CN102594706A - Wireless broadband secure routing method for smart home control - Google Patents
Wireless broadband secure routing method for smart home control Download PDFInfo
- Publication number
- CN102594706A CN102594706A CN2012100749533A CN201210074953A CN102594706A CN 102594706 A CN102594706 A CN 102594706A CN 2012100749533 A CN2012100749533 A CN 2012100749533A CN 201210074953 A CN201210074953 A CN 201210074953A CN 102594706 A CN102594706 A CN 102594706A
- Authority
- CN
- China
- Prior art keywords
- node
- path
- data
- neighbor
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a wireless broadband secure routing method for smart home control in an Internet of things environment. A proper secure transmission path is found between needs with communication requirements. The method comprises the following steps of: (1) the collection of the nodes for communication link conditions; (2) the calculation of an optimal path; and (3) the secure transmission and forwarding processing of data. The optimal path is selected by comprehensively using the information of a hop count, a node queue length, a node neighbor number and the like, so that the shortcomings of a minimum hop count routing method are overcome, and the communication quality of a wireless fidelity (WIFI) network is improved; the method can be adapted to the dynamic change of an external environment of a wireless network; in addition, the routing method is low in overhead, high in security and easy to implement; and the nodes on a forwarding path are subjected to identity authentication in the forwarding process of a data packet, and in the authentication, the security of own private data is well ensured, and the attacks of malicious nodes are effectively prevented.
Description
Technical field
The invention belongs to wifi (wireless fidelity, WiMAX, below implication herewith) crossing domain of wireless network and information security, the particularly safe route technology in the wifi wireless network.
Background technology
In recent years, along with the rise of technology of Internet of things, become the focus of industry research and development based on the intelligent domestic system of wifi technology.Because the wifi network has higher transmission rate, and communication distance can reach 100 meters, and these characteristics make it be very suitable for the communication in the building.
Route technology is one of key technology of wifi network application.In intelligent domestic system, exist a large amount of orders and data interaction between different household electrical appliances and the control terminal.In this process, Routing Protocol will be brought into play enormous function, and it can seek suitable path between source point and point of destination, and forward data or order along this path.Because packet has adopted Wireless transmission mode, the privacy that how to ensure its data also is the problem that needs emphasis to consider.Therefore, a kind of necessary property of wifi method for routing of design with Security Assurance Mechanism.
In wireless network, Routing Protocol can be divided into source routing and drive two kinds with table.Source routing is meant at the source point place and just entire path is calculated that intermediate node is just transmitted according to the path that source point calculates, the own also selection of not responsible route.Table drives route and is meant that each node all participates in the calculating in path, and they must select suitable next-hop node.The expense of table driving route is less relatively, and adapts to the variation of external environment more easily.Source-routed protocol need be safeguarded certain link information, but the route that calculates can provide preferably end to end service quality (Quality ofService, QoS, as follows).
In the Smart Home field; Source-routed protocol has the better application prospect; This be because: the first, the wifi network is less in the indoor degree that disturbed by weather, and the common mobility of the communication node in the intelligent domestic system is relatively poor; This just makes the wifi network have metastable external environment condition, and link circuit condition very violent variation can not take place yet; The second, use source-routed protocol that end-to-end communication quality preferably can be provided, can guarantee the service level of intelligent domestic system like this.But, consider safety issue, the path of only coming the calculated data bag to transmit by source node possibly suffer illegal attack, therefore possibly need intermediate node to be responsible for safety supervision., introduced safety computing technique in many ways here, intermediate node possibly carry out the safety cooperation to be monitored the path that source node calculates in real time, avoids malicious node that the packet on the path is launched a offensive.
Traditional route protocols is mainly weighed the quality in path through minimum hop count when calculating route, but in the wifi network, this criterion is not very desirable.Generally speaking, the minimizing of jumping figure just means the increase of every jumping communication distance.And communication distance is long more, and the quality of link is just poor more, and the transmission rate of network is also just low more.Therefore, in fact it reduced professional service quality.In addition, for intelligent domestic system, it also is not enough using single path judgment criteria.Problems such as routing security, reliability, chain-circuit time delay also should be the contents that Routing Protocol is considered, the jumping figure of a secure path also may be more than the jumping figure in a unsafe path.The balance that rational transmission path should be a plurality of performance index is with comprehensive.Academia has carried out some researchs to this at present, but owing to support that the route calculating of multi-parameter is comparatively complicated, does not therefore have suitable Smart Home safety routing method at present.
Summary of the invention
Technical problem: the purpose of this invention is to provide a kind of WiMAX safety routing method that is used for home furnishings intelligent control; Be used for providing the route calculation services of many performance guarantees such as safety, time delay, reliability to the miscellaneous service of intelligent domestic system; And realized the discovery of optimal path based on particle cluster algorithm, realized that simultaneously the safety of packet is transmitted.The present invention can significantly promote the communication performance of intelligent domestic system, thereby makes the user obtain good experience.
Technical scheme: method of the present invention is a kind of tactic method, can be applied to the various communication scenes in Smart Home field, has the electrical equipment of communication capacity or terminal equipment to regard a node as in the intelligent domestic system each.The invention provides a kind of safety routing method, can support the path computing and the security control of many performance parameters between any two nodes.
The WiMAX safety routing method that is used for home furnishings intelligent control comprises following three parts:
1. node is to the collection of network link situation;
2. the calculating of optimal path;
3. thereby the receiving node on source node and the optimal path carries out the safety transmission that safety is calculated the guarantee data in many ways based on encryption, authentication and hash function method:
Two functions that described node comprises the collection of network link situation: information of neighbor nodes exchanges with the network link situation and broadcasts, and realizes that the step of these two functions comprises:
1. each node regularly sends " Hello " message to a hop neighbor node, announces the relevant information of this node, and content comprises the network address of node number, this node, the current queue length of this node and the transmitting time of this message,
2. each node is after receiving " Hello " message of neighbors; It is saved in the neighbor information table of this node; Comprise neighbor node number, neighbor node address, neighbor node queue length and " Hello " message transmitting time in the neighbor information table, if the information of this node not in the neighbor information table then is added into it in table; If the information of existing this node is then upgraded its queue length and transmission time information in the neighbor information table; In addition, node is also monitored the neighbor information table, if after having surpassed certain hour, the transmitting time of certain neighbor node is not still upgraded, and then need it be deleted from the neighbor information table; Each node upgrades the link information table of oneself synchronously when upgrading the neighbor information table; The link information table is the matrix of a n * n, and n is the node number in the network, has stored link information and corresponding QoS information between all nodes in the link information table;
If 3. following three kinds of situation take place, variation has taken place with the topological structure of decision network in node, is necessary to let other node in the network know: the first, found new neighbor node; The second, neighbor node disappears; The 3rd, bigger variation has taken place in the queue length of neighbor node; At this moment, node can be put into " Changing " message with the neighbor information table of oneself, and in network, broadcasts;
4. each node upgrades the content in this node link information table after receiving " Changing " message;
Described optimal path computation comprises following treatment step:
Fan-in network information and algorithm parameter data: the network information comprises the state information and the QoS information of link in source node, destination node and the network, and the algorithm parameter data comprise population scale, population iterations, α
1, α
2, α
3, α
4, c
1, c
2And ω;
The path sequence that output is made up of node serial number,
Algorithm steps:
The first, set population scale, algorithm iteration number of times, generate initial population,
The second, the use location evaluation function is estimated each particle position,
The 3rd; To k each particle in generation; Obtain global optimum position, individual current optimal position
and operating speed more new formula and position more new formula upgrade
The 4th, judge whether iterations reaches to preestablish, reach then that algorithm stops, otherwise went back to for second step,
Wherein, the particle position evaluation function is:
f=α
1C-(α
2H+α
3L
max+α
4N
ave)
In this formula, f is the evaluation result of particle position, and whether the path that the C representative is obtained is path, the jumping figure of H delegated path, L
MaxThe maximum queue length of all nodes on the delegated path, N
AveThe average neighbor node number of all nodes on the delegated path, α
1, α
2, α
3, α
4Represent that respectively the path factor, the jumping figure factor, the formation factor and neighbours count the factor;
The Velocity Updating formula is:
In this formula, k representes that algorithm carries out the generation to k, and i representes i particle, and d representes that d ties up solution space;
The position of expression particle i in the k time iteration,
Represent the speed of particle i when k, k+1 iteration respectively,
The historical optimal location of representing this particle,
The optimal location of representing whole particle colony, c
1, c
2Be acceleration constant, ω is an inertia weight;
Position more new formula is:
In this formula, the position during the k+1 time iteration of
expression particle i;
Described " calculating the safety transmission that ensures data in many ways thereby the receiving node on source node and the optimal path carries out safety based on encryption, authentication and hash function method " comprises following treatment step:
Source node has been born the transmission work of data as sending node, and its key step is:
1. use particle swarm optimization algorithm to find the solution optimal path according to source node and destination node,
2. the t on the optimal path node N
i=(i=1,2 ... t) agreement is stored a privacy identity data x separately
i(i=1,2 ..., t), as the sign of privacy authentication each other,
3. the packing data that application layer is handed down is put into the path that calculates in packet header of this packet.
Thereby the receiving node on source node and the optimal path carries out safety based on methods such as encryption, authentication and hash functions calculates the safety forwarding that ensures data in many ways:
1. receiving node N
iJudge at first whether oneself is the final destination of data, if, then with giving application layer on the packet,
If 2. present node N
iBe not the final destination, then this node takes out the path in the data packet head, and next of read path jumped N
I+1Information, next carry out authentication, node N
iGenerate a random number R, and send it to node N
I+1,
3. node N
I+1Receive N
iAfter the random number R that produces, generate a private key K
sWith two PKI K
P1And K
P2, K wherein
P1+ K
P2=R, node N simultaneously
I+1With PKI Kp
1And Kp
2Postback to N
i,
4. node N
iReceive K
P1And K
P2The back is verified it, if K
P1+ K
P2=R is false and is then stopped authentication immediately; If set up, then at random at K
P1And K
P2PKI of middle selection is encrypted R, and another PKI is to x
iEncrypt.Might as well establish PKI K
P1R encrypted obtain
Use PKI K
P2To x
iEncryption obtains
With data encrypted
With
Send to N
I+1,
5. node N
I+1With the private key K of oneself
sRight
With
Deciphering, if be R after the deciphering, then another data are privacy identity data x
i, to x
iVerify, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
iBe believable, node N
I+1Can accept from node N
iPacket; Otherwise think node N
iBe malice, stop communication immediately,
If 6. node N
iBe believable, node N
I+1With N
iPrivacy identity data x
iAs unidirectional trapdoor hash function (unidirectional trapdoor hash function
Be the one type of special one-way function that has a trapdoor, generally be used for public key cryptography, do not knowing trapdoor x
iSituation under, carry out
The inverse function computing draw x
I+1Value on calculating, be infeasible, when at trapdoor x
iUnder the known condition, be easy to calculate x
I+1Value) trapdoor to N
I+1Privacy identity data x
I+1Handle, obtain
And send to N
iBecause trapdoor is x
i, node N
iBe easy to calculate x
I+1And it is verified, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
I+1Be believable, the success of two-way authentication so far,
7. node N
iPacket is transmitted to next-hop node N
I+1If the authentication of next-hop node was lost efficacy, then present node N
iTo accomplish two work: the first, the notification source node path lost efficacy; Second for the packet of having received, is recomputated a paths and is realized repeating above-mentioned repeating process by present node.
Beneficial effect: the inventive method has proposed a kind of wifi method for routing that is applicable to home furnishings intelligent control, can find a suitable transmission path between the node of communication requirement having.With respect to prior art, advantage of the present invention is:
(1) the present invention selects optimal path through information such as comprehensive use jumping figure, node queue's length, node neighbours numbers, has overcome the deficiency of minimum hop count method for routing, helps improving the communication quality of wifi network.
(2) the present invention has fault freedom preferably, can be fit to the dynamic change of wireless network external environment, and little its of this method for routing expense has higher fail safe simultaneously, is easy to realize.
(3) in the repeating process of packet the node on the forward-path is carried out authentication, when authentication, well guaranteed its safety of private data separately, effectively prevented the attack of malicious node.
Description of drawings
Fig. 1 is the process chart that node sends " Hello " message among the present invention.
Fig. 2 is the process chart that node is received " Hello " message among the present invention.
Fig. 3 is a node inspection neighbors information processing flow chart among the present invention.
Fig. 4 is the process chart that node is received " Changing " message among the present invention.
Fig. 5 is the calculation flow chart of optimal path among the present invention.
Fig. 6 is the process chart that source node sends data among the present invention.
Fig. 7 is that node is received the process chart of transmitting data among the present invention.
Fig. 8 is route node flow for authenticating ID figure on the optimal path among the present invention.
Embodiment
1, architecture
Technical scheme of the present invention specifically is made up of three parts: (1) node is to the collection of network link situation; (2) calculating of optimal path; (3) safety of data is sent and is transmitted processing.
2, method flow
(1) node is to the collection of network link situation
The collection of link circuit condition mainly comprises two functions: information of neighbor nodes exchanges and the broadcasting of network link situation.This process has mainly been used two kinds of messages: " Hello " message and " Changing " message." Hello " message is used for the information interaction between the hop neighbor node." Changing " message is used for the link change situation that node is grasped to other node broadcasts of network oneself.The concrete steps that Link State is collected are following.
1. each node regularly sends " Hello " message to a hop neighbor node, announces the relevant information of this node, and content comprises the network address of node number ID, this node, the current queue length l of this node, the transmitting time t of this message
sDeng.
2. each node is saved in it in neighbor information table of this node after receiving " Hello " message of neighbors.Comprise contents such as neighbor node number, neighbor node address, neighbor node queue length, " Hello " message transmitting time in the neighbor information table.If the information of this node not in the neighbor information table; Explain that this is an initiate node, then it is added in the table, if the information of existing this node in the neighbor information table; Explain that this is a known node, then upgrades its queue length and transmission time information and gets final product.In addition, node also can be monitored the neighbor information table.If after having surpassed certain hour, the transmitting time of certain neighbor node is not still upgraded, and this just explains that this neighbor node closes or damage, and then need it be deleted from the neighbor information table.Each node upgrades the link information table of oneself synchronously when upgrading the neighbor information table.The link information table is the matrix of a n * n, and n is the node number in the network.Link information and corresponding QoS information between all nodes have been stored in the link information table.
If 3. following three kinds of situation take place, variation has taken place with the topological structure of decision network in node, is necessary to let other node in the network know: the first, found new neighbor node; The second, neighbor node disappears; The 3rd, bigger variation has taken place in the queue length of neighbor node.At this moment, node can be put into " Changing " message with the neighbor information table of oneself, and in network, broadcasts.
4. each node upgrades the content in this node link information table after receiving " Changing " message.
(2) calculating of optimal path
When node has data to transmit, source node will be accomplished the search in path and calculate.Method for routing provided by the invention can find a suitable path between source node and destination node, and realizes the balance of a plurality of performance parameters such as reliability, time delay, jumping figure.
The routing issue of in network, finding the solution many qos parameters is a NP-Hard (Non-deterministic Polynomial Hard, nondeterministic polynomial is difficult) problems, and the present invention has introduced particle swarm optimization algorithm and found the solution.Particle swarm optimization algorithm is a kind of optimized Algorithm based on colony intelligence.It regards Search of Individual as in the solution space a particulate with certain speed flight, and through interparticle information interchange, particle's velocity and heading is adjusted, thereby whole colony is approached to optimal location in solution space.The present invention uses particle swarm optimization algorithm to calculate multi-parameter QoS path, can try to achieve result preferably in the short period of time.When using particle swarm optimization algorithm, the present invention has used node link is carried out Methods for Coding: particle position is made up of the n dimension, the corresponding node of each dimension.The value of this one dimension is exactly the numbering of the link on this node, chosen of path, and value is that any link is not selected in 0 expression.
The flow process of this method is following.
1. initialization.The node number is set, the link of node is encoded.Particle number, iterations scheduling algorithm parameter are set.
2. define the evaluation function of particle position.
3. seek optimal particle.Operating speed and position be new formula more, and globally optimal solution is obtained in the heading and the position of each particle of iteration adjustment.
The formula and function of in the method flow process, using is following:
1. particle position evaluation function
f=α
1C-(α
2H+α
3L
max+α
4N
ave)
Wherein, f is the evaluation result of particle position, and whether the path that the C representative is obtained is path, the jumping figure of H delegated path, L
MaxThe maximum queue length of all nodes on the delegated path, N
AveThe average neighbor node number of all nodes on the delegated path, α
1, α
2, α
3, α
4Represent that respectively the path factor, the jumping figure factor, the formation factor and neighbours count the factor.
2. Velocity Updating formula
Wherein, k representes that algorithm carries out the generation to k, and i representes i particle, and d representes that d ties up solution space.
The position of expression particle i in the k time iteration,
Represent the speed of particle i when k, k+1 iteration respectively,
The historical optimal location of representing this particle,
The optimal location of representing whole particle colony, c
1, c
2Be acceleration constant, ω is an inertia weight.
3. position new formula more
Position when wherein,
representes the k+1 time iteration of particle i.
Based on above-mentioned analysis, based on the optimal path computation method of particle cluster algorithm, it specifically describes as follows among the present invention.
Input: the network information and algorithm parameter data.The network information comprises the state information and the QoS information of link in source node, destination node and the network.The algorithm parameter data comprise population scale, population iterations, α
1, α
2, α
3, α
4, c
1, c
2And ω etc.
Output: the path sequence of forming by node serial number.
Algorithm steps:
The first, set population scale, algorithm iteration number of times scheduling algorithm parameter, generate initial population.
The second, the use location evaluation function is estimated each particle position.
The 3rd; To each particle in k generation, obtain global optimum position, individual current optimal position
and operating speed more new formula and position more new formula upgrade.
The 4th, judge whether iterations reaches set point in advance, reach then algorithm termination, otherwise go back to the execution repeatedly of second step.
(3) safety of data is sent and is transmitted processing
In the present invention, source node has been born the transmission work of data as sending node, and its key step is:
1. use particle swarm optimization algorithm to find the solution optimal path according to source node and destination node.
2. the t on the optimal path node N
i(i=1,2 ... t) agreement is stored a privacy identity data x separately
i(i=1,2 ..., t), as the sign of privacy authentication each other.
3. the packing data that application layer is handed down is put into the path that calculates in packet header of this packet.
And the receiving node on the optimal path carries out the key step that data security transmits and is among the present invention:
1. receiving node N
iJudge at first whether oneself is the final destination of data, if, then with giving application layer on the packet.
If 2. present node N
iBe not the final destination, then this node takes out the path in the data packet head, and next of read path jumped N
I+1Information.Next carry out authentication, node N
iGenerate a random number R, and send it to node N
I+1
3. node N
I+1Receive N
iAfter the random number R that produces, generate a private key K
sWith two PKI K
P1And K
P2, K wherein
P1+ K
P2=R.While node N
I+1With PKI K
P1And K
P2Postback to N
i
4. node N
iReceive K
P1And K
P2The back is verified it, if K
P1+ K
P2=R is false and is then stopped authentication immediately; If set up, then at random at K
P1And K
P2PKI of middle selection is encrypted R, and another PKI is to x
iEncrypt.Might as well establish PKI K
P1R encrypted obtain
Use PKI K
P2To x
iEncryption obtains
With data encrypted
With
Send to N
I+1
5. node N
I+1With the private key K of oneself
sRight
With
Deciphering, if be R after the deciphering, then another data are privacy identity data x
iTo x
iVerify, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
iBe believable, node N
I+1Can accept from node N
iPacket; Otherwise think node N
iBe malice, stop communication immediately.
If 6. node N
iBe believable, node N
I+1With N
iPrivacy identity data x
iAs unidirectional trapdoor hash function (trap-door one-way function
Be the one type of special one-way function that has a trapdoor, generally be used for public key cryptography, do not knowing trapdoor x
iSituation under, carry out
The inverse function computing draw x
I+1Value on calculating, be infeasible, when at trapdoor x
iUnder the known condition, be easy to calculate x
I+1Value) trapdoor to N
I+1Privacy identity data x
I+1Handle, obtain
And send to N
iBecause trapdoor is x
i, node N
iBe easy to calculate x
I+1And it is verified, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
I+1Be believable, the success of two-way authentication so far.
7. node N
iPacket is transmitted to next-hop node N
I+1If the authentication of next-hop node was lost efficacy, then present node N
iTo accomplish two work: the first, the notification source node path lost efficacy; Second for the packet of having received, is recomputated a paths and is realized repeating above-mentioned repeating process by present node.
The wifi method for routing that is used for home furnishings intelligent control of the present invention's proposition, it is made up of three parts, is respectively that the safety of the collection of network link situation, optimum route search, data is sent and transmitted and handle.
The link circuit condition of network mainly obtains with " Changing " message through sending " Hello " message between the node mutually.Its main process shows in Fig. 1 to Fig. 4.
Fig. 1 has shown the process chart of node transmission " Hello " message.Its main process is, a timer is set in routing module, regularly triggers this node and sends " Hello " message.Comprise information such as node number, node address, node current queue length, transmitting time in this message.It can let on every side node know the existence of this node and the basic condition of this node, supplies other node when the compute optimal path, to use.
Fig. 2 has shown the process chart of receiving " Hello " message.Its key step is: after 1. node receives " Hello " message, search whether this nodal information is arranged in the neighbor information table.If 2. do not have, explain that this node is a new neighbor node, then deposit it in neighbor information table, upgrade the link information table then, and broadcasting " Changing " message sends this message.If 3. in the neighbor information table this nodal information is arranged, check then whether its information has change, if change is arranged, to change neighbor information table and link information table equally, and broadcasting " Changing " message.If 4. not change of the information of this node in the neighbor information table is then upgraded its transmission time information and is got final product.
Fig. 3 has shown node inspection neighbors information processing flow chart.Its main process is, a timer is set in routing module, regularly triggers the neighbor information table look-up of this node.Do not upgrade for a long time if the transmitting time of some nodes is existing in the neighbor information table; Judge that then this node closes or damage; It is deleted from the neighbor information table, upgrade the link information table then, and with other node in " Changing " message notifying network.
Fig. 4 has shown that node receives the process chart of " Changing " message.Its main process is: according to " Changing " message, the corresponding data of revising in the own link information table gets final product.
Fig. 5 has shown the algorithm flow of optimum route search.The input of this algorithm comprises the network information and algorithm parameter data.The network information specifically comprises contents such as state information and the QoS information of link in source node, destination node, the network.Algorithm parameter specifically comprises population scale, population iterations, α
1, α
2, α
3, α
4, c
1, c
2And ω etc.The path sequence that the output of this algorithm is made up of node serial number.
The concrete steps of this algorithm are following.
The first, set population scale, algorithm maximum iteration time scheduling algorithm parameter, generate initial population.
The second, algorithm iteration number of times t=0 is set.
The 3rd, if reached maximum iteration time, then algorithm stops, and with the optimal particle decoding, and returns optimal path.Otherwise continue.
The 4th, according to source node, destination node and network link condition information, the use location evaluation function is estimated each particle position.
The 5th, to each particle in t generation, obtain individual current optimal position, global optimum position, and operating speed more new formula and position more new formula upgrade.
The 6th, make t=t+1, and went back to for the 3rd step.
Fig. 6, Fig. 7 and Fig. 8 have described the safety of data and have sent and the forwarding processing procedure.
Fig. 6 has shown that source node sends the process chart of data.When data will be sent, its treatment step was in source node: 1. from the packet that will send, take out source node and destination node information.2. start optimum route search.3. the node on the optimal path is arranged the privacy identity data.4. Search Results is put into the packet head.5. this packet is mail to next jumping of optimal path.
Fig. 7 has shown that node receives the process chart of transmitting data.Its treatment step is: 1. from data packet head, takes out destination address, judges whether oneself is destination node, if, then with giving application program on the packet.If 2. oneself be not destination node, then read path information from packet header finds next-hop node.If 3. next-hop node still exists, carry out authentication, behind the authentication success packet is transmitted to this node.If 4. next-hop node does not exist, then the notification source node path is changed, and starts optimum route search, and the packet that oneself is received is transmitted.
Fig. 8 has shown route node flow for authenticating ID figure on the optimal path.Its main process is: 1. current forward node N
iGenerate a random number and send to the next-hop node N in the optimal path
I+12. N
I+1Produce corresponding public key and private key after receiving random number, and PKI is passed to N
i3. N
iAfter PKI verified, the random number and the N that use public-key " step is 1. " produced
iThe privacy identity data encrypt, and encrypted result is passed to N
I+14. N
I+1Decipher corresponding data, examine the identity of Ni after, use trap-door one-way function to calculate the privacy identity information of oneself, and send N to
i5. N
iTo next-hop node N
I+1The privacy identity data verify that authentication success then is transmitted to N with packet
I+1
Claims (2)
1. one kind is used for the WiMAX safety routing method that home furnishings intelligent is controlled, and it is characterized in that it comprises following three parts:
1. node is to the collection of network link situation;
2. the calculating of optimal path;
3. thereby the receiving node on source node and the optimal path carries out the safety transmission that safety is calculated the guarantee data in many ways based on encryption, authentication and hash function method:
Two functions that described node comprises the collection of network link situation: information of neighbor nodes exchanges with the network link situation and broadcasts, and realizes that the step of these two functions comprises:
1. each node regularly sends " Hello " message to a hop neighbor node, announces the relevant information of this node, and content comprises the network address of node number, this node, the current queue length of this node and the transmitting time of this message,
2. each node is after receiving " Hello " message of neighbors; It is saved in the neighbor information table of this node; Comprise neighbor node number, neighbor node address, neighbor node queue length and " Hello " message transmitting time in the neighbor information table, if the information of this node not in the neighbor information table then is added into it in table; If the information of existing this node is then upgraded its queue length and transmission time information in the neighbor information table; In addition, node is also monitored the neighbor information table, if after having surpassed certain hour, the transmitting time of certain neighbor node is not still upgraded, and then need it be deleted from the neighbor information table; Each node upgrades the link information table of oneself synchronously when upgrading the neighbor information table; The link information table is the matrix of a n * n, and n is the node number in the network, has stored link information and corresponding QoS information between all nodes in the link information table;
If 3. following three kinds of situation take place, variation has taken place with the topological structure of decision network in node, is necessary to let other node in the network know: the first, found new neighbor node; The second, neighbor node disappears; The 3rd, bigger variation has taken place in the queue length of neighbor node; At this moment, node can be put into " Changing " message with the neighbor information table of oneself, and in network, broadcasts;
4. each node upgrades the content in this node link information table after receiving " Changing " message;
Described optimal path computation comprises following treatment step:
Fan-in network information and algorithm parameter data: the network information comprises the state information and the QoS information of link in source node, destination node and the network, and the algorithm parameter data comprise population scale, population iterations, α
1, α
2, α
3, α
4, c
1, c
2And ω;
The path sequence that output is made up of node serial number,
Algorithm steps:
The first, set population scale, algorithm iteration number of times, generate initial population,
The second, the use location evaluation function is estimated each particle position,
The 3rd; To k each particle in generation; Obtain global optimum position, individual current optimal position
and operating speed more new formula and position more new formula upgrade
The 4th, judge whether iterations reaches to preestablish, reach then that algorithm stops, otherwise went back to for second step,
Wherein, the particle position evaluation function is:
f=α
1C-(α
2H+α
3L
max+α
4N
ave)
In this formula, f is the evaluation result of particle position, and whether the path that the C representative is obtained is path, the jumping figure of H delegated path, L
MaxThe maximum queue length of all nodes on the delegated path, N
AveThe average neighbor node number of all nodes on the delegated path, α
1, α
2, α
3, α
4Represent that respectively the path factor, the jumping figure factor, the formation factor and neighbours count the factor;
The Velocity Updating formula is:
In this formula, k representes that algorithm carries out the generation to k, and i representes i particle, and d representes that d ties up solution space;
The position of expression particle i in the k time iteration,
Represent the speed of particle i when k, k+1 iteration respectively,
The historical optimal location of representing this particle,
The optimal location of representing whole particle colony, c
1, c
2Be acceleration constant, ω is an inertia weight;
Position more new formula is:
In this formula, the position during the k+1 time iteration of
expression particle i;
Described " calculating the safety transmission that ensures data in many ways thereby the receiving node on source node and the optimal path carries out safety based on encryption, authentication and hash function method " comprises following treatment step:
Source node has been born the transmission work of data as sending node, and its key step is:
1. use particle swarm optimization algorithm to find the solution optimal path according to source node and destination node,
2. the t on the optimal path node N
i, i=1,2 ... T, agreement is stored a privacy identity data x separately
i, as the sign of privacy authentication each other,
3. the packing data that application layer is handed down is put into the path that calculates in packet header of this packet.
2. the WiMAX safety routing method that is used for home furnishings intelligent control according to claim 1, thus it is characterized in that the receiving node on source node and the optimal path carries out safety transmitting safely of calculating guarantee data in many ways based on methods such as encryption, authentication and hash functions:
1. receiving node N
iJudge at first whether oneself is the final destination of data, if, then with giving application layer on the packet,
If 2. present node N
iBe not the final destination, then this node takes out the path in the data packet head, and next of read path jumped N
I+1Information, next carry out authentication, node N
iGenerate a random number R, and send it to node N
I+1,
3. node N
I+1Receive N
iAfter the random number R that produces, generate a private key K
sWith two PKI K
P1And K
P2, K wherein
P1+ K
P2=R, node N simultaneously
I+1With PKI K
P1And K
P2Postback to N
i,
4. node N
iReceive K
P1And K
P2The back is verified it, if K
P1+ K
P2=R is false and is then stopped authentication immediately; If set up, then at random at K
P1And K
P2PKI of middle selection is encrypted R, and another PKI is to x
iEncrypt; Might as well establish PKI K
P1R encrypted obtain
Use PKI K
P2To x
iEncryption obtains
With data encrypted
With
Send to N
I+1,
5. node N
I+1With the private key K of oneself
sRight
With
Deciphering, if be R after the deciphering, then another data are privacy identity data x
i, to x
iVerify, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
iBe believable, node N
I+1Can accept from node N
iPacket; Otherwise think node N
iBe malice, stop communication immediately,
If 6. node N
iBe believable, node N
I+1With N
iPrivacy identity data xi as the trapdoor of unidirectional trapdoor hash function to N
I+1Privacy identity data x
I+1Handle, obtain
And send to N
iBecause trapdoor is x
i, node N
iBe easy to calculate x
I+1And it is verified, if it is the node N on the optimal path before the data forwarding
iThe privacy identity data of agreement is then explained node N in advance
I+1Be believable, the success of two-way authentication so far,
7. node N
iPacket is transmitted to next-hop node N
I+1If the authentication of next-hop node was lost efficacy, then present node N
iTo accomplish two work: the first, the notification source node path lost efficacy; Second for the packet of having received, is recomputated a paths and is realized repeating above-mentioned repeating process by present node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210074953.3A CN102594706B (en) | 2012-03-20 | 2012-03-20 | Wireless broadband secure routing method for smart home control |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210074953.3A CN102594706B (en) | 2012-03-20 | 2012-03-20 | Wireless broadband secure routing method for smart home control |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102594706A true CN102594706A (en) | 2012-07-18 |
| CN102594706B CN102594706B (en) | 2014-10-22 |
Family
ID=46482922
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210074953.3A Expired - Fee Related CN102594706B (en) | 2012-03-20 | 2012-03-20 | Wireless broadband secure routing method for smart home control |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102594706B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970233A (en) * | 2012-11-22 | 2013-03-13 | 华为技术有限公司 | Method, apparatus and device for acquiring route, concentrator and system |
| CN103220745A (en) * | 2013-04-18 | 2013-07-24 | 上海桑锐电子科技有限公司 | Wireless network route method |
| CN103324088A (en) * | 2013-06-24 | 2013-09-25 | 哈尔滨工业大学 | Information path optimizing method based on quick response satellite |
| CN103926904A (en) * | 2014-04-25 | 2014-07-16 | 桂林电子科技大学 | Mobile Internet of Things with path optimization function and management method thereof |
| CN104468614A (en) * | 2014-12-25 | 2015-03-25 | 无锡成电科大科技发展有限公司 | Smart home Internet of Things security control system |
| WO2017133230A1 (en) * | 2016-02-03 | 2017-08-10 | 宇龙计算机通信科技(深圳)有限公司 | Transmission path updating method, terminal and system |
| CN107278364A (en) * | 2017-05-04 | 2017-10-20 | 深圳前海达闼云端智能科技有限公司 | Node authentication method and entity authentication system |
| CN107302498A (en) * | 2017-06-21 | 2017-10-27 | 安徽大学 | The multiple domain QoS path computational methods of secret protection are supported in a kind of SDN |
| CN107426724A (en) * | 2017-08-09 | 2017-12-01 | 上海斐讯数据通信技术有限公司 | Intelligent appliance accesses the method and system and terminal and certificate server of wireless network |
| CN108737396A (en) * | 2018-05-08 | 2018-11-02 | 深圳源广安智能科技有限公司 | A kind of system for realizing that clinical data is shared, saved from damage by block chain |
| CN108806035A (en) * | 2018-05-08 | 2018-11-13 | 深圳市益鑫智能科技有限公司 | A kind of access control system based on block chain |
| CN108828979A (en) * | 2018-09-17 | 2018-11-16 | 广州市特沃能源管理有限公司 | Intelligent home control system and method based on Thread agreement |
| CN111065146A (en) * | 2019-12-19 | 2020-04-24 | 西安邮电大学 | Ad hoc network route determining method based on link quality |
| CN111431858A (en) * | 2020-02-27 | 2020-07-17 | 徐州医科大学 | Centralized safe transmission and authentication method for routing message |
| CN111918305A (en) * | 2020-07-24 | 2020-11-10 | 湖南遥昇通信技术有限公司 | Same-frequency self-organizing self-healing network method and device |
| CN114779658A (en) * | 2022-06-21 | 2022-07-22 | 深圳市桑尼奇科技有限公司 | Be applied to wifi chip of intelligent house |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447936A (en) * | 2008-12-31 | 2009-06-03 | 中山大学 | Multicast routing method based on particle swarm algorithm |
| CN101483469A (en) * | 2009-02-25 | 2009-07-15 | 南京邮电大学 | Satellite network safe routing implementing method based on mobile proxy |
| CN101854244A (en) * | 2010-06-07 | 2010-10-06 | 西安西电捷通无线网络通信股份有限公司 | Three-section type secure network architecture establishment and secret communication method and system |
| CN101895955A (en) * | 2010-04-23 | 2010-11-24 | 南京邮电大学 | Wireless multimedia sensor network-oriented multipath and multistage routing method |
-
2012
- 2012-03-20 CN CN201210074953.3A patent/CN102594706B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101447936A (en) * | 2008-12-31 | 2009-06-03 | 中山大学 | Multicast routing method based on particle swarm algorithm |
| CN101483469A (en) * | 2009-02-25 | 2009-07-15 | 南京邮电大学 | Satellite network safe routing implementing method based on mobile proxy |
| CN101895955A (en) * | 2010-04-23 | 2010-11-24 | 南京邮电大学 | Wireless multimedia sensor network-oriented multipath and multistage routing method |
| CN101854244A (en) * | 2010-06-07 | 2010-10-06 | 西安西电捷通无线网络通信股份有限公司 | Three-section type secure network architecture establishment and secret communication method and system |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970233B (en) * | 2012-11-22 | 2016-03-30 | 华为技术有限公司 | Obtain the method for route, device, equipment, concentrator and system |
| CN102970233A (en) * | 2012-11-22 | 2013-03-13 | 华为技术有限公司 | Method, apparatus and device for acquiring route, concentrator and system |
| CN103220745A (en) * | 2013-04-18 | 2013-07-24 | 上海桑锐电子科技有限公司 | Wireless network route method |
| CN103324088A (en) * | 2013-06-24 | 2013-09-25 | 哈尔滨工业大学 | Information path optimizing method based on quick response satellite |
| CN103324088B (en) * | 2013-06-24 | 2015-08-19 | 哈尔滨工业大学 | A kind of information path optimization method based on responding satellite fast |
| CN103926904A (en) * | 2014-04-25 | 2014-07-16 | 桂林电子科技大学 | Mobile Internet of Things with path optimization function and management method thereof |
| CN104468614A (en) * | 2014-12-25 | 2015-03-25 | 无锡成电科大科技发展有限公司 | Smart home Internet of Things security control system |
| WO2017133230A1 (en) * | 2016-02-03 | 2017-08-10 | 宇龙计算机通信科技(深圳)有限公司 | Transmission path updating method, terminal and system |
| US11129063B2 (en) | 2016-02-03 | 2021-09-21 | Yulong Computer Telecommunication Scientific (Shenzhen) Co., Ltd. | Method, terminal and system for updating transmission paths |
| CN107278364A (en) * | 2017-05-04 | 2017-10-20 | 深圳前海达闼云端智能科技有限公司 | Node authentication method and entity authentication system |
| CN107302498B (en) * | 2017-06-21 | 2019-08-27 | 安徽大学 | The multiple domain QoS path calculation method of secret protection is supported in a kind of SDN network |
| CN107302498A (en) * | 2017-06-21 | 2017-10-27 | 安徽大学 | The multiple domain QoS path computational methods of secret protection are supported in a kind of SDN |
| CN107426724A (en) * | 2017-08-09 | 2017-12-01 | 上海斐讯数据通信技术有限公司 | Intelligent appliance accesses the method and system and terminal and certificate server of wireless network |
| CN108806035A (en) * | 2018-05-08 | 2018-11-13 | 深圳市益鑫智能科技有限公司 | A kind of access control system based on block chain |
| CN108737396A (en) * | 2018-05-08 | 2018-11-02 | 深圳源广安智能科技有限公司 | A kind of system for realizing that clinical data is shared, saved from damage by block chain |
| CN108828979A (en) * | 2018-09-17 | 2018-11-16 | 广州市特沃能源管理有限公司 | Intelligent home control system and method based on Thread agreement |
| CN111065146A (en) * | 2019-12-19 | 2020-04-24 | 西安邮电大学 | Ad hoc network route determining method based on link quality |
| CN111431858A (en) * | 2020-02-27 | 2020-07-17 | 徐州医科大学 | Centralized safe transmission and authentication method for routing message |
| CN111431858B (en) * | 2020-02-27 | 2022-07-12 | 徐州医科大学 | Centralized safe transmission and authentication method for routing message |
| CN111918305A (en) * | 2020-07-24 | 2020-11-10 | 湖南遥昇通信技术有限公司 | Same-frequency self-organizing self-healing network method and device |
| CN111918305B (en) * | 2020-07-24 | 2023-10-03 | 湖南遥昇通信技术有限公司 | Same-frequency self-organizing self-healing network method and device |
| CN114779658A (en) * | 2022-06-21 | 2022-07-22 | 深圳市桑尼奇科技有限公司 | Be applied to wifi chip of intelligent house |
| CN114779658B (en) * | 2022-06-21 | 2022-09-06 | 深圳市桑尼奇科技有限公司 | Be applied to wifi chip of intelligent house |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102594706B (en) | 2014-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102594706B (en) | Wireless broadband secure routing method for smart home control | |
| Bae et al. | Preserving privacy and efficiency in data communication and aggregation for AMI network | |
| Zhu et al. | An opportunistic batch bundle authentication scheme for energy constrained DTNs | |
| Choudhury et al. | Implementing and improving the performance of AODV by receive reply method and securing it from Black hole attack | |
| CN101741566B (en) | Method for entity authentication based on secret sharing encryption | |
| Khatoun et al. | A reputation system for detection of black hole attack in vehicular networking | |
| Burgner et al. | Security of wireless sensor networks | |
| Haseeb et al. | Efficient and trusted autonomous vehicle routing protocol for 6G networks with computational intelligence | |
| Altisen et al. | SR3: Secure resilient reputation-based routing | |
| Li et al. | Efficient and fault‐diagnosable authentication architecture for AMI in smart grid | |
| Idrissi | How to minimize the energy consumption in mobile ad-hoc networks | |
| Narayana et al. | Priority based trust efficient routing using ant colony optimization for IoT-based mobile wireless mesh networks | |
| Rajipriyadharshini et al. | Vampire attacks deploying resources in wireless sensor networks | |
| Vinya et al. | An energy efficient multicast route establishment using AODV with PSO algorithm and RSA for secured transmission | |
| Vijayalakshmi et al. | Hierarchical key management scheme using hyper elliptic curve cryptography in wireless sensor networks | |
| Tamilarasi et al. | Secure enhancement scheme for detecting selfish nodes in MANET | |
| Chandravanshi et al. | Minimization of routing overhead on the bases of multipath and destination distance estimation mechanism under MANET | |
| Padiya et al. | A System for MANET to detect selfish nodes using NS2 | |
| Halle et al. | SRAMI: secure and reliable advanced metering infrastructure protocol for smart grid | |
| Shial et al. | Finding a trusted and shortest path mechanism of routing protocol for mobile ad hoc network | |
| Altisen et al. | SR3: secure resilient reputation-based routing | |
| Hamamreh et al. | RAD: reinforcement authentication DYMO protocol for MANET | |
| Wang et al. | An authentication key agreement scheme for heterogeneous sensor network based on improved counting bloom filter | |
| Barki et al. | Comparative study of MPR selection algorithms based on Statistical Model Checking | |
| Ramalingam et al. | Trust based cluster head selection algorithm for wireless sensor network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160607 Address after: 239000 Anhui Province, Chuzhou city Nanjing Road No. 199 hi tech science park Patentee after: Hengtian Technology (Chuzhou) Co. Ltd. Address before: Yuen Road Qixia District of Nanjing City, Jiangsu Province, No. 9 210046 Patentee before: Nanjing Post & Telecommunication Univ. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141022 Termination date: 20170320 |