CN109600749A - One kind being based on the irreversible radar ad hoc network access authentication method of operation - Google Patents

One kind being based on the irreversible radar ad hoc network access authentication method of operation Download PDF

Info

Publication number
CN109600749A
CN109600749A CN201811495546.3A CN201811495546A CN109600749A CN 109600749 A CN109600749 A CN 109600749A CN 201811495546 A CN201811495546 A CN 201811495546A CN 109600749 A CN109600749 A CN 109600749A
Authority
CN
China
Prior art keywords
radar
public key
value
seed
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811495546.3A
Other languages
Chinese (zh)
Inventor
陆翔
田杰
涂刚毅
张宁
岳帅英
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
724th Research Institute of CSIC
Original Assignee
724th Research Institute of CSIC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 724th Research Institute of CSIC filed Critical 724th Research Institute of CSIC
Priority to CN201811495546.3A priority Critical patent/CN109600749A/en
Publication of CN109600749A publication Critical patent/CN109600749A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S7/00Details of systems according to groups G01S13/00, G01S15/00, G01S17/00
    • G01S7/02Details of systems according to groups G01S13/00, G01S15/00, G01S17/00 of systems according to group G01S13/00
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The present invention proposes a kind of based on operation irreversible radar ad hoc network access authentication method aiming at the problem that radar ad hoc network is with meeting access procedure and being subject to man-in-the-middle attack, and specific steps include: that every radar according to MAC Address generates this radar public key and private key.Radar 1 will the time as seed, seed is digitally signed with this radar private key to form signature value and be sent to radar 2;Radar 2 verifies the signature value received according to the public key and the time of reception of radar 1.If radar 2 is modified to seed and is digitally signed with the private key of radar 2 by verifying, it is sent to radar 1;Modification of the radar 1 according to the public key and expected radar 2 of radar 2 to seed, authenticates the signature value received.If radar 1 is modified to seed and is digitally signed with the private key of radar 1 by certification, it is sent to radar 2;Radar 2 authenticates the modification of seed to received digital signature value according to the public key and expected radar 1 of radar 1.

Description

One kind being based on the irreversible radar ad hoc network access authentication method of operation
Technical field
The present invention relates to a kind of methods of radar network composite access.
Background technique
Radar ad hoc network basic thought is: the communication between more radars is set independent of Base communications such as earth station or satellites It applies, but using radar as network communication node, it can mutually forward charge to instruct between each node, exchange perception situation, health A mobile radio network is set up in the data such as situation and information gathering, automatic connection.Each node has both transmitting-receiving in the network The function of device and router forwards the data to farther node in a multi-hop fashion.
Radar ad hoc network is a kind of opportunistic network (Opportunistic Network), which has interruption or part The network topology of connection meets in opportunity in the mobile bring of platform of carrying radar, passes through wave beam alignment and realize communication, realize It is accessed with meeting.
Radar node number is the code name of radar.In radar ad hoc network, different radars use different radar node numbers, to distinguish The identity of different radars.
In realizing process of the present invention, inventor has found that radar ad hoc network has the following problems: since existing radar is from group The basic implementation that net is not fixed meets chance progress with chance access by the mobile bring of access node, and attacker can lead to The information initiation man-in-the-middle attack for eavesdropping certain link is crossed, the safe transmission of radar ad hoc network data is seriously threatened.For example, invasion Person can pretend to be radar representated by the radar node number to access radar ad hoc network by changing the node number of this radar, thus to thunder Safety up to ad hoc network threatens.
Summary of the invention
The purpose of the invention is to overcome the problems, such as that conventional radar ad hoc network is subject to man-in-the-middle attack, comprehensively consider The characteristics of radar ad hoc network accesses proposes a kind of based on the irreversible radar ad hoc network access authentication method of operation.The technology The content of invention is as described below.
Every radar generates the unique public key PU={ e, n } of this radar and private key PR={ d, n } according to MAC Address.Every portion Radar save this radar private key and can networking other radars public key.Public key can pass through open channel publication.This radar is with originally Radar private key executes digital radar signature algorithm to seed and forms the specified position transmission of signature value storage in messages;Receive thunder Up to the identity declared according to the radar to be accessed, public key is selected to execute radar identity authentication algorithm to ciphertext, carries out radar body The certification of part.The method for resisting deception forwarding attack is realized by way of timestamp and challenge response;Operation irreversibility body Unique public key PU={ e, n } and private key PR={ d, n } are produced now according to MAC Address, and according to public key PU={ e, n } nothing Method is counter to release MAC Address and private key PR={ d, n }.
It is described to be mutually authenticated that specific step is as follows: every radar generates the unique public key PU of this radar according to MAC Address ={ e, n } and private key PR={ d, n }.Public key can pass through open channel publication.Every radar saves this radar private key and can networking Other radars public key.Radar 1 will the time as seed, digital radar is executed to seed with this radar private key and signs to form label The specified position transmission of name value storage in messages;Radar 2 executes radar according to radar node number selection public key in the message Authentication compares authentication value and current time difference, if difference less than 1 second, the identity of 2 preliminary identification radar 1 of radar, and to kind Son executes digital radar to seed with this radar private key after being changed and signs to form signature value storage in messages specified Position transmission.If difference is greater than 1 second, refuse to access;Radar 1 selects public key to execute according to the radar node number in the message Radar authentication compares the change of authentication value and expected radar 2 to seed, if radar 2 verifies radar with expected consistent 1 identity, and confirm the identity of the preliminary identification radar 2 of radar 1.Radar 2 is changed seed, with this radar private key pair Seed executes digital radar and signs to form the specified position transmission of signature value storage in messages;Radar 1 is according in the message Radar node number, select public key to execute radar identity authentication algorithm, compare authentication value and expected radar 2 changes seed Become, if radar 1 verifies the identity of radar 2, and confirms that radar 2 has verified that the identity of radar 1 with expected consistent.
Detailed description of the invention
Fig. 1 is a kind of based on the irreversible radar ad hoc network access authentication method schematic diagram of operation.
Fig. 2 is a kind of based on the irreversible radar ad hoc network access authentication method embodiment schematic diagram of operation.
Specific embodiment
(wherein subscript i indicates i-th thunder as shown in Fig. 2, detailed process is as follows for implementation process of the present invention and software flow Up to):
Step 1: reading the prime number table comprising 65536 different prime numbers;
Step 2:MAC address value shares 48, and 32 preceding 16 place values are denoted as P after selectioni.It is found in the prime number table PiA prime number, is denoted as pi
The address step 3:MAC shares 48, and 32 rear 16 place values are denoted as Q after selectioni.Is found in the prime number table QiA prime number, is denoted as qi
Step 4: calculating ni=piqi
Step 5: calculating Φi(n)=(pi-1)(qi-1);
Step 6: selection e and Φi(n) coprime and be less than Φi(n).To simplify operation, e=3 can be enabled;
Step 7: d is obtained by the method for exhaustioni, so that (di·ei)modΦiAnd d (n)=1i< Φi(n);
Step 8: generating public key PU={ ei,ni};Generate private key PR={ di,ni};
Step 9: radar 1 regard this node time as seed M, with the private key PR1={ d of radar 11,n1Seed is counted Word signature, obtains signature valueC1 and this radar node number Radar1No are transmitted to radar 2, And record M;
Step 10: radar 2 searches for corresponding public key according to this radar node number Radar1No in the message received PU1 carries out authentication to the signature value C1 in the message received with PU1, obtainsRecord M.Compare M And this radar current time.If difference less than 1 second, enables M ' be equal to M+1, digital label are carried out to the private key PR2 of M ' radar 2 Name forms signature valueC2 and this radar declared node number Radar2No are transmitted to radar 1;If difference is greater than 1 second, refuse to access;
Step 11: radar 1 searches for corresponding public key according to this radar node number Radar2No in the message received PU2 carries out authentication to signature value C2 with PU2, obtainsIf M '=M+1, radar 1 authenticates radar 2 identity, and seed M " is generated equal to M '+1, and acquisition authentication value is digitally signed to seed M " with this radar private key PR1C3 and this radar node number are transmitted to radar 2;If M ' ≠ M+1 refuses to access;
Step 12: radar 2 searches for corresponding public key according to this radar node number Radar1No in the message received PU1 carries out authentication acquisition to signature value C3 with PU1If M ' is equal to M+2, radar 2 authenticates radar 1 identity;If M ' is not equal to M+2, refuse to access.

Claims (4)

1. one kind is based on the irreversible radar ad hoc network access authentication method of operation, it is characterised in that:
Step 1: radar 1 generates the public key and private key PU1, PR1 of this radar according to the MAC Address of this radar;Radar 2 is according to this thunder The MAC Address reached generates the public key and private key PU2, PR2 of this radar;Each radar stores the private key and other radars of this radar Public key is corresponded by radar node number and radar public key;
Step 2: radar 1 regard this node time as seed M, is digitally signed acquisition to seed M with the private key PR1 of radar 1 Signature value C1;C1 and this radar node number Radar1No are packaged as step 2 message and are sent to radar 2, and records M;
Step 3: radar 2 searches for corresponding public key PU1 according to the radar node number in step 2 message received, with PU1 to institute It states the signature value C1 in message and executes radar authentication acquisition authentication value M;Compare the difference of M and this radar current time;If poor Value then enabled M ' be equal to M+1, and carried out digital radar to seed M ' to the private key PR2 of M ' radar 2 and signed less than 1 second This radar node number Radar2No of C2 and radar 2 are packaged into step 3 message and are sent to radar 1 by value C2;If difference is greater than 1s, then radar 2 refuses the access of radar 1;
Step 4: radar 1 uses public key according to the radar node number Radar2No public key PU2 in step 2 message received, radar 1 PU2 executes radar authentication to signature value C2 and obtains authentication value M ';If M '=M+1, radar 1 authenticates the identity of radar 2, and Generate seed M "=M '+1;Seed M " is digitally signed with this radar private key PR1 and obtains signature value C3, by C3 and radar 1 this radar node number Radar1No is packaged into step 4 message and is sent to radar 2;If M ' is not equal to M+1, radar 1 refuses thunder Up to 2 accesses;
Step 5: radar 2 searches for corresponding public key PU1 according to the radar node number Radar1No in step 4 message received;Thunder Authentication is carried out to signature value C3 with public key PU1 up to 2 and obtains authentication value M ";" it is equal to M+2, radar 2 authenticates radar 1 if M Identity;" it is not equal to M+2, radar 2 is refused radar 1 and accessed if M.
2. according to claim 1 a kind of based on the irreversible radar ad hoc network access authentication method of operation, feature exists In: radar according to the MAC Address of radar generate the public key of this radar and the private key of this radar method the following steps are included:
Step 1: selecting rear 32 place value of the MAC Address value of this radar for generating this radar public key and private key;32 place value Preceding 16 place value be denoted as p1, rear 16 place value is denoted as q1;
Step 2: reading the prime number table comprising 65536 different prime numbers;
Step 3: finding 1 prime number of pth in the prime number table, be denoted as p;
Step 4: finding the q1 prime number in the prime number table, be denoted as q;
Step 5: calculating n=pq;
Step 6: calculating Φ (n)=(p-1) (q-1);
Step 7: selection e and Φ (n) is coprime and is less than Φ (n), can enable e=3;
Step 8: d is solved, so that mod Φ (n)=1 (de) and d < Φ (n);
Step 9: generating the public key PU={ e, n } of this radar;Generate the private key PR={ d, n } of this radar.
3. according to claim 1 a kind of based on the irreversible radar ad hoc network access authentication method of operation, feature exists The method for obtaining signature value is digitally signed to seed with private key in: radar are as follows: seed is denoted as M, private key be denoted as PR=d, n};Signature value C is calculated as follows:
C=Mdmod n。
4. according to claim 1 a kind of based on the irreversible radar ad hoc network access authentication method of operation, feature exists In radar carries out the method that authentication obtains authentication value to signature value with public key are as follows: signature value is denoted as C, and public key is denoted as PU= {e,n};Authentication value M is calculated as follows:
M=Cemod n。
CN201811495546.3A 2018-12-07 2018-12-07 One kind being based on the irreversible radar ad hoc network access authentication method of operation Pending CN109600749A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811495546.3A CN109600749A (en) 2018-12-07 2018-12-07 One kind being based on the irreversible radar ad hoc network access authentication method of operation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811495546.3A CN109600749A (en) 2018-12-07 2018-12-07 One kind being based on the irreversible radar ad hoc network access authentication method of operation

Publications (1)

Publication Number Publication Date
CN109600749A true CN109600749A (en) 2019-04-09

Family

ID=65961458

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811495546.3A Pending CN109600749A (en) 2018-12-07 2018-12-07 One kind being based on the irreversible radar ad hoc network access authentication method of operation

Country Status (1)

Country Link
CN (1) CN109600749A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110113344A (en) * 2019-05-13 2019-08-09 西南科技大学 A kind of marine multiple mobile platforms personal identification method based on distributed cryptographic

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014106031A1 (en) * 2012-12-28 2014-07-03 Vasco Data Security, Inc. Remote authentication and transaction signatures
CN107360124A (en) * 2016-05-10 2017-11-17 普天信息技术有限公司 Access authentication method and device, WAP and user terminal
CN108260102A (en) * 2018-01-04 2018-07-06 西南交通大学 The car-ground communication Non-Access Stratum authentication methods of LTE-R based on allograph
CN108401243A (en) * 2018-02-23 2018-08-14 广州大学 Vehicular ad hoc network message authentication method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014106031A1 (en) * 2012-12-28 2014-07-03 Vasco Data Security, Inc. Remote authentication and transaction signatures
CN107360124A (en) * 2016-05-10 2017-11-17 普天信息技术有限公司 Access authentication method and device, WAP and user terminal
CN108260102A (en) * 2018-01-04 2018-07-06 西南交通大学 The car-ground communication Non-Access Stratum authentication methods of LTE-R based on allograph
CN108401243A (en) * 2018-02-23 2018-08-14 广州大学 Vehicular ad hoc network message authentication method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110113344A (en) * 2019-05-13 2019-08-09 西南科技大学 A kind of marine multiple mobile platforms personal identification method based on distributed cryptographic
CN110113344B (en) * 2019-05-13 2021-08-10 西南科技大学 Offshore multi-mobile-platform identity recognition method based on distributed encryption

Similar Documents

Publication Publication Date Title
Yang et al. Security vulnerabilities in LoRaWAN
Shen et al. Secure key establishment for device-to-device communications
KR101626453B1 (en) Group based bootstrapping in machine type communication
CN103874114B (en) A kind of AP fault handling methods, AP equipment and AC equipment
US8825998B2 (en) Security control in a communication system
CN110073714A (en) For rebuilding the method and apparatus of Radio Communications Link due to radio bearer setup complete
Burgner et al. Security of wireless sensor networks
CN102594555A (en) Security protection method for data, entity on network side and communication terminal
CN107683596B (en) Method and apparatus for an end device to discover another end device
CN108683690A (en) Method for authenticating, user equipment, authentication device, authentication server and storage medium
Zuba et al. A resilient pressure routing scheme for underwater acoustic networks
Basciftci et al. How vulnerable is vehicular communication to physical layer jamming attacks?
CN104602229B (en) A kind of efficient initial access authentication method for WLAN and 5G combination network application scenarios
CN107437984A (en) Information transferring method and device
Melki et al. Lightweight and secure D2D authentication & key management based on PLS
CN101867930B (en) Rapid authentication method for wireless Mesh network backbone node switching
CN101867923B (en) Heterogeneous wireless network secure access authentication method based on identity self-confirmation
CN109600749A (en) One kind being based on the irreversible radar ad hoc network access authentication method of operation
CN108173791A (en) The blind authentication method of physical layer and system of time-varying fading channels based on smoothing technique
CN110062381A (en) A kind of method and device obtaining user identifier
Wang et al. A Secured Protocol for IoT Devices in Tactical Networks
CN108156102A (en) The blind authentication method and system of frequency selective fading channels based on smoothing technique
Chen et al. A dual-factor access authentication scheme for IoT terminal in 5G environments with network slice selection
Kim et al. A study on false channel condition reporting attacks in wireless networks
El-Sakka et al. Double Evolved Packet System Authentication and Key Agreement Protocol Based on Elliptic Curve for 4G (LTE) Networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190409

WD01 Invention patent application deemed withdrawn after publication