CN113055883A - Wireless sensor network system and method based on CPK - Google Patents

Wireless sensor network system and method based on CPK Download PDF

Info

Publication number
CN113055883A
CN113055883A CN202110336417.5A CN202110336417A CN113055883A CN 113055883 A CN113055883 A CN 113055883A CN 202110336417 A CN202110336417 A CN 202110336417A CN 113055883 A CN113055883 A CN 113055883A
Authority
CN
China
Prior art keywords
node
key
cluster head
nodes
cpk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110336417.5A
Other languages
Chinese (zh)
Inventor
刘思源
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Fumin Bank Co Ltd
Original Assignee
Chongqing Fumin Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Fumin Bank Co Ltd filed Critical Chongqing Fumin Bank Co Ltd
Priority to CN202110336417.5A priority Critical patent/CN113055883A/en
Publication of CN113055883A publication Critical patent/CN113055883A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to the technical field of sensor networks, in particular to a wireless sensor network system and a method based on CPK, wherein the method comprises the following steps: a key generation and distribution step, namely generating a key matrix, wherein the key matrix comprises a private key matrix and a public key matrix, and each node acquires a respective private key and a public key matrix; a clustering step, wherein a cluster head election node communicates with each other node to complete key negotiation, all node information is mapped to a bloom filter, and the cluster head election node sends the bloom filter to each node; and in the cluster communication step, when the cluster nodes receive communication requests of other nodes, the verification is carried out through a bloom filter, the key negotiation is completed, and communication is carried out through the negotiated session key. The wireless sensor network system and the method based on the CPK can realize the self-organization of the wireless sensor network, improve the stability of the wireless sensor network, ensure the communication safety of the sensor nodes and ensure the reliability of data.

Description

Wireless sensor network system and method based on CPK
Technical Field
The invention relates to the technical field of sensor networks, in particular to a wireless sensor network system and a wireless sensor network method based on CPK.
Background
The wireless Sensor network wsn (wireless Sensor network) is considered as one of the most important technologies in this century, and a large number of applications in supply chain management are core technologies for implementing supply chain data sensing. The wireless sensor network is a wireless network formed by a large number of static or mobile wireless sensor nodes in a self-organizing way, is a core component of the Internet of things, and is mainly characterized in that: large scale, self-organizing, dynamic, robust, and data-centric network architectures. The wireless sensor network consists of a large number of sensor nodes deployed in an observation area, and is used for cooperatively and autonomously sensing, collecting and processing sensing object information covered by the network, and summarizing and returning data to an observer.
The nodes of the wireless sensor network are generally divided into a plurality of groups, also called clusters, each cluster is composed of a cluster head node and other common nodes, the common nodes can transmit data to the cluster head nodes, and the cluster head nodes transmit aggregated data to a base station, so that the effects of improving the network transmission efficiency and reducing the node power consumption are achieved. The problem that needs to be solved in the current sensor network application is urgent how to perform cluster head node selection to determine cluster head nodes and how to perform network self-organization to ensure network smoothness when the cluster head nodes fail.
Meanwhile, with the application and development of wireless sensor networks, sensor networks also face more and more complex security threats; due to the unreliability of the wireless sensor network communication channel and the unstable network topology, the communication protocol is vulnerable to various attacks, such as man-in-the-middle attack, witch attack, denial-of-service attack, and the like. In order to prevent many attack means, it is also important how to set up an identity authentication method and method to ensure the security of each network node data.
Disclosure of Invention
The invention aims to provide a wireless sensor network system and a method based on CPK, which can ensure the communication safety of sensor nodes and the reliability of data.
The application provides the following technical scheme:
the CPK-based wireless sensor network method comprises the following steps:
a secret key generation and distribution step, namely generating a secret key matrix based on a CPK technology, wherein the secret key matrix comprises a private key matrix and a public key matrix, distributing a private key for each node, and each node acquires the respective private key and the public key matrix;
a clustering step, wherein a cluster head election node communicates with each other node to complete key negotiation, all node information is mapped to a bloom filter, and the cluster head election node sends the bloom filter to each node;
and in the cluster communication step, when the cluster nodes receive communication requests of other nodes, the verification is carried out through a bloom filter, the key negotiation is completed, and communication is carried out through the negotiated session key.
Further, the key generation and distribution step includes:
acquiring encryption parameters, and generating a key matrix according to the encryption parameters;
distributing ID for each node, calculating a node private key according to the corresponding position of the mapping value of the ID of the equipment in the key matrix, and sending the node private key to the node;
and transmitting the public key matrix to the node, and calculating the node public key by the node according to the public key matrix and the ID.
Further, in the key generation and distribution step, the public key matrix is directly written into a storage medium of the node before the wireless network is deployed.
Furthermore, the whole network broadcasting is not needed, and illegal personnel can not obtain the public key information easily, so that the whole sensor network is more robust.
Further, the encryption parameters comprise curve parameters, base point parameters, orders, the number of curve points and the size of a matrix;
the step of generating a key matrix from the encryption parameters comprises:
generating a curve group according to the curve parameters and the order;
selecting corresponding elements as base points according to the base point parameters, and calculating all times of the base points to obtain subgroups of curve groups;
generating a private key matrix according to the size of the matrix;
and obtaining a public key matrix according to the private key matrix and the subgroup of the curve group.
Further, the curve is an elliptic curve.
Further, the step of the cluster head election node communicating with each other node to complete key agreement specifically includes:
the cluster head election nodes and each node execute the following steps:
a connection request step, wherein the cluster head election nodes send connection requests to other nodes;
a connection verification step, namely verifying a connection request of the cluster head election node by the node receiving the message;
a session key generation step, in which the nodes receiving the message and the cluster head election nodes generate session keys;
the connection requesting step includes:
generating a random number and a timestamp by the cluster head election nodes;
the cluster head election nodes calculate and obtain ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure BDA0002997878470000031
Figure BDA0002997878470000032
wherein:
a represents a cluster head election node, and B represents a target node to be connected with the cluster head node;
rAand TARespectively representing random numbers and time stamps generated by cluster head election nodes; g is a base point; sAA private key of a node is selected for cluster head competition;
Figure BDA0002997878470000033
private key S representing election of nodes using cluster headAFor { IDA,IDB,KA,TASign, SigAIs the signature result; IDAAnd IDBID for node A and node B, respectively;
Figure BDA0002997878470000034
indicates the use of KABFor IDA、IDB、KA、TAAnd SigACarry out encryption, MABCiphertext information obtained for encryption;
cluster head election node A will IDA、KAAnd MABAnd packaging and sending the data to the target node B.
Further, the connection verification step includes:
receiving the information of cluster head election node A and analyzing IDA、KA
K is calculated according to the following formulaAB
KAB=SB*KA
Wherein S isBIs the private key of the target node B;
using KABDecrypting MABObtaining a timestamp TAAnd IDBVerifying the time validity according to the time stamp and verifying the IDBWhether the ID is consistent with the self ID;
if the verification is passed, calculating the ID through a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
According to the public key QAUnsolve signature Sig of node AAVerifying the authenticity of the signature information;
if not, the connection is terminated, otherwise, the step of generating the session key is executed.
Further, the session key generating step includes:
node B generates a random number rBAnd a time stamp TB
And (3) calculating:
KBA=rB*QB
using node B private key SBFor message { IDA,IDB,KBA,TA,TBSigning:
Figure BDA0002997878470000041
by KABEncryption message IDA,IDB,KBA,TA,TB,SigB}:
Figure BDA0002997878470000042
The node B calculates the session key:
Figure BDA0002997878470000043
will MBASending the cluster head election node A;
node A receives node B return information, using KABTo MBADecrypting the data, and verifying the timestamp and the signature sent by the node B; if the verification fails, the connection is stopped, if the verification succeeds, a session key is calculated, and key negotiation is completed:
Figure BDA0002997878470000044
further, the intra-cluster communication step includes:
a sending node generates a random number and a time stamp;
the sending node calculates and obtains the ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure BDA0002997878470000045
wherein:
a represents a transmitting node, B represents a receiving node;
rAand TARespectively representing a random number and a time stamp generated by a sending node; g is a base point; sAA private key of the sending node; IDAAnd IDBID for node A and node B, respectively;
Figure BDA0002997878470000046
indicates the use of KABFor IDA、IDB、KA、TACarry out encryption, MABCiphertext information obtained for encryption;
node A will IDA、KAAnd MABPackaging and sending to a receiving node B;
the node B receives the request message of the node A to obtain the identification ID of the node AAAnd KAThen calculates the ID using a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
By judging IDA||QAWhether the mapping of the field exists in the bloom filter or not is judged, and the authentication of the sensor node A of the sender is realized; if the authentication fails, the connection is ended;
if the authentication is successful, the secret key K is calculatedAB=SB*KA(ii) a Using KABDecrypting the acquisition timestamp TAValidity to time and IDBVerifying, and ending the connection if the verification fails;
if the verification is successful, a random number r is generatedBAnd a time stamp TBCalculating KBA=rB*QB(ii) a Using KABEncryption message IDA,IDB,KBA,TA,TB} generating MBAThen, the data is sent to the node A;
calculating a session key:
Figure BDA0002997878470000051
the node A receives the message between the coming node B and authenticates the node B through the bloom filter;
if the authentication is passed, K is usedABDecrypting ciphertext MBAJudgment of TA,TBTime validity, if valid, calculating a session key:
Figure BDA0002997878470000052
node a and node B communicate encrypted by a session key.
Further, the application also discloses a wireless sensor network system based on the CPK, and the wireless sensor network method based on the CPK is used.
The technical scheme of the invention has the beneficial effects that:
according to the technical scheme, through the clustering step, key agreement is carried out between the cluster head election nodes and each node, cluster head nodes are elected by combining a cluster head election algorithm such as leach, and the mechanism can realize self-organization of the wireless sensor network under the condition that the cluster head nodes fail, and improves the stability and reliability of the wireless sensor network.
The method comprises the steps that a public key matrix and a private key matrix are constructed through a CPK technology, bidirectional identity authentication is carried out through encryption of a private key and the public key when a clustering stage is carried out, after authentication is successful, cluster head nodes and other nodes communicate through a negotiated key without carrying out identity authentication again, identity data of all the nodes are mapped into a bloom filter, bidirectional identity authentication is not required to be carried out again when communication is carried out between the nodes in a cluster, only the identity authentication is carried out through the bloom filter, and then communication is carried out through the negotiated key. The technical scheme of the invention can ensure the safety of sensor node communication and the reliability of data.
Drawings
Fig. 1 is a logic architecture diagram of an embodiment of a CPK-based wireless sensor network system according to the present application;
fig. 2 is a flowchart of clustering steps in an embodiment of the CPK-based wireless sensor network method of the present application;
fig. 3 is a flowchart of intra-cluster communication steps in an embodiment of the CPK-based wireless sensor network method of the present application;
fig. 4 is a diagram illustrating a relationship between collision probability and hash function number in an embodiment of the CPK-based wireless sensor network method of the present application.
Detailed Description
The technical scheme of the application is further explained in detail through the following specific implementation modes:
example one
As shown in fig. 1, the CPK-based wireless sensor network system in this embodiment mainly includes three types of devices: a base station, a cluster head node and an intra-cluster node. The base station bs (bases station) has the main functions of managing the entire wireless sensor network, including identifier management, public and private key management, data summarization and sending to an observer, and the like. The cluster head node ch (cluster head) is equivalent to a router, and has the main functions of receiving, processing and forwarding messages among nodes in the sensor network and directly communicating with a base station. The sensor nodes (nodes) are the most numerous devices in the network, undertake different tasks according to the functions of respective sensors, and cooperate with each other to autonomously acquire, process and send relevant data of a sensing object.
The wireless sensor network method based on the CPK disclosed by the embodiment comprises the following steps:
a key generation and distribution step, namely generating a key matrix based on the CPK technology, wherein the key matrix comprises a private key matrix and a public key matrix, distributing a private key for each node, and each node acquires the respective private key and the public key matrix;
a clustering step, wherein a cluster head election node communicates with each other node to complete key negotiation, all node information is mapped to a bloom filter, and the cluster head election node sends the bloom filter to each node;
and in the cluster communication step, when the cluster nodes receive communication requests of other nodes, the verification is carried out through a bloom filter, the key negotiation is completed, and communication is carried out through the negotiated session key.
The key generation and distribution step comprises:
acquiring encryption parameters, and generating a key matrix according to the encryption parameters; the encryption parameters comprise curve parameters, base point parameters, orders, the number of curve points and matrix sizes; in this embodiment, the curve is selected as an elliptic curve y2=x3+ ax + b. The curve parameters are a and b, the order p is the order of a finite field GF (p), and the curve parameters are prime numbers;
the step of generating a key matrix from the encryption parameters comprises:
according to the curve parameters and the order, generating an elliptic curve group Ep(a,b);
Selecting corresponding elements as base points according to the base point parameters, and calculating all times of the base points to obtain subgroups of curve groups; i.e. selecting EpIn (a, b), the element G is used as a base point, and the calculation element G is (x)G,yG) For generating E, all the multiple points kG (k 1, 2.....) of (i) are used to generate Ep(a, b) subgroup S. All elements of the subgroup S are constituted by the base point G and its multiple points, as follows:
S={G,2G......,nG}={(x1,y1),(x2,y2),......,(xn,yn)}
the elements (x) in subgroup Sk,yk) And its multiple value k form a key pair of an elliptic curve.
Let n satisfy the condition that nG is 0N is the number of elliptic curve points on the finite field gf (p).
Generating a private key matrix according to the size of the matrix;
and obtaining a public key matrix according to the private key matrix and the subgroup of the curve group.
Let the matrix size be m x h, and the elements in the private key matrix be rijAnd is marked as SSK:
Figure BDA0002997878470000071
the public key matrix is also m × h, the matrix is composed of elements in subgroups S, which are all the points multiple of the base point G, and the public key matrix is marked as PSK:
Figure BDA0002997878470000072
distributing ID for each node, calculating a node private key according to the corresponding position of the mapping value of the ID of the equipment in the key matrix, and sending the node private key to the node;
and transmitting the public key matrix to the node, and calculating the node public key by the node according to the public key matrix and the ID.
The key pair of the node equipment is formed by taking corresponding position elements from the mapping value of the equipment identifier in a key matrix and combining the corresponding position elements.
The node device private key calculation process is as follows:
Figure BDA0002997878470000073
because the private key factor matrix is a secret variable, the calculation process can only be completed by a key management center in the base station, and the private key of the private key factor matrix is sent to the node equipment in a secure manner. All nodes in the wireless sensor network can calculate the public key of the node through PSK and ID, and the calculation process is as follows:
Figure BDA0002997878470000074
considering the general form of the wireless sensor network, each node in the wireless sensor network acquires a private key and a public key factor matrix from a base station, and the private key and the public key factor matrix can be directly stored in a chip. In other embodiments of the present application, in the key generation and distribution step, the public key matrix is directly written into a storage medium of the node before the wireless network is deployed.
The step of the cluster head election node communicating with each other node to complete key agreement specifically includes:
as shown in fig. 2, the cluster head election node and each node execute the following steps:
a connection request step, wherein the cluster head election nodes send connection requests to other nodes;
a connection verification step, namely verifying a connection request of the cluster head election node by the node receiving the message;
a session key generation step, in which the nodes receiving the message and the cluster head election nodes generate session keys;
the connection requesting step includes:
generating a random number and a timestamp by the cluster head election nodes;
the cluster head election nodes calculate and obtain ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure BDA0002997878470000081
Figure BDA0002997878470000082
wherein:
a represents a cluster head election node, and B represents a target node to be connected with the cluster head node;
rAand TARespectively representing random numbers and time stamps generated by cluster head election nodes; g is a base point; sAA private key of a node is selected for cluster head competition;
Figure BDA0002997878470000083
private key S representing use of election nodeAFor { IDA,IDB,KA,TASign, SigAIs the signature result; IDAAnd IDBID for node A and node B, respectively;
Figure BDA0002997878470000084
indicates the use of KABFor IDA、IDB、KA、TAAnd SigACarry out encryption, MABCiphertext information obtained for encryption;
cluster head election sectionPoint A will IDA、KAAnd MABAnd packaging and sending the data to the target node B.
The connection verification step includes:
receiving the information of cluster head election node A and analyzing IDA、KA
K is calculated according to the following formulaAB
KAB=SB*KA
Wherein S isBIs the private key of the target node B;
using KABDecrypting MABObtaining a timestamp TAAnd IDBVerifying the time validity according to the time stamp and verifying the IDBWhether the ID is consistent with the self ID;
if the verification is passed, calculating the ID through a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
According to the public key QAUnsolve signature Sig of node AAVerifying the authenticity of the signature information;
if not, the connection is terminated, otherwise, the step of generating the session key is executed.
The session key generating step includes:
node B generates a random number rBAnd a time stamp TB
And (3) calculating:
KBA=rB*QB
using node B private key SBFor message { IDA,IDB,KBA,TA,TBSigning:
Figure BDA0002997878470000091
by KABEncryption message IDA,IDB,KBA,TA,TB,SigB}:
Figure BDA0002997878470000092
The node B calculates the session key:
Figure BDA0002997878470000093
will MBASending the cluster head election node A;
node A receives node B return information, using KABTo MBADecrypting the data, and verifying the timestamp and the signature sent by the node B; if the verification fails, the connection is stopped, if the verification succeeds, a session key is calculated, and key negotiation is completed:
Figure BDA0002997878470000094
as shown in fig. 3, the intra-cluster communication step includes:
a sending node generates a random number and a time stamp;
the sending node calculates and obtains the ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure BDA0002997878470000095
wherein:
a represents a transmitting node, B represents a receiving node;
rAand TARespectively representing a random number and a time stamp generated by a sending node; g is a base point; sAA private key of the sending node; IDAAnd IDBID for node A and node B, respectively;
Figure BDA0002997878470000096
indicates the use of KABFor IDA、IDB、KA、TACarry out encryption, MABCiphertext information obtained for encryption;
node A will IDA、KAAnd MABPackaging and sending to a receiving node B;
the node B receives the request message of the node A to obtain the identification ID of the node AAAnd KAThen calculates the ID using a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
By judging IDA||QAWhether the mapping of the field exists in the bloom filter or not is judged, and the authentication of the sensor node A of the sender is realized; if the authentication fails, the connection is ended;
if the authentication is successful, the secret key K is calculatedAB=SB*KA(ii) a Using KABDecrypting the acquisition timestamp TAValidity to time and IDBVerifying, and ending the connection if the verification fails;
if the verification is successful, a random number r is generatedBAnd a time stamp TBCalculating KBA=rB*QB(ii) a Using KABEncryption message IDA,IDB,KBA,TA,TB} generating MBAThen, the data is sent to the node A;
calculating a session key:
Figure BDA0002997878470000101
the node A receives the message between the coming node B and authenticates the node B through the bloom filter;
if the authentication is passed, K is usedABDecrypting ciphertext MBAJudgment of TA,TBTime validity, if valid, calculating a session key:
Figure BDA0002997878470000102
node a and node B communicate encrypted by a session key.
The application also discloses a wireless sensor network system based on the CPK, and the wireless sensor network method based on the CPK is used.
Each node needs 2 times of point multiplication, symmetric encryption and decryption for 1 time respectively, mapping of a bloom filter for 1 time, mapping of an identifier to a public key for 1 time and 1 communication process when the nodes in the cluster complete the authentication and key agreement process. In the clustering stage, a bloom filter is not adopted to realize identity bidirectional authentication, but a digital signature mode is adopted to cause large calculation amount, point multiplication is needed for 3 times, digital signature and verification are carried out for 1 time, symmetric encryption and decryption are carried out for 1 time respectively, mapping from the identifier to the public key is carried out for 1 time, and 1 or 2 communication processes are carried out. In the method, the node identification information is mapped on the coordinates of elements in the public key matrix by using a h-time hash algorithm, the consumption of an addition algorithm of points on an elliptic curve is very low, parallel calculation can be realized by a task division mode, but the hash algorithm structure in the CPK scheme is easier to construct compared with a function in the IBE. Therefore, the calculation of the authentication process between nodes and the communication overhead can be suitable for the wireless sensor network.
Although the method for authenticating the intra-cluster communication nodes by using the bloom filter is high in calculation efficiency, due to the inherent defects of the hash algorithm, the node authentication mechanism possibly fails due to the collision performance of the hash algorithm, and therefore the collision resistance of the bloom filter needs to be analyzed.
If the total number of nodes in the cluster is n, the space of the bloom filter is m bits, and mapping is realized by adopting k hashes, then the probability function:
Figure BDA0002997878470000103
the following can be obtained:
Figure BDA0002997878470000104
is provided with
Figure BDA0002997878470000105
The minimum of the probability function f can be expressed as the minimum of g versus f:
Figure BDA0002997878470000111
easy and proper k is obtained:
Figure BDA0002997878470000112
the derivative takes a value of zero and the probability function takes a minimum value. Substituting k value in the formula into the probability function f can obtain f as 2-k
Moreover, it is also difficult to analyze that this is a minimum. We can consider the function f to be a function of k, with the probability of generating a collision decreasing exponentially as k increases. Therefore, relative balance points can be obtained among the number of the Hash functions, the size of the vector space and the total number of the nodes, the collision rate is controlled within an acceptable range, and the calculation and storage expenses are reduced as much as possible.
By analyzing the collision probability function f, when:
Figure BDA0002997878470000113
f takes the minimum value of f 2-k. In a practical application network, the number of nodes n may often be able to be determined or kept within a certain range, and therefore it may be assumed that the collision probability function f is mainly related to the values of m and k. In order to obtain the minimum collision probability, the above formula should be taken as a median, and in the case of n determination, the larger the value of m or k is, the better the value is, but the increase of m or k also means the increase of the calculation amount, and the larger memory space and the longer calculation time are needed. Under such conditions, it is considered to limit the collision probability f to an acceptable range. As shown in fig. 4, when k is 10, for example, f can be obtained to be smaller than1%, m is 14.427 × n, so that the authentication and encryption can be realized, and the calculated amount and the storage space can be maintained within an acceptable range.
Due to the unreliability of the wireless sensor network communication channel and the unstable network topology, the communication protocol is vulnerable to various attacks, such as man-in-the-middle attack, witch attack, denial-of-service attack, and the like. In order to prevent a plurality of attack means, the wireless sensor network must select a proper encryption and authentication scheme to ensure the security of the sensor node communication and the reliability of data. The authentication and encryption scheme based on the CPK can withstand various types of attack.
Attack on Sybil: between deployment sensor networks, the BS, which plays a role of key management, has already allocated identification information to all legitimate sensor nodes, and has written the respective private key and public key matrix of the nodes into the storage medium, and at the same time, bidirectional authentication needs to be performed through a bloom filter before key agreement is achieved between the nodes. Moreover, the CPK key mechanism prevents an adversary from easily acquiring a legal identification and obtaining its public key information. Therefore, the method can effectively prevent Sybil attack.
Man-in-the-middle attack: in the clustering stage, a cluster head node needs to perform bidirectional signature authentication with each node; in the intra-cluster communication process, the sensor node also needs to perform bidirectional authentication on both communication parties, so that an adversary cannot realize man-in-the-middle attack. In order to obtain a higher safety factor, the public key matrix of the CPK can be directly written into a storage medium of the sensor before the wireless network is deployed, the whole network broadcasting is not needed, and an adversary cannot directly calculate the public key information through the identification information, so that the whole sensor network is more robust.
Denial of service attacks: in the scheme provided by the invention, before a communication channel is established between each node and other nodes, identity authentication is firstly carried out through a bloom filter to determine whether the identity of a requester is legal or not, other computing tasks are not executed until authentication is completed, and resources consumed for completing authentication are not large, so that the aim that an adversary wants to exhaust the communication bandwidth of each sensor node by continuously sending legal requests is difficult to achieve.
The node captures the attack: it is much easier to capture sensor nodes than to breach the BS. Assuming that an adversary can acquire information in a storage medium of the sensor node through a technical worker method after the adversary breaks through the sensor node, the leaked nodes do not influence the normal work of other nodes because symmetric keys for conversation among the nodes are different. And because the CPK can form a huge amount of key space by depending on a smaller key matrix, the method of acquiring all public key information by capturing a large number of nodes cannot be successful.
Example two
The difference between this embodiment and the first embodiment is that, in this embodiment, the clustering step and the intra-cluster communication step further include, before performing node identity verification: and a node position detection step, namely detecting the signal intensity information of the node to be verified through the authenticated intra-cluster node, calculating the position of the node to be verified according to the signal intensity information, comparing the position with the position of the node in the history record, judging whether the position of the node to be verified is changed, if so, failing to verify, terminating connection, and if so, passing verification, and continuing node identity verification.
In this embodiment, the signal strength of the node to be verified is detected by the authenticated intra-cluster node, and the detection and verification of the position are performed based on the signal strength. In the embodiment, the position is verified before the identity verification, if the position of the node is changed obviously, the node is possibly in a problem, the connection is stopped, and illegal persons are prevented from cracking the replaced node or changing the node.
EXAMPLE III
The difference between this embodiment and the second embodiment is that, in this embodiment, if it is detected that the position of the node to be verified changes, the server is requested to determine whether there is a change record for maintenance, if so, the verification passes, the node identity verification is continued, and if not, the connection is terminated.
The above are merely examples of the present invention, and the present invention is not limited to the field related to this embodiment, and the common general knowledge of the known specific structures and characteristics in the schemes is not described herein too much, and those skilled in the art can know all the common technical knowledge in the technical field before the application date or the priority date, can know all the prior art in this field, and have the ability to apply the conventional experimental means before this date, and those skilled in the art can combine their own ability to perfect and implement the scheme, and some typical known structures or known methods should not become barriers to the implementation of the present invention by those skilled in the art in light of the teaching provided in the present application. It should be noted that, for those skilled in the art, without departing from the structure of the present invention, several changes and modifications can be made, which should also be regarded as the protection scope of the present invention, and these will not affect the effect of the implementation of the present invention and the practicability of the patent. The scope of the claims of the present application shall be determined by the contents of the claims, and the description of the embodiments and the like in the specification shall be used to explain the contents of the claims.

Claims (10)

1. The wireless sensor network method based on the CPK is characterized in that: the method comprises the following steps:
a secret key generation and distribution step, namely generating a secret key matrix based on a CPK technology, wherein the secret key matrix comprises a private key matrix and a public key matrix, distributing a private key for each node, and each node acquires the respective private key and the public key matrix;
a clustering step, wherein a cluster head election node communicates with each other node to complete key negotiation, all node information is mapped to a bloom filter, and the cluster head election node sends the bloom filter to each node;
and in the cluster communication step, when the cluster nodes receive communication requests of other nodes, the verification is carried out through a bloom filter, the key negotiation is completed, and communication is carried out through the negotiated session key.
2. A CPK-based wireless sensor network method according to claim 1, wherein: the key generation and distribution step comprises:
acquiring encryption parameters, and generating a key matrix according to the encryption parameters;
distributing ID for each node, calculating a node private key according to the corresponding position of the mapping value of the ID of the equipment in the key matrix, and sending the node private key to the node;
and transmitting the public key matrix to the node, and calculating the node public key by the node according to the public key matrix and the ID.
3. A CPK-based wireless sensor network method according to claim 2, wherein: in the key generation and distribution step, the public key matrix is directly written into a storage medium of the node before the wireless network is deployed.
4. A CPK-based wireless sensor network method according to claim 3, wherein: the encryption parameters comprise curve parameters, base point parameters, orders, the number of curve points and matrix sizes;
the step of generating a key matrix from the encryption parameters comprises:
generating a curve group according to the curve parameters and the order;
selecting corresponding elements as base points according to the base point parameters, and calculating all times of the base points to obtain subgroups of curve groups;
generating a private key matrix according to the size of the matrix;
and obtaining a public key matrix according to the private key matrix and the subgroup of the curve group.
5. A CPK-based wireless sensor network method according to claim 4, characterized in that: the curve is an elliptic curve.
6. A CPK-based wireless sensor network method according to claim 1, wherein: the step of the cluster head election node communicating with each other node to complete key agreement specifically includes:
the cluster head election nodes and each node execute the following steps:
a connection request step, wherein the cluster head election nodes send connection requests to other nodes;
a connection verification step, namely verifying a connection request of the cluster head election node by the node receiving the message;
a session key generation step, in which the nodes receiving the message and the cluster head election nodes generate session keys;
the connection requesting step includes:
generating a random number and a timestamp by the cluster head election nodes;
the cluster head election nodes calculate and obtain ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure FDA0002997878460000021
Figure FDA0002997878460000022
wherein:
a represents a cluster head election node, and B represents a target node to be connected with the cluster head node;
rAand TARespectively representing random numbers and time stamps generated by cluster head election nodes; g is a base point; sAA private key of a node is selected for cluster head competition;
Figure FDA0002997878460000023
private key S representing use of election nodeAFor { IDA,IDB,KA,TASign, SigAIs the signature result; IDAAnd IDBID for node A and node B, respectively;
Figure FDA0002997878460000024
indicates the use of KABFor IDA、IDB、KA、TAAnd SigACarry out encryption, MABCiphertext information obtained for encryption;
cluster head election node A will IDA、KAAnd MABAnd packaging and sending the data to the target node B.
7. A CPK-based wireless sensor network method according to claim 6, characterized in that: the connection verification step includes:
receiving the information of cluster head election node A and analyzing IDA、KA
K is calculated according to the following formulaAB
KAB=SB*KA
Wherein S isBIs the private key of the target node B;
using KABDecrypting MABObtaining a timestamp TAAnd IDBVerifying the time validity according to the time stamp and verifying the IDBWhether the ID is consistent with the self ID;
if the verification is passed, calculating the ID through a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
According to the public key QAUnsolve signature Sig of node AAVerifying the authenticity of the signature information;
if not, the connection is terminated, otherwise, the step of generating the session key is executed.
8. A CPK-based wireless sensor network method according to claim 7, characterized in that: the session key generating step includes:
node B generates a random number rBAnd a time stamp TB
And (3) calculating:
KBA=rB*QB
using node B private key SBFor message { IDA,IDB,KBA,TA,TBSigning:
Figure FDA0002997878460000031
by KABEncryption message IDA,IDB,KBA,TA,TB,SigB}:
Figure FDA0002997878460000032
The node B calculates the session key:
Figure FDA0002997878460000033
will MBASending the cluster head election node A;
node A receives node B return information, using KABTo MBADecrypting the data, and verifying the timestamp and the signature sent by the node B; if the verification fails, the connection is stopped, if the verification succeeds, a session key is calculated, and key negotiation is completed:
Figure FDA0002997878460000034
9. a CPK-based wireless sensor network method according to claim 1, wherein: the intra-cluster communication step comprises:
a sending node generates a random number and a time stamp;
the sending node calculates and obtains the ciphertext information according to the following formula:
KA=rA*G
KAB=rA*QB
Figure FDA0002997878460000041
wherein:
a represents a transmitting node, B represents a receiving node;
rAand TARespectively representing a random number and a time stamp generated by a sending node; g is a base point; sAA private key of the sending node; IDAAnd IDBID for node A and node B, respectively;
Figure FDA0002997878460000042
indicates the use of KABFor IDA、IDB、KA、TACarry out encryption, MABCiphertext information obtained for encryption;
node A will IDA、KAAnd MABPackaging and sending to a receiving node B;
the node B receives the request message of the node A to obtain the identification ID of the node AAAnd KAThen calculates the ID using a mapping algorithmAMapping in the public key matrix to obtain the public key Q of the node AA
By judging IDA||QAWhether the mapping of the field exists in the bloom filter or not is judged, and the authentication of the sensor node A of the sender is realized; if the authentication fails, the connection is ended;
if the authentication is successful, the secret key K is calculatedAB=SB*KA(ii) a Using KABDecrypting the acquisition timestamp TAValidity to time and IDBVerifying, and ending the connection if the verification fails;
if the verification is successful, a random number r is generatedBAnd a time stamp TBCalculating KBA=rB*QB(ii) a Using KABEncryption message IDA,IDB,KBA,TA,TB} generating MBAThen, the data is sent to the node A;
calculating a session key:
Figure FDA0002997878460000043
the node A receives the message between the coming node B and authenticates the node B through the bloom filter;
if the authentication is passed, K is usedABDecrypting ciphertext MBAJudgment of TA,TBTime validity, if valid, calculating a session key:
Figure FDA0002997878460000044
node a and node B communicate encrypted by a session key.
10. A wireless sensor network system based on CPK is characterized in that: a CPK based wireless sensor network method according to any of claims 1-9 is used.
CN202110336417.5A 2021-03-29 2021-03-29 Wireless sensor network system and method based on CPK Pending CN113055883A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110336417.5A CN113055883A (en) 2021-03-29 2021-03-29 Wireless sensor network system and method based on CPK

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110336417.5A CN113055883A (en) 2021-03-29 2021-03-29 Wireless sensor network system and method based on CPK

Publications (1)

Publication Number Publication Date
CN113055883A true CN113055883A (en) 2021-06-29

Family

ID=76516225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110336417.5A Pending CN113055883A (en) 2021-03-29 2021-03-29 Wireless sensor network system and method based on CPK

Country Status (1)

Country Link
CN (1) CN113055883A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904809A (en) * 2021-09-08 2022-01-07 北京世纪互联宽带数据中心有限公司 Communication method, communication device, electronic equipment and storage medium
CN114258014A (en) * 2021-11-30 2022-03-29 南方电网数字电网研究院有限公司 Sensor information processing system of Internet of things

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104780532A (en) * 2015-05-08 2015-07-15 淮海工学院 Cluster key management method capable of being used for wireless sensor network
CN104980270A (en) * 2014-04-01 2015-10-14 东南大学 Wireless sensor network secret key management method based on identities
CN108880814A (en) * 2018-06-28 2018-11-23 西安理工大学 A kind of dynamic cluster wireless sensor network key management method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980270A (en) * 2014-04-01 2015-10-14 东南大学 Wireless sensor network secret key management method based on identities
CN104780532A (en) * 2015-05-08 2015-07-15 淮海工学院 Cluster key management method capable of being used for wireless sensor network
CN108880814A (en) * 2018-06-28 2018-11-23 西安理工大学 A kind of dynamic cluster wireless sensor network key management method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
何炎祥等: "无线传感器网络中公钥机制研究综述", 《计算机学报》 *
潘中强等: "一种基于CPK的WSN节点认证和密钥协商方案", 《平顶山学院学报》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904809A (en) * 2021-09-08 2022-01-07 北京世纪互联宽带数据中心有限公司 Communication method, communication device, electronic equipment and storage medium
CN113904809B (en) * 2021-09-08 2024-03-22 北京世纪互联宽带数据中心有限公司 Communication method, device, electronic equipment and storage medium
CN114258014A (en) * 2021-11-30 2022-03-29 南方电网数字电网研究院有限公司 Sensor information processing system of Internet of things
CN114258014B (en) * 2021-11-30 2023-09-12 南方电网数字电网研究院有限公司 Sensor information processing system of Internet of things

Similar Documents

Publication Publication Date Title
CN108964919B (en) Lightweight anonymous authentication method with privacy protection based on Internet of vehicles
Chen et al. Stochastic blockchain for IoT data integrity
Ali et al. A clogging resistant secure authentication scheme for fog computing services
Wei et al. A privacy-preserving fog computing framework for vehicular crowdsensing networks
CN112417494A (en) Power block chain system based on trusted computing
CN111726346B (en) Data secure transmission method, device and system
US20120290845A1 (en) Soft message signing
CN114139203B (en) Block chain-based heterogeneous identity alliance risk assessment system and method and terminal
Usman et al. A distributed and anonymous data collection framework based on multilevel edge computing architecture
Zhang et al. A Novel Privacy‐Preserving Authentication Protocol Using Bilinear Pairings for the VANET Environment
CN112383393B (en) Trusted communication system and method for software defined sensor network
CN113055883A (en) Wireless sensor network system and method based on CPK
Tao et al. Anonymous identity authentication mechanism for hybrid architecture in mobile crowd sensing networks
CN111294793A (en) Data privacy protection method for identity authentication in wireless sensor network
Yang et al. Iba: A secure and efficient device-to-device interaction-based authentication scheme for internet of things
Lalouani Sec-PUF: Securing UAV Swarms Communication with Lightweight Physical Unclonable Functions
Halgamuge Latency estimation of blockchain-based distributed access control for cyber infrastructure in the iot environment
Lai et al. Efficient Group Authentication and Key Agreement Scheme for Vehicular Digital Twin
Cheng et al. Research on vehicle-to-cloud communication based on lightweight authentication and extended quantum key distribution
CN112423295B (en) Lightweight security authentication method and system based on block chain technology
Li et al. PSFL: Ensuring Data Privacy and Model Security for Federated Learning
Tomar et al. Image based authentication with secure key exchange mechanism in cloud
Basic et al. Establishing Dynamic Secure Sessions for ECQV Implicit Certificates in Embedded Systems
Xu et al. DPB-MA: Low-Latency Message Authentication Scheme Based on Distributed Verification and Priority in Vehicular Ad Hoc Network
Kumar et al. A security model for intelligent vehicles and smart traffic infrastructure

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210629

RJ01 Rejection of invention patent application after publication