CN104038936B - A kind of key management method in layering wireless sensor network - Google Patents
A kind of key management method in layering wireless sensor network Download PDFInfo
- Publication number
- CN104038936B CN104038936B CN201410246037.2A CN201410246037A CN104038936B CN 104038936 B CN104038936 B CN 104038936B CN 201410246037 A CN201410246037 A CN 201410246037A CN 104038936 B CN104038936 B CN 104038936B
- Authority
- CN
- China
- Prior art keywords
- node
- cluster
- key
- cluster head
- base station
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000007726 management method Methods 0.000 title claims abstract description 15
- 241000854291 Dianthus carthusianorum Species 0.000 claims abstract description 52
- 230000006870 function Effects 0.000 claims description 7
- 238000010276 construction Methods 0.000 claims description 5
- 238000013507 mapping Methods 0.000 claims description 5
- 238000000034 method Methods 0.000 claims description 4
- 230000006854 communication Effects 0.000 abstract description 14
- 238000004891 communication Methods 0.000 abstract description 12
- 206010033799 Paralysis Diseases 0.000 abstract description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 239000003344 environmental pollutant Substances 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 231100000719 pollutant Toxicity 0.000 description 1
- 238000006116 polymerization reaction Methods 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses the key management method in a kind of layering wireless sensor network, supports neatly to add new node and expands whole network.Sub-clustering management is carried out to whole network, when new node is added, cluster head is new node safely distribution system parameter and node private key, and communication is using Identity based encryption decipherment algorithm in cluster.Each cluster head is respectively provided with the function of private key generator, solves in the key distribution scheme of traditional identity-based, unique PKG be captured and make whole network paralyse problem.The invention enables more new key is consumed, and resource is few, renewal speed fast, the security of whole network is improve.
Description
Technical field
The present invention relates to Key Management Scheme in Wireless Sensor Networks, belongs to technical field of network security.
Background technology
Wireless sensor network (Wireless Sensor Network, WSN) is by being deployed in detection zone in a large number
Micro wireless sensor node is constituted.Each node has wireless communication ability, data perception ability and data-handling capacity,
The collaborative work each other in the way of self-organizing or multi-hop, can monitor in real time and gather the thing in network distribution region
Reason or ambient information, such as temperature, sound, vibration, pressure, motion or pollutant etc., and will be received by sensor node
The information for collecting is sent to network ownership.
The essential characteristic of wireless senser is huge interstitial content, radio communication and topological self-organizing, because its deployment ring
Mostly in the wild, the position of deployment, environmental condition are wayward, are compared to traditional wireless network, wireless sensor network in border
Network faces more security threats, such as:Physical node destruction, block attacks, channel eavesdropping, resource exhaustion are attacked, collide and attack
Hit, Denial of Service attack etc..Additionally, node computing capability is little, weak communication capacity and be also wireless the features such as the limited energy content of battery
The problem that can not ignore in sensor network.
The session key carried out by neighbor node cooperation in wireless sensor network generates scheme, when key needs to update
When, there is a problem of that expense is larger and isolated node.In Key predistribution scheme, after Key predistribution cannot ensure network design
There can be shared key between arbitrary neighborhood node.In the communication of large-scale dynamic network, continually changing member causes key updating
Expense is very big, it is desirable to which key efficiently can be changed rapidly, and effective key management mechanism is other security mechanisms (safe road
By, secure localization, data safety polymerization, energy management, topology control etc.) basis of solution and sound assurance.
The content of the invention
Goal of the invention:The present invention be directed between node, the time difference of depleted of energy is big, trunk node is withered away comparatively fast with
And the wheel cluster head group key management method that the not high problem of wireless sensor network interior joint connected ratio is proposed, for solving biography
The problem of sensor power supply energy and limited storage space.
Technical scheme:A kind of key management method in layering wireless sensor network, comprises the steps:
1) on-premise network environment, including initial private key and initial system parameters;
2) sensor node is disposed centered on base station, base station is selected uniformly at N number of cluster head CH according to location distribution;
3) base station generates N number of random number K as the master key of every cluster, is distributed to each leader cluster node and is stored in base station
In, each general sensor nodes is to cluster head enrollment status IDi;
4) each cluster head selects random number s as private key generator PKGCH∈Zq *As the master key of cluster, to cluster internal segment
Point issues new PCH, its expression formula is PCH=sCHP;
5) leader cluster node chooses random number σ, calculatesConstruction polynomial function
Wherein e be natural constant, e=2.718, giIt is the mapping value of each node public key;
6) base station is provided by cluster head group key K and new main common value PCH, member in cluster is broadcast to, cluster interior nodes are received
After the broadcast of cluster head, using step 5) g that calculatesiDecryption obtains group key K, is calculated new
7) information that ordinary node is collected with the cluster head public key encryption of this cluster, enters together with identity of the sender group key K
Row encryption, is sent to adjacent node, is broadcast directly to cluster head apart from the near node of cluster head;For the node apart from cluster head farther out,
Relayed between node;
8) when Cycle-switching Cluster-head or a wheel information are finished, group key K and P will be updatedCH, reconfigure multinomialIt is broadcast to member in cluster.
The step 1) it is specially:Before node deployment, what base station generation was random is defined on finite field FpOn ellipse
Curve E, selects the point P on elliptic curve E, is leader cluster node and the preset identical initial system parameters of ordinary nodeWherein q be Big prime, G1,G2For q ranks subgroup, bilinear mapG1×G1
→G2, P is G1Generation unit, n, r are constant, and n represents hash length, and r is used for the calculating of public key mapping value, H1、H2Be two not
Same hash functions, H1:{0,1}*→G1 *, H2:G2→{0,1}n, PpubThe initial master key of=sP, wherein s for whole network,
Node public keyNode private key
Beneficial effect:Key management method in layering wireless sensor network proposed by the present invention, wherein wireless sensing
Device network includes base station, leader cluster node, ordinary node, and each node has unique identity IDi.Each sensor node
In all preset system parameter and private key.Due to the energy that cluster head and ordinary node are consumed it is different, in order to extend wireless senser
The life span of network, using wheel cluster head system and the method for group key.The present invention is the base in layer-stepping wireless sensor network
In the group key construction method that the AES of identity is proposed, whole network communication is using Identity based encryption algorithm
(Identity-Based Encryption, IBE), each cluster head carry out the function of PKG, and whole network is carried out sub-clustering management, kept away
Exempt from the key distribution scheme of traditional identity-based, the situation for making whole network paralyse because single PKG is captured;Energy
The quick renewal of group key is realized enough, multinomial F (g) of construction can be continually changing, it is ensured that the forward and backward of node communication
Security;Group key causes the cost that non-constitutive person cracks group key to become big, removing from, one
Determine in degree, to reduce storage and communication overhead.The invention enables more new key is consumed, and resource is few, renewal speed fast, improve whole
The security of individual network.
Description of the drawings
Fig. 1 is present invention layering wireless sensor network disposition figure;
Fig. 2 is the schematic flow sheet of the present invention;
Fig. 3 is the parameter distribution procedure schematic diagram of the present invention;
Fig. 4 is communication process schematic diagram in the cluster of the present invention.
Specific embodiment
As shown in figure 1, the wireless sensor network model that the present invention is adopted, including base station, leader cluster node and ordinary node,
Base station is the center of the whole network, and each leader cluster node and ordinary node have unique identity IDi.All ordinary nodes are collected
To leader cluster node, the information in adjacent area has very big correlation to converging information, and leader cluster node needs to melt message
Close, be sent to base station.The information of all nodes is grasped in base station, and acquiescence is safe, capture will not be subject to attack, i.e. base station stored
Security information will not be compromised.By random placement in monitored area, ordinary node is unable to resistance against physical capture, capture to all nodes
All information will be exposed afterwards, but will not destroy the cleartext information of other node transmission, and the preset all information of node are all
It is not modifiable.
As shown in Fig. 2 the key management method in layering wireless sensor network is comprised the following steps that:
1st, initialize
What before node deployment, base station generation was random is defined on finite field FpOn elliptic curve E, select elliptic curve E
On point P, be leader cluster node and the preset identical initial system parameters of ordinary node
Wherein q be Big prime, G1、G2For q ranks subgroup, P is G1Generation unit, bilinear mapG1×G1→G2, n is integer, is represented
The length of hash computings, r are integer, for calculating public key mapping value, H1、H2It is two different hash functions, H1:{0,1}*
→G1 *, H2:G2→{0,1}n, Ppub=sP, wherein s are the master key that base station is selected.Then base station calculates the public key of all nodes
And private key, and be stored in the node, node public key isNode private key is
2nd, sub-clustering
Default base station is deployed in regional center position, and all nodes are randomly deployed in detection zone, according to geographical position
N number of leader cluster node is selected uniformly.Base station generates N number of random number K1,K2,…,KNAs the group key of every cluster, each is distributed to
Leader cluster node is simultaneously stored in station list, and after selecting cluster head, cluster head is to base station login identity CHi, CH represents cluster head
(Cluster Header, CH), and the cluster head identity of oneself is broadcasted to adjacent node, adjacent node receives backward cluster head registration body
Part IDi.Then each cluster head chooses random number s as temporary private maker (Private Key Generator, PKG)CH,
sCH∈Zq *, calculate PCH=sCHP, and new leader cluster node public key QCH=H1(IDCH)∈G1, private key SCH=sCHQCH。
3rd, parameter distribution
This step realizes cluster head by group key K and PCHOrdinary node is distributed to, as shown in Figure 3.Cluster head chooses random number σ, right
Calculate in each nodeCount out for cluster internal segment.Construction polynomial functionWherein e=2.718 is natural constant.Cluster head first generates ciphertext
Then ciphertext C is broadcast to into cluster interior nodes.Cluster interior nodes receive the broadcast C=(U | | V | | F (g)) of cluster head and perform following step afterwards
Suddenly:
The first step, calculates
Second step, according to giCalculate
3rd step, calculates
4th, communication in cluster
In stage of communication, the data that ordinary node is collected pass to cluster head by way of multi-hop, communication process such as Fig. 4 in cluster
It is shown.
The first step, ordinary node produce random number t, calculate For the public key of cluster head j.
Use group key KjData m that encryption is collected are sent to adjacent node, i.e.,Distance
The near node of cluster head is broadcast directly to cluster head, apart from cluster head node farther out, needs the letter that will be collected is relayed between node
Breath passes to cluster head.
Second step, cluster head are receivedGroup key K is used firstjDecryption C, then verifies sender's
Whether identity M is the legal cluster member in list of identities.
3rd step, after being verified, cluster head is calculated with its current secret keyAnd then obtain in plain text
The correctness proof of formula is as follows: So
5th, group key management
To prevent in information process is collected, some hostile nodes obtain current group key, pretend to be in cluster member receive message and
Do not forward, so needing to regularly replace group key.Generate new random number σ ' and new group key K ', rebuild multinomialZ is newest interstitial content, to each node broadcasts
Cluster interior nodes obtain new group key according to the operation in step 3.
6th, add new node
, before sensor network is added, preset initial system parameters π is corresponding with initial system parameters for new ordinary node
Private keyNew node must register identity, the energy information of oneself to cluster head, and cluster head is by identity ID of new nodeiIt is sent to base
Stand, whether the node that base station authentication is newly added in base station identity list is proved to be successful.Cluster head
According to the mode of step 3 by group key K and PCHPCHIt is distributed to ordinary node.
It is in the present invention during wireless sensor network deletion of node, separate between node, by the node in cluster head
Identity registration is deleted, and does not affect the running between other nodes, but in order to communication backward security should as early as possible renewal group it is close
Key.The present invention is supported neatly to add new node and expands whole network.Sub-clustering management is carried out to whole network, when new node plus
Fashionable, cluster head is new node safely distribution system parameter and node private key, and communication in cluster is decrypted using Identity based encryption
Algorithm.Each cluster head is respectively provided with the function of private key generator, solves in the key distribution scheme of traditional identity-based, uniquely
PKG be captured and make whole network paralyse problem.The invention enables more new key is consumed, and resource is few, renewal speed fast, improve
The security of whole network.
Claims (1)
1. it is a kind of layering wireless sensor network in key management method, it is characterised in that whole network is made up of some clusters,
Each cluster head performs the function of private key generator PKG, and detailed process comprises the steps:
1) on-premise network environment, including initial private key and initial system parameters;The step 1) it is specially:Node deployment it
Before, what base station generation was random is defined on finite field FpOn elliptic curve E, select elliptic curve E on point P, be leader cluster node
With the preset identical initial system parameters of ordinary nodeWherein q is Big prime,
G1,G2For q ranks subgroup, bilinear mapG1×G1→G2, P is G1Generation unit, n, r are constant, and n represents hash length, and r is used
In the calculating of public key mapping value, H1、H2It is two different hash functions, H1:{0,1}*→G1 *, H2:G2→{0,1}n, Ppub=
The initial master key of sP, wherein s for whole network, node public keyNode private key
2) sensor node is disposed centered on base station, base station is selected uniformly at N number of cluster head CH according to location distribution;
3) base station generates N number of random number K as the group key of every cluster, is distributed to each leader cluster node and preserves in a base station, often
Individual general sensor nodes are to cluster head enrollment status IDi;
4) each cluster head selects random number s as private key generator PKGCH∈Zq *As the master key of cluster, the ordinary node into cluster
Issue new main common value PCH, its expression formula is PCH=sCHP;
5) cluster head ordinary node chooses random number σ, calculatesConstruction polynomial functionWherein e be natural constant, e=2.718, giIt is the mapping value of each node public key;
6) base station is provided by cluster head group key K and new main common value PCH, ordinary node in cluster is broadcast to, in cluster, ordinary node is received
After the broadcast of cluster head, using step 5) g that calculatesiDecryption obtains group key K, is calculated new
7) information that ordinary node is collected with the cluster head public key encryption of this cluster in cluster, enters together with identity of the sender group key K
Row encryption, is sent to adjacent node, is broadcast directly to cluster head apart from the near node of cluster head;For the node apart from cluster head farther out,
Relayed between node;
8) when Cycle-switching Cluster-head or a wheel information are finished, update group key K and main common value PCH, reconfigure multinomialIt is broadcast to ordinary node in cluster.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410246037.2A CN104038936B (en) | 2014-06-04 | 2014-06-04 | A kind of key management method in layering wireless sensor network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410246037.2A CN104038936B (en) | 2014-06-04 | 2014-06-04 | A kind of key management method in layering wireless sensor network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104038936A CN104038936A (en) | 2014-09-10 |
| CN104038936B true CN104038936B (en) | 2017-04-05 |
Family
ID=51469494
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410246037.2A Expired - Fee Related CN104038936B (en) | 2014-06-04 | 2014-06-04 | A kind of key management method in layering wireless sensor network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104038936B (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104486760B (en) * | 2015-01-19 | 2018-02-23 | 南京大学 | Ad hoc group key establishing methods based on template |
| CN104618904B (en) * | 2015-01-29 | 2018-02-09 | 南京三宝科技股份有限公司 | A kind of packet-based wireless sensor network key distribution method |
| CN105376213B (en) * | 2015-08-04 | 2019-04-23 | 电子科技大学 | A kind of broadcast encryption method of identity-based |
| CN105049449B (en) * | 2015-08-24 | 2018-04-06 | 成都卫士通信息产业股份有限公司 | Wireless sensor network cluster interior nodes safety communicating method based on cipher key technique |
| CN106131829B (en) * | 2016-07-18 | 2019-03-05 | 黑龙江大学 | Modified method for distributing key in a kind of large size layer-stepping wireless sensor network |
| CN106993287B (en) * | 2017-05-23 | 2020-04-07 | 黑龙江大学 | Pre-distributed key management method for heterogeneous wireless sensor network |
| EP3628114A4 (en) | 2017-07-06 | 2020-09-30 | Beijing Didi Infinity Technology and Development Co., Ltd. | Systems and methods for data transmission |
| CN111541538B (en) * | 2017-07-06 | 2022-10-28 | 北京嘀嘀无限科技发展有限公司 | Data transmission method and device, server, computer equipment and storage medium |
| CN107682149A (en) * | 2017-10-25 | 2018-02-09 | 重庆邮电大学 | A kind of method of the vehicular ad hoc network secret protection close based on label |
| CN111193590B (en) * | 2019-12-31 | 2023-07-18 | 华测电子认证有限责任公司 | Key authorization method for supporting node dynamic change of alliance chain |
| CN111491270B (en) * | 2020-04-08 | 2022-02-01 | 四川轻化工大学 | Layer cluster type wireless sensor network global key management method |
| CN114390517B (en) * | 2022-01-04 | 2024-05-24 | 烽火通信科技股份有限公司 | Wi-sun network-based access encryption verification method and device and electronic equipment |
| CN114679723B (en) * | 2022-03-16 | 2024-04-26 | 国网江苏省电力有限公司电力科学研究院 | Perception layer key management method and device based on credibility |
| CN115665733A (en) * | 2022-10-27 | 2023-01-31 | 中赣通信(集团)有限公司 | Supervision method for security of multi-attribute community wireless network |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102186170A (en) * | 2010-11-24 | 2011-09-14 | 北京天融信科技有限公司 | Method and device for managing secret keys in wireless sensor network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070147620A1 (en) * | 2005-12-28 | 2007-06-28 | Heyun Zheng | Method for encryption key management for use in a wireless mesh network |
-
2014
- 2014-06-04 CN CN201410246037.2A patent/CN104038936B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102186170A (en) * | 2010-11-24 | 2011-09-14 | 北京天融信科技有限公司 | Method and device for managing secret keys in wireless sensor network |
Non-Patent Citations (2)
| Title |
|---|
| KEY MANAGEMENT SCHEME BASED ON IDENTITY AND DUAL CLUSTER HEADS FOR WSN;Yi Liu et al;《Information and Network Security (ICINS 2013),2013 International Conference on》;20131124;全文 * |
| 基于分簇无线传感器网络密钥预分配管理方案研究;肖维民等;《电脑知识与技术》;20110630;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104038936A (en) | 2014-09-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104038936B (en) | A kind of key management method in layering wireless sensor network | |
| Cao et al. | Ghost-in-zigbee: Energy depletion attack on zigbee-based wireless networks | |
| Yu et al. | FDAC: Toward fine-grained distributed data access control in wireless sensor networks | |
| Zhou et al. | Securing wireless sensor networks: a survey | |
| CN112565230B (en) | Software-defined Internet of things network topology data transmission safety management method and system | |
| CN102098318B (en) | Method for performing end-to-end anonymity safety communication of hop network | |
| CN103929744B (en) | A kind of key management method of wireless sensor network | |
| CN102123392B (en) | Secret key management method for distributed wireless sensor network | |
| CN102123393B (en) | Secret key management method for distributed wireless sensor network based on one-way function | |
| CN104244236B (en) | A kind of data fusion method of certifiable confidentiality and integrity | |
| Gomathi et al. | An enhanced distributed weighted clustering routing protocol for key management | |
| Gautam et al. | A comparative study of recently proposed key management schemes in wireless sensor network | |
| Gharib et al. | Expert key selection impact on the MANETs' performance using probabilistic key management algorithm | |
| Kodali | Key management technique for WSNs | |
| Kifayat et al. | Group based secure communication for large-scale wireless sensor networks | |
| KR101507572B1 (en) | ID-Based Key Authentication Method for Security of Sensor Data Communications | |
| Singh et al. | Hierarchical group key management using threshold cryptography in wireless sensor networks | |
| Gupta et al. | A confidentiality scheme for energy efficient leach protocol using homomorphic encryption | |
| Boubakri et al. | A chaos-based authentication and key management scheme for M2M communication | |
| Hayouni et al. | Energy efficient key menagement scheme for clustered hierarchical wireless sensor networks | |
| CN105163311A (en) | Cluster head node authentication method of wireless sensor network | |
| Saravanan et al. | Location privacy protection for secure multicasting in MANET | |
| Grumăzescu et al. | Hybrid distributed-hierarchical identity based cryptographic scheme for wireless sensor networks | |
| Liang et al. | An improved identity-based secure mobile ad-hoc network routing protocol | |
| CN104735655A (en) | Industrial wireless network key management method based on MAC one-way hash function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170405 |