CN107809760A - A kind of method of message authentication in wireless sensor network - Google Patents

A kind of method of message authentication in wireless sensor network Download PDF

Info

Publication number
CN107809760A
CN107809760A CN201711135478.5A CN201711135478A CN107809760A CN 107809760 A CN107809760 A CN 107809760A CN 201711135478 A CN201711135478 A CN 201711135478A CN 107809760 A CN107809760 A CN 107809760A
Authority
CN
China
Prior art keywords
mac
node
packet
tag
data packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711135478.5A
Other languages
Chinese (zh)
Inventor
李娜娜
贺蕾
邹东尧
杜中州
穆聪
刘宽
张少磊
杨宇博
周辰宇
孙婧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou University of Light Industry
Original Assignee
Zhengzhou University of Light Industry
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou University of Light Industry filed Critical Zhengzhou University of Light Industry
Priority to CN201711135478.5A priority Critical patent/CN107809760A/en
Publication of CN107809760A publication Critical patent/CN107809760A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The method that the present invention proposes message authentication in a kind of wireless sensor network, different sending nodes calculate multiple MAC message authentication tags according to the information to be sent, forwarded by the way that these MAC message authentication tags are aggregated into after a short label is attached to message on the node of multi-hop transfer using polymerization MAC algorithms, and this short label still can be used to differentiate the message and the identity of source side that receive by receiving node;The short label generated using polymerization MAC algorithms is used to differentiate the message and the identity of source side that receive by receiving node.The present invention is time-consuming small, and amount of calculation is small, and the data packet load transmitted wirelessly in whole network greatly reduces, and reduces energy and bandwidth spent by wireless transmission data, extends node life span, extend the life-span of network;Share different keys between receiving node and multiple sending nodes, MAC message authentication tags be it is random, it is safe.

Description

Method for authenticating message in wireless sensor network
Technical Field
The invention relates to the technical field of information security, in particular to a method for authenticating messages in a wireless sensor network.
Background
The Wireless Sensor Network (WSN) can monitor, sense and collect information of various environments or monitored objects in the monitored area of the Network in real time, and finally transmit the information to the terminal user, and has wide application in various fields such as industry, agriculture, traffic, military, safety, medical treatment, space detection, home and office environments, etc., and the technology promotes economic development and also draws attention of the user to the information safety aspect.
Due to the fact that a wireless transmission channel is adopted, meanwhile, the node energy is limited, compared with other networks, the WSN has more prominent safety problems such as eavesdropping, malicious routing and message tampering, and the solution of the safety problems becomes a hotspot and a difficulty of current research. Before various kinds of perception information are sent to the end users, multi-hop transmission is often carried out, and the information finally reaches the receiving end nodes. In the process, how to ensure the authenticity and integrity of the message sender and the message receiver and prevent active attacks of an adversary, such as impersonation, tampering, replay and the like, is a first line of defense for security protection in the WSN application system, and is a problem to be solved urgently.
Currently, message authentication remains a common technique for ensuring the authenticity and integrity of message senders and recipients. As shown in fig. 1, a Message Authentication Code (MAC) generated by a sender of a Message is appended to the Message and then transmitted to a receiver, and the receiver authenticates the received Message and the identity of the source according to the authenticator. The MAC is a short data block with fixed length calculated by taking a key K and a message needing authentication as parameters and adopting an MAC function. And after receiving the message, the receiver recalculates the MAC according to the key K and the MAC function and checks whether the MAC is equal to the transmitted MAC or not. The important reason why the method can guarantee the authenticity and integrity of the message sender and receiver is that the secret key K is shared by the sender and the receiver and is unknown to others.
If the MAC mechanism is directly applied to the WSN to ensure security, a large energy cost is paid, especially when the number of nodes in the network is large or communication is frequent, so that the nodes die and the service life of the network is greatly reduced. How to reduce the energy consumption of the MAC mechanism in the WSN, improve the service life of the network, improve the execution efficiency of the protocol, and reduce the probability of information attack by an attacker is very necessary.
Disclosure of Invention
Aiming at the technical problems of high energy cost and short service life of an MAC mechanism in a wireless sensor network, the invention provides a method for authenticating a message in the wireless sensor network, which has the advantages of low energy consumption, small calculated amount and high safety.
In order to achieve the purpose, the technical scheme of the invention is realized as follows: a method for message authentication in wireless sensor network, the wireless sensor network includes a base station B, aA sink node U 0 And at least one collection node, sink node U 0 Is the only node communicating with the base station B, and all the collection nodes can send data to the sink node U through the multi-hop wireless network 0 Node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station is K i I =0,1, \8230 \ 8230;, m, m +1 are the number of nodes; the method comprises the following steps:
step 1: judging node U i Whether one or more data packets or nodes U needing to be transferred already exist in the current wireless receiving buffer or not i Whether an information packet needs to be sent to the base station B or not;
step 2: if not, jumping to the step 1 after delaying for a period of time tau; otherwise, continuing to execute the step 3;
and step 3: if node U i With information packet M i Needs to be sent to a base station B, the number of data packets to be sent is z, and an MAC algorithm is adopted to utilize a secret key K i And packet M i Information generation MAC tag MAC i MAC label MAC i Attached to its packet M i Post-construction packet D i ={M i ,MAC i }; if node U i One or more data packets needing to be transferred exist in the current wireless receiving buffer, and the number of the data packets needing to be transferred is x;
and 4, step 4: judging whether (x + z) is larger than 1, if not, the new label is the label MAC i Or a label included in a packet to be transferred, and the new packet is the packet M i Or an information packet in a data packet to be transferred;
if (x + z)&gt, 1 at node U i Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label, and aggregating the information in the data packet participating in aggregation and the node U according to the sequence of label aggregation i Information packet M of i Are sequentially arranged to form a new information packet M i ’;
And 5: node U i The generated new tag is attached to its newGenerating a new data packet D after the packet i ', determine the node U i Whether it is a sink node U 0 If so, the new data packet D is sent i ' directly sends to the base station B, and jumps to step 8; otherwise, the new data packet D is sent i ' wireless transmission;
step 6: node U i Data packet D sent out wirelessly i ' transfer to sink node U through multi-hop network by other nodes 0 The processing at each node participating in the transit is performed at the same node U i The treatment process is the same;
and 7: at sink node U 0 Is processed at the same node U i The treatment process is the same;
and 8: and the base station B identifies the received data packet by adopting an authentication algorithm.
Labels generated by the MAC algorithmWherein, the node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station B is K i I =0,1, \8230;, m, and K i ∈{0,1} n N is the key length, packet M i ∈{0,1} * Mac () is a public function, a value that can produce a fixed length, tag i Is a MAC tag.
The input of the aggregation MAC algorithm is more than one MAC label tag i 、……、tag n 、……、tag j Output is tag IJ I.e. aggregation tag MAC IJ And is made of Is an exclusive or operation;
the input of the aggregation MAC algorithm is one or more than one MAC label tag i 、……、tag n 、……、tag j And one or more polymeric tag tags PQ 、……、tag UW 、……、tag RS Output is tag 1S I.e. the aggregated tag is:
the input of the aggregation MAC algorithm is more than one aggregation label tag PQ 、……、tag UW 、……、tag RS Output is tag PS I.e. the aggregated tag is:
is an exclusive or operation.
The authentication algorithm of the base station B is as follows:
and (3) calculating:
judging if tag IY '=tag IY I.e. MAC IY '=MAC IY The output is 1, otherwise the output is 0;
wherein,the data packet received by the base station B is D' = { M = { i ,……,M j ,……,M p ,……,M y ,tag IY Mac () is a public function, a value that can produce a fixed length.
A method for message authentication in a wireless sensor network comprises the following steps:
step 301: judging node U 0 There is already one transfer-required from node U in the current wireless receiving buffer 1 Data packet D of 1 ={M 1 ,MAC 1 },Node U 0 An information packet needs to be sent to the base station B;
step 302: continuing to execute step 303;
step 303: node U 0 With packet M 0 The number of data packets z =1 to be transmitted is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 MAC label MAC 0 Attached to packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D to be transferred 1 The number x =1 of the data packets needing to be transferred;
step 304: if x + z =2> -1, continuing to execute step 305;
step 305: data packet D to be transferred 1 Message authentication tag MAC in 1 And node U 0 Message authentication tag MAC of 0 Generating new aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10 And the information packets M in the data packets participating in the aggregation are processed according to the sequence of the label aggregation 1 And a collection node U 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M 1 ,M 0 };
Step 306: node U 0 To the generated aggregated tag MAC 10 Attach to it a new packet M 0 ' post-generation of a New data packet D 0 ’={M 1 ,M 0 ,MAC 10 Judge the node U 0 If the node is a sink node, a new data packet D is sent 0 ' directly send to base station B and jump to step 307;
step 307: base station B receives data packet D 0 ’={M 1 ,M 0 ,MAC 10 Adopting an authentication algorithm to carry out authentication; the base station B receives the data packet D 0 ' thereafter, according to itself with node U 1 Node U 0 Respectively shared secret key K 1 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ' and tag MAC 0 ', butTag MAC obtained by post-pair calculation 0 ' and tag MAC 1 ' XOR operation to get MAC 10 ', and calculating the resulting MAC 10 ' with received data packet D 0 ' the aggregation tag MAC 10 Carrying out comparison; if the two are the same, the recipient base station B can be confident that the data packet D is available 0 ' the message has not been tampered with and the recipient base station B can be confident that packet D is present 0 ' messages come from the purported sender node U 1 And node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U 1 And node U 0
A method for message authentication in a wireless sensor network comprises the following steps:
step 401: judging node U 0 Currently, there is already a node U in the wireless receiving buffer that needs to be transferred r Data packet D of r ’={M 1 ,M 2 ……M r ,MAC 1R }, simultaneous nodes U 0 With packet M 0 Needs to be sent to the base station B;
step 402: continuing to execute step 403;
step 403: node U 0 With packet M 0 The number of data packets z =1 to be transmitted is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 MAC tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 There is a data packet D in the current wireless receiving buffer that needs to be transferred r ', the number of packets to be relayed x =1;
step 404: judging x + z =2> -1, and continuing to execute step 405;
step 405: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D to be transmitted r ' aggregation tag MAC 1R And node U 0 Message authentication MAC tag MAC 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10 And information in the data packets participating in aggregation and the nodes U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are sequentially arranged to form a new information packet M 0 ’={M 1 ,M 2 ,……,M r ,M 0 };
Step 406: node U 0 Site generated new tag MAC 10 Attach to its new packet M 0 ' post-generation of a New data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 } this node U 0 If the node is a sink node, a new data packet D is sent 0 ' directly send to base station B and jump to step 407;
step 407: base station B receives data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 Adopting an authentication algorithm to carry out authentication; after receiving the data packet, the base station B according to the data packet and the node U 1 Node U 2 823060, 8230node U r Node U 0 Respectively shared secret key K 1 、K 2 、……、K r 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ', then MAC the calculated tag 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ' performing XOR operation to get tag MAC 10 ', and calculating the obtained label MAC 10 ' with received data packet D 0 ' aggregation tag MAC 10 Carrying out comparison; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0 (ii) a Otherwise, the receiver base station B cannot acknowledge the data packet D 0 ' messages are not tampered with, data cannot be assuredBag D 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0
A method for message authentication in a wireless sensor network comprises the following steps:
step 501: judging node U 0 There are 2 data packets to be transferred in the current wireless receiving buffer, which are from the node U respectively p Data packet D of p ’={M i ,……,M p ,MAC IP And from node U q Data packet D of q ’={M q ,MAC q At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 502: continuing to execute step 503;
step 503: node U 0 With packet M 0 The data packets are required to be sent to a base station B, the number z =1 of the data packets required to be sent is adopted, and meanwhile, an information packet M is generated by adopting an MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to packet M 0 Post-construction packet D 0 ={M 0 ,MAC 0 }; node U 0 There are 2 data packets D to be transferred in the current wireless receiving buffer p ' and D q ', the number of packets to be relayed x =2;
step 504: determining x + z =3> -1, and continuing to execute step 505;
step 505: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D needing to be transmitted p ' and D q ' aggregation tag MAC 1P Message authentication tag MAC q And node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm I0 And information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M i ,……,M p ,M q ,M 0 };
Step 506: node U 0 To the generated aggregated tag MAC I0 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 } this node U 0 Is the sink node, the new data packet D is sent 0 ' directly send to base station B and jump to step 507;
step 507: base station B receives data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 Adopting an authentication algorithm to carry out authentication; after receiving the message of the data packet, the base station B according to the base station B and the node U i 823060, 8230node U p Node U q Node U 0 Respectively shared secret key K i 、……、K p 、K q 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC p ’、……、MAC q ’、MAC 0 ', then MAC the calculated tag i ’、MAC p ’、……、MAC q ’、MAC 0 ' performing XOR operation to obtain tag MAC I0 ', and calculating the obtained label MAC I0 ' with received data packet D 0 ' the aggregation tag MAC I0 Carrying out comparison; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i 823060, 8230node U p Node U q Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U i 823060, node U p Node U q Node U 0
A method for message authentication in a wireless sensor network comprises the following steps:
step 601: judging node U 0 Has been currently in the wireless receiving bufferThrough the existence of a plurality of data packets needing to be transferred, the data packets are respectively from the node U a Data packet D of a ’={M d ,……,M a ,MAC DA \8230;, from node U e Data packet D of e ’={M h ,……,M e ,MAC HE From node U j Data packet D of j ’={M j ,MAC j 8230from node U s Data packet D of s ’={M s ,MAC s }, simultaneous nodes U 0 With packet M 0 Needs to be sent to the base station B;
step 602: continuing to execute step 603;
step 603: node U 0 With information packet M 0 The number of the data packets to be transmitted z =1 is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a plurality of data packets to be transferred, and the number of the data packets to be transferred is x>2;
Step 604: judging that x + z is greater than 3, and continuing to execute step 605;
step 605: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting D in the data packet to be transferred a ’、……、D e ’、D j ’、……、D s ' the aggregate tag MAC DA 、……、MAC HE And message authentication tag MAC j 、……、MAC s And acquisition node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm D0 And information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 };
Step 606: node U 0 Site generated new tag MAC D0 Attach to its new packet M 0 ' post-generation of a new data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 } this node U 0 Is the sink node, the new data packet D is sent 0 ' directly to base station B and jumps to step 607;
step 607: base station B receives data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 Adopting an authentication algorithm to perform authentication; base station B receives data packet D 0 ' after the message, according to itself and node U d 823060, node U a 823060, node U h 823060, 8230node U e Node U j 823060, node U s Node U 0 Respectively shared secret key K d 、……、K a 、……、K h 、……、K e 、K j 、……、K s 、K 0 Substituting the MAC function to recalculate the tag MAC d ’、……、MAC a ’、……、MAC h ’、……、MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ', then MAC the calculated tag d ’、……、MAC a ’、……、MAC h ’、……、MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ' performing XOR operation to obtain tag MAC D0 ', and calculating the obtained label MAC D0 ' with received data packet D 0 ' the aggregation tag MAC D0 Comparing; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages from purported sendersNode U d 823060, node U a 823060, 8230node U h 823060, node U e Node U j 823060, 8230node U s Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U d 823060, 8230node U a 823060, node U h 823060, 8230node U e Node U j 823060, node U s Node U 0
A method for message authentication in a wireless sensor network comprises the following steps:
step 701: judging node U i The data packets needing to be transferred do not exist in the current wireless receiving buffer, but the node U i With packet M i Needs to be sent to the base station B;
step 702: continuing to execute step 703;
step 703: node U i With information packet M i The number z =1 of the data packets to be transmitted is generated by adopting the MAC algorithm to generate M i MAC label MAC of information i Attached to its packet M i Then form its data packet D i ={M i ,MAC i }; node U i The current wireless receiving buffer has no data packets needing to be transferred, and the number of the data packets needing to be transferred x =0;
step 704: judging x + z =1, then the node U is indicated i Only 1 label is needed, and the new label is the MAC without adopting the aggregation algorithm for processing i The new packet is M i
Step 705: node U i Site generated new tag MAC i Attach to it a new packet M i ’={M i Generate a new data packet D i ’=D i ={M i ,MAC i } this node U i If not, the new data packet D is sent i ' wireless transmission;
step 706: node U i The data packet sent out by the wireless is covered by the next hop node U j Transferred at node U j The processing at the node is in U i The processing procedures of the nodes are completely the same;
step 707: node U i The data packet sent out by wireless is transferred to a sink node U through a plurality of other nodes through a multi-hop network 0 The processing at each transit node is in U i The processing procedures of the nodes are completely the same;
step 708: at sink node U 0 Is processed at the same node U i The processing procedures are the same, and the step is transferred to 701';
step 701': judging node U 0 The current wireless receiving buffer has the point U needing to be transferred x Data packet D of x ’={M i ,M j ,M q ,……,M p ,M x ,MAC IX At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 702': continuing to execute step 703';
step 703': node U 0 With packet M 0 The number of the data packets to be transmitted z =1 is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ’={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D needing to be transferred x ', the number of packets to be relayed x =1;
step 704': judging x + z =2&gt, 1, the node U is described 0 2 tags are present, and the aggregation algorithm is adopted for processing, and the step 705' is executed continuously;
step 705': x + z =2&gt, 1 indicates that 2 tags can be processed by adopting an aggregation algorithm, and then the node U is provided with a label list 0 Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label MAC I0 And according toThe sequence of label aggregation is to combine the information in the data packet participating in aggregation with the node U 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 }; the new tag is the MAC I0 The new packet is M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 And jump to step 706';
step 706': node U 0 Site generated new tag MAC I0 Attach to its new packet M 0 ' post-generation of a New data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 }, this node U 0 Is a sink node, and sends a new data packet D 0 ' directly to base station B and jumps to step 710;
step 710: base station B receives data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 Adopting an authentication algorithm to carry out authentication; that is, after receiving the message, the base station B according to itself and the node U i Node U j Node U q 823060, 8230node U p Node U x Node U 0 Respectively shared secret key K i 、K j 、K q 、……、K p 、K x 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ' and then MAC the calculated tag i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ' performing XOR operation to obtain tag MAC I0 ', and calculating the obtained label MAC I0 ' with the received data packet D 0 Tag MAC of I0 Carrying out comparison; if the two are the same, thenThe recipient base station B can be confident that packet D is present 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i Node U j Node U q 823060, 8230node U p Node U x Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U i Node U j Node U q 823060, node U p Node U x Node U 0
The invention has the beneficial effects that:
1) Reduce energy consumption, improve network working life: different sending nodes calculate a plurality of MAC message authentication labels according to the information to be sent, and the MAC message authentication labels are aggregated into a short label on a multi-hop transit node and are attached to the message for forwarding; the aggregation MAC algorithm needs to consume a certain time, but the time consumption is relatively small, the calculation amount is small, the load of the data packet wirelessly transmitted in the whole network is greatly reduced, the energy and the bandwidth consumed by wirelessly transmitting data are greatly reduced, the survival time of the nodes is prolonged, the service life of the network is prolonged, and particularly when the number of the nodes is large, the energy efficiency advantage is more obvious.
2) Better security: the receiving node and the plurality of sending nodes share different keys respectively, the key length is n, and as other nodes do not know the key, the MAC message authentication tag is random from the perspective of an attacker, and a random string of values is subjected to XOR operation with any other unrelated random values to still generate a random string of values; the probability of the enemy attacking the system is not higher than 2 -n That is, the short label generated by using the aggregated MAC algorithm can still be used by the receiving node to authenticate the received message and the identity of the source.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a diagram illustrating a MAC message authentication information flow in the prior art.
Fig. 2 is a schematic diagram of a network topology.
FIG. 3 is a diagram of a sink node U according to the present invention 0 And the message flow diagram is used for realizing message authentication by aggregating the MAC label of the local node and 1 MAC label.
FIG. 4 is a diagram of a sink node U according to the present invention 0 And the message flow diagram is used for aggregating the MAC label and the 1 aggregation label of the local node so as to realize message authentication.
FIG. 5 is a diagram of a sink node U according to the present invention 0 And the message flow diagram is used for aggregating the MAC label of the local node and 1 aggregation label of 1 MAC label so as to realize message authentication.
FIG. 6 is a diagram of a sink node U according to the present invention 0 And the message flow diagram is used for aggregating the MAC label of the local node and a plurality of aggregation labels of a plurality of MAC labels so as to realize message authentication.
Fig. 7 is a schematic diagram of a multi-hop path according to the present invention employing an aggregate MAC algorithm at a plurality of transit nodes.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.
The design idea of the invention is as follows: in a wireless sensor network, the same node (e.g., base station) shares a different key with each of the different transmitting nodes. Different sending nodes calculate a plurality of MAC labels according to the information to be sent, the MAC labels are aggregated into a short label on the multi-hop relay node and are attached to the message for forwarding, and the short label can be used by a receiving node for identifying the received message and the identity of a source.
A method for message authentication in wireless sensor network, the wireless sensor network includes a base station B, a convergent node U 0 And at least one collection node, sink node U 0 Is the only node communicating with the base station B, and all the collection nodes can send data to the sink node U through the multi-hop wireless network 0 Node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station is K i I =0,1, \8230;, m, m +1 is the number of nodes, as shown in fig. 2, and node U i If there is data to be sent to the base station B, the path may be: u shape i →U j →U q →…→U p →U x →U 0 I.e. slave node U i The wireless data packet transmitted by the point passes through the node U in turn j 、U q 、……U p 、U x To the sink node U 0 And then transmitted to the base station B.
The first embodiment is as follows:
a method for message authentication in a wireless sensor network comprises the following steps:
step 1: judging node U i Whether one or more data packets or nodes U needing to be transferred already exist in the current wireless receiving buffer or not i Whether an information packet needs to be sent to the base station B or not;
step 2: if not, jumping to the step 1 after delaying for a period of time tau; otherwise, continuing to execute the step 3;
and step 3: if node U i With packet M i The number of data packets to be transmitted is represented by z, and the MAC algorithm is adopted to utilize a secret key K i And packet M i Information generation MAC tag MAC i Tag MAC i Attached to its packet M i Post-construction packet D i ={M i ,MAC i }; if node U i One or more data packets to be transferred are currently in the wireless receiving buffer, and the number of the data packets to be transferred is represented by x.
MAC algorithm generated labelsWherein, K i Is a key, n is a key length, K i ∈{0,1} n Information packet M i ∈{0,1} * Mac () is a public function, meaning a conventional encryption or hash function, from which a fixed-length value, tag, can be generated i Is a MAC tag.
And 4, step 4: judging whether (x + z) is larger than 1, if not, indicating the node U i Only 1 label is needed, and the new label is the label MAC without adopting the aggregation algorithm for processing i Or a label included in a packet to be transferred, and the new packet is the packet M i Or the information packet in the data packet needing to be transferred;
if (x + z)&gt, 1 at node U i Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label, and aggregating the information in the data packet participating in aggregation and the node U according to the sequence of label aggregation i Information packet M of i Are sequentially arranged to form a new information packet M i ’。
The aggregated MAC algorithm can be divided into three cases according to the difference of input: the input of the aggregated MAC algorithm is more than one MAC label tag i 、……、tag n 、……、tag j Output is tag IJ I.e. aggregation tag MAC IJ And is made of Is an exclusive or operation;
the input of the aggregation MAC algorithm is one or more than one MAC label tag i 、……、tag n 、……、tag j And one or more polymeric tags tag PQ 、……、tag UW 、……、tag RS Output is tag 1S I.e. the polymeric label is:
the input of the aggregation MAC algorithm is more than one aggregation label tag PQ 、……、tag UW 、……、tag RS Output is tag PS I.e. the polymeric label is:
is an exclusive or operation.
And 5: node U i The generated new label is attached to its new packet M i ' post-generation of a New data packet D i ', if this node U i Is a sink node U 0 Then new data packet D is sent i ' directly send to base station B and jump to step 8; otherwise, the new data packet D is sent i ' wireless transmission;
step 6: node U i Data packet D sent out wirelessly i ' forward to sink node U through other nodes via multi-hop network 0 The processing at each node participating in the transit is performed at the same node U i The processing procedures of the nodes are completely the same;
node U i Data packet D sent out wirelessly i ' by its next hop node U j Transferred at node U j Is processed at the same node U i The processing procedure of the nodes is completely the same. Node U i Data packet D sent out wirelessly i ' transfer to sink node U through 0 or more other nodes via multi-hop network 0
And 7: at sink node U 0 Is processed at the same node U i The processing procedures are completely the same, and the steps 1-5 are repeated to send the data packet to the base station B;
and 8: and the base station B identifies the received data packet by adopting an authentication algorithm.
The authentication algorithm of the base station B is as follows:
and (3) calculating:
judging if tag IY '=tag IY I.e. MAC IY '=MAC IY The output is 1, otherwise the output is 0;
wherein,received by base station B data packet is D' = { M = i ,……,M j ,……,M p ,……,M y ,tag IY }, node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station B is K i I =0,1, \8230;, m, n is the key length, K i ∈{0,1} n Information packet M i ∈{0,1} * Mac () is a public function, referring to a conventional encryption or hash function, from which a fixed-length value can be generated.
Example two
A method for message authentication in wireless sensor network is disclosed, which is at sink node U 0 The message flow diagram of the local node MAC label and 1 MAC label for realizing message authentication is shown in FIG. 3The method comprises the following steps:
step 301: judging node U 0 There is already a packet in the current wireless receiving buffer that needs to be forwarded, i.e. from node U 0 Node U of front end 1 Data packet D of 1 ={M 1 ,MAC 1 }, node U 0 An information packet needs to be sent to the base station B;
step 302: continuing to execute step 303;
step 303: node U 0 With information packet M 0 The data packets are required to be sent to a base station B, the number z =1 of the data packets required to be sent is adopted, and meanwhile, an information packet M is generated by adopting an MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D to be transferred 1 The number of data packets to be transferred x =1;
step 304: if x + z =2> -1, continuing to execute step 305;
step 305: x + z =2&gt, 1 shows that 2 tags can be processed by adopting an aggregation algorithm and a data packet D to be transferred 1 Message authentication tag MAC in 1 And node U 0 Message authentication tag MAC 0 Generating new aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10 And the information packets M in the data packets participating in the aggregation are processed according to the sequence of the label aggregation 1 And a collection node U 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M 1 ,M 0 };
Step 306: node U 0 To generated aggregated label MAC 10 Attach to it a new packet M 0 ' post-generation of a New data packet D 0 ’={M 1 ,M 0 ,MAC 10 Judge the node U 0 If the node is a sink node, a new data packet D is sent 0 ' directly to base station B and jumps to step 307;
step 307: base station B pairReceived data packet D 0 ’={M 1 ,M 0 ,MAC 10 Adopting an authentication algorithm to carry out authentication; base station B receives data packet D 0 ' afterwards, according to itself and the collection node U 1 And a sink node U 0 Respectively shared secret key K 1 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ' and tag MAC 0 ', then MAC the calculated tag 0 ' and tag MAC 1 ' XOR operation to get MAC 10 ', and calculating the resulting MAC 10 ' with the received data packet D 0 ' aggregation tag MAC 10 Comparing; if the two are the same, the recipient base station B can be confident that the data packet D is available 0 ' and the recipient base station B can be confident that the data packet D has not been tampered with 0 ' messages come from the purported sender node U 1 And node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U 1 And node U 0
EXAMPLE III
A method for message authentication in wireless sensor network is disclosed, which is at sink node U 0 As shown in fig. 4, the message flow diagram for implementing message authentication by aggregating the MAC tag and 1 aggregation tag of the local node includes the following steps:
step 401: judging node U 0 There is already a data packet in the current wireless receiving buffer, i.e. from node U, that needs to be forwarded 0 Front node U r Data packet D of r ’={M 1 ,M 2 ,……,M r ,MAC 1R At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 402: continuing to execute step 403;
step 403: acquisition node U 0 With packet M 0 The number of data packets to be transmitted to the base station BMesh z =1, and meanwhile, the MAC algorithm is adopted to generate the information packet M 0 MAC label MAC of information 0 Tag MAC 0 Is to transmit the information packet M 0 And a secret key K 0 Carrying in a Mac function to obtain; tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 There is a data packet D in the current wireless receiving buffer that needs to be transferred r ', the number of the data packets to be transferred x =1;
step 404: judging x + z =2> -1, and continuing to execute step 405;
step 405: x + z =2&gt 1 shows that 2 tags can be processed by adopting an aggregation algorithm and are in a node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D to be transmitted r ' the aggregation tag MAC 1R And node U 0 Message authentication MAC tag MAC 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10And information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M 1 ,M 2 ,……,M r ,M 0 };
Step 406: node U 0 Site generated new tag MAC 10 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 } this node U 0 Is the sink node, a new data packet D is sent 0 ' directly send to base station B and jump to step 407;
step 407: base station B receives data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 Adopting an authentication algorithm to carry out authentication; after receiving the data packet, the base station B according to the base stationBody and node U 1 Node U 2 823060, 8230node U r Node U 0 Respectively shared secret key K 1 、K 2 、……、K r 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ' and then MAC the calculated tag 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ' performing XOR operation to obtain tag MAC 10 ', and calculating the obtained label MAC 10 ' with received data packet D 0 ' the aggregation tag MAC 10 Comparing; if the two are the same, the recipient base station B can be sure that packet D is present 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0 (ii) a Otherwise, the receiver base station B cannot acknowledge the data packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0
Example four
A method for message authentication in wireless sensor network is disclosed, which is at sink node U 0 As shown in fig. 5, the message flow diagram for implementing message authentication by aggregating the MAC tag of the local node and 1 aggregation tag of 1 MAC tag includes the following steps:
step 501: judging node U 0 There are already 2 packets to be forwarded in the current wireless receive buffer, i.e. from node U 0 Front node U p And U q Are respectively D p ’={M i ,……,M p ,MAC IP }、D q ’={M q ,MAC q At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 502: continuing to execute step 503;
step 503: node U 0 With packet M 0 The data packets are required to be sent to a base station B, the number z =1 of the data packets required to be sent is adopted, and meanwhile, an information packet M is generated by adopting an MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Is to transmit the information packet M 0 And a secret key K 0 By substituting Mac function, tag MAC 0 Attached to packet M 0 Post-formation packet D 0 ={M 0 ,MAC 0 }; node U 0 There are 2 data packets D to be transferred in the current wireless receiving buffer p ' and D q ', the number of packets to be relayed x =2;
step 504: determining x + z =3> -1, and continuing to execute step 505;
step 505: x + z =3&gt 1 shows that 3 tags can be processed by adopting an aggregation algorithm and are arranged at a node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D to be transmitted p ' and D q ' the aggregation tag MAC 1P Message authentication tag MAC q And node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm I0 I.e. byAnd information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are sequentially arranged to form a new information packet M 0 ’={M i ,……,M p ,M q ,M 0 };
Step 506: node U 0 To the generated aggregated tag MAC I0 Attach to it a new packet M 0 ' post-generation of a New data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 }, this node U 0 Is the sink node, the new data packet D is sent 0 ' directly send to base station B and jump to step 507;
step 507: base station B receivesTo data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 Adopting an authentication algorithm to carry out authentication; after receiving the message of the data packet, the base station B according to the base station B and the node U i 823060, node U p Node U q Node U 0 Respectively shared secret key K i 、……、K p 、K q 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC p ’、……、MAC q ’、MAC 0 ', then MAC the calculated tag i ’、MAC p ’、……、MAC q ’、MAC 0 ' performing XOR operation to get tag MAC I0 ', and calculating the obtained label MAC I0 ' with received data packet D 0 ' aggregation tag MAC I0 Comparing; if the two are the same, the recipient base station B can be sure that packet D is present 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i 823060, node U p Node U q Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U i 823060, node U p Node U q Node U 0
EXAMPLE five
A method for message authentication in wireless sensor network is disclosed, which is at sink node U 0 As shown in fig. 6, the message flow diagram for implementing message authentication by aggregating the MAC tag of the local node and multiple aggregation tags of multiple MAC tags includes the following steps:
step 601: judging node U 0 There are multiple data packets to be transferred in the current wireless receiving buffer, which are from the node U respectively a Data packet D of a ’={M d ,……,M a ,MAC DA }、\8230; \ 8230;, originating from node U e Data packet D of e ’={M h ,……,M e ,MAC HE Is from node U j Data packet D of j ’={M j ,MAC j 8230from node U s Data packet D of s ’={M s ,MAC s At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 602: continuing to execute step 603;
step 603: node U 0 With information packet M 0 The number of the data packets to be transmitted z =1 is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Is to transmit the information packet M 0 And a secret key K 0 Bringing into the Mac function results in the tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a plurality of data packets to be transferred, the number of the data packets to be transferred is represented by x, and x is the time>2;
Step 604: judging that x + z is greater than 3, and continuing to execute step 605;
step 605: x + z&gt, 1 indicates that more than 3 labels can be processed by adopting an aggregation algorithm and are positioned at a node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting D in the data packet to be transferred a ’、……、D e ’、D j ’、……、D s ' the aggregate tag MAC DA 、……、MAC HE And message authentication tag MAC j 、……、MAC s And a collection node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm D0 And is andand information in the data packets participating in aggregation and the acquisition node U are acquired according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence and are arranged in sequence,form a new information packet M 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 };
Step 606: node U 0 Site generated new tag MAC D0 Attach to it a new packet M 0 ' post-generation of a New data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 } this node U 0 Is the sink node, the new data packet D is sent 0 ' directly to base station B and jumps to step 607;
step 607: base station B receives data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 Adopting an authentication algorithm to perform authentication; the base station B receives the data packet D 0 ' after the message, according to itself and node U d 8230; 8230a node U a 823060, 8230node U h 8230a' node U e Node U j 823060, 8230node U s Node U 0 Respectively shared secret key K d 、……、K a 、……、K h 、……、K e 、K j 、……、K s 、K 0 Substituting the MAC function to recalculate the tag MAC d ’、……、MAC a ’、……MAC h ’、……MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ' and then MAC the calculated tag d ’、……、MAC a ’、……、MAC h ’、……、MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ' performing XOR operation to obtain tag MAC D0 ', and calculating the obtained label MAC D0 ' with received data packet D 0 ' the aggregation tag MAC D0 Comparing; if the two are the same, the receiverBase station B can be confident of packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U d 823060, 8230node U a 823060, 8230node U h 823060, 8230node U e Node U j 823060, 8230node U s Node U 0 (ii) a Otherwise, the receiver base station B cannot acknowledge the data packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U d 823060, node U a 823060, 8230node U h 823060, 8230node U e Node U j 823060, node U s Node U 0
Example six
Message authentication method in wireless sensor network, data packet slave node U i From the beginning, through a plurality of transit nodes U j 、U q ……U p 、U x To the sink node U 0 At node U i 、U j 、U q ……U p 、U x 、U 0 A message flow diagram for implementing message authentication by respectively adopting an aggregation MAC algorithm is shown in fig. 7, and the steps are as follows:
step 701: judging node U i The current wireless receiving buffer does not have the data packet needing to be transferred, but the node U i With packet M i Needs to be sent to the base station B;
step 702: continuing to execute step 703;
step 703: node U i With packet M i The number of the data packets to be transmitted z =1 is transmitted to the base station B, and M is generated by adopting the MAC algorithm i MAC label MAC of information i Attached to its packet M i Then form its data packet D i ={M i ,MAC i }; node U i The current wireless receiving buffer has no data packets needing to be transferred, and the number of the data packets needing to be transferred x =0;
step 704: judging x + z =1, then the node U is indicated i Only 1 label is needed, and the new label is the MAC without adopting the aggregation algorithm for processing i The new packet is M i
Step 705: node U i Site generated new tag MAC i Attach to it a new packet M i ’={M i Generate a new data packet D i ’=D i ={M i ,MAC i } this node U i If not, the new data packet D is sent i ' wireless transmission;
step 706: node U i The data packet sent out by the wireless is covered by the next hop node U j Transferred at node U j The processing at the node is in U i The processing procedures of the nodes are completely the same; are not described in detail herein;
step 707: node U i The data packet sent out by wireless is transferred to a sink node U through a plurality of other nodes through a multi-hop network 0 At each transit node, i.e. node U q 823060, 8230node U p Node U x Processing at equal places is in U i The processing procedures of the nodes are completely the same, and are not described again here;
step 708: at sink node U 0 Is processed at the same node U i The treatment process is the same as follows;
step 701': judging node U 0 The current wireless receiving buffer has the point U needing to be transferred x Data packet D of x ’={M i ,M j ,M q ,……,M p ,M x ,MAC IX }, simultaneous nodes U 0 With packet M 0 Needs to be sent to the base station B;
a step 702': go on to step 703';
step 703': node U 0 With packet M 0 The number z =1 of the data packets to be transmitted is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ’={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D needing to be transferred x ', the number of the data packets to be transferred x =1;
step 704': judging x + z =2&gt, 1, the node U is described 0 2 tags are present, and the aggregation algorithm is adopted for processing, and the step 705' is executed continuously;
step 705': x + z =2&gt, 1 shows that 2 tags can be processed by adopting an aggregation algorithm, and then the node U is provided with a label list 0 Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label MAC I0 And according to the sequence of label aggregation, the information in the data packet participating in aggregation and the node U are combined 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 }; the new tag is the MAC I0 The new packet is M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 And jump to step 706';
step 706': node U 0 Site generated new tag MAC I0 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 } this node U 0 Is a sink node, and sends a new data packet D 0 ' directly to base station B and jumps to step 710;
step 710: base station B receives data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 Adopting an authentication algorithm to carry out authentication; that is, the base station B receives the message and then according to itself and the node U i Node U j Node U q 823060, 8230node U p Node U x Node U 0 Respectively shared secret key K i 、K j 、K q 、……、K p 、K x 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ', then MAC the calculated tag i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ' performing XOR operation to obtain tag MAC I0 ', and calculating the obtained label MAC I0 ' with received data packet D 0 ' tag MAC of I0 Comparing; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i Node U j Node U q 823060, 8230node U p Node U x Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U i Node U j Node U q 823060, node U p Node U x Node U 0
Different sending nodes calculate a plurality of MAC message authentication labels according to information to be sent, and the MAC message authentication labels are aggregated on a multi-hop relay node by adopting an aggregation MAC algorithm to form a short label which is attached to the message and then forwarded; the short label can still be used by the receiving node to authenticate the received message and the identity of the source party; the aggregation algorithm executes exclusive-or operation, the calculation amount is small, and the load of the data packet wirelessly transmitted in the whole network can be greatly reduced, so that the energy and bandwidth consumed by wirelessly transmitting data are greatly reduced, the survival time of the node is prolonged, and the service life of the network is prolonged; particularly, when the number of nodes is large or communication is frequent, the energy efficiency advantage is more obvious. Meanwhile, since the receiving node and the plurality of sending nodes share different keys, respectively, and other nodes do not know the keys, the receiver can be assured that the message has not been tampered with, and the receiver can be assured that the message is from the purported sender.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (9)

1. A method for message authentication in wireless sensor network is characterized in that the wireless sensor network comprises a base station B and a sink node U 0 And at least one collection node, sink node U 0 Is the only node communicating with the base station B, and all the collection nodes can send data to the sink node U through the multi-hop wireless network 0 Node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station is K i I =0,1, \8230;, m, m +1 are the number of nodes; the method comprises the following steps:
step 1: judging node U i Whether one or more data packets or nodes U needing to be transferred already exist in the current wireless receiving buffer or not i Whether an information packet needs to be sent to the base station B or not;
step 2: if not, jumping to the step 1 after delaying for a period of time tau; otherwise, continuing to execute the step 3;
and 3, step 3: if node U i With information packet M i Needs to be sent to a base station B, the number of data packets to be sent is z, and an MAC algorithm is adopted to utilize a secret key K i And packet M i Information generation MAC tag MAC i MAC tag MAC i Attached to its packet M i Post-formation packet D i ={M i ,MAC i }; if node U i One or more data packets needing to be transferred are currently in the wireless receiving buffer, and the number of the data packets needing to be transferred is x;
And 4, step 4: judging whether (x + z) is larger than 1, if not, the new label is the label MAC i Or a label included in a packet to be transferred, and the new packet is the packet M i Or an information packet in a data packet to be transferred;
if (x + z)&gt, 1 at node U i Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label, and aggregating the information in the data packet participating in aggregation and the node U according to the sequence of label aggregation i Information packet M of i Are sequentially arranged to form a new information packet M i ’;
And 5: node U i The generated new label is attached to the new information packet to generate a new data packet D i ', determine the node U i Whether it is a sink node U 0 If so, the new data packet D is sent i ' directly sends to the base station B, and jumps to step 8; otherwise, the new data packet D is sent i ' wireless transmission;
step 6: node U i Data packet D sent out wirelessly i ' transfer to sink node U through multi-hop network by other nodes 0 The processing at each node participating in the transit is performed at the same node U i The treatment process is the same;
and 7: at sink node U 0 Is processed at the same node U i The treatment process is the same;
and step 8: and the base station B identifies the received data packet by adopting an authentication algorithm.
2. Method of message authentication in a wireless sensor network according to claim 1, characterized in that the tags generated by the MAC algorithmWherein, the node U i The packet to be sent to base station B is M i Node U i The secret key between the base station B and the base station B is K i ,i=0,1,……,m,And K is i ∈{0,1} n N is the key length, packet M i ∈{0,1} * Mac () is a public function, a value that can produce a fixed length, tag i Is a MAC tag.
3. The method of claim 1, wherein the input to the aggregated MAC algorithm is one or more MAC tag tags i 、……、tag n 、……、tag j Output is tag IJ I.e. aggregation tag MAC IJ And is and is an exclusive or operation;
the input of the aggregation MAC algorithm is one or more than one MAC label tag i 、……、tag n 、……、tag j And one or more polymeric tags tag PQ 、……、tag UW 、……、tag RS The output is tag 1S I.e. the polymeric label is:
the input of the aggregation MAC algorithm is more than one aggregation label tag PQ 、……、tag UW 、……、tag RS Output is tag PS I.e. the polymeric label is:
is an exclusive or operation.
4. A method for message authentication in a wireless sensor network according to claim 1 or 2, characterized in that the authentication algorithm of the base station B is:
and (3) calculating:
judging if tag IY '=tag IY I.e. MAC IY '=MAC IY The output is 1, otherwise the output is 0;
wherein,received by base station B the data packet is D' = { M = i ,……,M j ,……,M p ,……,M y ,tag IY Mac () is a public function, a value that can produce a fixed length.
5. A method for message authentication in a wireless sensor network according to claim 3, characterized by the steps of:
step 301: judging node U 0 There is already one transfer-required from node U in the current wireless receiving buffer 1 Data packet D of 1 ={M 1 ,MAC 1 }, node U 0 An information packet needs to be sent to the base station B;
step 302: continuing to execute step 303;
step 303: node U 0 With packet M 0 The number of data packets z =1 to be transmitted is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 MAC tag MAC 0 Attached to packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D to be transferred 1 The number of data packets to be transferred x =1;
step 304: if x + z =2> -1, continuing to execute step 305;
step 305: data packet D to be transferred 1 Message authentication tag MAC in 1 And node U 0 Message authentication tag MAC of 0 Generating new aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10 And the information packets M in the data packets participating in the aggregation are processed according to the sequence of the label aggregation 1 And acquisition node U 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M 1 ,M 0 };
Step 306: node U 0 To the generated aggregated tag MAC 10 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M 1 ,M 0 ,MAC 10 Judge the node U 0 Is the sink node, the new data packet D is sent 0 ' directly send to base station B and jump to step 307;
step 307: base station B receives data packet D 0 ’={M 1 ,M 0 ,MAC 10 Adopting an authentication algorithm to perform authentication; base station B receives data packet D 0 ' later, according to itself and node U 1 Node U 0 Respectively shared secret key K 1 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ' and tag MAC 0 ', then MAC the calculated tag 0 ' and tag MAC 1 ' XOR operation to get MAC 10 ', and calculating the resulting MAC 10 ' with received data packet D 0 ' the aggregation tag MAC 10 Carrying out comparison; if the two are the same, the recipient base station B can be confident that the data packet D is available 0 ' and the recipient base station B can be confident that the data packet D has not been tampered with 0 ' messages come from the purported sender node U 1 And node U 0 (ii) a Otherwise, the receiver base station B cannot acknowledge the data packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U 1 And node U 0
6. A method for message authentication in a wireless sensor network according to claim 3, characterized by the steps of:
step 401: judging node U 0 Currently, there is already a node U in the wireless receiving buffer that needs to be transferred r Data packet D of r ’={M 1 ,M 2 ……M r ,MAC 1R At the same time node U 0 With information packet M 0 Needs to be sent to the base station B;
step 402: continuing to execute step 403;
step 403: node U 0 With packet M 0 The data packets are required to be sent to a base station B, the number z =1 of the data packets required to be sent is adopted, and meanwhile, an information packet M is generated by adopting an MAC algorithm 0 MAC label MAC of information 0 MAC tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D to be transferred r ', the number of packets to be relayed x =1;
step 404: judging x + z =2> -1, and continuing to execute step 405;
step 405: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D to be transmitted r ' aggregation tag MAC 1R And node U 0 Message authentication MAC tag MAC 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm 10 And information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are sequentially arranged to form a new information packet M 0 ’={M 1 ,M 2 ,……,M r ,M 0 };
Step 406: node U 0 Site generated new tag MAC 10 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 } this node U 0 Is the sink node, it willNew data packet D 0 ' directly send to base station B and jump to step 407;
step 407: base station B receives data packet D 0 ’={M 1 ,M 2 ,……,M r ,M 0 ,MAC 10 Adopting an authentication algorithm to carry out authentication; after receiving the data packet, the base station B according to the data packet and the node U 1 Node U 2 823060, node U r Node U 0 Respectively shared secret key K 1 、K 2 、……、K r 、K 0 Substituting the MAC function to recalculate the tag MAC 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ' and then MAC the calculated tag 1 ’、MAC 2 ’、……、MAC r ’、MAC 0 ' performing XOR operation to get tag MAC 10 ' and calculating the obtained tag MAC 10 ' with the received data packet D 0 ' the aggregation tag MAC 10 Carrying out comparison; if the two are the same, the recipient base station B can be sure that packet D is present 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0 (ii) a Otherwise, the receiver base station B cannot acknowledge the data packet D 0 ' the message is not tampered with, and it cannot be certain that the data packet D is 0 ' messages come from the purported sender node U 1 、U 2 、……、U r 、U 0
7. The method of claim 1, comprising the steps of:
step 501: judging node U 0 There are 2 data packets to be transferred in the current wireless receiving buffer, which are from the node U respectively p Data packet D of p ’={M i ,……,M p ,MAC IP And from node U q Middle data packet D q ’={M q ,MAC q At the same time node U 0 With packet M 0 Needs to be sent to the base station B;
step 502: continuing to execute step 503;
step 503: node U 0 With packet M 0 The data packets are required to be sent to a base station B, the number z =1 of the data packets required to be sent is adopted, and meanwhile, an information packet M is generated by adopting an MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to packet M 0 Post-formation packet D 0 ={M 0 ,MAC 0 }; node U 0 There are 2 data packets D to be transferred in the current wireless receiving buffer p ' and D q ', the number of packets to be relayed x =2;
step 504: determining x + z =3> -1, and continuing to execute step 505;
step 505: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the data packet D to be transmitted p ' and D q ' the aggregation tag MAC 1P Message authentication tag MAC q And node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm I0 And information in the data packets participating in aggregation and the node U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M i ,……,M p ,M q ,M 0 };
Step 506: node U 0 To the generated aggregated tag MAC I0 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 }, this node U 0 If the node is a sink node, a new data packet D is sent 0 ' directly send to base station B and jump to step 507;
step 507: base station B receives data packet D 0 ’={M i ,……,M p ,M q ,M 0 ,MAC I0 Adopting an authentication algorithm to perform authentication; cancellation of data packets received by base station BAfter that, according to the self and the node U i 823060, 8230node U p Node U q Node U 0 Respectively shared secret key K i 、……、K p 、K q 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC p ’、……、MAC q ’、MAC 0 ', then MAC the calculated tag i ’、MAC p ’、……、MAC q ’、MAC 0 ' performing XOR operation to obtain tag MAC I0 ' and calculating the obtained tag MAC I0 ' with received data packet D 0 ' aggregation tag MAC I0 Carrying out comparison; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i 823060, 8230node U p Node U q Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U i 823060, 8230node U p Node U q Node U 0
8. The method of claim 1, comprising the steps of:
step 601: judging node U 0 There are multiple data packets to be transferred in the current wireless receiving buffer, which are from the node U respectively a Data packet D of a ’={M d ,……,M a ,MAC DA 8230from node U e Data packet D of e ’={M h ,……,M e ,MAC HE From node U j Data packet D of j ’={M j ,MAC j 8230from node U s Data packet D of s ’={M s ,MAC s At the same time node U 0 With packet M 0 Need to be sent to the baseA station B;
step 602: continuing to execute step 603;
step 603: node U 0 With information packet M 0 The number z =1 of the data packets to be transmitted is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a plurality of data packets needing to be transferred, and the number of the data packets needing to be transferred is x>2;
Step 604: judging that x + z is greater than 3, and continuing to execute step 605;
step 605: at node U 0 Processing the label by adopting an aggregation MAC algorithm, and transmitting the D in the data packet to be transmitted a ’、……、D e ’、D j ’、……、D s ' the aggregate tag MAC DA 、……、MAC HE And message authentication tag MAC j 、……、MAC s And a collection node U 0 Message authentication tag MAC of 0 Generating aggregation label MAC after aggregation by adopting aggregation MAC algorithm D0 And information in the data packets participating in aggregation and the nodes U are combined according to the sequence of label aggregation 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 };
Step 606: node U 0 Site generated new tag MAC D0 Attach to its new packet M 0 ' post-generation of a new data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 }, this node U 0 Is the sink node, the new data packet D is sent 0 ' directly to base station B and jumps to step 607;
step 607: base station B dockingReceived data packet D 0 ’={M d ,……,M a ,……,M h ,……,M e ,M j ,……,M s ,M 0 ,MAC D0 Adopting an authentication algorithm to carry out authentication; the base station B receives the data packet D 0 ' after the message, according to itself and node U d 823060, node U a 823060, node U h 823060, 8230node U e Node U j 823060, 8230node U s Node U 0 Respectively shared secret key K d 、……、K a 、……、K h 、……、K e 、K j 、……、K s 、K 0 Substituting the MAC function to recalculate the tag MAC d ’、……、MAC a ’、……、MAC h ’、……、MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ' and then MAC the calculated tag d ’、……、MAC a ’、……、MAC h ’、……、MAC e ’、MAC j ’、……、MAC s ’、MAC 0 ' performing XOR operation to obtain tag MAC D0 ' and calculating the obtained tag MAC D0 ' with the received data packet D 0 ' aggregation tag MAC D0 Comparing; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U d 823060, node U a 823060, 8230node U h 823060, 8230node U e Node U j 823060, 8230node U s Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U d 823060, node U a 823060, 8230node U h 823060, 8230node U e Node U j 823060, 8230node U s Node U 0
9. The method of claim 1, comprising the steps of:
step 701: judging node U i The current wireless receiving buffer does not have the data packet needing to be transferred, but the node U i With packet M i Needs to be sent to the base station B;
step 702: continuing to execute step 703;
step 703: node U i With packet M i The number of the data packets to be transmitted z =1 is transmitted to the base station B, and M is generated by adopting the MAC algorithm i MAC label MAC of information i Attached to its packet M i Then form its data packet D i ={M i ,MAC i }; node U i The current wireless receiving buffer has no data packets needing to be transferred, and the number of the data packets needing to be transferred is x =0;
step 704: judging x + z =1, then the node U is indicated i Only 1 label is needed, and the new label is the MAC without adopting the aggregation algorithm for processing i The new packet is M i
Step 705: node U i Site generated new tag MAC i Attach to it a new packet M i ’={M i Generate a new data packet D i ’=D i ={M i ,MAC i } this node U i If not, the new data packet D is sent i ' wireless transmission;
step 706: node U i The data packet sent out by the wireless is covered by the next hop node U j Transferred at node U j The processing at the node is in U i The processing procedures of the nodes are completely the same;
step 707: node U i The data packet sent out by wireless is transferred to a sink node U through a plurality of other nodes through a multi-hop network 0 The processing at each transit node is in U i The processing procedures of the nodes are completely the same;
step 708: at sink node U 0 Is processed at the same node U i The processing procedure is the same, and the step is transferred to 701';
step 701': judging node U 0 The current wireless receiving buffer has the point U needing to be transferred x Data packet D of x ’={M i ,M j ,M q ,……,M p ,M x ,MAC IX }, simultaneous nodes U 0 With packet M 0 Needs to be sent to the base station B;
a step 702': go on to step 703';
a step 703': node U 0 With information packet M 0 The number of the data packets to be transmitted z =1 is required to be transmitted to the base station B, and meanwhile, the information packet M is generated by adopting the MAC algorithm 0 MAC label MAC of information 0 Tag MAC 0 Attached to its packet M 0 Then form its data packet D 0 ’={M 0 ,MAC 0 }; node U 0 The current wireless receiving buffer has a data packet D needing to be transferred x ', the number of the data packets to be transferred x =1;
step 704': judging x + z =2&gt, 1, the node U is described 0 2 tags are located, the aggregation algorithm is needed to be adopted for processing, and the step 705' is continuously executed;
step 705': x + z =2&gt, 1 indicates that 2 tags can be processed by adopting an aggregation algorithm, and then the node U is provided with a label list 0 Processing the label by adopting an aggregation MAC algorithm to generate a new aggregation label MAC I0 And according to the sequence of label aggregation, the information in the data packet participating in aggregation and the node U are combined 0 Information packet M of 0 Are arranged in sequence to form a new information packet M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 }; the new tag is the MAC I0 The new packet is M 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 And jump to step 706';
step 706': will be provided withNode U 0 Site generated new tag MAC I0 Attach to it a new packet M 0 ' post-generation of a new data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 } this node U 0 Is a sink node, and sends a new data packet D 0 ' directly to base station B and jumps to step 710;
step 710: base station B receives data packet D 0 ’={M i ,M j ,M q ,……,M p ,M x ,M 0 ,MAC I0 Adopting an authentication algorithm to carry out authentication; that is, after receiving the message, the base station B according to itself and the node U i Node U j Node U q 823060, 8230node U p Node U x Node U 0 Respectively shared secret key K i 、K j 、K q 、……、K p 、K x 、K 0 Substituting the MAC function to recalculate the tag MAC i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ', then MAC the calculated tag i ’、MAC j ’、MAC q ’、……、MAC p ’、MAC x ’、MAC 0 ' performing XOR operation to get tag MAC I0 ', and calculating the obtained label MAC I0 ' with received data packet D 0 ' tag MAC of I0 Comparing; if the two are the same, the recipient base station B can be confident that packet D is data packet D 0 ' the message has not been tampered with and the recipient base station B can be confident that the data packet D is 0 ' messages come from the purported sender node U i Node U j Node U q 823060, node U p Node U x Node U 0 (ii) a Otherwise, the receiver BS B cannot acknowledge the packet D 0 ' the message has not been tampered with and packet D cannot be assured 0 ' messages come from the purported sender node U i Node U j Node U q 823060, node U p Section (B)Point U x Node U 0
CN201711135478.5A 2017-11-16 2017-11-16 A kind of method of message authentication in wireless sensor network Pending CN107809760A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711135478.5A CN107809760A (en) 2017-11-16 2017-11-16 A kind of method of message authentication in wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711135478.5A CN107809760A (en) 2017-11-16 2017-11-16 A kind of method of message authentication in wireless sensor network

Publications (1)

Publication Number Publication Date
CN107809760A true CN107809760A (en) 2018-03-16

Family

ID=61580372

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711135478.5A Pending CN107809760A (en) 2017-11-16 2017-11-16 A kind of method of message authentication in wireless sensor network

Country Status (1)

Country Link
CN (1) CN107809760A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351041A (en) * 2020-11-11 2021-02-09 宏图智能物流股份有限公司 Network request tamper-proof method applied to logistics network

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090158045A1 (en) * 2007-12-12 2009-06-18 National Tsing Hua University Light-overhead and flexible wireless sensor message authentication method
CN101820619A (en) * 2010-01-15 2010-09-01 北京工业大学 Efficient and energy-saving link safety method in wireless sensor network
CN102917313A (en) * 2012-10-17 2013-02-06 重庆邮电大学 Method suitable for broadcast authentication of wireless sensor network
CN104244236A (en) * 2014-09-09 2014-12-24 江苏大学 Data fusion method capable of ensuring confidentiality and integrity
KR101517909B1 (en) * 2013-12-13 2015-05-06 경북대학교 산학협력단 Session Key Cross Certification Method
CN105407483A (en) * 2015-12-28 2016-03-16 黑龙江大学 Method for safe aggregation model communication based on public-state key in wireless sensor network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090158045A1 (en) * 2007-12-12 2009-06-18 National Tsing Hua University Light-overhead and flexible wireless sensor message authentication method
CN101820619A (en) * 2010-01-15 2010-09-01 北京工业大学 Efficient and energy-saving link safety method in wireless sensor network
CN102917313A (en) * 2012-10-17 2013-02-06 重庆邮电大学 Method suitable for broadcast authentication of wireless sensor network
KR101517909B1 (en) * 2013-12-13 2015-05-06 경북대학교 산학협력단 Session Key Cross Certification Method
CN104244236A (en) * 2014-09-09 2014-12-24 江苏大学 Data fusion method capable of ensuring confidentiality and integrity
CN105407483A (en) * 2015-12-28 2016-03-16 黑龙江大学 Method for safe aggregation model communication based on public-state key in wireless sensor network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MERAD BOUDIA OMR RAFIK AND FEHAM MOHAMMED: "SA-SPKC: Secure and efficient Aggregation scheme for wireless sensor networks using Stateful Public Key Cryptography", 《2013 11TH INTERNATIONAL SYMPOSIUM ON PROGRAMMING AND SYSTEMS (ISPS)》 *
王洁: "一种可及时确定受攻击的传感器节点的数据聚合方案", 《中国优秀硕士学位论文》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351041A (en) * 2020-11-11 2021-02-09 宏图智能物流股份有限公司 Network request tamper-proof method applied to logistics network
CN112351041B (en) * 2020-11-11 2023-04-21 宏图智能物流股份有限公司 Network request tamper-proof method applied to logistics network

Similar Documents

Publication Publication Date Title
Kamble et al. Security attacks and secure routing protocols in RPL-based Internet of Things: Survey
Perrey et al. TRAIL: Topology authentication in RPL
Grover et al. A survey of broadcast authentication schemes for wireless networks
Singh et al. Signal strength based hello flood attack detection and prevention in wireless sensor networks
Sharma et al. Analysis of security protocols in wireless sensor network
Gera et al. Trust-based Multi-Path Routing for Enhancing Data Security in MANETs.
Hossain et al. Detecting Black hole attack by selecting appropriate routes for authentic message passing using SHA-3 and Diffie-Hellman algorithm in AODV and AOMDV routing protocols in MANET
Kausar et al. Secure and efficient data transfer using spreading and assimilation in MANET
Bilgin et al. A light-weight solution for blackhole attacks in wireless sensor networks
Ren et al. IPSadas: identity‐privacy‐aware secure and anonymous data aggregation scheme
Al-Riyami et al. Impact of hash value truncation on ID anonymity in wireless sensor networks
CN107809760A (en) A kind of method of message authentication in wireless sensor network
Sumathi et al. An ANN approach in ensuring CIA triangle using an energy based secured protocol E-AODV for enhancing the performance in MANETS
Villalba et al. Secure extension to the optimised link state routing protocol
Jain et al. Secure AODV routing protocol based on homomorphic digital signature
Farahmandian et al. Comprehensive analysis of broadcast authentication protocols in wireless sensor networks
Mbarek et al. BFAN: A bloom filter-based authentication in wireless sensor networks
Misic et al. Performance implications of periodic key exchanges and packet integrity overhead in an 802.15. 4 beacon enabled cluster
Hamamreh et al. RAD: reinforcement authentication DYMO protocol for MANET
Khan et al. Reducing the severity of black hole and DDoS attacks in MANETs by modifying AODV protocol using MAC authentication and symmetric encryption
Roja et al. Lightweight Secure Key Distribution Protocol (LSKDP) for Wireless Sensor Networks
Yang Centralized security protocol for wireless sensor networks
Suriyakrishnaan et al. Digital Signature and Private Key Cryptography Mechanisms for Enhancing Node Authentication in WSN
Bhasin et al. Trust-Aware Distributed and Adaptive Energy Efficient Secure Routing in Sensor Networks.
Ahmad et al. Security on MANETs using block coding

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180316

RJ01 Rejection of invention patent application after publication