CN101895879A - Secure communication method for wireless sensing network - Google Patents

Abstract

The invention discloses a data dynamic encryption method for a wireless sensing network. The method comprises the following steps that: a first public key and a first private key are computed at a source node based on an asymmetric cryptographic algorithm, and a first intermediate node forwards the first public key to a destination node; the destination node encrypts first plain-text data into first cipher-text data, computes a second public key and a second private key and searches a second intermediate node according to the first public key and the second intermediate node forwards the first cipher-text data and the second public key to the source node; the source node decrypts and recovers the first cipher-text data into the first plain-text data according to the first private key, the source node and the destination node repeat the procedure and the intermediate nodes forward the public keys and the cipher-text data to realize the communication between the source node and the destination node. In the method, the data is forwarded by selecting dependable intermediate nodes in a skip way between the source node and the destination node based on the dependability determination of nodes, so that the communication security among the nodes of the wireless sensing network can be guaranteed effectively.

Description

A kind of safety communicating method of radio sensing network

Technical field

The present invention relates to the wireless network secure technical field, relate in particular to a kind of safety communicating method of radio sensing network.

Background technology

Internet of Things has the characteristics of comprehensive perception, reliable delivery, Intelligent treatment, and being described as is information industry revolution again after computer, the Internet, mobile radio communication.Along with the application of the development of technology of Internet of things and wireless sensor technology, particularly 3G technology with popularize, network economy is increasing to social influence, is deep into the industry-by-industry field gradually.But with respect to traditional cable network, the fail safe of wireless network has bigger hidden danger:

(1) data of wireless network transmit by the radio wave of characteristic frequency, so as long as in the effective range of this tranmitting frequency, any third party with suitable receiving equipment can catch this frequency signal, and this will inevitably have influence on the safety in the LAN;

(2) encryption function of wireless launcher (base station) is given tacit consent to when dispatching from the factory and is opened, so those normal signals that send all are that expressly any people with special software can both capture these signals easily;

(3) great majority provide the wireless base station of SSID (basic network name) and manager password, and the acquiescence numerical value when it dispatches from the factory is identical.If more do not correct one's mistakes, a GPRS people of certain wireless knowledge, can be easy to guess password;

(4) in the default value that dispatches from the factory, most WPA (wireless protection visit) needs their SSID of broadcasting, and each user can both know these wireless network names (parameter that need use) when connecting wireless network;

(5) encipherment scheme of most of users' uses substantially all is WEP (wireless encryption protection), and this cipher mode is easy to adopt the password traversal to crack from acupuncture method.

Distance between two nodes has surpassed the communication radius of two nodes, need pass on information data by intermediate node.But exist malicious node in the radio sensing network, if selected malicious node to pass on information data as intermediate node, then communication security can be subjected to serious threat.

As seen the fail safe of wireless network has very big challenge, along with the wireless penetration of cell phone platform ecommerce, wireless network banking, enterprise's office etc. needs the development of higher-security application, presses for the safety problem that solves wireless network.

Summary of the invention

The invention provides a kind of safety method of radio sensing network, select to have high credible node and carry out secure communication, improve the communication security of radio sensing network.

Radio sensing network (WSN, wireless sensor network) communication on is the communication between the node after all, select any two nodes on the radio sensing network, these two nodes are denoted as source node and destination node respectively, these two internodal distances are greater than the communication radius of arbitrary node, but, there is overlapping region with the communication range that guarantees two nodes less than two node communication radius sums.

The encryption method of a kind of radio sensing network of the present invention comprises:

(1) calculates first PKI and first private key at source node;

The production method of PKI and private key adopts the unsymmetrical key negotiation mechanism, as RSA Algorithm, elliptic curve encryption algorithm (ECC), Diffie-Hellman algorithm, El Gamal algorithm, DSA algorithm etc.;

(2) source node is searched first intermediate node, and first PKI is sent to first intermediate node;

(3) first intermediate nodes send to destination node with first PKI;

(4) destination node uses first PKI that first clear data is encrypted, and generates first encrypt data;

(5) calculate second PKI and second private key at destination node, and search second intermediate node, first encrypt data and second PKI are sent to second intermediate node;

(6) second intermediate nodes send to source node with first encrypt data and second PKI;

(7) source node uses first private key that first encrypt data is deciphered, and restores first clear data, to the second plaintext data encryption, generates second encrypt data with second PKI, and calculates the 3rd PKI and the 3rd private key;

(8) source node is searched the 3rd intermediate node, and second encrypt data and the 3rd PKI are sent to the 3rd intermediate node;

(9) the 3rd intermediate nodes send to destination node with second encrypt data and the 3rd PKI;

(10) destination node uses second private key that second encrypt data is deciphered, and restores the second plaintext data, to the 3rd expressly data encryption, generates the 3rd encrypt data with the 3rd PKI, and calculates the public private key pair that makes new advances;

(11) source node and destination node repeat the above process of calculating public private key pair, encryption, deciphering, search intermediate node, pass on PKI and encrypt data by intermediate node, realize communicating by letter between source node and destination node.

By above method, finish once communication between source node and the destination node, first clear data is sent to source node from destination node, and the second plaintext data are sent to destination node from source node.Afterwards, according to the selection intermediate node of above method circulation great-jump-forward, corresponding public key and ciphertext transmit between source node and destination node by intermediate node between source node and the destination node.But PKI and ciphertext that each intermediate node receives or transmits can not cooperate, for example, second intermediate node has received first encrypt data and second PKI that sends from destination node in above method, but first encrypt data is to be generated by first public key encryption.Like this, even the data on the second intermediate node P2 are intercepted and captured, can not influence the transmission safety of data yet.

In the above method, all intermediate nodes are the interior trusted node of communication range overlapping region of source node and destination node, decision node is that the method for trusted node or malicious node has two kinds, a kind of method is judged as trusted node with its relative stability RS less than the node of default relative stability threshold value RS ', otherwise is malicious node.The relative stability RS of node is a node each time after the change in location, and with respect to the mean value of the rate of change of a preceding change in location, its mathematics tabular form is:

$\mathrm{RS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_1}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_2}{t_3-t_2}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_n}{t_{n+1}-t_n})/n$

Wherein, t ₀The initial time of expression record, t _nThe moment of representing the n time record, pos ₀The initial position of expression node, pos _nThe position of node when representing the n time record.

Another kind method is judged as trusted node with its absolute AS less than the node of default absolute threshold value A S ', otherwise is malicious node.The absolute AS of node is a node after change in location each time, and with respect to the mean value of rate of change of the change in location first time, its mathematics tabular form is:

$\mathrm{AS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_0}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_0}{t_2-t_1}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_0}{t_{n+1}-t_n})/n$

Wherein, t ₀The initial time of expression record, t _nThe moment of representing the n time record, pos ₀The initial position of expression node, pos _nThe position of node when representing the n time record.

The safety communicating method of a kind of radio sensing network of the present invention, this method is judged effective filtering fallacious node with key agreement logical AND data communication logical separation by the feasibility of node, selection has high credible node and carries out secure communication, improves the communication security of radio sensing network.

Description of drawings

Fig. 1 is the common factor figure of two node communication scopes;

Fig. 2 is the method schematic diagram of secure communication between two nodes;

Fig. 3 is the change in location figure of node relative stability;

Fig. 4 is the change in location figure of node absolute;

Fig. 5 is the comparison schematic diagram of the present invention and conventional method communication efficiency;

Fig. 6 is the comparison schematic diagram of improvement algorithm of the present invention and conventional method communication efficiency.

Embodiment

Describe the safety communicating method of a kind of radio sensing network of the present invention in detail below in conjunction with accompanying drawing

Concrete implementation step.

As Fig. 1, node A, B are two nodes on the radio sensing network, are labeled as source node A and target node b respectively, and its communication range is for being the center of circle with the node, with communication radius R separately _A, R _BBe the circle of radius, these two internodal distances are L _AB, two euclidean distance between node pair L _ABSatisfy max (R _A, R _B)＜L _AB＜R _A+ R _B, max (R _A, R _B) two node communication radiuses of expression are bigger one.Distance L between the two _ABSatisfy this condition so that the communication range of two nodes has common factor S _AB, this common factor is called the ND zone (NeighborDiscovery) of source node A and target node b.If L _AB≤ max (R _A, R _B), promptly one of them node can be covered by the communication range of another node, then can direct communication between these two nodes.

Communication between source node A and the target node b shows as mutual data transmission between two nodes.In radio sensing network, data with the form of packet in transmission over networks.The data M A that source node A will need to transmit is cut apart and is packaged into l packet MA ₁, MA ₂... MA _l, the data M B that target node b will need to transmit is cut apart and is packaged into m packet MB ₁, MB ₂... MB _mL and m can equate, also can not wait, and depending on needs data quantity transmitted, but the amount of capacity of each packet equates.

As shown in Figure 2, realize that according to these two nodes of the present invention the method for secure communication is:

(1) source node A calculates a pair of PKI PKA ₁With private key PSA ₁

The production method of PKI and private key adopts the unsymmetrical key negotiation mechanism, as RSA Algorithm, elliptic curve encryption algorithm (ECC), Diffie-Hellman algorithm, El Gamal algorithm, DSA algorithm etc.

(2) source node A is in the ND region S _ABIn find out an intermediate node P ₁, with PKI PKA ₁Send to intermediate node P ₁

Can't direct communication because the distance between source node A and target node b is far away, then need to come transfer of data by intermediate node.In the ND region S _ABIn the intermediate node that finds out must guarantee that the communication radius of the intermediate node that source node A and target node b are all found out covers, and makes source node A can both communicate by letter with the intermediate node that finds out with target node b.

Exist malicious node on the radio sensing network, if selected the intermediate node of malicious node as transfer of data, then communication security will be on the hazard.Therefore need distinguish malicious node and trusted node.On radio sensing network, the physical location of node generally can change.But the amplitude of malicious node change in location and frequency are all greater than trusted node.Based on this, can judge whether a certain node is malicious node.

The invention provides two kinds of methods of judging malicious node.A kind of is relative stability determination methods (Relative Stability Choose is called for short RSC), and another kind is absolute determination methods (Absolute Stability Choose is called for short ASC).

As shown in Figure 3, the relative stability determination methods of malicious node is:

At initial time t ₀Write down the position pos of this node ₀, at t ₁Constantly write down the position pos of this node ₁, at t ₂Constantly write down the position pos of this node ₂... the time interval of twice record can be set to equate or do not wait that the time interval is data rule of thumb, and sample with one minute to five minutes interval, because subsequent calculations is rate of change, therefore the size of choosing blanking time can not influence accuracy.The number of times of record can be regulated, and the many more judgements to node of the number of times of record are accurate more, generally get 5～10 times.

The relative stability RS of computing node then.The relative stability RS of node is defined as node each time after the change in location, and with respect to the mean value of the rate of change of a preceding change in location, its mathematics tabular form is:

$\mathrm{RS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_1}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_2}{t_3-t_2}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_n}{t_{n+1}-t_n})/n$

$=(\frac{\mathrm{\Δ}{\mathrm{pos}}_1}{\mathrm{\Δ}{t}_1}+\frac{{\mathrm{\Δpos}}_2}{{\mathrm{\Δt}}_2}+...+\frac{{\mathrm{\Δpos}}_n}{\mathrm{\Δ}{t}_n})/n$

$=\left(\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\frac{{\mathrm{\Δpos}}_i}{\mathrm{\Δ}{t}_i}\right)/n$

With the relative stability RS and default relative stability threshold value RS ' of this node, this threshold value is a ND region S within the some cycles _ABIn the mean value that changes of all modal displacements.Relatively, if RS 〉=RS ' judges that then this node is a malicious node; If RS＜RS ' judges that then this node is a trusted node.

The absolute determination methods and the relative stability determination methods of malicious node are similar, as shown in Figure 4, at first also must write down each t constantly ₀, t ₁... the position pos of this node ₀, pos ₁..., the absolute AS of computing node then.The absolute AS of node is defined as node after change in location each time, and with respect to the mean value of rate of change of the change in location first time, its mathematics tabular form is:

$\mathrm{AS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_0}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_0}{t_2-t_1}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_0}{t_{n+1}-t_n})/n$

$=(\frac{\mathrm{\Δ}{\mathrm{pos}}_1}{\mathrm{\Δ}{t}_1}+\frac{{\mathrm{\Δpos}}_2}{{\mathrm{\Δt}}_2}+...+\frac{{\mathrm{\Δpos}}_n}{\mathrm{\Δ}{t}_n})/n$

$=\left(\underset{i=1}{\overset{n}{\mathrm{\Σ}}}\frac{{\mathrm{\Δpos}}_i}{\mathrm{\Δ}{t}_i}\right)/n$

With the absolute AS and default absolute threshold value A S ' comparison of this node, if AS 〉=AS ' judges that then this node is a malicious node; If AS＜AS ' judges that then this node is a trusted node.

Source node A is by relative stability determination methods or absolute determination methods (selection of determination methods was finished through negotiation before communication according to communication node), in the ND of source node A and target node b region S _ABIn find out a trusted node P ₁As intermediate node, and with the PKI PKA that calculates ₁Send to intermediate node P ₁

(3) intermediate node P ₁With PKI PKA ₁Send to target node b.

(4) target node b receives PKI PKA ₁After, PKA uses public-key ₁To packet MB ₁Encrypt, generate corresponding ciphertext data SB ₁

(5) target node b calculates a pair of PKI PKB ₁With private key PSB ₁, the production method of PKI and private key adopts the unsymmetrical key negotiation mechanism equally.

(6) target node b is in the ND region S _ABIn find out intermediate node P ₂, with PKI PKB ₁With encrypt data SB ₁Send to intermediate node P ₂

The lookup method of intermediate node judges at first according to the determination methods of above-described malicious node whether certain node is malicious node, and malicious node is filtered, and selects a trusted node to transmit data as intermediate node.

Below the lookup method of all intermediate nodes all identical, all be in the ND region S _ABIn find out trusted node as intermediate node.

(7) intermediate node P ₂With PKI PKB ₁With encrypt data SB ₁Send to source node A.

(8) source node A uses private key PSA ₁With encrypt data SB ₁Deciphering restores packet MB ₁

(9) source node A PKI PKB ₁To packet MA ₁Encrypt, generate corresponding ciphertext data SA ₁

(10) source node A adopts the unsymmetrical key negotiation mechanism to calculate a pair of PKI PKA ₂With private key PSA ₂

(11) source node A is in the ND region S _ABIn search intermediate node P ₃, with encrypt data SA ₁With PKI PKA ₂Send to intermediate node P ₃

(12) intermediate node P ₃With encrypt data SA ₁With PKI PKA ₂Send to target node b.

(13) target node b uses private key PSB ₁With encrypt data SA ₁Deciphering restores packet MA ₁

(14) target node b PKI PKA ₂To packet MB ₂Encrypt, generate corresponding ciphertext data SB ₂

(15) target node b adopts the unsymmetrical key negotiation mechanism to calculate a pair of PKI PKB ₂With private key PSB ₂

Then, target node b is searched intermediate node P ₄, with encrypt data SB ₂With PKI PKB ₂Send to intermediate node P ₄, by P ₄With encrypt data SB ₂With PKI PKB ₂Transfer to source node A.Repeat said process, constantly search intermediate node, pass on PKI and encrypt data by intermediate node.But each intermediate node reception or the PKI and the encrypt data that pass on can not cooperatively interact.For example, intermediate node P ₂The PKI PKB that receives or pass on ₁With encrypt data SB ₁And not matching, because encrypt data SB ₁Be the PKI PKA that target node b adopts source node A to calculate ₁To packet MB ₁Encrypt and generate.Equally, intermediate node P ₃The PKI PKA that receives or pass on ₂With encrypt data SA ₁And not matching, because encrypt data SA ₁Be the PKI PKB that source node A adopts the target source Node B to calculate ₁To packet MA ₁Encrypt and generate.Like this,, can not utilize the PKI of intercepting and capturing to crack the encrypt data of intercepting and capturing, protect the fail safe of communication data even PKI on the intermediate node and encrypt data are intercepted and captured.

According to above method, the double counting public private key pair, encrypt, search the process of intermediate node, deciphering, ultimate source node A will receive all packet MB ₁, MB ₂... MB _m, this m packet reconfigured to recover data M B.Equally, target node b will receive all packet MA ₁, MA ₂... MA _l, this l packet reconfigured to recover data M A.Owing to the packet on the node is to be encrypted by the PKI that calculates on another node, and the public private key pair of each packet is all inequality, then must calculate m altogether to public private key pair at source node A, must calculate l public private key pair altogether at target node b.Like this, even ganging up also, adjacent two intermediate nodes can not bring bigger threat to whole communication process.For example, if above-mentioned first intermediate node P ₁With second intermediate node P ₂Gang up first intermediate node P ₁With its PKI PKA that receives ₁Send second intermediate node P to ₂Because second intermediate node P ₂Can receive by PKI PKA ₁To packet MB ₁The encrypt data SB that encrypts and generate ₁, second intermediate node P so ₂Might utilize PKI PKA ₁To encrypt data SB ₁Crack, and crack out packet MB ₁But packet MB ₁Be the sub-fraction among the data M B, even crack out packet MB ₁Security threat to whole data M B is also just very little.

In order to verify performance of the present invention, we have carried out following test under the Netlogo of Northwestern Univ USA platform: be provided with three kinds of roles in the environment of experiment, a kind of is trusted node, their mobile rule is to produce by random function to have the displacement that stable fluctuation changes, and quantity is 100; Another is the base station, and fixed-site is constant, and quantity is 10; At last a kind of is malicious node, and its change in location is random high-speed mobile, and one has 20.

Test the communication efficiency an of the inventive method

We select five group nodes, and this five group node all communicates according to the method that the present invention searches intermediate node by great-jump-forward, selects a group node in addition as a comparison, and this group node is according to the communication mode of traditional stationary nodes.It is 128k that each handshake procedure data packets for transmission is set, and tests the time that each handshake procedure experiences, relatively the loss of its performance.A handshake procedure represents to transmit mutually between two communication nodes the process of a packet, is referred to as the session that communicates by letter.

Test result data as shown in Figure 5, the ordinate of test data figure is represented each communication time that session experienced, unit is a millisecond, which session abscissa represents, a nethermost test result that curve is the communication mode of conventional fixed node among the figure, above five curves represent five groups of test results that communicate according to the inventive method respectively.

By the figure sight, at the node communication initial phase, promptly in first session, stationary nodes communication pattern and great-jump-forward coded communication of the present invention all need to calculate public private key pair, and its required time is suitable, is about 700ms the performance basically identical.And after first session, because each session of great-jump-forward communication means needs to search for new intermediate node and calculates new public private key pair, therefore the required time is longer, and performance loss is bigger, does not have significant change than the time that first session consumed.And traditional stationary nodes communication pattern need not to search for new intermediate node, also need not to calculate new public private key pair, the time less that each session is required, and than first session, the time that is consumed obviously reduces.Communication means of the present invention is 81.7% with respect to the mean value of stationary nodes communication pattern performance loss.

For improving efficient of the present invention, the coding structure of algorithm is adjusted:

1, the formation logic of the public private key pair of next Session and the transmission logic of current Session packet being calculated by thread parallel, is example with Fig. 2, when target node b with encrypt data bag SB ₁With PKI PKB ₁Send to intermediate node P ₂After, promptly begin to calculate next public private key pair PKB ₂, PSB ₂, and need not to receive by the time intermediate node P ₃The data of passing on just begin to calculate public private key pair.Parallel computation is to shorten call duration time like this.

2, with the size of the packet of each Session, be increased to 1024k.Packet size is big more, its time of transmitting between two nodes is long more, source node A and target node b can make full use of the transmission time of packet and handle static traffic, as encrypting, deciphering, calculating public private key pair, can improve the utilization ratio of time like this.

After the algorithm adjustment, repeated experiments.Once more after the test experimental result that draws as shown in Figure 6 because packet size increases, the elapsed time of first session increases to about 2800ms.Afterwards, be 11.5% according to the method after improving with respect to the performance loss mean value of stationary nodes communication pattern, reduced the loss of performance significantly, optimized communication efficiency.

Test the communications security of two the inventive method

Selected 4 group nodes, all adopted great-jump-forward coded communication pattern of the present invention, wherein the lookup method of 2 groups of intermediate nodes adopts the relative stability determination methods, is called for short SCR; The lookup method of other 2 groups of intermediate nodes adopts the absolute determination methods, is called for short SCA.

Select quantity by the node of testing within 10 minutes, the efficient that the evaluate safety node is selected.

Experimental data is as shown in the table, by apparent it, RSC algorithm and ASC algorithm all are to judge malicious node by the variation of stabilizing distance, detection in conjunction with the historical position data, for the logic of node Dynamic Selection provides tighter credible detection algorithm, as a whole, algorithm can filter a large amount of malicious nodes, the node of selecting to have higher-security from mobile radio network communicates, and has effectively ensured the communication security on the radio sensing network.

Table 1 adopts different nodes to search the comparison of algorithm to the malicious node screening effeciency

The intermediate node lookup method	The intermediate node sum	Ordinary node	Malicious node	The node efficiency of selection
					The RSC algorithm	905	871	34	96.2％
The RSC algorithm	865	839	26	97.0％
					The ASC algorithm	896	867	29	96.8％
The ASC algorithm	849	812	37	95.6％

Claims (8)

1. the safety communicating method of a radio sensing network is characterized in that, comprising:

(1) source node calculates first PKI and first private key;

(2) source node is searched first intermediate node, and first PKI is sent to first intermediate node;

(3) first intermediate nodes send to destination node with first PKI;

(4) destination node uses first PKI that first clear data is encrypted, and generates first encrypt data;

(5) destination node calculates second PKI and second private key, and searches second intermediate node, and first encrypt data and second PKI are sent to second intermediate node;

(6) second intermediate nodes send to source node with first encrypt data and second PKI;

(7) source node uses first private key that first encrypt data is deciphered, and restores first clear data, to the second plaintext data encryption, generates second encrypt data with second PKI, and calculates the 3rd PKI and the 3rd private key;

(8) source node is searched the 3rd intermediate node, and second encrypt data and the 3rd PKI are sent to the 3rd intermediate node;

(9) the 3rd intermediate nodes send to destination node with second encrypt data and the 3rd PKI;

(10) destination node uses second private key that second encrypt data is deciphered, and restores the second plaintext data, to the 3rd expressly data encryption, generates the 3rd encrypt data with the 3rd PKI, and calculates the public private key pair that makes new advances;

(11) source node and destination node repeat the above process of calculating public private key pair, encryption, deciphering, search intermediate node, pass on PKI and encrypt data by intermediate node, realize communicating by letter between source node and destination node.

2. the encryption method of radio sensing network according to claim 1 is characterized in that, described intermediate node is positioned at the overlapping region of source node and destination node communication range.

3. the encryption method of radio sensing network according to claim 2 is characterized in that, described intermediate node is the node of relative stability RS less than default relative stability threshold value RS '.

4. the encryption method of radio sensing network according to claim 3 is characterized in that, the relative stability RS of described node is a node each time after the change in location, and with respect to the mean value of the rate of change of a preceding change in location, its mathematics tabular form is:

$\mathrm{RS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_1}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_2}{t_3-t_2}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_n}{t_{n+1}-t_n})/n$

Wherein, t ₀The initial time of expression record, t _nThe moment of representing the n time record, pos ₀The initial position of expression node, pos _nThe position of node when representing the n time record.

5. the encryption method of radio sensing network according to claim 2 is characterized in that, described intermediate node is the node of absolute AS less than default absolute threshold value A S '.

6. the encryption method of radio sensing network according to claim 5 is characterized in that, the absolute AS of described node is a node after change in location each time, and with respect to the mean value of rate of change of the change in location first time, its mathematics tabular form is:

$\mathrm{AS}=(\frac{{\mathrm{pos}}_1-{\mathrm{pos}}_0}{t_1-t_0}+\frac{{\mathrm{pos}}_2-{\mathrm{pos}}_0}{t_2-t_1}+\frac{{\mathrm{pos}}_3-{\mathrm{pos}}_0}{t_2-t_1}...+\frac{{\mathrm{pos}}_{n+1}-{\mathrm{pos}}_0}{t_{n+1}-t_n})/n$

Wherein, t ₀The initial time of expression record, t _nThe moment of representing the n time record, pos ₀The initial position of expression node, pos _nThe position of node when representing the n time record.

7. the encryption method of radio sensing network according to claim 1 is characterized in that, described source node or destination node calculate PKI and private key adopts the unsymmetrical key negotiation mechanism.

8. the encryption method of radio sensing network according to claim 7 is characterized in that, described unsymmetrical key negotiation mechanism is selected from RSA Algorithm, ECC algorithm, Diffie-Hellman algorithm, El Gamal algorithm or DSA algorithm.

Images