, bottom GCKS such as GCKS_1, GCKS_2.The GCKS on upper strata and dotted line refer to that virtual GCKS and possible negotiation make up center GCKS logic.The GCKS on upper strata such as GCKS12, GCKS12, GCKS12, GCKS34, GCKS14, GCKS58, GCKS18.SG1, SG2 represent subgroup.At first determine by the situation of network whether GCKS is divided into GCKS and the virtual GCKS in upper strata of bottom reality, when the situation of network determined that GCKS is divided into the virtual GCKS in the GCKS of bottom reality and upper strata, the group cipher key negotiation between the virtual GCKS in upper strata and the negotiation of carrying out SA with multicast source were finished by the GCKS of bottom reality; The virtual GCKS in upper strata builds up complete binary tree; When the situation of network do not need to determine to make up the virtual GCKS in upper strata, then the GCKS by the bottom reality finished the negotiation of carrying out SA with multicast source; The situation of network is to stipulate according to the logical partitioning of region or multicast address or safe class or above-mentioned three's combination.
On the upper strata be enough structures center GCKS we do following regulation: when in certain scope, such as one inside the province or in wireless network scope or within network segment, when level of security is identical, just use identical logical address (such as group ID), and make up the forwarding that center GCKS finishes multicast packet; Otherwise, do not make up the GCKS at center, and finished and the negotiation of multicast source and the tasks such as structure distribution of group key as root node by each GCKS.
The detailed process that the present invention makes up key is:
1, potential group membership must hold consultation when requiring to add a certain multicast group to GCKS.Consult complete after, potential group membership M
iBecome legal group membership.M
iThe random m that chooses
iAnd with m
iPass to corresponding GCKS.GCKS is obtaining m
iRear calculating H (r
sm
i) and make up f (x)=(∏ (x-H (r
sm
i))+k
Grop) modq.Wherein, r
sBe the random integer of selecting of GCKS, its implication is: (need new group key) when having the member to change, GCKS produces a random number r
sAnd with new r
sStructure comprises the multinomial of group key, and simultaneously, GCKS broadcasts r to its group membership
sAccordingly, the member broadcasts the r that comes at acquisition GCKS
sAfter, produce H (r
sm
i) could decipher the new polynomial f that comprises group key (x).H is a hash function hash function, and its form illustrates below.k
GroupMade up by the GCKS interlayer, detailed process is referring to 2, the 3 following steps.
2, the GCKS layer consults to make up group key
At the GCKS layer, according to the requirement of group key management, make up as much as possible complete binary tree according to network condition.The structure of key is divided into following two kinds of situations to be finished:
A. work as GCKS
iWhen not having the brotgher of node, GCKS
iDirectly finish negotiation with the corresponding brotgher of node with own as the father node of oneself; When not having the brotgher of node and during as root node, selecting at random s
i(s
i∈ (1,2 ..., q-1)) and calculate k
Group=H (s
iP) as group key;
B. work as GCKS
iWhen having the brotgher of node, GCKS
iWith the own certificate that obtains from the CA center the other side is authenticated first, authentication is passed through, and then finishes: GCKS
iThe random s that selects
i∈ (1,2 ..., q-1), and calculate s
iP, P are that exponent number is a certain elliptic curve module G on the finite field of q
1In a bit, exchange s between the brotgher of node
iP also calculates shared key between the two, and account form adopts carries out [7] based on the Bilinear Method of elliptic curve, namely
Wherein H satisfies:
A hash function that uses SHA-1 or MD5, Z
q *A finite field on the q, G
2To satisfy mapping
The exponent number of bilinear map be a certain elliptic curve multiplicative group on the finite field of q.The GCKS on upper strata
Ij(expression GCKS
iBetween the upper strata GCKS that consults) between when consulting to make up the GCKS on its upper strata, select
Finish in the same way, until arrive the center GCKS of top layer, produce
3, the GCKS distribution function that makes up group key with function and the group key of first two steps,
GCKS
iObtain group key k
GroupAfter, k
GroupAs f (x)=(∏ (x-H (r
sm
i))+k
Group) k among the modq
GroupIssue the group membership, the H (r of group membership's substitution oneself
sm
i) just can obtain group key k
Group
Below, we give an example, and this key of brief description makes up and distribution thought: as shown in Figure 5, multicast group comprises 8 subgroups (i.e. 8 GCKS) and consults to have made up center GCKS
18
As shown in Figure 5, bottom GCKS makes up the function that comprises group key with group membership's information, with GCKS
1Be example.If the group member is M
1, when new member M is arranged
2When entering, GCKS makes up f (x)=((x-H (r
sm
1)) (x-H (r
sm
2))+k
Group) modq, fashionable whenever there being the newcomer to add, all finish similar operation; In a certain moment, functional form is f (x)=(∏ (x-H (r
sm
i))+k
Group) modq, member M
j1,2 leave (j can be: ... among the n any one), then GCKS makes up
And r '
sIssue in the lump group membership, wherein k ' with above-mentioned function
GroupConsult to make up from the GCKS layer on upper strata.
Consulting to make up the group key district, according to above-mentioned steps 2, GCKS
1And GCKS
2Between, GCKS
1To GCKS
2Send s
1P, GCKS
2To GCKS
1Send s
2P, both sides all calculate
And virtual GCKS district, GCKS
12Select
GCKS
34Select
Then calculate respectively s
12P and s
34P also passes to its brotgher of node with result of calculation, and both sides all calculate
Finish in this manner, until the key that produces when arriving root node is group key always.Group key in the example as shown in Figure 5 then is
At last, GCKS
iThe information that comprises group key to group membership's multicast, whole key makes up and distribution is finished.
Claims (3)
1. safe multicasting method based on MIPv6, its step comprises:
A. at first authentication center authenticates and distributing certificates GCKS;
B. authentication center is to potential group membership and multicast source authentication and distributing certificates;
C. couple in router sends Multicast Routing and intercepts message;
D. potential group membership sends login request message to GCKS (4), shows to add multicast group;
E.GCKS (4) sends the registration request response message to potential group membership, makes potential group membership become the group membership;
F.GCKS makes up group key k
Group, and to all group membership's multicast group key k
Group
G.GCKS (4) applies for that to the group membership couple in router that adds sends believable member's tabulation;
H. couple in router receives that the credible member rear transmission MLD that tabulates replys and determines that potential group membership adds multicast group; Wherein, MLD is the abbreviation of multicast listener discovery;
I.GCKS (4) and multicast source negotiation to establish safety relation;
J. multicast source group key k
GroupThe encrypted group broadcast data and by couple in router to the multicast group multicast data forwarding;
Among described steps A, the B, GCKS (4) and member obtain to finish when certificate is real time communication, or finish in advance at one's leisure; Be distributed to the GCKS information that comprises in the certificate information of potential group membership and multicast source in the steps A among the described step B; Among the described step D, determine that by the GCKS among the B (4) information this files an application to those GCKS (4); Described step D, E are the mutual authentications of carrying out under GCKS (4) and member obtain situation at the certificate of authentication center; Described step F, G do not have sequencing, can finish simultaneously;
In the described step F, described group key k
GroupConstruction method is:
When only having a GCKS in the network, random number s of the random selection of this GCKS
i(s
i∈ (1,2 ..., q-1)), and calculate k
Group=H (s
iP) as group key, wherein P is that exponent number is a certain elliptic curve module G on the finite field of q
1In a bit, H () is hash function;
When having a plurality of GCKS in the network, these GCKS consist of a pair of brotgher of node in twos, as a GCKS
iThere is brotgher of node GCKS
jThe time, GCKS
iAnd GCKS
jWith the own certificate that obtains from authentication center the other side is authenticated first, authentication is passed through, and then finishes: GCKS
iRandom number s of random selection
i∈ (1,2 ..., q-1), and calculate s
iP, P are that exponent number is a certain elliptic curve module G on the finite field of q
1In a bit, exchange s between the brotgher of node
iP also calculates shared key k between the two
I1i2, account form adopts the Bilinear Method based on elliptic curve, namely
Wherein H satisfies:
A hash function that uses SHA-1 or MD5, G
2To satisfy mapping
The exponent number of bilinear map be a certain elliptic curve multiplicative group on the finite field of q; GCKS
iAnd GCKS
jSelect one of them as the GCKS on upper strata
Ij, GCKS
IjThe GCKS that selects with other brotghers of node makes respectively selection again
Generate in the same way shared key, and continue to select a GCKS to produce shared key as upper strata GCKS and other upper stratas GCKS, this process is continued until the center GCKS (4) that produces top layer, and group cipher key generating
Wherein,
It is the multiplicative group of mould q.
2. a kind of safe multicasting method based on MIPv6 according to claim 1 is characterized in that: in the described step F, and group key k
GroupDistribution method be:
A. all group memberships send a random number m to GCKS (4) in the multicast group
i, GCKS (4) m of all members in the group
iAnd selection random number r
sMake up
F (x)=(∏ (x-H (r
sm
i))+k
Group) multinomial that comprises group key of mod q form; Wherein, q is large prime number, H (r
sm
i) be by parameter r
s, m
iThe hash function that consists of, k
GroupBe group key;
B.GCKS is to group membership's multicast or broadcasting r
sWith new polynomial f (x);
C. the group membership broadcasts the random number r that comes at acquisition GCKS
sAfter, produce H (r
sm
i) the new polynomial f that comprises group key (x) of deciphering, obtain group key k
GroupWherein, H (r
sm
i) be by parameter r
s, m
iThe hash function that consists of, m
iRandom number for group membership's generation.
3. a kind of safe multicasting method based on MIPv6 according to claim 1, described safe multicasting method comprise that also the potential group membership of authenticated center (1) authentication adds and the group membership leaves; Potential group membership adds step and comprises:
A) the potential group membership who obtains certificate makes it become the group membership to multicast group of GCKS (4) application requirement adding, is designated as Mi;
B) the new group membership Mi that adds sends a random number m to GCKS (4)
i, GCKS (4) selects new r '
sRecomputate polynomial f ' (x)=((x-H (r '
sm
I+1)) ∏ (x-H (r '
sm
i))+k '
Group) mod q, wherein f (x) refers to be used to the multinomial that rebuilds group key, r
sThe random number that GCKS (4) selects, m
I+1Be the random number that newly adds member's selection of multicast group, q is large prime number, H (r
s, m
i) be by parameter r
s, m
iThe hash function that consists of, group key k
GroupBe old group key;
C) GCKS (4) and multicast source are consulted to set up new security association again, comprise new group key in the security association messages;
D) GCKS is to all group membership's multicasts or broadcasting r '
sAnd f (x);
E) GCKS (4) upgrades group membership's tabulation to couple in router;
F) multicast source sends multicast packet to the group membership;
The group membership leaves step:
A) GCKS (4) selects random number r "
sRecomputate multinomial
B) GCKS (4) and multicast source are consulted to set up new security association again, comprise new group key in the security association messages;
C) GCKS is to all group membership's multicasts or broadcasting r '
sAnd f (x);
D) GCKS (4) upgrades group membership's tabulation to couple in router;
E) multicast source sends multicast packet to the group membership.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200910021030 CN101588235B (en) | 2009-01-23 | 2009-01-23 | MIPv6 based security multicast method and steps |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200910021030 CN101588235B (en) | 2009-01-23 | 2009-01-23 | MIPv6 based security multicast method and steps |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101588235A CN101588235A (en) | 2009-11-25 |
CN101588235B true CN101588235B (en) | 2013-04-17 |
Family
ID=41372313
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200910021030 Expired - Fee Related CN101588235B (en) | 2009-01-23 | 2009-01-23 | MIPv6 based security multicast method and steps |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101588235B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
BR112014006225B1 (en) | 2011-09-20 | 2022-05-10 | Koninklijke Philips N.V. | Method of adding a new device to a device group, and method of managing membership of a device group |
CN102413465B (en) * | 2012-01-04 | 2015-04-08 | 西安电子科技大学 | Safe multicast key management method based on MIPv6 (Mobile Internet Protocol version 6) |
CN104639343B (en) * | 2013-11-15 | 2018-04-27 | 华为终端(东莞)有限公司 | The method and apparatus of file transmission |
CN103957102B (en) * | 2014-03-11 | 2017-02-08 | 西南科技大学 | Safety multicast source authentication method based on group data packet coupling |
CN104270350B (en) * | 2014-09-19 | 2018-10-09 | 新华三技术有限公司 | A kind of transmission method and equipment of key information |
CN109451501B (en) * | 2018-12-17 | 2021-05-28 | 重庆邮电大学 | IPv6 industrial wireless network data secure transmission method based on broadcast signcryption |
-
2009
- 2009-01-23 CN CN 200910021030 patent/CN101588235B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN101588235A (en) | 2009-11-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108667616B (en) | Cross-cloud security authentication system and method based on identification | |
Zhao et al. | A survey of applications of identity-based cryptography in mobile ad-hoc networks | |
CN100596063C (en) | Distributing system, method and device for group key control message | |
US9148421B2 (en) | Method and system for encryption of messages in land mobile radio systems | |
Zhang | Key management scheme for secure channel establishment in fog computing | |
CN101309137B (en) | Uni-directional function tree multicast key management method based on cipher sharing | |
US20100268943A1 (en) | Method and System for Source Authentication in Group Communications | |
CN101588235B (en) | MIPv6 based security multicast method and steps | |
CN102447679B (en) | Method and system for ensuring safety of peer-to-peer (P2P) network data | |
Yang | Broadcast encryption based non-interactive key distribution in MANETs | |
Ometov et al. | Securing network-assisted direct communication: The case of unreliable cellular connectivity | |
Rhee et al. | A Group Key Management Architecture for Mobile Ad-hoc Wireless Networks. | |
Yang et al. | A group key agreement protocol based on ecdh and short signature | |
Li et al. | Distributed key management scheme for peer‐to‐peer live streaming services | |
Chien et al. | Identity-based key agreement protocol for mobile ad-hoc networks using bilinear pairing | |
Tomar et al. | Secure Group Key Agreement with Node Authentication | |
Kim et al. | Design of certification authority using secret redistribution and multicast routing in wireless mesh networks | |
Hur et al. | A multi-service group key management scheme for stateless receivers in wireless mesh networks | |
CN117241267B (en) | Quantum group key distribution method applicable to V2I scene based on blockchain | |
CN117729056B (en) | Equipment identity authentication method and system | |
Wang et al. | Pseudonym-based cryptography and its application in vehicular ad hoc networks | |
Thomas et al. | A novel decentralized group key management using attribute based encryption | |
Aye et al. | Key management for secure multicast over IPv6 wireless networks | |
Mutneja et al. | Secured transmission in cooperative groups using Group Key Management Protocol | |
Narayana et al. | Intra and Inter Group Key Authentication for Secure Group Communication in MANET |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130417 |