CN102572821A - Broadcast authentication method of low-power-consumption real-time wireless sensor network - Google Patents

Broadcast authentication method of low-power-consumption real-time wireless sensor network Download PDF

Info

Publication number
CN102572821A
CN102572821A CN2012100103634A CN201210010363A CN102572821A CN 102572821 A CN102572821 A CN 102572821A CN 2012100103634 A CN2012100103634 A CN 2012100103634A CN 201210010363 A CN201210010363 A CN 201210010363A CN 102572821 A CN102572821 A CN 102572821A
Authority
CN
China
Prior art keywords
broadcast
node
time
message
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2012100103634A
Other languages
Chinese (zh)
Other versions
CN102572821B (en
Inventor
张聚伟
张海涛
陈媛
普杰信
吴庆涛
李世伟
李强懿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan University of Science and Technology
Original Assignee
Henan University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan University of Science and Technology filed Critical Henan University of Science and Technology
Priority to CN201210010363.4A priority Critical patent/CN102572821B/en
Publication of CN102572821A publication Critical patent/CN102572821A/en
Application granted granted Critical
Publication of CN102572821B publication Critical patent/CN102572821B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a broadcast authentication method of a low-power-consumption real-time wireless sensor networks. The broadcast authentication method mainly comprises the steps of a system initialization stage, a public key authentication stage, an information signature stage and an information authentication stage. The broadcast authentication method has the advantages that an RSA signature algorithm based on a public key cipher system is utilized, and in order to reduce the calculated amount, secret keys as well as the life cycles of the secret keys are simultaneously shortened, and a novel broadcast authentication scheme Q-BA of the wireless sensor is provided; by aiming at sensor networks with longer life cycles, an improved PQ-BA authentication scheme is provided; while the calculated amount is reduced by utilizing the Q-BA scheme of the PQ-BA scheme, the timeliness of the authentication is guaranteed and denial of service (DoS) attacks and selective forwarding attacks can be well resisted, so the broadcast authentication method can be well applied to the wireless sensor network.

Description

A kind of broadcast authentication method of low-power-consumption real-time wireless sensor network
  
Technical field
The present invention relates to the communication technology and information security field, especially a kind of broadcast authentication method of low-power-consumption real-time wireless sensor network. 
Background technology
Existing wireless sensor network broadcast authentication scheme is divided into the broadcast authentication scheme based on authentication code, such as documentA. Perrig, R. Szewczyk, et al. , SPINS: Security protocols for sensor networks[J]. Wireless Networks, 2002,8(5):521-534 or Taekyoung Kwon, Jin Hong, Secure and Efficient Broadcast Authentication in Wireless Sensor Networks [J], IEEE Transactions on Computers, 2010,59 (8):1120-1133 or Liu, D., Ning, P., Zhu, S., Jajodia, S., Practical broadcast authentication in sensor networks, The Second Annual International Conference on Mobile and Ubiquitous Systems:Networking and Services, 2005.118-129 etc.With the scheme based on digital signature, such as document Kui Ren, Shucheng Yu, Wenjing Lou, Yanchao Zhang, Multi-User Broadcast Authentication in Wireless Sensor Networks [J], IEEE Transactions on Vehicular Technology, 2009,6 (11):4554-4564, Ronghua Wang, Wenliang Du, Xiaogang Liu, Peng Ning, ShortPK: A short-term public key scheme for broadcast authentication in sensor networks[J], ACM Transactions on Sensor Networks - TOSN , 2009,6(1):1-29 etc.,Perrig etc. proposes a kind of sensor network broadcast authentication algorithm μ TESLA based on authentication code in SPIN security models,μ TESLA utilize Hash chains,Announce key mechanism by delay in broadcast realizes broadcast authentication using symmetric key,The algorithm energy consumption is low,Realize simple,But loose time synchronization protocol is supported between needing node,Simultaneously because introducing authentication delay,It is vulnerable to selective forwarding attack and dos attack .Taekyoung Kwon etc. and proposes X-TESLA for solving TESLA net dormancies,Failure,The problem of existing when under attack .Donggang Liu etc. propose a kind of Tree-Based TESLA broadcasting schemes based on TESLA,The program is applied to multiple broadcast nodes,DoS attack D.G. Liu and the P. Ning that can be resisted for TESLA distribution procedures propose Multi-Level μ TESLA,The agreement maintains TESLA life cycle by the way of multistage key chain,The issue of key chain is completed using redundant transmission and random selection strategy simultaneously,Node is improved to ability Shen Yulongs of the tolerance of packet loss and Anti-DoS attack etc. on the basis of agreement TESLA,Utilize threshold cryptography thought,Propose a kind of Broadcast authentication protocols MM μ TESLAYu-Shian Chen of many sink Sensor Networks etc. that are suitable for Bloom filter are applied in TESLA,Improve the scalability of algorithm,Reduce communication consumption,So that algorithm can be suitably used for multi-user and prolonged situation,TESLA class schemes have amount of calculation small,Safe the characteristics of,But there is also in place of some shortcomings:(1)The method that TESLA classes scheme announces key using delay realizes broadcast authentication, and this is inappropriate in some applications higher to requirement of real-time, and is subject to wormhole attacks [10];(2)TESLA classes scheme must keep in all broadcast datas in current slot, this is inappropriate for the larger application of broadcasting amount, easily take substantial amounts of memory source and by dos attack, such as some attacker largely can send packet within a unit interval, internal memory can be caused to overflow;(3)TESLA class schemes are very sensitive for data-bag lost, are not suitable for low-power consumption, energy constraint, the wireless network environment of less stable, and are subject to selective forwarding attack,
Some recent researchs show, such as document Kui Ren, Shucheng Yu, Wenjing Lou, Yanchao Zhang, Multi-User Broadcast Authentication in Wireless Sensor Networks [J], IEEE Transactions on Vehicular Technology, 2009,6 (11):4554-4564, Ronghua Wang, Wenliang Du, Xiaogang Liu, Peng Ning, ShortPK: A short-term public key scheme for broadcast authentication in sensor networks[J], ACM Transactions on Sensor Networks - TOSN , 2009,6(1):1-29, Wander A S, Gura N, Eberle H, et al. Energy analysis of public-key cryptography for wireless sensor networks [C] Third IEEE International Conference on Pervasive Computing and Communications, 2005,324-328, can also apply to Kui Ren etc. in sensor network using the algorithm of digital signature based on public-key cryptosystem after optimization and utilizes Elliptic Curve Cryptography algorithm(ECC)Multi-user's broadcast authentication algorithm BAS, BAS based on Bloom filter is proposed by the ID and public key of user
Figure 2012100103634100002DEST_PATH_IMAGE001
The data structure of composition
Figure 786706DEST_PATH_IMAGE002
It is mapped on the bit string V that a length is m, reduce the memory space of public key occupancy, so as to solve the certification sex chromosome mosaicism of public key, in order to further reduce the memory space of public key, Kui Ren etc., which have also been proposed broadcasting scheme HAS. BAS and HAS based on Merkle Hash trees, preferably reduces the memory space of public key, solve the certification sex chromosome mosaicism of public key, itself main disadvantage is that, each broadcast message is required for progress ECDSA algorithms to be digitally signed and certification, big .Xuefei Cao of calculation cost etc. propose IMBAS algorithms using the public key cryptography of identity-based, the algorithm is improved to BNN-IBS signature algorithms
Figure 2012100103634100002DEST_PATH_IMAGE003
BNN-IBS is applied in sensor network broadcast, on the premise of security is not reduced, and reduces communication consumption,
Figure 993959DEST_PATH_IMAGE003
BNN-IBS is based on elliptic curve cryptosystem, the larger of amount of calculation is for the computationally intensive shortcoming of authentication public key algorithm, Wang Ronghua etc. propose ShorPK [2] algorithm, ShorPK shortens the key of public key algorithm, reduce operand, the life cycle of public key is reduced simultaneously, utilize the thought of μ TESLA certificate schemes, authenticated time is divided into several periods, each period has a public-key cryptographic keys to be authenticated ShorPK to preferably resolve broadcast authentication problem of the public-key cryptosystem on sensor network, but without can preferably solve the distribution problem of public key, more sensitive is attacked to selective forwarding.
The content of the invention
The purpose of the present invention is that the program has real-time good, and calculation cost is small, can tolerate the advantage of data-bag lost to solve the deficiency of above-mentioned technical problem there is provided a kind of broadcast authentication method of low-power-consumption real-time wireless sensor network. 
The present invention is solves the deficiency of above-mentioned technical problem, and the technical scheme used is:A kind of broadcast authentication method of low-power-consumption real-time wireless sensor network, step is as follows: 
Step 1: by the life cycle of sensor network
Figure 391442DEST_PATH_IMAGE004
It is divided into
Figure 120364DEST_PATH_IMAGE006
The individual period
Figure 2012100103634100002DEST_PATH_IMAGE007
, each period
Figure 261495DEST_PATH_IMAGE008
For several minutes or a few hours, for the safety certification in a few hours or several minutes, RSA key length is 417 ~ 512, is each period
Figure 821789DEST_PATH_IMAGE008
Correspondence produces a key pair
Figure 2012100103634100002DEST_PATH_IMAGE009
Figure 157218DEST_PATH_IMAGE010
, utilize
Figure 2012100103634100002DEST_PATH_IMAGE011
Individual hash function
Figure 170173DEST_PATH_IMAGE012
WillBeing mapped to length is
Figure 177312DEST_PATH_IMAGE014
Bit string
Figure 2012100103634100002DEST_PATH_IMAGE015
Figure 93578DEST_PATH_IMAGE016
Figure 2012100103634100002DEST_PATH_IMAGE017
By this bit string
Figure 98443DEST_PATH_IMAGE015
It is previously charged into sensor network nodes, then sheds sensor node into target area at random;
Step 2: in the timeWhen, Sink node broadcasts following message first:Sink→*:
Figure 19312DEST_PATH_IMAGE018
, after node receives broadcast message, first determine whetherIt is whether consistent with this node current time, if being calculated if consistent
Figure 2012100103634100002DEST_PATH_IMAGE019
, have
Figure 282028DEST_PATH_IMAGE020
, then understand, then the key is by checking, and node records this public key, and the public key exists
Figure 269575DEST_PATH_IMAGE008
In time effectively, exceedTime, then this public key calcellation;
Step 3:
Figure 181479DEST_PATH_IMAGE008
Broadcast the message in time
Figure 528146DEST_PATH_IMAGE014
When, Sink node is used
Figure 2990DEST_PATH_IMAGE022
It is digitally signed, concrete operations are as follows:Digital signature generating algorithm based on RSA Algorithm, 1., chooses a disclosed hash function
Figure 2012100103634100002DEST_PATH_IMAGE023
, calculate
Figure 657088DEST_PATH_IMAGE024
, 2., calculate
Figure 2012100103634100002DEST_PATH_IMAGE025
, 3., Sink node is to message
Figure 25621DEST_PATH_IMAGE014
Digital signature be
Figure 779076DEST_PATH_IMAGE026
, subsequent Sink node does following broadcast:Sink→*:
Step 4: node receives messagePublic key is utilized afterwardsMessage authentication, the digital signature identification algorithm based on RSA Algorithm, first according to disclosed hash function are carried out according to following algorithm
Figure 671311DEST_PATH_IMAGE023
Calculate, calculate
Figure 481321DEST_PATH_IMAGE028
If,
Figure 2012100103634100002DEST_PATH_IMAGE029
, then signature is received, the message passes through checking.
The beneficial effects of the invention are as follows: 
The present invention utilizes the RSA signature algorithm based on public-key cryptosystem, in order to reduce amount of calculation, key is shortened, simultaneously by the short survival of key, propose new wireless senser broadcast and recognize certificate scheme Q-BA., for the sensor network that life cycle is longer, propose follow-on PQ-BA certificate schemes, Q-BA and PQ-BA schemes are while operand is reduced, it ensure that the real-time of certification, can preferably resist DoS attack and selective forwarding attack, can be preferably suitable for wireless sensor network.
Brief description of the drawings
Fig. 1 isIn Q-BA algorithmsThe change schematic diagram of misnomer rate; 
Fig. 2 is the time distribution schematic diagram in PQ-BA algorithms; 
Fig. 3 is the schematic diagram of the energy spent by single bag certification;
Fig. 4 is the relation schematic diagram of system time and committed memory space.
Embodiment
A kind of broadcast authentication method of low-power-consumption real-time wireless sensor network, step is as follows: 
This paper symbol descriptions:A → B represents that node A sends a message to node B;A → * represents that node A sends broadcast message and arrives all neighbor nodes;M1 | | M2 represents the connection of two message
This paper research is based on following hypothesis:
(1)Sink node is believable;
(2)Sink node stronger computing capability and communication capacity;
(3)Sink node can be mobile or static
Q-BA mainly includes following sections:System initialisation phase, authentication public key stage, information signature stage and message authentication stage;
Step 1: by the life cycle of sensor network
Figure 414904DEST_PATH_IMAGE004
It is divided intoThe individual period
Figure 164872DEST_PATH_IMAGE007
, each period
Figure 836024DEST_PATH_IMAGE008
For several minutes or a few hours, for the safety certification in a few hours or several minutes, RSA key length is 417 ~ 512, is each period according to QoP requirementCorrespondence produces a key pair
Figure 82515DEST_PATH_IMAGE009
, produce key pair algorithm 1 it is as follows:The key generation of RSA signature scheme, 1, randomly generate the different Big primes of size close two
Figure 835018DEST_PATH_IMAGE030
With
Figure 608939DEST_PATH_IMAGE031
, 2, calculate
Figure 2012100103634100002DEST_PATH_IMAGE032
With 3, randomly select
Figure 37909DEST_PATH_IMAGE033
,, meet
Figure 239083DEST_PATH_IMAGE035
, 4, utilize the Euclidean algorithm of extension to calculate only integer
Figure 2012100103634100002DEST_PATH_IMAGE036
,
Figure 884828DEST_PATH_IMAGE037
, meet
Figure 2012100103634100002DEST_PATH_IMAGE038
, 5, then obtain public key
Figure 196861DEST_PATH_IMAGE013
For, corresponding private key
Figure 55675DEST_PATH_IMAGE022
For
Figure 188716DEST_PATH_IMAGE036
, utilize
Figure 242122DEST_PATH_IMAGE011
Individual hash function
Figure 144219DEST_PATH_IMAGE012
Will
Figure 624879DEST_PATH_IMAGE013
Being mapped to length is
Figure 979637DEST_PATH_IMAGE014
Bit string
Figure 412235DEST_PATH_IMAGE015
Figure 106522DEST_PATH_IMAGE016
Figure 820400DEST_PATH_IMAGE017
By this bit string
Figure 865716DEST_PATH_IMAGE015
It is previously charged into sensor network nodes, then sheds sensor node into target area at random;
Step 2: in the time
Figure 323242DEST_PATH_IMAGE008
When, Sink node broadcasts following message first:Sink→*:
Figure 872035DEST_PATH_IMAGE018
, after node receives broadcast message, first determine whether
Figure 22394DEST_PATH_IMAGE008
It is whether consistent with this node current time, if being calculated if consistent
Figure 289427DEST_PATH_IMAGE019
, have
Figure 52109DEST_PATH_IMAGE020
, then understand
Figure 517726DEST_PATH_IMAGE021
, then the key is by checking, and node records this public key, and the public key existsIn time effectively, exceed
Figure 593315DEST_PATH_IMAGE008
Time, then this public key calcellation;
Step 3:Broadcast the message in time
Figure 916029DEST_PATH_IMAGE014
When, Sink node is used
Figure 909655DEST_PATH_IMAGE022
It is digitally signed, concrete operations are as follows:Digital signature generating algorithm 2 based on RSA Algorithm, 1., chooses a disclosed hash function
Figure 885701DEST_PATH_IMAGE023
, calculate
Figure 488721DEST_PATH_IMAGE024
, 2., calculate, 3., Sink node is to message
Figure 529675DEST_PATH_IMAGE014
Digital signature be
Figure 320914DEST_PATH_IMAGE026
, subsequent Sink node does following broadcast:Sink→*:
Figure 963510DEST_PATH_IMAGE027
Step 4: node receives message
Figure 523804DEST_PATH_IMAGE027
Public key is utilized afterwards
Figure 154506DEST_PATH_IMAGE013
Message authentication, the digital signature identification algorithm 3 based on RSA Algorithm, first according to disclosed hash function are carried out according to following algorithm
Figure 934505DEST_PATH_IMAGE023
Calculate
Figure 879327DEST_PATH_IMAGE024
, calculate
Figure 231811DEST_PATH_IMAGE028
If,
Figure 236676DEST_PATH_IMAGE029
, then signature is received, the message passes through checking.
In Q-BA algorithms, Bloom Filter are to data acquisition system using a bits string representation and energy
, there is certain element and be not belonging to public key set in the stochastic behaviour for effectively supporting the Hash lookup operation of public key set to represent algorithm due to it
Figure 2012100103634100002DEST_PATH_IMAGE040
And belonged to the possibility of the public key set by denotion, as long as to be designated as this possibilities of misnomer rate sufficiently small so that can tolerate this error in actual applications for its size, algorithm is effective, every time will
Figure 2012100103634100002DEST_PATH_IMAGE042
It is mapped toSo that
Figure 318530DEST_PATH_IMAGE015
In certain be 1 probability be
Figure 228717DEST_PATH_IMAGE043
, the probability for being 0 is 1-, algorithm performs
Figure 942038DEST_PATH_IMAGE006
After secondary, certain is still that 0 probability is:
Figure 2012100103634100002DEST_PATH_IMAGE044
, then certain attacker forge
Figure 393748DEST_PATH_IMAGE045
Pass throughIndividual hash function mapping, is mapped to by mistake
Figure 152942DEST_PATH_IMAGE015
So that, have
Figure 2012100103634100002DEST_PATH_IMAGE046
Probability be:
Figure 723043DEST_PATH_IMAGE047
= (5)
To make
Figure 240612DEST_PATH_IMAGE049
Minimum, should make
Figure 2012100103634100002DEST_PATH_IMAGE050
It is minimum then have:
Figure 754815DEST_PATH_IMAGE051
=0, it can obtain:
Figure 2012100103634100002DEST_PATH_IMAGE052
(6)
Will(6)Substitute into(5)It can obtain:
Figure 383242DEST_PATH_IMAGE053
=
Figure 2012100103634100002DEST_PATH_IMAGE054
(7)
By(7)As can be seen that in the time
Figure 481648DEST_PATH_IMAGE006
In the case of certain,
Figure 170118DEST_PATH_IMAGE049
With
Figure 557237DEST_PATH_IMAGE014
Change it is big and reduce, Fig. 1 is given when time interval number
Figure 225241DEST_PATH_IMAGE006
One timing,
Figure 443733DEST_PATH_IMAGE049
With
Figure 303105DEST_PATH_IMAGE014
Situation of change it can be seen that working as the time
Figure 911941DEST_PATH_IMAGE006
When smaller, for reach certain misnomer rate, it is necessary to internal memory it is smaller, with
Figure 147750DEST_PATH_IMAGE055
Exemplified by=100, when
Figure 2012100103634100002DEST_PATH_IMAGE056
When, m=10000bit;When
Figure 722213DEST_PATH_IMAGE006
When larger, for reach certain misnomer rate, it is necessary to internal memory significantly rise, when
Figure 752486DEST_PATH_IMAGE055
When=1000, to reach
Figure 910935DEST_PATH_IMAGE056
Misnomer rate, it is necessary to m>100000bit, committed memory 12.5kbyte, when
Figure 356960DEST_PATH_IMAGE057
Hour, then reaching
Figure 550044DEST_PATH_IMAGE056
Misnomer rate, under conditions of committed memory 12.2kbyte, system can be 417 days with trouble free service, as can be seen that in the case of larger in node memory space, system disclosure satisfy that basic wireless sensor network broadcast authentication demand, in Q-BA algorithms, to reach higher level of security, order
Figure 688901DEST_PATH_IMAGE057
Minute,
Figure 836111DEST_PATH_IMAGE006
=1000, then reaching
Figure 148143DEST_PATH_IMAGE056
Misnomer rate under the conditions of, system can work one week, committed memory 12.2kbyte, working time shorter work as sensor network life cycle
Figure 195734DEST_PATH_IMAGE006
During increase, to reach same misnomer rate, the amount of memory increase of occupancy, as t=5000, committed memory 61kbyte, this is inappropriate for the sensor network system of resource-constrained, for this, we are improved on Q-BA algorithms, propose PQ-BA algorithms:PQ-BA will be divided into several periods total time, independently be realized within each period
Q-BA, as shown in Fig. 2 PQ-BA is first by the life cycle of sensor networkIt is divided into
Figure 638533DEST_PATH_IMAGE006
The individual period
Figure 318039DEST_PATH_IMAGE007
, each period
Figure 220136DEST_PATH_IMAGE008
For a couple of days;Again will
Figure 326894DEST_PATH_IMAGE008
It is divided into
Figure 2012100103634100002DEST_PATH_IMAGE058
Individual smaller timeslice
Figure 681652DEST_PATH_IMAGE059
It it is each period according to QoP requirement
Figure 2012100103634100002DEST_PATH_IMAGE060
Correspondence produces a key pair
Figure 663383DEST_PATH_IMAGE061
Figure 2012100103634100002DEST_PATH_IMAGE062
, the algorithm of key pair is produced with algorithm 1, is utilized
Figure 921452DEST_PATH_IMAGE011
Individual hash function
Figure 635330DEST_PATH_IMAGE012
Will
Figure 680646DEST_PATH_IMAGE063
It is mapped to
Figure 138172DEST_PATH_IMAGE006
Individual length is
Figure 749282DEST_PATH_IMAGE014
Bit string
Figure 2012100103634100002DEST_PATH_IMAGE064
Figure 401106DEST_PATH_IMAGE065
Figure 2012100103634100002DEST_PATH_IMAGE066
)In:
Figure 792773DEST_PATH_IMAGE067
By this 1st bit string
Figure 726094DEST_PATH_IMAGE064
It is previously charged into sensor network nodes, then sheds sensor node into target area at random, in the time
Figure 457289DEST_PATH_IMAGE060
When, Sink node broadcasts following message first:Sink→*:
Figure 2012100103634100002DEST_PATH_IMAGE068
,After node receives broadcast message, first determine whether
Figure 291733DEST_PATH_IMAGE060
It is whether consistent with this node current time, if being calculated if consistent
Figure 842800DEST_PATH_IMAGE019
, have
Figure 907708DEST_PATH_IMAGE069
, then understand
Figure 2012100103634100002DEST_PATH_IMAGE070
,Then the key is by checking, and node records this public key, and the public key exists
Figure 493410DEST_PATH_IMAGE060
In time effectively, exceedTime, then this public key calcellation,
Figure 463082DEST_PATH_IMAGE060
Broadcast the message in timeWhen, Sink node is used
Figure 506311DEST_PATH_IMAGE022
It is digitally signed, concrete operations are with algorithm 2, and node receives message
Figure 169373DEST_PATH_IMAGE027
Public key is utilized afterwards
Figure 632716DEST_PATH_IMAGE063
According to message authentication is carried out, concrete operations are with algorithm 3, in the time
Figure 540891DEST_PATH_IMAGE008
Interior, Sink node is by next period
Figure 101185DEST_PATH_IMAGE008
Inside use bit string
Figure 607253DEST_PATH_IMAGE071
, use
Figure 885788DEST_PATH_IMAGE022
It is digitally signed, and is broadcast in each node.
Algorithm is discussed:For the more situation of Q-BA committed memories, PQ-BA is improved, but adds communication consumption simultaneously, by taking Mica2 platforms as an example, when in reception state, current drain is 10mA, voltage is 3V, and using IEEE802.15.4 standards, then the energy consumption of reception state is 28.6
Figure 2012100103634100002DEST_PATH_IMAGE072
MakeMinute,
Figure 746875DEST_PATH_IMAGE006
=1000, then reaching
Figure 423844DEST_PATH_IMAGE056
Misnomer rate, system can work one week,
Figure 924096DEST_PATH_IMAGE071
Committed memory 12.5kbyte, will in one weekAll nodes in netting are sent, then the communication consumption that node is received is:12.5k byte 28.6
Figure 993049DEST_PATH_IMAGE072
=357.5mJ. extends the action time of algorithm relative to Q-BA, PQ-BA in the case of same internal memory is taken,
Figure 980597DEST_PATH_IMAGE060
=10 minutes,
Figure 768686DEST_PATH_IMAGE058
=1000, thenIt is about 1 week, and the whole timeFor infinity, it can increase at any time as needed. 
Sensor network identifying algorithm should have certain scalability, scalability refers to that Q-BA the and Q-PBA algorithms that the ability of algorithm adaptation different scales sensor network is proposed herein for different node memory space sizes can be suitable for the sensor network of different scales, expense will not be increased because of the increase of network size in μ TESLA algorithms, base station is completed after broadcast initialization, realize that the certification of each node is added and synchronous by mode of unicast, this is a huge expense for large-scale network, broadcast in wireless sensor network is typically all real-time, node is after receiving the data, μ TESLA classes algorithm should be authenticated at once utilizes Hash chains, announce key mechanism by delay in broadcast realizes broadcast authentication using symmetric key, so as to introduce authentication delay, easily by DoS attack, in a wireless communication environment, the transmission of data is larger by external interference, therefore broadcast authentication algorithm should have certain anti-packet loss ability μ TESLA classes algorithms to be authenticated using Hash chains, ShortPK algorithms are authenticated using the public key of previous time period for the public key that this period uses, need to ensure the integrality that packet is transmitted, the loss of packet will cause algorithm to fail or energy consumption increase. 
Q-BA and PQ-BA algorithms are applicable not only to single user broadcast authentication, are also applied for multi-user's broadcast authentication, in multi-user's broadcast authentication, it is only necessary to be further added by a bit string
Figure 2012100103634100002DEST_PATH_IMAGE074
Energy consumption analysis
In Q-BA, using RSA Algorithm, in order to reach and shortPK(ECC-80bit)Equal security intensity, we select the key length of RSA Algorithm for 417bit[19].RSA the calculation cost of algorithm
Figure 2012100103634100002DEST_PATH_IMAGE076
TogetherThere is following relation[20,21]
Figure 2012100103634100002DEST_PATH_IMAGE078
  (9)
By(9)Can be by the energy consumption estimation such as table 2 of typical wireless sensor network public key broadcasts certification:
Figure 487375DEST_PATH_IMAGE079
It can be seen that for single authentication, Q-BA or the energy consumption needed for PQ-BA are much smaller than ShortPK and BAS, in sensor network broadcast authentication algorithm, except the calculating power consumption being authenticated to message
Figure 2012100103634100002DEST_PATH_IMAGE080
Outside, in addition to public key the power consumption being authenticated, Q-BA communication consumption, which is mainly, to existThe traffic of public key is received in time
Figure 2012100103634100002DEST_PATH_IMAGE082
And to the extra increased traffic of digital signature of packet
Figure 221610DEST_PATH_IMAGE083
;P Q-BA communication consumption mainly exists
Figure 320016DEST_PATH_IMAGE008
The traffic of public key is received in time
Figure 2012100103634100002DEST_PATH_IMAGE084
, to the extra increased traffic of digital signature of packet
Figure 8486DEST_PATH_IMAGE085
And
Figure 693807DEST_PATH_IMAGE008
The bit string sent in time
Figure 63609DEST_PATH_IMAGE071
The increased traffic of institute
Figure 2012100103634100002DEST_PATH_IMAGE086
.ShortPK communication consumption is mainly
Figure 282101DEST_PATH_IMAGE008
The traffic of public key is received in time
Figure 141472DEST_PATH_IMAGE087
And to the extra increased traffic of digital signature of packet
Figure 2012100103634100002DEST_PATH_IMAGE088
, the BAS digital signature extra increased traffic of the consumption mainly to packet that communicate
Figure 812625DEST_PATH_IMAGE089
, therefore have for total power consumption C of each algorithm:
Figure 2012100103634100002DEST_PATH_IMAGE090
=
Figure 272601DEST_PATH_IMAGE082
+
Figure 345599DEST_PATH_IMAGE083
 + 
Figure 313555DEST_PATH_IMAGE091
Figure 2012100103634100002DEST_PATH_IMAGE092
(10)
=
Figure 245925DEST_PATH_IMAGE084
+
Figure 940474DEST_PATH_IMAGE085
+
Figure 79331DEST_PATH_IMAGE086
 +
Figure 2012100103634100002DEST_PATH_IMAGE094
Figure 521814DEST_PATH_IMAGE095
 (11)
Figure 2012100103634100002DEST_PATH_IMAGE096
=
Figure 99426DEST_PATH_IMAGE087
+
Figure 84699DEST_PATH_IMAGE088
 + 
Figure 2012100103634100002DEST_PATH_IMAGE098
(12)
Figure 825702DEST_PATH_IMAGE099
=
Figure 941425DEST_PATH_IMAGE089
+
Figure 2012100103634100002DEST_PATH_IMAGE100
(13)
By taking Mica2 platforms as an example, if in PQ-BA
Figure 843522DEST_PATH_IMAGE101
, then can be obtained as shown in Figure 3 by (10)-(13):As seen from Figure 3, the energy of BAS algorithms consumption at most, broadcast authentication is carried out using Q-BA algorithms, and the minimum of energy of consumption works as the unit interval
Figure 324182DEST_PATH_IMAGE060
When the packet of transmission is less, it is inappropriate using PQ-BA, the average energy consumption of the single bag certifications of PQ-BA is reduced with the increase of the number of broadcast data packet in the unit interval, when the packet broadcasted in the unit interval is more than 10, PQ-BA energy consumption is less than ShortPK, but is greater than Q-BA.
Storage consumption is analyzed
The memory space that Q-BA and PQ-BA algorithms take is mainly Bloom filter bit stringShared space, can be seen that by discussed above,
Figure 37502DEST_PATH_IMAGE015
Shared space is in negative exponent relation with misnomer rate, and misnomer rate is smaller, then
Figure 59685DEST_PATH_IMAGE015
Shared memory headroom is bigger, in order to keep the security of algorithm, less misnomer rate must be kept, Fig. 4 is given in the case where misnomer rate is certain, the relation of node memory and network lifetime can be seen that, misnomer rate is smaller, and the memory headroom of occupancy is bigger, and the memory headroom of the longer occupancy of system time is bigger.
Safety analysis
μ TESLA classes algorithms carry out data authentication by postponing to announce the method for key, attacker can send a large amount of invalid datas before base station publishes key, node must first preserve these data, wait key to be authenticated after announcing, can so cause node memory to overflow so that thrashing .Q-BA(PQ-BA)Algorithm is real-time, and node can be immediately authenticated after data are connected to, so as to avoid similar attack to Q-BA(PQ-BA)Key forged, from calculate it is upper for, be also infeasible, when misnomer rate
Figure 711246DEST_PATH_IMAGE056
When, if attacker is per second can to verify 100,000,000,000 keys, then the time that obtaining a suitable key needs is 233 years, and table 3 is given under different misnomer rates, and attacker obtains the average time that a suitable key needs.
Figure 2012100103634100002DEST_PATH_IMAGE102

Claims (1)

1. a kind of broadcast authentication method of low-power-consumption real-time wireless sensor network, it is characterised in that:Step is as follows:
Step 1: by the life cycle of sensor network
Figure 2012100103634100001DEST_PATH_IMAGE001
It is divided into
Figure 2012100103634100001DEST_PATH_IMAGE003
The individual period
Figure 5754DEST_PATH_IMAGE004
, each period
Figure 2012100103634100001DEST_PATH_IMAGE005
For several minutes or a few hours, for the safety certification in a few hours or several minutes, RSA key length is 417 ~ 512, is each period
Figure 964745DEST_PATH_IMAGE005
Correspondence produces a key pair
Figure 2012100103634100001DEST_PATH_IMAGE007
, utilizeIndividual hash function
Figure 2012100103634100001DEST_PATH_IMAGE009
Will
Figure 55564DEST_PATH_IMAGE010
Being mapped to length is
Figure 2012100103634100001DEST_PATH_IMAGE011
Bit string
Figure 818245DEST_PATH_IMAGE012
Figure 2012100103634100001DEST_PATH_IMAGE013
Figure 549441DEST_PATH_IMAGE014
By this bit string
Figure 605122DEST_PATH_IMAGE012
It is previously charged into sensor network nodes, then sheds sensor node into target area at random;
Step 2: in the time
Figure 421768DEST_PATH_IMAGE005
When, Sink node broadcasts following message first:Sink→*:
Figure 2012100103634100001DEST_PATH_IMAGE015
, after node receives broadcast message, first determine whether
Figure 38739DEST_PATH_IMAGE005
It is whether consistent with this node current time, if being calculated if consistent
Figure 624441DEST_PATH_IMAGE016
, have
Figure 2012100103634100001DEST_PATH_IMAGE017
, then understand, then the key is by checking, and node records this public key, and the public key exists
Figure 656430DEST_PATH_IMAGE005
In time effectively, exceed
Figure 259450DEST_PATH_IMAGE005
Time, then this public key calcellation;
Step 3:
Figure 637342DEST_PATH_IMAGE005
Broadcast the message in time
Figure 300404DEST_PATH_IMAGE011
When, Sink node is used
Figure 2012100103634100001DEST_PATH_IMAGE019
It is digitally signed, concrete operations are as follows:Digital signature generating algorithm based on RSA Algorithm, 1., chooses a disclosed hash function, calculate
Figure 2012100103634100001DEST_PATH_IMAGE021
, 2., calculate
Figure 796556DEST_PATH_IMAGE022
, 3., Sink node is to message
Figure 91271DEST_PATH_IMAGE011
Digital signature be, subsequent Sink node does following broadcast:Sink→*:
Figure 925235DEST_PATH_IMAGE024
Step 4: node receives messagePublic key is utilized afterwardsMessage authentication, the digital signature identification algorithm based on RSA Algorithm, first according to disclosed hash function are carried out according to following algorithm
Figure 736961DEST_PATH_IMAGE020
Calculate, calculateIf,, then signature is received, the message passes through checking.
CN201210010363.4A 2012-01-13 2012-01-13 Broadcast authentication method of low-power-consumption real-time wireless sensor network Expired - Fee Related CN102572821B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210010363.4A CN102572821B (en) 2012-01-13 2012-01-13 Broadcast authentication method of low-power-consumption real-time wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210010363.4A CN102572821B (en) 2012-01-13 2012-01-13 Broadcast authentication method of low-power-consumption real-time wireless sensor network

Publications (2)

Publication Number Publication Date
CN102572821A true CN102572821A (en) 2012-07-11
CN102572821B CN102572821B (en) 2014-06-04

Family

ID=46417029

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210010363.4A Expired - Fee Related CN102572821B (en) 2012-01-13 2012-01-13 Broadcast authentication method of low-power-consumption real-time wireless sensor network

Country Status (1)

Country Link
CN (1) CN102572821B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453393A (en) * 2016-11-11 2017-02-22 湖北大学 Verifiable privacy-preserving data type matching in participatory sensing
CN107171803A (en) * 2017-05-15 2017-09-15 黑龙江大学 Accelerate vBNN IBS authentication methods in a kind of wireless sensor network
CN109451501A (en) * 2018-12-17 2019-03-08 重庆邮电大学 IPv6 industrial wireless network data secure transmission method based on broadcast signcryption

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192928A (en) * 2006-12-01 2008-06-04 华为技术有限公司 Mobile ad hoc authentication method, network and system
WO2009092318A1 (en) * 2008-01-17 2009-07-30 China Iwncomm Co., Ltd. A secure transmission method for broadband wireless multimedia network broadcasting communication
CN101699873A (en) * 2009-10-21 2010-04-28 南京邮电大学 Classification security-based broadcast authentication design method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192928A (en) * 2006-12-01 2008-06-04 华为技术有限公司 Mobile ad hoc authentication method, network and system
WO2009092318A1 (en) * 2008-01-17 2009-07-30 China Iwncomm Co., Ltd. A secure transmission method for broadband wireless multimedia network broadcasting communication
CN101699873A (en) * 2009-10-21 2010-04-28 南京邮电大学 Classification security-based broadcast authentication design method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453393A (en) * 2016-11-11 2017-02-22 湖北大学 Verifiable privacy-preserving data type matching in participatory sensing
CN107171803A (en) * 2017-05-15 2017-09-15 黑龙江大学 Accelerate vBNN IBS authentication methods in a kind of wireless sensor network
CN109451501A (en) * 2018-12-17 2019-03-08 重庆邮电大学 IPv6 industrial wireless network data secure transmission method based on broadcast signcryption

Also Published As

Publication number Publication date
CN102572821B (en) 2014-06-04

Similar Documents

Publication Publication Date Title
Cao et al. IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks
Ren et al. Multi-user broadcast authentication in wireless sensor networks
Luk et al. MiniSec: a secure sensor network communication architecture
Ren et al. On broadcast authentication in wireless sensor networks
Shim BASIS: A practical multi-user broadcast authentication scheme in wireless sensor networks
Zia et al. A security framework for wireless sensor networks
Liu et al. PKC based broadcast authentication using signature amortization for WSNs
US20080292105A1 (en) Lightweight key distribution and management method for sensor networks
Zhu et al. An opportunistic batch bundle authentication scheme for energy constrained DTNs
WO2013172750A1 (en) Secure paging
Kgwadi et al. Securing RDS broadcast messages for smart grid applications
CN102684874B (en) A kind of wireless sensor network broadcast authentication method based on ECDSA algorithm
Alghamdi et al. Routing-aware and malicious node detection in a concealed data aggregation for WSNs
Baburaj Polynomial and multivariate mapping-based triple-key approach for secure key distribution in wireless sensor networks
Noack Optimization of two-way authentication protocol in internet of things
CN102572821A (en) Broadcast authentication method of low-power-consumption real-time wireless sensor network
Weimerskirch et al. Identity certified authentication for ad-hoc networks
Mbarek et al. A secure authentication mechanism for resource constrained devices
Ghasemzadeh et al. Key management system for WSNs based on hash functions and elliptic curve cryptography
Jaballah et al. An efficient source authentication scheme in wireless sensor networks
Ren et al. On broadcast authentication in wireless sensor networks
Singh A security framework for wireless sensor networks
Mbarek et al. A broadcast authentication scheme in iot environments
Ambarkar et al. An efficient authentication technique to protect iot networks from impact of rpl attacks
Roja et al. Lightweight Secure Key Distribution Protocol (LSKDP) for Wireless Sensor Networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20140604

Termination date: 20190113