Based on the wireless sensor network security method for routing of IPv6 addressing
Technical field
The invention belongs to the crossing domain of information security and IPv6 technology, be specifically related to a kind of data security communication issue of the sensor node supporting IPv6 to address.
Background technology
Wireless sensor network (Wireless Sensor Networks, WSN) is field that receive much concern now, multi-crossed disciplines, and the every aspect in following human lives is indispensable by playing a part, and has promoted the process of modernized society.Along with the develop rapidly of wireless communication technology and the expansion in wireless application field, wireless sensor network day by day becomes one of focus of internet arena research.IPv6 is the emphasis of next generation network development, and IPv6 is introduced wireless sensor network, is an important directions of wireless sensor network development.Wireless sensor network based on IPv6 not only can realize interconnecting of itself and Internet, can also become the Killer application of IPv6, and then carry forward vigorously the development of IPv6.Along with Internet of Things and wireless sense network application increasingly mature and universal, the privacy information more and more relating to individual or company needs to be transmitted by wireless sensor network, mobile node attack pattern for wireless sensor network is more and more diversified, and scale is also increasing.
The existing mobile node of wireless sensor network has very large security breaches.Assailant by the IP address binding of the local address of legal mobile node and assailant, thus can make the node that sending node originally sends to the data flow assailant of legitimate node to expect.Due to the mobility of wireless sensor network, when adding new node in network, the local ip address of oneself can be sent to the both sides of transmission data by assailant as Sink node address, the intermediate address of communicating pair all using assailant as communication, assailant is successfully stolen both data.Assailant also can first He one very large server of flow (as image server) connect, then the destination address that server sends is set to the node address needing to attack, due to not empirical tests, what server can think just initiation session is present destination address, and a large amount of unaffordable data of this node are sent to node, thus cause node denial of service.
Routing Protocol in WSN is the main target of network attack, and its fail safe aspect exists a lot of problem.Typical Routing Security mainly contains that data are illegally accessed in transmitting procedure, unwarranted user gets involved that the data that wireless network, wireless channel transmit are illegally modified etc. in 3.The method addressed these problems mainly contains: encryption, ensures not have the user of key cannot reduction treatment information; Authentication, ensures do not have disabled user to use network; Data integrity verifying, ensures that the data that wireless channel transmits were not illegally modified.User can not accept and dispose the sensing network that is not resolved safety and privacy concern, therefore when carrying out WSN agreement and Software for Design, the safety problem that WSN may face must be taken into full account, and safety precaution and testing mechanism are integrated in system go.Only in this way, the extensive use of sensor network could be promoted, otherwise sensor network can only be deployed in limited, controlled environment, the final goal of this and transducer---realize generality calculates and become people live in important component part run counter to.
Summary of the invention
In wireless sensor network, the actual demand carrying out safe transmission is needed for data, the present invention proposes a kind of safety routing method based on IP addressing, include the rule that node adds and leaves network, and utilize in the clean culture and multicast process of packet packet is encrypted and the means of certification to realize the fail safe of route.
Wireless sensor network node in the present invention has following functions:
1. support IPV6 protocol stack and 6LowPAN system;
2. possess data acquisition and wireless communication module, safe enciphering and deciphering algorithm can be supported.
Concrete scheme of the present invention is as follows: a kind of wireless sensor network security method for routing based on IPv6 addressing, is characterized in that,
The overall route prefix 96bit position of Sink node is by manual allocation, and its residue 32bit position is ID position, is entirely set to 0; The overall route prefix of all the other nodes is identical with Sink node, and carry out IP addresses to residue 32bit position ID: Sink node has 0 ~ 15 child node, the front 1-4bit position of child node IP address network number is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each child node has again 0 ~ 15 two level of child nodes, and the front 1-4bit position of the IP address network of two level of child nodes number is identical with its father node, and 5-8bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each two level of child nodes have 0 ~ 15 three level of child nodes, and the front 1-8bit position of the IP address network of three level of child nodes number is identical with its father node, and 9-12bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each three level of child nodes have 0 ~ 15 four level of child nodes, and the front 1-12bit position of the IP address network of four level of child nodes number is identical with its father node, and 13-16bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each four level of child nodes have 0 ~ 15 five level of child nodes, and front 1 ~ 16bit position of the IP address network of five level of child nodes number is identical with its father node, and 17-20bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each five level of child nodes have 0 ~ 15 six level of child nodes, and front 1 ~ 20bit position of the IP address network of six level of child nodes number is identical with its father node, and 21-24bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each six level of child nodes have 0 ~ 15 seven level of child nodes, and front 1 ~ 24bit position of the IP address network of seven level of child nodes number is identical with its father node, and 25-28bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0; Each seven level of child nodes have 0 ~ 15 eight level of child nodes, and front 1 ~ 28bit position of the IP address network of eight level of child nodes number is identical with its father node, and 29-32bit position is respectively hexadecimal 1 ~ F, and all the other bit positions are 0;
Node based on above-mentioned addressing method adds network and leaves the process of network;
Based on clean culture and the multicast procedures of above-mentioned addressing method.
The concrete steps that node adds network are:
S11, node A towards periphery node broadcasts add message;
After Node B in S12, broadcasting area receives and adds message, check that whether oneself can receive child node, if passable, then returns response message, its Payload message is preassignment IP address and physical location;
If S13 node A does not receive any message, then continue broadcast; After A receives response message, according to the number of plies of preassignment IP address computation responsive node, the node selecting the number of plies minimum as the father node C of oneself, and sends acknowledge message to it;
After S14, father node C receive the acknowledge message of A, using the child node of node A as oneself, and mark is carried out in the corresponding bits position of Address Control Field avoid duplicate allocation, reply simultaneously and add success message, Payload message is the IP address of node A;
After S15, node A receive and add success message, IP address is arranged to the value that node C distributes.
The concrete steps that node leaves network are:
S21, send leave group message for the node A leaving network to its father node;
If S22 A is leaf node, then enter sleep state, father node discharges space shared by node A and IP address after receiving leave group message;
If A is not leaf node, then the IP address of oneself, the descendant nodes number of plies, directly the physical coordinates information of child node E are broadcasted to non-descendant nodes, Node B calculates the distance of oneself and E after receiving broadcast message, if in communication range, then see and whether meet the following conditions: (1) oneself child node less than, (2) number of plies can carried is more than or equal to the child node number of plies of E, if meet this two conditions, direct child node E, B that then Node B claims A send to node A by the direct child node E claimed with to the preallocated IP address of E;
After S23, node A receive multiple reclaim message, calculate and claim the number of plies of all nodes of node E, the node G selecting the number of plies minimum as the new father node of E, and to the IP address that node E sending node G distributes to E;
After S24, node E receive the message of node A, send acknowledge message to node G;
After S25, node G receive acknowledge message, node E is added the child node of oneself, and indicate corresponding bits position, return confirmation, Payload message is the formal IP address of node E;
After S26, node E receive message, send the IP address of oneself new father node to its descendant nodes, change IP address voluntarily by the descendant nodes of oneself;
S27, repetition S22 ~ S26, node A are that each the direct child node of oneself selects new father node;
S28, for node A not by the direct child node F claimed, then notify child node F disconnect network, rejoin network voluntarily.
In order to describe problem better, the symbol be defined as follows carrys out the logical relation between description node:
Certain node is represented with x;
Set { x...}: the set representing a series of node;
CD (x): the set of the direct child node of a certain node;
CS (x): the set of the descendant nodes of a certain node,
FH (x...): the common ancestor that the number of plies of a certain number of Node is minimum;
FD (x): the father node of a certain node;
FS (x): the set of the ancestor node of certain node;
NB (x...}): the element number of a certain node set;
AD (IP address): the node determined by a certain IP address;
LN (x): a certain node IP address non-zero bit position is divided by 4;
"-" represents set difference operation.
The process of clean culture is specially:
S31, suppose node S need to node D send information, execution algorithm Send (S, D), so
(1) if node S, D are set memberships, then message propagation is carried out by directly performing Send (S, D);
(2) if D ∈ CS (S), namely D is the descendant nodes of S but is not direct child node, then recurrence performs Send (S, FS (D) ∩ CD (S)), Send (FS (D) ∩ CD (S), D), recurrence S=FS (D) ∩ CD in season (S) is until till in Send (FS (D) ∩ CD (S), D), FS (D) ∩ CD (S) and D is set membership next time;
(3) if D ∈ FS (S)-FD (S), then recurrence performs Send (S, FD (S)), Send (FD (S), D), recurrence S=FD in season (S) is until till in Send (FD (S), D), FD (S) and D is set membership next time;
(4) if node D and S does not have ancestors and descendants's relation, then calculate X=FH (S, D), Y=CD (X) and meet D ∈ CS (Y), recurrence performs Send (X, Y), Send (Y, D), next time recurrence X=CD in season (X), Y=CD (X) and meet D ∈ CS (Y) until Y and D met in X and Y or Send (Y, D) is set membership; Obviously have X ∈ FS (S), now again according to the method for (1) or (3) until find the father node of S;
S32, key managing project when setting up session, node S and node D has a pair session key Key, for confidential corespondence and the identity of certification both sides;
S33, node S produce random number r, and record current time stamp T, node S calculates Cipher=E (Message||r, and MAC=hash (Message||r||T) Key), wherein Message is the clear-text message that S will send, Cipher is the ciphertext after session key, and MAC is authorization of messages code;
Cipher||MAC||T is sent to node D by single-hop or multi-hop by S34, node S;
S35, node D are decrypted computing D (Cipher, Key), obtain (Message, r); Whether node D compares MAC equal with hash (Message||r||T), if equal and time stamp T effectively, receives, otherwise abandons.
The process of multicast is specially:
S41, suppose node S need to node set D...} sends information, execution algorithm Send (S, { D...}), and step is as follows:
(1) for node set { D1...}={D...} ∩ CD (S) & & { D...} ∩ FD (S), { in D1...} set, each element is the direct child node of S or direct father node, S will perform n (n=NB ({ D1...})) single-hop transmission of secondary Send (S, D1);
(2) for node set { D2...}={D...} ∩ CS (S)-CD (S), consider each element Z in CD (S), if CS (Z) ∩ is { D2...} ≠ Φ, then recurrence performs Send (Z, CD (Z)), recurrence Z=CD in season (Z) is until the Two Variables in all Send (Z, CD (Z)) function is set membership next time;
(3) for node set { D3...}={D...} ∩ FS (S)-FD (S), recurrence performs Send (S, FD (S)), Send (FD (S), D3...}), next time recurrence S=FD in season (S) until all Send in (FD (S), { D3...}) FD (S) and D3 be set membership;
(4) for not belonging to above-mentioned any one situation
namely node D4 and S does not have ancestors and descendants's relation, calculate X=FH (S, D4), Y=CD (X) and meet D4 ∈ CS (Y), recurrence performs Send (X, Y), Send (Y, D4), next time recurrence X=CD in season (X), Y=CD (X) and meet D4 ∈ CS (Y) until Y and D4 met in X and Y or Send (Y, D4) is set membership terminate recurrence; Obviously X ∈ FS (S) is had, now basis again
(1) or the method for (3) until find the father node of S, set up the route between S and D4;
S42, key managing project when setting up session, { each node in D...} has a pair session key Key, for confidential corespondence and the identity of certification both sides for node S and set;
S43, node S produce random number r, and record current time stamp T, node S calculates Cipher=E (Message||r, and MAC=hash (Message||r||T) Key), wherein Message is the clear-text message that S will send, Cipher is the ciphertext after session key, and MAC is authorization of messages code;
Cipher||MAC||T is sent to set { each node in D...} by single-hop or multi-hop multicast by S44, node S;
{ node in D...} carries out decrypt operation D (Cipher, Key) after receiving message Cipher||MAC||T, obtains (Message, r) for S45, set; Relatively whether MAC is equal with hash (Message||r||T), if equal and time stamp T effectively, receives, otherwise abandons.
The present invention has higher fail safe and lower energy consumption:
Although 1, the existing wireless sense network route agreement based on IPv6 supports IP Data Packet Encryption, mostly do not consider distributed key management and authentication mechanism, to Replay Attack, capture attack anti-shot ability poor.The Security routing scheme of Patent design of the present invention meets confidentiality, authenticity, integrality, freshness, availability and robustness required for network security.
2, the place that the Routing Protocol of existing most support IPv6 is similar to traditional routing is that intra-node needs preserve and safeguard a routing table, comprise establishment and the renewal of routing table, when network node reaches certain scale, routing table enormous amount can be caused, increase storage overhead.And the IP addressing of patent of the present invention can take into full account topology of networks, its important information such as descendant nodes, father node can be judged simply according to object IP address value, and be easy to realize, thus memory space can be saved better.
Accompanying drawing explanation
Fig. 1 is tree topology figure;
Fig. 2 is unicast topologies figure;
Fig. 3 is multicast topology figure.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
As shown in Figure 1, the overall situation route prefix 96bit position, IP address of access Sink node (i.e. gateway or base station root node) is manual allocation to the network topology structure that the present invention uses, and the ID position of residue 32bit is full 0; The route prefix of all the other nodes is identical with Sink node, only need study its remaining 32bitID position.Sink node has at most 15 child nodes, first four of the IP address network of child node number is 1 of 16 systems to F respectively, all the other positions are 0, namely the IP address of root node first child node is 1000:0000, the IP address of the 2nd child node is 2000:0000, the rest may be inferred, and the IP address of last child node is F000:0000.The IP address of the child node of following consideration two level of child nodes and child node, for root node first child node, its IP address is 1000:0000, it has equally at most 15 child nodes, the IP address of its child node designs by the basis of oneself father node IP address, specifically the constant indirect assignment of the nonzero digit of father node IP address gives the child node of oneself, child node arrives F at front 4 addition sequences according to oneself of remaining network number successively assignment 1, all the other positions are 0, namely the IP address of first child node of first child node of Sink root node is 1100:0000, the IP address of second child node is 1200:0000, the like, the IP address of last child node is 1F00:0000.That is, more than the nonzero digit of father node four of the nonzero digit of child node, and the n position nonzero digit of father node is the same with the front n position of child node.
The advantage of such allocative decision knows that the IP address of its father node just directly can be known in the IP address of child node, and for example, the IP address of a child node is 3F3D:4300, and so the IP address of its father node is exactly 3F3D:4000.Another advantage knows that the number of plies at this node place just can be known in the IP address of a node, for example, the setting Sink node place number of plies is the 0th layer, the IP address of a node is 23A0:0000, so it is just in third layer: the IP address of a node is 1F34:9840, and so it is just in layer 7.
The step that node adds network is:
S11, node A towards periphery node broadcasts add message;
After Node B in S12, broadcasting area receives and adds message, check that whether oneself can receive child node, if passable, then returns response message, its Payload message is preassignment IP address and physical location;
If S13 node A does not receive any message, then continue broadcast; After A receives response message, according to the number of plies of preassignment IP address computation responsive node, the node selecting the number of plies minimum as the father node C of oneself, and sends acknowledge message to it;
After S14, father node C receive the acknowledge message of A, using the child node of node A as oneself, and mark is carried out in the corresponding bits position of Address Control Field avoid duplicate allocation, reply simultaneously and add success message, Payload message is the IP address of node A;
After S15, node A receive and add success message, IP address is arranged to the value that node C distributes.
The step that node leaves network is:
S21, send leave group message for the node A leaving network to its father node;
If S22 A is leaf node, then enter sleep state, father node discharges space shared by node A and IP address after receiving leave group message;
If A is not leaf node, then the IP address of oneself, the descendant nodes number of plies, directly the physical coordinates information of child node E are broadcasted to non-descendant nodes, Node B calculates the distance of oneself and E after receiving broadcast message, if in communication range, then see and whether meet the following conditions: (1) oneself child node less than, (2) number of plies can carried is more than or equal to the child node number of plies of E, if meet this two conditions, direct child node E, B that then Node B claims A send to node A by the direct child node E claimed with to the preallocated IP address of E;
After S23, node A receive multiple reclaim message, calculate and claim the number of plies of all nodes of node E, the node G selecting the number of plies minimum as the new father node of E, and to the IP address that node E sending node G distributes to E;
After S24, node E receive the message of node A, send acknowledge message to node G;
After S25, node G receive acknowledge message, node E is added the child node of oneself, and indicate corresponding bits position, return confirmation, Payload message is the formal IP address of node E;
After S26, node E receive message, send the IP address of oneself new father node to its descendant nodes, change IP address voluntarily by the descendant nodes of oneself;
S27, repetition S22 ~ S26, node A are that each the direct child node of oneself selects new father node;
S28, for node A not by the direct child node F claimed, then notify child node F disconnect network, rejoin network voluntarily.
The design principle of the Security routing of message propagation (clean culture and multicast) is:
(1) message can only be propagated between the node of set membership, can not brother or other relations node in propagate;
(2), in the communication process of message from source node to destination node, ensure that jumping figure is minimum;
(3), in the communication process of identical message from source node to destination node, can not turn back.
Can logical relation soon between decision node by the IP address of node.ID due to IP address is 32bit, therefore it is divided into 8 groups, often organizes 4bit, so have:
(1) if No. ID of the IP address of node A and Node B, there is front m group (m<8) identical, and LN (A)=LN (B)-1=m, then B ∈ CD (A), A=FD (B);
(2) if No. ID of the IP address of node A and Node B, have front m group (m<8) identical, m+1 group is not identical, and in rear 8-m group, A is 0, B is not entirely 0 entirely, then B ∈ CS (A);
(3) if No. ID of the IP address of node A and Node B, there is front m group (m<8) identical, m+1 group is not identical, and in rear 8-m group, A, B are not all 0, then FH (A, B)=AD (Ip) entirely, wherein the front m group of Ip is identical with A (or B), and rear 8-m group is 0 entirely.
In order to better describe key management model, do following hypothesis:
(1) node can not to be captured or under attack at initial phase;
(2) expressly represent with Plain, ciphertext Cipher represents, ciphering process is expressed as E (Plain, Key), and decrypting process is expressed as D (Cipher, Key), and wherein Key is key;
(3) base station is in safety zone;
(4) each node is pre-configured hash function hash (x).
The present invention adopts following key managing project:
When netinit, base station broadcast polynomial function f (x), each node in network, after receiving f (x), calculates f (hash (ID)), respectively as the shared key between oneself and base station.
When conversating between node, they need to produce session key, and session key is produced by shared key.Production process is as follows: if the shared key of node A and base station is KeyA, the shared key of Node B and base station is KeyB, A and B needs to converse, they are filed a request respectively to base station and obtain common session key, base station produces a number r at random, utilize hash function, calculate SessionKey=hash (KeyA||KeyB||r), SessionKey is exactly the session key required for A and B converses.Base station calculates E (SessionKey, KeyA), and session key is sent to A, calculates E (SessionKey, KeyB) and session key is sent to B.A, B then have session key with after the shared key deciphering of oneself.The production process of SessionKey ensure that to only have A, B and base station to know session key, even if assailant also cannot learn in same network, ensure that the fail safe of session information.After session key produces, SessionKey is kept in the internal memory of oneself by A, B, all uses same session key to conversate, all need not apply for new key to base station, to save energy consumption at every turn within the regular hour.But simultaneously for improving fail safe, each session key all can arrange life span, when session key arrives life span, need when A, B converse again to apply for new session key to base station.
After leaving network when there being node or being detected and turning traitor, need to delete relative all keys.After the key that base station deletion of node is corresponding, also need other nodes of broadcast announcement, if other nodes exist session key total with it, then delete it.
Not only session key needs to upgrade after some time, and shared key can not be unalterable, especially after network node is subject to capturing attack.The renewal of shared key is then base station broadcast random number p, and after each node receives random number p, calculating K eynew=hash (Keyold+p) upgrades shared key, and wherein Keyold is old shared key, and Keynew is new shared key.Select hash algorithm to be because the autgmentability of hash algorithm is better on the one hand, very little change is mapped to very large change, and the one-way of hash algorithm ensure that the backward privacy of network on the other hand.
Embodiment 1
Suppose that this session is clean culture, topology is as Fig. 2, and node 7 sends message to node 8, belongs to the situation of S41 (4):
Step 1: the lowermost layer ancestor node 1 first finding node 7 and 8, perform Send (1,3) and Send (3,8), such node 3 and node 8 have been direct set memberships; Then node 1 obviously belongs to FS (7), first perform Send (7,2) according to step S41 (3) again and perform Send (2,1) again, so 2 and 1 has been also set membership, thus establishes the route " 7-2-1-3-8 " of node 7 to node 8.
Step 2: perform key managing project when setting up session, node 7 and node 8 have a pair session key Key for confidential corespondence and the identity of certification both sides.
Step 3: node 7 produces random number r, and record current time stamp T.Node 7 calculates Cipher=E (Message||r, Key) and MAC=hash (Message||r||T).
Step 4: Cipher||MAC||T is sent to node 8 by multi-hop clean culture by node 7.
Step 5: after node 8 receives message, does following computing: be decrypted computing D (Cipher, Key), obtain (Message, r); Whether node 8 compares MAC equal with hash (Message||r||T), if equal and time stamp T is effective, then receives it, otherwise abandons.
Embodiment 2
Suppose that this session is multicast, topology is as Fig. 3, and need perform Send (2, { 1,5,7,9,12,13,16}), step is as follows:
Step 1: first node 2 will be set up and the node set { route of 1,5,7,9,12,13,16}.
Step 2: for the direct child node 7 of node 2, performs Send (2,7), for the direct father node 1 of node 2, performs Send (2,1).
Step 3: for the descendant nodes { 12 of node 2,13}, perform Send (2,6) information is passed to node 6 by node 2, perform Send (6,12) and Send (6,13) respectively and find all set memberships 6 and 12 and 6 and 13, information is passed to node 12 by node 6, node 1.
Step 4: for node 5, node 2 has the common ancestor 1 of lowermost layer with it, is therefore easy to just to perform Send (1,5) set membership and sets up, obviously have again Send (2,1) set membership to set up, so there is route " 2-1-5 "; For node 9, node 2 has the common ancestor 1 of lowermost layer with it, therefore be easy to just perform Send (1,3), Send (3,9) set membership is set up, and wherein 9 ∈ CS (3) obviously have again Send (2,1) set membership is set up, so there is route " 2-1-3-9 "; For node 16, node 2 has the common ancestor 1 of lowermost layer with it, is therefore easy to just perform Send (1,5) and Send (5,16), wherein 16 ∈ CS (5), continue recurrence and can obtain Send (5,11) and Send (11,16) set membership is set up, and wherein 16 ∈ CS (11), obviously have again Send (2,1) set membership is set up, so there is route " 2-1-5-11-16 ".
Step 5: perform key managing project when setting up session, { each node in 1,5,7,9,12,13,16} has a pair session key Key for confidential corespondence and the identity of certification both sides for node 2 and set;
Step 6: node 2 produces random number r, and record current time stamp T.Node 2 calculates Cipher=E (Message||r, Key) and MAC=hash (Message||r||T);
Step 7: Cipher||MAC||T is sent to set { 1,5,7,9,12,13,16} by single-hop or multi-hop multicast by node 2.
Step 8: set { after each node in 1,5,7,9,12,13,16} receives message, does following computing: be decrypted computing D (Cipher, Key), obtain (Message, r); { whether each node in 1,5,7,9,12,13,16} compares MAC equal with hash (Message||r||T), if equal and time stamp T is effective, then receives it, otherwise abandons in set.
Technological means disclosed in the present invention program is not limited only to the technological means disclosed in above-mentioned execution mode, also comprises the technical scheme be made up of above technical characteristic combination in any.