CN101600198A - Wireless sensor network security trust method based on identity - Google Patents

Wireless sensor network security trust method based on identity Download PDF

Info

Publication number
CN101600198A
CN101600198A CNA2009100232544A CN200910023254A CN101600198A CN 101600198 A CN101600198 A CN 101600198A CN A2009100232544 A CNA2009100232544 A CN A2009100232544A CN 200910023254 A CN200910023254 A CN 200910023254A CN 101600198 A CN101600198 A CN 101600198A
Authority
CN
China
Prior art keywords
node
prestige
centerdot
module
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2009100232544A
Other languages
Chinese (zh)
Other versions
CN101600198B (en
Inventor
庞辽军
刘思伯
裴庆祺
焦李成
李慧贤
李茹
赵晓辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN2009100232544A priority Critical patent/CN101600198B/en
Publication of CN101600198A publication Critical patent/CN101600198A/en
Application granted granted Critical
Publication of CN101600198B publication Critical patent/CN101600198B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention discloses a kind of wireless sensor network security trust method based on identity, this method loads a trust management structure at first for each node of network, and described trust management structure is made of key management module, reception prestige module, storage prestige module, prestige computing module, application choice module, path management module, decision-making module, Prestige Management module and monitor module.On the trust management architecture basics by at broadcast query nodal information between node, receive inquiry response information, new node prestige and more by encrypting and authentication based on the public key cryptography of identity between node, the communication network that breaks the wall of mistrust is realized the secure communication of reputation information between node.The present invention reduces prestige complexity of calculation in the wireless sensor network, improves the fail safe of wireless sensor network trust system communication; Solved source node and destination node apart from the communication issue under the multiple jump condition, can satisfy fairly large self-organizing network and use.

Description

Wireless sensor network security trust method based on identity
Technical field
The present invention relates to the wireless sensor network security communications field, the safety management of trusting in the wireless sensor network.Specifically be the safety method that a kind of public-key cryptosystem of node identity Network Based is set up the network trust system, be implemented in secure communication on the trust network.
Background technology
In wireless sensor network, solve node energy limited, easily break down and easy victim physics such as catches at the safety problem that causes, the cryptographic approach of simple dependence is not enough to deal with problems, in the method for many solution communication securities, by increasing the faith mechanism of node, the safety that the method for structure trust network solves wireless sensor network has been subjected to researcher's concern in the industry.
Document " sensor network trust Administrative Security framework " (A Security Framework with Trust Management forSensor Networks, Security and Privacy for Emerging Areas in Communication Networks), 2005, pp.190-198, " a kind of wireless sensor network trust Governance framework disclosed.The main framework of this scheme is: at first each sensor node is all preserved the trust value of its neighbor node.When needing to communicate by letter between two nodes, source node obtains the direct trust of destination node by the observation of self, and the indirect trust of destination node is calculated the new trust value of destination node in conjunction with all the other neighbor nodes.Whether further communicate by letter according to the specific requirement decision of using again with destination node to trust value.At last,, design the security framework of wireless sensor network, thereby guarantee the security implementation of various application in conjunction with above-mentioned trust management mechanism.But also there are some defectives in this security framework: at first, trust information is transmitted safety and the authentication of not considering message in node, this has just caused assailant's some high trust value nodes that can disguise oneself as to mislead all the other nodes, or distort trust information, thereby even cause having trust management mechanism also can't thoroughly solve the problem of network security.Secondly, the initialization procedure of trusting, the poor operability that this has just caused network is not suitable for real network and uses.At last, this exists defective and deficiency this security framework on function, does not consider the influence and the problem according to the situation of communicating by letter once more upgraded of characteristics to trusting of sensor node self, and this makes that the frame structure of design is perfect inadequately.In addition, do not provide the operation and the solution of multi-hop, be difficult to satisfy fairly large self-organizing network and use.
Summary of the invention
The technical problem to be solved in the present invention is: overcome prior art realizing the problems referred to above in the reputation information transmission and trust management between node, a wireless sensor network security trust method based on identity is provided.Between node by encrypting and authenticate based on the public-key cryptosystem of identity with the reputation information that transmitted of protection; the reliability and the confirmability of reputation information had so both been guaranteed; also reduce computational complexity, be suitable for the wireless sensor network of energy constraint.
The scheme of technical solution problem of the present invention is: provide a wireless sensor network security trust method based on identity based on the identity public key cipher mechanism, load a trust management structure at first for each node of network, on the trust management architecture basics, pass through broadcast query nodal information between node, receive inquiry response information, more new node prestige is also by encrypting and authentication based on the public key cryptography of identity between node, communication network breaks the wall of mistrust, realize the communication of trusting, described trust management structure as shown in Figure 1, by key management module, receive the prestige module, storage prestige module, the prestige computing module, the application choice module, path management module, decision-making module, Prestige Management module and monitor module constitute, and the function of each module is as follows:
1, this module of key management module is as calculating and deposit source node and the identity of destination node and source node and neighbor node and corresponding shared key;
2, receive this module of prestige module and be used to receive the information that neighbor node transmits, and make next step processing according to the type of information: as what receive is query node information, then the query key administration module if having the node of being inquired about then sends inquiry response information, otherwise abandons this information; As what receive is inquiry response information, then sends the reputation information of this node of inquiry according to the node identity that sends response message; As what receive is the inquiry reputation information, then inquires about the prestige memory module, if having by the prestige of query node and then return the prestige response message, otherwise abandons this information; As what receive is the prestige response message, then query key administration module and deciphering, and correct deciphering then sends to prestige the prestige computing module, energy and up duration information is sent to path management module, otherwise abandon this information; As receive data message, then query key administration module deciphering, if the correct then authorization information reliability of decrypted result and send the data to the application that needs, otherwise abandon; As what receive is confirmation, and decision is to upgrade prestige or resend data according to the information content;
3, this module of storage prestige module is used to store and upgrade the reputation information of each neighbor node, and inquiry service is provided.Reputation information is according to the result of prestige computing module, and the report and the confirmation of monitor module are upgraded;
4, this module of prestige computing module is used for the calculating of node prestige.Querying node storage prestige module is found out self prestige to neighbor node, calculate the indirect prestige of this destination node about the prestige of destination node in conjunction with neighbor node, in conjunction with self the direct prestige of this destination node is calculated the new prestige of this destination node and updated stored prestige module then;
5, the specific requirement of the various application of this module stores of application choice module is for decision-making provides foundation;
6, this module stores of path management module is led to next hop neighbor node identity of destination node, corresponding energy, up duration information, at first receive and arrive all next hop neighbor nodes and its energy, up duration that destination node is passed through, the prestige module is stored in inquiry then, energy and up duration with the method computing node identical with prestige calculating, record arrives next hop neighbor node, corresponding energy, the up duration that destination node is passed through, for the decision-making module reference;
7, this module of decision-making module decides which node of use as next-hop node according to the concrete application requirements of application management module, the node credit value of prestige memory module, the feasible path that path management module provides;
8, this module of Prestige Management module receives the report information from monitor module, and according to information type updated stored prestige module and path management module; As the report content of receiving is broadcast message not in the stipulated time, and the accumulator number of times adds 1, and reduces quantity according to number of times decision prestige; As the report content of receiving is that information is distorted in broadcasting, directly with prestige zero setting, and sends report to path management module, and it is unreliable to put by the path of this node, as the report content of receiving is the correct information of broadcasting, and then trusting increases t 5, t wherein 5Be the numerical value of setting according to user's needs;
9, monitor module is used for whether broadcast message of monitor node, judge broadcast message whether with send consistent, transmit and report to Prestige Management module (report content comprises correct transmission, distort and state such as transmission not).Monitor at first whether next-hop node broadcasts to its data message, judge then information whether with send identical, concurrent sending reports to the Prestige Management module.
The present invention is as follows to the algorithm steps of the prestige of neighbor node B with prestige computing module computing node A:
The first step, computing node A has the trust summation of the node i of Node B prestige to all, and computing node A is to the trust of certain node i shared ratio in summation again, and formula is μ Ai ′ = μ Ai μ A 1 + μ A 2 + . . . + μ Ai + . . . + μ An (i=1,2 ..., n), u in the formula AiExpression node A is X to the trust of node i IjAverage, u Ai' expression node A is to trust shared ratio in trusting summation of node i;
Second step, use the indirect prestige of the result of calculation computing node A of the first step to Node B, formula is
X AB′=μ A1′X 1BA2′X 2B+…+μ Ai′X iB+…+μ An′X nB
In the formula
=N(μ A1′μ 1BA2′μ 2B+…+μ Ai′μ iB+…+μ An′μ nB,(μ A1′) 2δ 1B 2+(μ A2′) 2δ 2B 2+…+(μ Ai′) 2δ iB 2+…+(μ An′) 2δ nB 2)
X IB=N (u IB, σ IB 2) the expression node i is to the direct reputation information of Node B, Gaussian distributed, X AB' expression node A is to the indirect reputation information of Node B, Gaussian distributed, δ IB 2Represent direct prestige X IBVariance;
In the 3rd step, with the new prestige of the second result of calculation computing node A that goes on foot to Node B, formula is X AB"=ω X AB+ (1-ω) X AB' ω ∈ (0,1), ω represents the trusting degree of node to self, X in the formula AB" expression node A is to the new reputation information of Node B, Gaussian distributed;
The present invention is as follows to the prestige update algorithm of Node B with storage prestige module and prestige computing module computing node A:
The first step, node A calls the new prestige X of prestige algorithm computation A to B AB", and directly cover original prestige with it;
In second step, node A upgrades prestige according to the report of monitor module:
1) information of broadcast transmission in the scheduled time, then trusting increases t 1,
2) if not broadcasting then reduces t the 1st time 2, reduce t the 2nd time 3, reduce t the i time I+1, by that analogy, node prestige is put 0 until the n time,
3) broadcast the information of distorting, promptly directly node prestige is put 0;
The 3rd step, according to the content update of confirmation:
1) Data Receiving is correct, and trust value increases t 5t i(i=1,2 ..., n) represent the numerical value that the user sets as required;
2) receive and wrongly not change trust value with not receiving, only resend data.
The algorithm that the present invention chooses trusted node according to decision-making module, prestige computing module and path selection module is as follows:
The first step is called the prestige algorithm, calculates the new prestige X of all next-hop nodes Ai", dump energy and up duration,
In second step, select optimal node according to the requirement of using.
Break the wall of mistrust on the basis of the trust management structure step of communication network of the present invention is as follows:
The first step, node initializing, each node has identical prestige after the initialization; The identity ID of all peripherad neighbor node broadcasting of all nodes oneself i, the node of receiving information is known the identity of own neighbor node, and each node is only known the information of neighbor node, and the node beyond jumping for 2 is also ignorant, and node calculates shared key K with the identity of neighbor node and own private key IjLeave in the key management module; If will jump through n from source node S to destination node D, the path is S → N 1→ N 2→ ... → N i→ N I+1→ ... → N N-1→ D;
Second step is when source node S will need the neighbor node broadcast query nodal information ID around it when destination node D communicates by letter S|| ID D, whether the next-hop node of inquiry neighbor node destination node D, wherein, and ID SBe the identity of source node, ID DIt is the destination node identity;
In the 3rd step, the neighbor node of receiving query node information calls the identity that whether has destination node D in the key management module that receives prestige module inquiry oneself, is not destination node D as next jumping of neighbor node, then neighbor node N 1To its neighbor node N 2Follow the broadcast query nodal information
Figure A20091002325400111
Whether the inquiry next-hop node is destination node D, wherein,
Figure A20091002325400112
It is the identity of forward node;
If the 4th step is node N 2Next jumping be not destination node D, then repeated for the 3rd step, until node N N-1Find destination node D, this moment, query node information was ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D , All forward node all add the identity of oneself before message during this time, wherein, ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 It is the identity of all forward node;
If the 5th step is neighbor node N N-1Next jumping be destination node D, then N N-1Broadcast an inquiry response information ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D Give N N-2, wherein,
Figure A20091002325400124
Be that next jumping is the node identity of destination node, ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 Be the identity of all forward node, N N-2Broadcast this inquiry response information and give N N-3, so circulation is received this inquiry response information until the reception prestige module of source node S, in repeating process, the path management module of the node that all pass through all writes down in source node, destination node and this information neighbor node of oneself;
In the 6th step, the path management module of source node S is selected a node N in the inquiry response information at random 1As next-hop node, with in the key management module with the shared key K of D SDEncrypting plaintext information M is with data-message ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) Broadcasting, wherein,
Figure A20091002325400127
Be the identity of forward node, K SD(M, ε, H (M, ε)) are the shared key K with source node and destination node SD(M, ε), the reception prestige module of all the other nodes is judged ID and self is not inconsistent then message is abandoned to have only N to plaintext M, timestamp ε and the hash function H that encrypts 1Path management module be required the same select at random suitable next-hop node, for example a N to destination node with S 2, and broadcast data messages ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) , The monitor module of source node S is supervised N then 1The behavior of point, node N in Prestige Management module invokes prestige update algorithm updated stored prestige module and the path management module 1Information;
The 7th step repeated for the 6th step, received data-message until the reception prestige module of node D ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) After, use shared key K with source node S SDDeciphering sends a shared key K of using with source node S SDEncrypted validation information ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID D | | ID S | | K SD ( m , ϵ , H ( m , ϵ ) ) Give S, wherein, ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 Be all identity by node, K SD(H (M, ε)) is to use key K for M, ε SDTo m, ε, (m is the successful sign of communication to H for m, encrypted result ε);
In the 8th step, all nodes are according to the information of neighbor node in monitor module updated stored prestige module and the path management module in the communication, and the storage prestige module of source node S is according to the content update node N of confirmation 1Prestige;
In the 9th step, as communication failure, then the decision-making module of S selects prestige is high in the response of another Query Information node as next-hop node and repeated for the 6th to the 8th step;
By above-mentioned steps, in the process of communication, dynamically set up trust network, each node has different prestige in the trust network.
After trust network is set up, realize that on trust network the step of secure communication is as follows:
, jump through n to destination node D from source node S, the path is:
S→N 1→N 2→…→N i→N i+1→…→N n-1→D
1) to when communicating by letter, destination node D need the neighbor node broadcast query nodal information ID around it when source node S S|| ID D, whether the next-hop node of inquiry neighbor node is destination node D, wherein, and ID SBe the identity of source node, ID DIt is the destination node identity;
2) neighbor node of receiving query node information calls the identity that whether has destination node D in the key management module that receives prestige module inquiry oneself, is not destination node D as next jumping of neighbor node, then neighbor node N 1To its neighbor node N 2Follow the broadcast query nodal information
Figure A20091002325400131
Whether the inquiry next-hop node is destination node D, wherein, It is the identity of forward node;
3) if node N 2Next jumping be not destination node D, then repeat 2), until node N N-1Find destination node D, this moment, query node information was ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D , All forward node all add the identity of oneself before message during this time, wherein, ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 It is the identity of all forward node;
4) if neighbor node N N-1Next jumping be destination node D, then N N-1Broadcast an inquiry response information ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D Give N N-2, wherein, Be that next jumping is the node identity of destination node, ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 Be the identity of all forward node, N N-2Broadcast this inquiry response information and give N N-3, so circulation is received this inquiry response information until the reception prestige module of source node S.In repeating process, the path management module of the node that all pass through all writes down oneself the neighbor node in source node, destination node and this information;
5) source node S is according to receiving the inquiry response information that the prestige module is received, neighbor node N in the broadcast query inquiry response information 1Reputation information
Figure A20091002325400138
Wherein (i=1,2 ..., n), ID SBe the query node identity, By the query node identity,
Figure A200910023254001310
Be node N 1The prestige sign, ε is a timestamp, all receive that the node of inquiry reputation information all inquires about oneself storage prestige module, then, have node N 1The node of reputation information return prestige response message with the shared secret key encryption of own and source node S in the key management module
Figure A200910023254001311
Wherein (i=1,2 ..., n), ID iBe the identity of node i, ID SBe the identity of node S,
Figure A200910023254001312
It is shared key K with node i and source node S ISThe node i of encrypting is to node N 1Prestige
Figure A200910023254001313
With timestamp ε;
6) the prestige computing module computing node N of source node S 1Prestige and directly prestige indirectly, storage prestige module is new node N more 1Reputation information;
7) repeating step 5)-6), the prestige computing module of source node S calculates the reputation information of the neighbor node in all inquiry response information and upgrades;
8) decision-making module of the source node S trust value of the node in all inquiry response information relatively selects optimal node as the next-hop node that leads to D, such as being N according to the requirement of application choice module 1, with in the key management module with the shared key K of D SDEncrypting plaintext information M is with data-message ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) Broadcasting, wherein,
Figure A20091002325400142
Be the identity of forward node, K SD(M, ε, H (M, ε)) are the shared key K with the source and destination node SDThe plaintext M, the timestamp ε that encrypt, and hash function H (M, ε), the reception prestige module of all the other nodes is judged ID and self is not inconsistent then message is abandoned;
9) has only N 1Path management module be required repeating step 5)-8), select suitable next-hop node, for example a N to destination node 2, and broadcast data messages ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) , The monitor module of S is supervised N then 1The behavior of point, Prestige Management module invokes prestige update algorithm, node N in updated stored prestige module and the path management module 1Information;
10) repeating step 5)-9), receive message up to the reception prestige module of node D ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) After use shared key K with S SDDeciphering sends one and uses and the shared key K of source node SDEncrypted validation information ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 | | ID D | | ID S | | K SD ( m , ϵ , H ( m , ϵ ) ) Give source node S, wherein, ID N n - 1 | | ID N n - 2 | | . . . | | ID N i + 1 | | ID N i | | . . . | | ID N 2 | | ID N 1 Be all identity by node, K SD(H (M, ε)) is to use key K for M, ε SDTo m, ε, (m is the successful sign of communication to H for m, encrypted result ε);
11) all nodes are according to the reputation information of neighbor node in monitor module updated stored prestige module and the path management module in the communication, and the storage prestige module of source node S is also according to the content update node N of confirmation 1Prestige;
12) as communication failure, source point S repeating step 5 then)-8), the decision-making module of source node S is reselected optimal node and is jumped as next, if still select node N 1, then repeat last process up to node N 1Prestige be lower than requirement, select other nodes, communicate by letter successfully till.
The beneficial effect that the present invention is had compared with prior art:
1) use is based on the wireless sensor network security trust method of identity, load a trust management structure for each node of network, on the trust management architecture basics between node by encrypting and authenticate based on the public-key cryptosystem of identity, therefore, do not need to exchange a large amount of information between node and carry out a large amount of calculating, only need know that the identity of destination node can exchange reputation information safely, in the wireless sensor network of energy constraint, realize internodal encryption and authentication, thereby guarantee the reliability and the confirmability of reputation information, reduce prestige complexity of calculation in the wireless sensor network, improve the fail safe of wireless sensor network trust system communication;
2) solved the initialization problem that node is trusted, made node have identical prestige setting up the network initial stage,, had actual operability by the communication network that breaks the wall of mistrust of new node prestige more;
3) the trust management structure set up of the present invention and the trust network characteristics that meet wireless sensor network have actual availability; By send query node information, inquiry reputation information, receive inquiry response information, the prestige response message solved source node and destination node apart from the problem of communicating by letter under the multiple jump condition on trust network, make the present invention can satisfy fairly large self-organizing network and use.
Description of drawings
Fig. 1 trust management system frame structure of the present invention
Fig. 2 wireless sensor network example of the present invention topological structure
Embodiment
Fig. 2 has provided the wireless sensor network example topological structure based on identity of the present invention, in conjunction with the topological structure embodiment of Fig. 2, describes and sets up the course of work that a trust systems makes up;
One, makes up trust network
The identity ID of all peripherad neighbor node broadcasting of all nodes oneself i, the node of receiving information is just known the identity of own neighbor node, and calculates and share key K with oneself the private key and the identity of neighbor node IjLeave in the key management module, node is only preserved the prestige that one is jumped the neighbor node in the scope;
The first step, when node A attempts to communicate by letter with Node B, the Information ID of first broadcast query destination node B A|| ID B
Second step, the neighbor node C of node A, D, the next-hop node of E are destination node B, node C then, D, E sends the inquiry response Information ID i|| ID A|| ID BGive node A;
In the 3rd step, node A selects a node D as next-hop node at random, uses the shared key K with B ABEncrypting plaintext information M is with message id D|| ID A|| ID B|| K AB(M, ε, H (M, ε)) broadcasting, all the other nodes judge that ID and self status incongruence in the message then abandons message, has only node D to be required broadcast ID D|| ID A|| ID B|| K AB(M, ε, H (M, ε)), A supervises the behavior that D is ordered then;
The 4th step, after node D receives the message of encryption, broadcasting ID D|| ID A|| ID B|| K AB(M, ε, H (M, ε)) give B, simultaneously node A receive this information whether can verify with send identical, call the more reputation information of new node D of prestige update algorithm according to message correctness node A;
In the 5th step, Node B is received message id D|| ID A|| ID B|| K AB(M, ε behind the H (M, ε)), use the shared key K with node A ABDeciphering sends one then and encrypts shared key K ABThe affirmation Information ID D|| ID B|| ID A|| K BA(H (m, ε)) gives node A for m, ε;
The 6th step, the prestige that node A is ordered according to the content update D of monitor module and confirmation;
The 7th step, as the success of communicating by letter, then there is not next step action; As communication failure, then node A selects the high node of another one prestige as next-hop node;
By above-mentioned steps, the prestige system is set up in the process of communication dynamically, and this moment, the prestige of each node no longer was identical.
Two, on the prestige system, realize secure communication
1) when node A attempts to communicate by letter with Node B, needs whether the neighbor node broadcast query next-hop node around it be the Query Information ID of destination node B A|| ID B
2) the neighbor node C of node A, D, the next-hop node of E are destination node B, node C then, D, E sends the inquiry response Information ID i|| ID A|| ID BGive node A;
3) the reputation information ID of node A broadcast query node C A|| ID C|| X IC|| ε, then, the node with reputation information of node C returns, and uses the shared secret key encryption reputation query response message ID with node A i|| ID A|| K IA(X IC, ε);
4) node A calls indirect prestige and direct prestige, the more reputation information of new node C of prestige computational algorithm computing node C;
5) repeat above-mentioned steps 3)-4), the reputation information of computing node D and E also upgrades;
6) comparison node C, D, the trust value of E as the next-hop node that leads to destination node B, for example is node D according to the optimal node of application choice, uses the shared key K with destination node B ABEncrypting plaintext information M is with message id D|| ID A|| ID B|| K AB(M, ε, H (M, ε)) broadcasting, all the other nodes are judged ID DBe not inconsistent with self ID and then abandon message, have only node D to be required broadcast ID D|| ID A|| ID B|| K AB(M, ε, H (M, ε)), the behavior of node A supervision node D then;
7) after node D receives the message of encryption, broadcasting ID D|| ID A|| ID B|| K AB(M, ε, H (M, ε)) give destination node B, simultaneously node A receive this information whether can verify with send identical, call the more reputation information of new node D of prestige update algorithm according to message correctness node A;
8) destination node B receives message id D|| ID A|| ID B|| K AB(M, ε use the shared key K with A behind the H (M, ε)) ABDeciphering sends a shared key K of using with A ABThe encrypted validation Information ID D|| ID B|| ID A|| K BA(H (m, ε)) gives A for m, ε;
In the 9th step, node A calls the prestige update algorithm prestige of new node D more once more according to the content of confirmation;
In the tenth step, if communication failure, then node A repeating step one to five, reselects optimal node and jumps as next, if still select node D, then repeats last process and is lower than requirement up to the prestige of node D, selects other nodes, communicate by letter successfully till.

Claims (6)

1, wireless sensor network security trust method based on identity, it is characterized in that: load a trust management structure at first for each node of network, on the trust management architecture basics, pass through broadcast query nodal information between node, receive inquiry response information, more new node prestige is also by encrypting and authentication based on the public key cryptography of identity between node, communication network breaks the wall of mistrust, realize secure communication, described trust management structure is by key management module, receive the prestige module, storage prestige module, the prestige computing module, the application choice module, path management module, decision-making module, Prestige Management module and monitor module constitute, and the function of each module is as follows:
1) key management module is as calculating and deposit source node and the identity of destination node and source node and neighbor node and corresponding shared key;
2) receive the information that the prestige module receives neighbor node, and make next step processing according to the type of information, as what receive is query node information, then the query key administration module, if having the node of being inquired about then sends inquiry response information, otherwise abandon this information; As what receive is inquiry response information, then sends the reputation information of this node of inquiry according to the node identity that sends response message; As what receive is the inquiry reputation information, then inquires about the prestige memory module, if having by the prestige of query node and then return the prestige response message, otherwise abandons this information; As what receive is the prestige response message, and then query key administration module and deciphering correctly then send to prestige the prestige computing module, energy and up duration information are sent to path management module, otherwise abandon this information; As receive data message, then query key administration module deciphering, if the correct then authorization information reliability of decrypted result and send the data to the application that needs, otherwise abandon; As what receive is confirmation, and decision is to upgrade prestige or resend data according to the information content;
3) reputation information of storage prestige module stores and each neighbor node of renewal, and inquiry service is provided, described reputation information is according to prestige computing module result of calculation, and the report and the confirmation of monitor module are upgraded;
4) the prestige computing module carries out the calculating of node prestige, querying node storage prestige module is found out the prestige with neighbor node, calculate the indirect prestige of this destination node about the prestige of destination node in conjunction with neighbor node, in conjunction with this node the direct prestige of this destination node is calculated the new prestige of this destination node and updated stored prestige module then;
5) the various application requirements of application choice module stores are for decision-making provides foundation;
6) next hop neighbor node identity of destination node, corresponding energy, up duration information are led in the path management module storage, at first receive and arrive all next hop neighbor node identity, energy and the up duration that destination node is passed through, the prestige module is stored in inquiry then, with the energy and the up duration of the method computing node identical, for the decision-making module reference with prestige calculating;
7) decision-making module decides which node of use as next-hop node according to the application requirements of application choice module, the node prestige of prestige memory module and the feasible path that path management module provides;
8) the Prestige Management module receives the report from monitor module, and according to information type updated stored prestige module and path management module;
9) broadcast message of monitor module monitor node, the consistency of the judgement broadcast message and the information of transmission transmits and reports to the Prestige Management module.
2, the wireless sensor network security trust method based on identity according to claim 1 is characterized in that: described prestige computing module computing node A is as follows to the algorithm steps of the prestige of neighbor node B:
The first step has the trust summation of the node i of Node B prestige according to node A to all, and computing node A is to the trust of certain node i shared ratio in summation, and formula is μ Ai ′ = μ Ai μ A 1 + μ A 2 + · · · + μ Ai + · · · + μ An (i=1,2 ..., n), u in the formula AiExpression node A is X to the trust of node i IjAverage, u Ai' expression node A is to trust shared ratio in trusting summation of node i;
Second step, use the indirect prestige of the result of calculation computing node A of the first step to Node B, formula is
X AB'=μ A1' X 1B+ μ A2' X 2B+ ... + μ Ai' X IB+ ... + μ An' X NBIn the formula
=N(μ A1′μ 1BA2′μ 2B+…+μ Ai′μ iB+…+μ An′μ nB,(μ A1′) 2δ 1B 2+(μ A2′) 2δ iB 2+…+(μ An′) 2δ nB 2)
X IB=N (u IB, σ IB 2) the expression node i is to the direct reputation information of Node B, Gaussian distributed, X AB' expression node A is to the indirect reputation information of Node B, Gaussian distributed, δ IB 2Represent direct prestige X IBVariance;
In the 3rd step, with the new prestige of the second result of calculation computing node A that goes on foot to Node B, formula is X AB"=ω X AB+ (1-ω) X AB' ω ∈ (0,1), ω represent the trusting degree of node to self, X AB" expression node A is to the new reputation information of Node B, Gaussian distributed;
3, the wireless sensor network security trust method based on identity according to claim 1 and 2 is characterized in that: the storage prestige module of node A and prestige computing module are as follows to the prestige update algorithm of Node B:
The first step, node A calls the new prestige X of prestige algorithm computation A to B AB", and directly cover original prestige with it;
In second step, node A upgrades prestige according to the report of monitor module:
1) information of broadcast transmission in the scheduled time, then trusting increases t 1
2) if not broadcasting then reduces t the 1st time 2, reduce t the 2nd time 3, reduce t the i time I+1, by that analogy, node prestige is put 0 until the n time;
3) broadcast the information of distorting, then promptly directly node prestige is put 0;
The 3rd step, according to the content update of confirmation:
1) Data Receiving is correct, and trust value increases t 5, t i(i=1,2 ..., n) represent the numerical value that the user sets as required;
2) receive and wrongly not change trust value with not receiving, only resend data.
4, the wireless sensor network security trust method based on identity according to claim 1 and 2 is characterized in that: the algorithm of choosing trusted node according to decision-making module, prestige computing module and path selection module is as follows:
The first step is called the prestige algorithm, calculates the new prestige X of all next-hop nodes Ai", dump energy and up duration;
In second step, select optimal node according to the requirement of using.
5, the wireless sensor network security trust method based on identity according to claim 1, it is characterized in that: the step of the network that breaks the wall of mistrust is as follows:
The first step, node initializing makes each node have identical prestige, the identity ID of all peripherad neighbor node broadcasting of all nodes oneself i, receive that the node of information is known the identity of own neighbor node and the information that each node is only known its neighbor node, do not know that two jump node in addition, node is shared key K with the identity of neighbor node with the private key calculating of oneself IjLeave in the key management module; Will jump through n from source node S to destination node D, the path is S → N 1→ N 2→ ... → N i→ N I+1→ ... → N N-1→ D;
Second step is when source node S will need the neighbor node broadcast query nodal information ID around it when destination node D communicates by letter S|| ID D, whether the next-hop node of inquiry neighbor node is destination node D, wherein, and ID SBe the identity of source node, ID DIt is the destination node identity;
In the 3rd step, the neighbor node of receiving query node information calls the identity that whether has destination node D in the key management module that receives prestige module inquiry oneself, is not destination node D as next jumping of neighbor node, then neighbor node N 1To its neighbor node N 2Follow the broadcast query nodal information
Figure A2009100232540004C1
Whether the inquiry next-hop node is destination node D, wherein,
Figure A2009100232540004C2
It is the identity of forward node;
If the 4th step is node N 2Next jumping be not destination node D, then repeat second the step, until node N N-1Find destination node D, this moment, query node information was ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D , All forward node all add the identity of oneself before message during this time, wherein, ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 It is the identity of all forward node;
If the 5th step is neighbor node N N-1Next jumping be destination node D, then N N-1Broadcast an inquiry response information ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D Give N N-2, wherein, Be that next jumping is the node identity of destination node, ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 Be the identity of all forward node, N N-2Broadcast this inquiry response information and give N N-3, so circulation is received this inquiry response information until the reception prestige module of source node S, in repeating process, all path management modules by node all write down oneself the neighbor node in source node, destination node and this information;
In the 6th step, the path management module of source node S is selected a node N in the inquiry response information at random 1As next-hop node, with in the key management module with the shared key K of D SDEncrypting plaintext information M is with data-message ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) Broadcasting, wherein,
Figure A2009100232540005C2
Be the identity of forward node, K SD(M, ε, H (M, ε)) are the shared key K with source node and destination node SD(M, ε), ID and self not being inconsistent then abandons message to plaintext M, timestamp ε and the hash function H that encrypts in the reception prestige module decision data message of all the other nodes, has only N 1Path management module be required to select suitable next-hop node, for example a N at random to destination node with source node S 2, and broadcast data messages ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) , The monitor module of source node S is supervised N then 1The behavior of point, node N in Prestige Management module invokes prestige update algorithm updated stored prestige module and the path management module 1Information;
The 7th step repeated for the 6th step, received data-message until the reception prestige module of node D ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) After, use shared key K with source node S SDDeciphering sends one and uses and the shared key K of source node SDEncrypted validation information ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID D | | ID S | | K SD ( m , ϵ , H ( m , ϵ ) ) Give source node S, wherein, ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · ID N 2 | | ID N 1 Be all identity by node, K SD(H (M, ε)) is to use key K for M, ε SDTo m, ε, (m is the successful sign of communication to H for m, encrypted result ε);
In the 8th step, all nodes are according to the information of neighbor node in monitor module updated stored prestige module and the path management module in the communication, and the storage prestige module of source node S is according to the content update node N of confirmation 1Prestige;
In the 9th step, as communication failure, then the decision-making module of S selects prestige is high in the response of another Query Information node as next-hop node repeating step the 6th to the 8th;
So far, dynamically set up trust network in the process of new node prestige more, each node has different prestige in the trust network.
6, according to claim 1 or 5 based on the wireless sensor network security trust method of identity, it is characterized in that: the step that realizes secure communication on trust network is as follows:
, jump to destination node D from source node S through n.The path is:
S→N 1→N 2→…→N i→N i+1→…→N n-1→D
1) to when communicating by letter, destination node D need the neighbor node broadcast query nodal information ID around it when source node S S|| ID D, whether the next-hop node of inquiry neighbor node is destination node D, wherein, and ID SBe the identity of source node, ID DIt is the destination node identity;
2) neighbor node of receiving query node information calls the identity that whether has destination node D in the key management module that receives prestige module inquiry oneself, is not destination node D as next jumping of neighbor node, then neighbor node N 1To its neighbor node N 2Follow the broadcast query nodal information
Figure A2009100232540006C1
Whether the inquiry next-hop node is destination node D, wherein,
Figure A2009100232540006C2
It is the identity of forward node;
3) if node N 2Next jumping be not destination node D, then repeating step 2), until node N N-1Find destination node D, this moment, query node information was ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D , All forward node all add the identity of oneself before message during this time, wherein, ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 It is the identity of all forward node;
4) if neighbor node N is arranged N-1Next jumping be destination node D, then N N-1Broadcast an inquiry response information ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D Give N N-2, wherein,
Figure A2009100232540006C6
Be that next jumping is the node identity of destination node, ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 Be the identity of all forward node, N N-2Broadcast this inquiry response information and give N N-3, so circulation is received this inquiry response information until the reception prestige module of source node S, in repeating process, the path management module of the node that all pass through all writes down oneself the neighbor node in source node, destination node and this information;
5) source node S is according to receiving the inquiry response information that the prestige module is received, neighbor node N in the broadcast query inquiry response information 1Reputation information
Figure A2009100232540006C8
Wherein (i=1,2 ..., n), ID SBe the query node identity,
Figure A2009100232540006C9
By the query node identity, Be node N 1The prestige sign, ε is a timestamp, all receive that the node of inquiry reputation information all inquires about oneself storage prestige module, then, have node N 1The node of reputation information return prestige response message with the shared secret key encryption of own and source node S in the key management module
Figure A2009100232540006C11
Wherein (i=1,2 ..., n), ID iBe the identity of node i, ID SBe the identity of source node S,
Figure A2009100232540006C12
It is shared key K with node i and source node S ISThe node i of encrypting is to node N 1Prestige
Figure A2009100232540006C13
With timestamp ε;
6) the prestige computing module computing node N of source node S 1Prestige and directly prestige indirectly, storage prestige module is new node N more 1Reputation information;
7) repeating step 5)-6), the prestige computing module of source node S calculates the reputation information of the neighbor node in all inquiry response information and upgrades;
8) decision-making module of the source node S trust value of the node in all inquiry response information relatively selects optimal node as the next-hop node that leads to D, such as being N according to the requirement of application choice module 1, with in the key management module with the shared key K of D SDEncrypting plaintext information M is with data-message ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) Broadcasting, wherein,
Figure A2009100232540006C15
Be the identity of forward node, K SD(M, ε, H (M, ε)) are the shared key K with the source and destination node SDThe plaintext M, the timestamp ε that encrypt, and hash function H (M, ε), the reception prestige module of all the other nodes is judged ID and self is not inconsistent then message is abandoned;
9) has only N 1Path management module be required repeating step 5)-8), select suitable next-hop node, for example a N to destination node 2, and broadcast data messages ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) , The monitor module of S is supervised N then 1The behavior of point, Prestige Management module invokes prestige update algorithm, node N in updated stored prestige module and the path management module 1Information;
10) repeating step 5)-9), receive message up to the reception prestige module of node D ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID S | | ID D | | K SD ( M , ϵ , H ( M , ϵ ) ) After use shared key K with S SDDeciphering sends a shared key K of using with S SDEncrypted validation information ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 | | ID D | | ID S | | K SD ( m , ϵ , H ( m , ϵ ) ) Give S, wherein, ID N n - 1 | | ID N n - 2 | | · · · | | ID N i + 1 | | ID N i | | · · · | | ID N 2 | | ID N 1 Be all identity by node, K SD(H (M, ε)) is to use key K for M, ε SDTo m, ε, (m is the successful sign of communication to H for m, encrypted result ε);
11) all nodes are according to the reputation information of neighbor node in monitor module updated stored prestige module and the path management module in the communication, and the storage prestige module of source node S is also according to the content update node N of confirmation 1Prestige;
12) as communication failure, node S repeating step 5 then)-8), the decision-making module of node S is reselected optimal node and is jumped as next, if still select node N 1, then repeat last process up to node N 1Prestige be lower than requirement, select other nodes, communicate by letter successfully till.
CN2009100232544A 2009-07-08 2009-07-08 Identity-based wireless sensor network security trust method Expired - Fee Related CN101600198B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100232544A CN101600198B (en) 2009-07-08 2009-07-08 Identity-based wireless sensor network security trust method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100232544A CN101600198B (en) 2009-07-08 2009-07-08 Identity-based wireless sensor network security trust method

Publications (2)

Publication Number Publication Date
CN101600198A true CN101600198A (en) 2009-12-09
CN101600198B CN101600198B (en) 2012-02-08

Family

ID=41421391

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100232544A Expired - Fee Related CN101600198B (en) 2009-07-08 2009-07-08 Identity-based wireless sensor network security trust method

Country Status (1)

Country Link
CN (1) CN101600198B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101867530A (en) * 2010-05-31 2010-10-20 西安电子科技大学 Things-internet gateway system based on virtual machine and data interactive method
CN101951386A (en) * 2010-10-12 2011-01-19 成都卫士通信息产业股份有限公司 Safe method for data convergence and information feedback of internet of things
CN102036229A (en) * 2010-12-22 2011-04-27 河海大学常州校区 Method for establishing trust mechanism of network hierarchical routing protocol of wireless sensor
CN102098318A (en) * 2011-03-23 2011-06-15 电子科技大学 Method for performing end-to-end anonymity safety communication of hop network
CN102131193A (en) * 2010-01-12 2011-07-20 中国人民解放军总参谋部第六十一研究所 Secure routing method for converged network of wireless sensor network and computer network
WO2011116617A1 (en) * 2010-03-23 2011-09-29 中兴通讯股份有限公司 Combination network and method for accessing network of wireless sensor network terminal
CN101765109B (en) * 2009-12-14 2012-05-02 浙江大学 Program dynamic updating method for wireless sensor network capable of resisting compromised node attack
CN102821102A (en) * 2012-07-30 2012-12-12 中国电力科学研究院 Intelligent power distribution network defending system and defending method thereof
CN103139803A (en) * 2013-02-07 2013-06-05 南京邮电大学 Multifactor-based wireless sensor network trust management model
CN105101340A (en) * 2015-09-09 2015-11-25 深圳市唯传科技有限公司 Message multi-hop control method based on intelligent mobile terminal and system thereof
CN107249188A (en) * 2017-05-09 2017-10-13 西安电子科技大学 A kind of wireless sensor network routing method based on digital watermarking and balancing energy
CN111314336A (en) * 2020-02-11 2020-06-19 中国科学院信息工程研究所 Dynamic transmission path construction method and system for anti-tracking network
CN116527372A (en) * 2023-05-16 2023-08-01 深圳建安润星安全技术有限公司 Internet-based data security interaction system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420441A (en) * 2008-12-05 2009-04-29 北京工业大学 Adaptive cipher key deployment method for wireless sensor network

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101765109B (en) * 2009-12-14 2012-05-02 浙江大学 Program dynamic updating method for wireless sensor network capable of resisting compromised node attack
CN102131193A (en) * 2010-01-12 2011-07-20 中国人民解放军总参谋部第六十一研究所 Secure routing method for converged network of wireless sensor network and computer network
WO2011116617A1 (en) * 2010-03-23 2011-09-29 中兴通讯股份有限公司 Combination network and method for accessing network of wireless sensor network terminal
CN101867530B (en) * 2010-05-31 2012-10-24 西安电子科技大学 Things-internet gateway system based on virtual machine and data interactive method
CN101867530A (en) * 2010-05-31 2010-10-20 西安电子科技大学 Things-internet gateway system based on virtual machine and data interactive method
CN101951386A (en) * 2010-10-12 2011-01-19 成都卫士通信息产业股份有限公司 Safe method for data convergence and information feedback of internet of things
CN102036229A (en) * 2010-12-22 2011-04-27 河海大学常州校区 Method for establishing trust mechanism of network hierarchical routing protocol of wireless sensor
CN102036229B (en) * 2010-12-22 2013-04-24 河海大学常州校区 Method for establishing trust mechanism of network hierarchical routing protocol of wireless sensor
CN102098318A (en) * 2011-03-23 2011-06-15 电子科技大学 Method for performing end-to-end anonymity safety communication of hop network
CN102098318B (en) * 2011-03-23 2013-08-14 电子科技大学 Method for performing end-to-end anonymity safety communication of hop network
CN102821102B (en) * 2012-07-30 2016-09-21 中国电力科学研究院 A kind of intelligent distribution network system of defense and defence method thereof
CN102821102A (en) * 2012-07-30 2012-12-12 中国电力科学研究院 Intelligent power distribution network defending system and defending method thereof
CN103139803A (en) * 2013-02-07 2013-06-05 南京邮电大学 Multifactor-based wireless sensor network trust management model
CN103139803B (en) * 2013-02-07 2016-03-23 南京邮电大学 A kind of based on multifactorial wireless sensor network trust administrative model
CN105101340A (en) * 2015-09-09 2015-11-25 深圳市唯传科技有限公司 Message multi-hop control method based on intelligent mobile terminal and system thereof
CN105101340B (en) * 2015-09-09 2019-02-01 深圳市唯传科技有限公司 Message multi-hop control method and system based on mobile terminal
CN107249188A (en) * 2017-05-09 2017-10-13 西安电子科技大学 A kind of wireless sensor network routing method based on digital watermarking and balancing energy
CN107249188B (en) * 2017-05-09 2020-05-22 西安电子科技大学 Wireless sensor network routing method based on digital watermarking and energy balance
CN111314336A (en) * 2020-02-11 2020-06-19 中国科学院信息工程研究所 Dynamic transmission path construction method and system for anti-tracking network
CN111314336B (en) * 2020-02-11 2021-03-23 中国科学院信息工程研究所 Dynamic transmission path construction method and system for anti-tracking network
CN116527372A (en) * 2023-05-16 2023-08-01 深圳建安润星安全技术有限公司 Internet-based data security interaction system and method
CN116527372B (en) * 2023-05-16 2023-12-15 深圳建安润星安全技术有限公司 Internet-based data security interaction system and method

Also Published As

Publication number Publication date
CN101600198B (en) 2012-02-08

Similar Documents

Publication Publication Date Title
CN101600198B (en) Identity-based wireless sensor network security trust method
CN101238677B (en) Cryptographic authentication, and/or establishment of shared cryptographic keys, using a signing key encrypted with a non-one-time-pad encryption, including (but not limited to) techniques with improved safety
KR101447339B1 (en) Key management and node authentication method for sensor network
US8913747B2 (en) Secure configuration of a wireless sensor network
CN101908959B (en) Method, equipment and system thereof for establishing shared key
CN105308897A (en) A method and apparatus for anonymous and trustworthy authentication in pervasive social networking
CN113765665B (en) Block chain network based on quantum key and data secure transmission method
CN113765664B (en) Block chain network secure communication method based on quantum key
JP5877623B2 (en) Transmission terminal, reception terminal, and information distribution system
CN101779411A (en) Identification and authentication of devices in a network
WO2006078654A2 (en) A cryptographic system for resource starved ce device secure upgrade and re-configuration
CN106331970A (en) Hearing device and method of updating a hearing device
CN101563888B (en) Method of configuring a node, related node and configuration server
CN112491550B (en) Mobile terminal equipment credibility authentication method and system based on Internet of vehicles
CN101494861A (en) Method for pre-distributing wireless sensor network cipher key
WO2022153051A1 (en) System and method for key establishment
Kandi et al. A blockchain-based key management protocol for secure device-to-device communication in the Internet of Things
Yang et al. Design of Key Management Protocols for Internet of Things.
CN113472734B (en) Identity authentication method and device
CN102624748B (en) Peer-to-peer (P2P) network access control method
CN114244499B (en) Group communication method and system based on tree structure symmetric key pool
CN104735655A (en) Industrial wireless network key management method based on MAC one-way hash function
Klonowski et al. Mixing in random digraphs with application to the forward-secure key evolution in wireless sensor networks
US20230336335A1 (en) User base device, cryptographic communication system, and cryptographic communication method
CN114079877B (en) Group communication method and system based on hierarchical symmetric key pool

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120208

Termination date: 20170708