WO2011041933A1 - Method for key pre-distribution and key establishment in a sensor network - Google Patents

Method for key pre-distribution and key establishment in a sensor network Download PDF

Info

Publication number
WO2011041933A1
WO2011041933A1 PCT/CN2009/076172 CN2009076172W WO2011041933A1 WO 2011041933 A1 WO2011041933 A1 WO 2011041933A1 CN 2009076172 W CN2009076172 W CN 2009076172W WO 2011041933 A1 WO2011041933 A1 WO 2011041933A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
node
field
nodes
establishment
Prior art date
Application number
PCT/CN2009/076172
Other languages
French (fr)
Chinese (zh)
Inventor
杜志强
曹军
铁满霞
黄振海
Original Assignee
西安西电捷通无线网络通信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安西电捷通无线网络通信股份有限公司 filed Critical 西安西电捷通无线网络通信股份有限公司
Publication of WO2011041933A1 publication Critical patent/WO2011041933A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • a sensor network key pre-distribution and key establishment method is submitted to the Chinese Patent Office on October 10, 2009, and the application number is 200910024214.1.
  • the invention name is "a sensor network key pre-distribution and key establishment method" The priority of the Chinese Patent Application, the entire contents of which is incorporated herein by reference.
  • the present invention belongs to the field of network security technologies, and in particular, to a key pre-distribution and key establishment method for a sensor network, which can be applied to a large-scale sensor network.
  • the sensor network consists of a large number of small, inexpensive, battery-powered sensor nodes with wireless communication and monitoring capabilities. These nodes are densely deployed in the monitoring area for the purpose of monitoring the physical world.
  • Wireless sensor networks are a new field in information technology and have broad application prospects in environmental monitoring, military, homeland security, traffic control, community security, forest fire prevention, and target location.
  • the key management mechanism is the basis of sensor network security and should have the following features:
  • Key connectivity refers to the probability of establishing a communication key directly between nodes. Maintaining a high enough key connection probability is a necessary condition for the sensor network to perform its function. Since the sensor node cannot communicate directly with other nodes that are far away, there is no need to ensure that the node can maintain a secure connection with all other nodes, and only need to ensure a high key connection between adjacent nodes;
  • Invulnerability refers to the ability of a key management mechanism to protect against damage to a node. Resistance Destructiveness can be expressed as the probability that a key of an undamaged node will be exposed when part of the node is damaged. The better the invulnerability, the lower the link damage.
  • the key management method in which each pair of nodes share one key can provide identity authentication service while providing confidential communication between nodes, but this method does not support the joining of new nodes, so it does not have scalability, and for the existence of "nodes"
  • this method requires each node to store "-1 keys, which consumes a large amount of node storage space, and is difficult to apply to large-scale sensor networks.
  • the key management method of random key pre-distribution is widely used in sensor networks.
  • the present invention provides a key pre-distribution that supports both identity authentication, relatively low overhead, and has excellent invulnerability and scalability and can be applied to a large-scale sensor network. And key establishment method.
  • the present invention provides a key pre-distribution and key establishment method for a sensor network, which is special in that the method includes the following steps:
  • the deployment server Before the network is deployed, the deployment server generates a key pool.
  • the key pool KP contains multiple keys and their key identifiers.
  • the number of keys in the key pool is recorded as I PI is large enough, and the deployment server is assumed to be secure;
  • the deployment server pre-distributes the key for the node
  • step 1.4 The specific implementation of step 1.4) above is:
  • the deployment server first constructs an ID list for the M, and the ID list includes: an N_ID field, a K_ID field, a K_STA field, a K_ATTR field, a K_ATTR_EX field, and a K_VAL field;
  • N_ID field a node ID indicating a node identity value that shares a key with the node M;
  • K_ID field Key ID, which indicates the identification value of the shared key between the node identified by the node M and the N_ID field;
  • K_STA field Key status, indicating the status of the key identified by the K_ID field.
  • K_ATTR field Key attribute, when the value in the K_STA field is established, the value of the field is meaningful, indicating whether the key identified by the K_ID field is a shared key or a path key, and the default representation of the field is shared. Key
  • K_ATTR_EX field Key attribute extension.
  • the value of this field is meaningful. It is used to indicate whether the path key is a direct key or a multi-hop connected key. The province indicates that the key is a direct key;
  • K_VAL field Key value, used to store the key value identified by the _ field; After establishing the ID list on M, the deployment server randomly selects nodes from the remaining n-1 nodes, and inserts their node IDs into M respectively. ID list; then, department The server selects a key from the key pool for each item in the ID list, and inserts the key identifier and the corresponding key value into the corresponding K_ID field and K_VAL field in the ID list of M respectively.
  • the deployment server generates ( ⁇ «,) spare key IDs, where the alternate key ID and the key ID in the key pool KP are not Repeatedly, also loaded into ⁇ ; the deployment server records all the information in the node's ID list; the alternate key ID here is used to identify the pair of keys established by the independent negotiation between the nodes;
  • the deployment server pre-distributes the key for the node ⁇ after pre-distributing the key for the node M: First, the deployment server randomly selects the nodes from the remaining "-1 nodes, respectively, and nodes thereof The ID is inserted into the ID list of Ny; then, the deployment server selects a key from the key pool for each item in the Ny ID list, and inserts the key identifier and the corresponding key value respectively.
  • Ny's ID list corresponds to the K_ID field and the K_VAL field, but when M is randomly selected for Ny, the key is no longer reassigned for Ny and M, but is allocated for M before it is allocated.
  • the shared key between the two, and the ID and key value of the shared key are inserted in the K_ID field and the K_VAL field of the item corresponding to Ni in the ID list of Nj; deployment server generation ( ⁇ «,)
  • the key IDs that are not duplicated with the key ID in the key pool and the alternate key ID of M are also loaded into Ny; the deployment server records all the information in the ID list of the node Ny;
  • the deployment server For the remaining nodes, after deploying the key, the deployment server distributes the keys for all remaining nodes in turn, and the distribution method is the same as that of node ⁇ ; the deployment server records the ID list information of all remaining nodes.
  • step 2.1.1 The specific implementation of step 2.1.1 above is:
  • each node After the network is deployed, each node broadcasts its own identity information to its neighbor nodes;
  • the identification information determines whether the key is shared with the broadcast node. If the same ID exists in the N_ID field of the ID list, it indicates that the key is shared with the node, that is, the key; the neighbor node corresponds to the ID list.
  • the K_STA field in the set is set to establish that the key has been established with the broadcast node in 2.1.1.1), that is, a direct secure connection has been established.
  • the source node When there is a secure path consisting of multiple nodes with shared keys between the source node and the destination node, the source node generates a path key and does not repeat from the alternate path key ID. Selecting an ID, passing the path between the path key PK and the corresponding key ID and the ID of the own node and the destination node through the hop-by-hop encryption and decryption transmission of the node on the secure path to the destination through the secure path with the destination node node;
  • the destination node After receiving the key message of the source node and decrypting the obtained path key PK, the destination node sends a key establishment success message to the source node through a secure path with the source node, indicating that the source node has been established. Secure connection; at this time, the source node and the destination node respectively insert the other party's identity ID as a new entry into their own ID list, and insert the PK ID and PK values into the corresponding K_ID field and K_VAL field, and The corresponding K_STA field is set to be established, and the K_ATTR field is set as the path key.
  • the path between the source node and the destination node when establishing the path key is a single hop, it indicates that the source node and the destination node are directly in the other party.
  • the corresponding K_ATTR_EX field is set as the direct key; otherwise, the corresponding K_ATTR_EX field is set to the multi-hop connected key.
  • step 2.2 The specific implementation of step 2.2) above is:
  • step 2.2.1 Establishment of a direct group key for establishing a group key between directly connected nodes; 2.2.2) Establishment of an indirect group key for establishing a group key between multi-hop connected nodes.
  • the specific implementation of step 2.2.1 above is:
  • the multicast node generates a group key MSK, which is encrypted and sent to the multicast message receiving node by using a shared key or a direct connection key between the neighboring node, that is, the multicast message receiving node;
  • step 2.2.2 The specific implementation of step 2.2.2 above is:
  • the multicast node generates the group key MSK, and uses the multi-hop connection key shared between the nodes connected to its multi-hop to encrypt the MSK and send it to the multicast message receiving node connected to the multicast node by multiple hops. ;
  • the multicast message receiving node successfully decrypts M3 ⁇ 4: it is saved and sent to the group by using the direct key or shared key between the members of the group and the multicast message receiving node.
  • the inner member then sends a group key setup success message to the multicast node.
  • the advantages of the present invention are:
  • the communication capability of the sensor node is strictly limited, and the node can only communicate with its neighbor node after deployment, so that the security of the entire network can be ensured when the shared node and the neighbor node can share the key with a certain probability.
  • Connectivity Based on this characteristic of the sensor network, the present invention combines two key management methods, that is, each key pair and a random key pre-distribution, and uses a key-to-node binding method to propose a sensor network dense.
  • the key management method enables the network to achieve preset network connectivity after deployment, and can support end-to-end identity authentication between nodes and generate only small node overhead.
  • the present invention can save the storage space of about twice the key size for the node; in the present invention, all the keys are only distributed to the two nodes without being repeated, even if A node is damaged, and the shared key between other nodes is not exposed, which has good invulnerability; the invention can realize end-to-end authentication while realizing sensor network key management, and has enhanced node resistance. Capturing attack capabilities, implementing distributed node revocation, and resisting node replication attacks. In addition, the present invention is also capable of supporting the joining of new nodes and has better scalability.
  • the invention is based on the classical random graph theory, and combines two key network management methods, namely, a key and a random key pre-distribution for each pair of nodes, and adopts a method of binding a key with a node identifier to propose a capable Key pre-distribution and key establishment methods for large-scale sensor networks.
  • the method comprises the steps of: 1) Key pre-distribution
  • the deployment server pre-distributes the communication key used to establish a secure connection between nodes to all nodes.
  • the specific implementation is as follows:
  • the deployment server Before the network is deployed, the deployment server generates a key pool.
  • the key pool KP contains several keys and their key identifiers.
  • the number of keys in the key pool is recorded as ⁇ ⁇ , ⁇ ⁇ is large enough, and the deployment server is assumed to be secure;
  • the preset network connectivity is , the number of nodes in the network is ", and each node has a corresponding ID.
  • the degree of the node ⁇ («-1)*(1 ⁇ «-1 ⁇ (-1 ⁇ 3 ⁇ 4)/ « is calculated.
  • the number of preset network nodes is usually higher than The actual number of network nodes is slightly larger;
  • the deployment server assigns keys to all nodes.
  • the specific implementation is:
  • the deployment server first constructs a list of IDs for the M, including: N_ID field, K_ID field, K_STA field, K_ATTR field and
  • N_ID field a node ID indicating a node identity value that shares a key with the node M;
  • K_ID field Key ID, indicating the identification value of the shared key between the node identified by the node M and the N_ID field;
  • K_STA field Key status, indicating the status of the key identified by the K_ID field.
  • K_ATTR field Key attribute. When the value in the K_STA field is "established", the value of this field is meaningful, indicating whether the key identified by the K_ID field is a shared key or a path key. The default representation of this field is the shared secret; K_ATTR_EX field: Key attribute extension. When the key represented by the K_ATTR field is a path key, the value of this field is meaningful to indicate whether the path key is a direct key or a multi-hop connected key. The default representation key of this field is the direct key;
  • K_VAL field The key value used to store the key value identified by the _ field.
  • the deployment server randomly selects the nodes from the remaining n-1 nodes, and inserts their node IDs into the ID list of M respectively; then, the deployment server is from the key pool ⁇ to the ID list. Each key is selected repeatedly without a key, and these key identifiers and corresponding key values are respectively inserted into the corresponding K_ID field and K_VAL field in the ID list of M, and these keys are deleted from the key pool. And logo. Finally, the deployment server generates ( ⁇ «,) alternate key IDs, where the alternate key ID is not duplicated with the key ID in the key pool KP and is also loaded into ⁇ . Deploy all information in the ID list of the node. The alternate key ID here is used to identify the pair of keys established by the independent negotiation between the nodes;
  • the deployment server starts pre-distributing the key for the node ⁇ after pre-distributing the key for node M.
  • the deployment server randomly selects nodes from the remaining "-1 nodes, and inserts their node IDs into the Ny ID list respectively; then, the deployment server does not list each item in the Ny ID list from the key pool.
  • the deployment server generates ( ⁇ «,) key IDs that do not duplicate the key ID in the key pool and the alternate key ID of M, and is also loaded into Ny. Deploy server record All information in the node Ny's ID list;
  • the deployment server For the remaining nodes, after deploying the key, the deployment server distributes the keys for all remaining nodes in turn, and the distribution method is the same as that of node ⁇ . Similarly, the deployment server records ID list information for all remaining nodes.
  • each node After the network is deployed, each node broadcasts its own identity information to its neighbor nodes;
  • the neighbor node After receiving the broadcast message of 2.1.1.1), the neighbor node determines whether to share the key with the broadcast node according to the identity information in it. If the same ID exists in the N_ID field in the ID list, it indicates that it Sharing a key with the node, that is, a pair of keys; the neighbor node sets the K_STA field in the corresponding item of the corresponding ID list to "established", and identifies that the key has been established with the broadcast node in 2.1.1.1), that is, Establish a direct secure connection.
  • the method for establishing the path is not discussed in the present invention, and the source node generates a path dense.
  • the key selects an ID from the alternate path key ID without repeating, and passes the secure path with the destination node, and passes the path key PK and the corresponding key ID and the ID of the own ID and the destination node through security.
  • the hop-by-hop encryption and decryption transmission of the node on the path is sent to the destination node.
  • the destination node After receiving the key message of the source node and decrypting the obtained path key PK, the destination node sends a key establishment success message to the source node through a secure path with the source node, indicating that the source node has been established. Secure connection. At this time, the source node and the destination node respectively insert the identity ID of the other party into the ID list as a new entry, and insert the value of the PK and the value of the PK into the corresponding K_ID field and the K_VAL field, and the corresponding K_STA. The field is set to "established", and the K_ATTR field is set to "path key".
  • the path between the source node and the destination node when establishing the path key is a single hop, That is to say, both parties are within the direct communication range of the other party, and the corresponding K_ATTR_EX field is set to "direct connection key”; otherwise, the corresponding K_ATTR_EX field is set to "multi-hop connected key";
  • Direct group key establishment used to establish a group key between neighbor nodes: 2.2.1.1)
  • the multicast node generates a group key MSK, which utilizes a shared key with the neighbor node, ie, the multicast message receiving node. Or the direct connection key will be encrypted and sent to the multicast message receiving node;
  • the multicast message receiving node After the multicast message receiving node successfully decrypts the MSK, it saves and sends a group key establishment success message to the multicast node, and the direct group key establishment process ends.
  • the nodes in the present invention generally refer to various network entities in a sensor network, including a deployment server, a base station, a cluster head node, a common node, and the like.
  • the invention provides an execution flow of a sensor network key pre-distribution and key establishment method, and a key pre-distribution method based on random key pre-distribution and a pair of nodes sharing a key, and a density suitable for a large-scale sensor network is proposed.
  • Key pre-distribution and key establishment methods By binding the node ID to the key ID, this method enables end-to-end identity authentication between the nodes while helping the node establish the key.
  • the present invention is also capable of providing a group key establishment service and supporting secure multicast communication between nodes.

Abstract

A method for key pre-distribution and key establishment in a sensor network is characterized in that the method includes the following steps: 1) keys are pre-distributed, the step 1) includes: 1.1) a disposition server generates a key pool KP before a network disposition, the key pool KP comprises multiple keys and the key identifiers thereof, the key number in the key pool is denoted as ¦KP¦, and the disposition server is secure; 1.2) the degree d of a node is calculated,; 1.3) according to the degree d of the node and the number n' of the adjacent nodes of the node after the expected network disposition, the probability p of pairwise pre-shared keys between the adjacent nodes is calculated,; 1.4) the disposition server pre-distributes the keys for the node; 2) the keys are established, the step 2) includes: 2.1) establishing a key pair; 2.2) establishing a key group.

Description

一种传感器网络密钥预分发与密钥建立方法 本申请要求于 2009年 10 月 10 日提交中国专利局、 申请号为 200910024214.1、 发明名称为"一种传感器网络密钥预分发与密钥建 立方法 "的中国专利申请的优先权, 其全部内容通过引用结合在本申 请中。  A sensor network key pre-distribution and key establishment method is submitted to the Chinese Patent Office on October 10, 2009, and the application number is 200910024214.1. The invention name is "a sensor network key pre-distribution and key establishment method" The priority of the Chinese Patent Application, the entire contents of which is incorporated herein by reference.
技术领域 Technical field
本发明属网络安全技术领域,尤其涉及一种传感器网络的密钥预 分发和密钥建立方法, 其能够适用于大规模传感器网络。  The present invention belongs to the field of network security technologies, and in particular, to a key pre-distribution and key establishment method for a sensor network, which can be applied to a large-scale sensor network.
背景技术 Background technique
传感器网络是由大量体积小、 价格便宜、 电池供电、 具有无线通 信和监测能力的传感器节点组成。 这些节点被稠密部署在监测区域, 以达到监测物理世界的目的。无线传感器网络是信息技术中的一个新 领域, 在环境监测、 军事、 国土安全、 交通管制、 社区安防、 森林防 火、 目标定位等方面具有广泛的应用前景。  The sensor network consists of a large number of small, inexpensive, battery-powered sensor nodes with wireless communication and monitoring capabilities. These nodes are densely deployed in the monitoring area for the purpose of monitoring the physical world. Wireless sensor networks are a new field in information technology and have broad application prospects in environmental monitoring, military, homeland security, traffic control, community security, forest fire prevention, and target location.
密钥管理机制是传感器网络安全的基础, 应具备以下特性: The key management mechanism is the basis of sensor network security and should have the following features:
1 )可扩展性。 随传感器网络节点规模的扩大, 密钥协商过程所 需的计算、存储和通信开销都会随之增大, 密钥管理机制必须能够适 应不同规模的传感器网络; 1) Scalability. As the size of the sensor network node expands, the computational, storage, and communication overhead required for the key agreement process will increase. The key management mechanism must be able to adapt to sensor networks of different sizes.
2 )有效性。 由于传感器节点的存储、 计算和通信能力严格受限, 在设计传感器网络密钥管理机制时应考虑以下几个方面: 存储复杂 度, 用于保存通信密钥的存储空间使用情况; 计算复杂度, 为生成通 信密钥而必须进行的计算量情况; 通信复杂度, 在通信密钥协商过程 中需要传送的信息量情况;  2) Effectiveness. Since the storage, computing, and communication capabilities of sensor nodes are strictly limited, the following aspects should be considered when designing the sensor network key management mechanism: storage complexity, storage space usage for storing communication keys; computational complexity, The amount of computation that must be performed to generate the communication key; communication complexity, the amount of information that needs to be transmitted during the communication key negotiation process;
3 ) 密钥连接性。 密钥连接性是指节点之间直接建立通信密钥的 概率。保持足够高的密钥连接概率是传感器网络发挥其功能的必要条 件。 因传感器节点不可能与距离较远的其他节点直接通信, 因此无需 保证节点能够与其他所有节点保持安全连接,仅需确保相邻节点之间 保持较高的密钥连接即可;  3) Key connectivity. Key connectivity refers to the probability of establishing a communication key directly between nodes. Maintaining a high enough key connection probability is a necessary condition for the sensor network to perform its function. Since the sensor node cannot communicate directly with other nodes that are far away, there is no need to ensure that the node can maintain a secure connection with all other nodes, and only need to ensure a high key connection between adjacent nodes;
4 )抗毁性。 抗毁性是指密钥管理机制抵御节点受损的能力。 抗 毁性可表示为当部分节点受损后, 未受损节点的密钥被暴露的概率。 抗毁性越好, 则链路受损程度越低。 4) Invulnerability. Invulnerability refers to the ability of a key management mechanism to protect against damage to a node. Resistance Destructiveness can be expressed as the probability that a key of an undamaged node will be exposed when part of the node is damaged. The better the invulnerability, the lower the link damage.
由于传感器节点易遭受捕获攻击, 一旦被捕获, 节点中加载的秘 密信息将会被泄漏,因此所有节点均共享一个主密钥的密钥管理方式 已不能够满足传感器网络的安全需求。每对节点共享一个密钥的密钥 管理方式在为节点间提供保密通信的同时能够提供身份鉴别服务,但 此方式不支持新节点的加入, 因此不具备扩展性, 而且对于存在《个 节点的大规模网络来说, 该方式需要每个节点保存《-1个密钥, 消耗 大量的节点存储空间, 较难适用于大规模传感器网络。 目前, 传感器 网络中广泛采用随机密钥预分发方式的密钥管理方法,该方法仅产生 较小的开销, 且较为实用, 但其所分发的密钥不支持节点间点到点的 身份鉴别, 因为该方法密钥池中的密钥可能会被多次分发给不同的节 点,即使两个节点间共享密钥也无法实现基于预共享密钥的点到点的 身份鉴别。 举例来说, 假设节点 A与节点 B共享密钥 由于随机 密钥预分发方法中密钥池的同一密钥可能会被多次取出分发给不同 的节点, 那么节点 C也可能被分发了密钥 K, 此时, 节点 A是无法 基于密钥^:确定对方节点的身份的。 由此造成的后果是: 在通信时, 节点 A无法确定是与节点 B还是与节点 C通信, 在不能确认对方身 份的情况下与之通信存在很大的安全隐患。  Since the sensor nodes are vulnerable to capture attacks, once captured, the secret information loaded in the nodes will be leaked, so the key management method in which all nodes share a master key cannot meet the security requirements of the sensor network. The key management method in which each pair of nodes share one key can provide identity authentication service while providing confidential communication between nodes, but this method does not support the joining of new nodes, so it does not have scalability, and for the existence of "nodes" For large-scale networks, this method requires each node to store "-1 keys, which consumes a large amount of node storage space, and is difficult to apply to large-scale sensor networks. At present, the key management method of random key pre-distribution is widely used in sensor networks. This method only generates small overhead and is more practical, but the key it distributes does not support point-to-point identity authentication between nodes. Because the key in the method key pool may be distributed to different nodes multiple times, point-to-point identity authentication based on pre-shared key cannot be realized even if the key is shared between the two nodes. For example, assume that node A shares a key with node B. Since the same key of the key pool in the random key pre-distribution method may be fetched and distributed to different nodes multiple times, node C may also be distributed with a key. K, at this time, node A is unable to determine the identity of the other node based on the key ^:. The consequences are as follows: During communication, Node A cannot determine whether it is communicating with Node B or Node C. There is a great security risk when communicating with it without being able to confirm the identity of the other party.
发明内容 Summary of the invention
为了解决背景技术中存在的上述技术问题,本发明提供了一种既 支持身份鉴别、开销又相对较低且具有很好的抗毁性和扩展性并能够 适用大规模传感器网络的密钥预分发和密钥建立方法。  In order to solve the above technical problems existing in the background art, the present invention provides a key pre-distribution that supports both identity authentication, relatively low overhead, and has excellent invulnerability and scalability and can be applied to a large-scale sensor network. And key establishment method.
本发明的技术解决方案是:本发明提供了一种传感器网络的密钥 预分发和密钥建立方法, 其特殊之处在于: 所述方法包括以下步骤: The technical solution of the present invention is that the present invention provides a key pre-distribution and key establishment method for a sensor network, which is special in that the method includes the following steps:
1 ) 密钥预分发, 其具体实现方式是: 1) Key pre-distribution, the specific implementation is:
1.1 ) 网络部署前, 部署服务器生成密钥池 该密钥池 KP包 含多个密钥及其密钥标识, 密钥池中密钥个数记为 I PI足够大, 并假设部署服务器安全; 1.2 )假定预设的网络连通度为 , 网络中的节点数为《, 每个节 点均有对应的标识 ID , 根据经典随机图理论计算节点的度 d=(n- l)*(ln«-ln(-lnPc))/«; 1.1) Before the network is deployed, the deployment server generates a key pool. The key pool KP contains multiple keys and their key identifiers. The number of keys in the key pool is recorded as I PI is large enough, and the deployment server is assumed to be secure; 1.2) Assuming the default network connectivity is, the number of nodes in the network is ", each node has a corresponding identification ID, and the degree of the node is calculated according to the classical random graph theory d = (n - l) * (ln«- Ln(-lnP c ))/«;
1.3 )根据节点的度 d以及期望的网络部署后节点的邻居节点数 η, , 计算相邻节点间两两预共享密钥的概率 p=dln,;  1.3) Calculate the probability p=dln of the two-way pre-shared key between adjacent nodes according to the degree d of the node and the number of neighbor nodes of the node after the desired network deployment.
1.4 )部署服务器为节点预分发密钥;  1.4) The deployment server pre-distributes the key for the node;
2 ) 密钥建立, 其具体实现方式是:  2) Key establishment, the specific implementation is:
2.1 )对密钥的建立;  2.1) the establishment of a key;
2.2 )组密钥的建立。  2.2) Establishment of a group key.
上述步骤 1.4 ) 的具体实现方式是:  The specific implementation of step 1.4) above is:
1.4.1 )对于节点 Ni , 部署服务器首先为 M构造 ID列表, ID列 表中包括: N_ID字段、 K_ID字段、 K_STA字段、 K_ATTR字段、 K_ATTR_EX字段以及 K_VAL字段;  1.4.1) For the node Ni, the deployment server first constructs an ID list for the M, and the ID list includes: an N_ID field, a K_ID field, a K_STA field, a K_ATTR field, a K_ATTR_EX field, and a K_VAL field;
其中:  among them:
N_ID字段:节点 ID ,表示与节点 M共享密钥的节点身份标识值; N_ID field: a node ID indicating a node identity value that shares a key with the node M;
K_ID字段: 密钥 ID , 表示节点 M与 N_ID字段所标识的节点之 间共享密钥的标识值; K_ID field: Key ID, which indicates the identification value of the shared key between the node identified by the node M and the N_ID field;
K_STA字段: 密钥状态, 表示 K_ID字段所标识的密钥的状态, 当节点 M与 N_ID字段所标识的节点已建立对密钥时, K_STA字段 的值为已建立, 否则为未建立, 该字段的初值为未建立;  K_STA field: Key status, indicating the status of the key identified by the K_ID field. When the node identified by the node M and the N_ID field has established a pair key, the value of the K_STA field is established, otherwise it is not established, the field is The initial value is not established;
K_ATTR字段: 密钥属性, 当 K_STA字段中的值为已建立时, 该字段的取值有意义, 表示 K_ID字段所标识的密钥是共享密钥还是 路径密钥, 该字段的缺省表示共享密钥;  K_ATTR field: Key attribute, when the value in the K_STA field is established, the value of the field is meaningful, indicating whether the key identified by the K_ID field is a shared key or a path key, and the default representation of the field is shared. Key
K_ATTR_EX字段: 密钥属性扩展, 当 K_ATTR字段表示的密钥 为路径密钥时, 该字段的值有意义, 用于表示路径密钥是直连密钥还 是多跳相连密钥, 该字段的缺省表示密钥为直连密钥;  K_ATTR_EX field: Key attribute extension. When the key represented by the K_ATTR field is the path key, the value of this field is meaningful. It is used to indicate whether the path key is a direct key or a multi-hop connected key. The province indicates that the key is a direct key;
K_VAL字段: 密钥值, 用于存储 _ 字段标识的密钥值; 在 M上建立 ID列表后, 部署服务器从剩余 n-1个节点中随机选 择 个节点, 分别将其节点 ID插入到 M的 ID列表中; 然后, 部 署服务器从密钥池^中为 ID列表中的每一项不重复的选择一个密 钥, 并将这些密钥标识以及相应的密钥值分别插入 M的 ID列表中对 应的 K_ID字段和 K_VAL字段中, 并从密钥池 KP中删除这些密钥 及标识; 最后, 部署服务器生成 ( < «,)个备用的密钥 ID , 这里的 备用密钥 ID与密钥池 KP中的密钥 ID不重复,也加载到 Νί中;部署 服务器记录节点 Μ的 ID列表中的所有信息; 此处的备用的密钥 ID 后续用于标识节点间独立协商建立的、 非^中的对密钥; K_VAL field: Key value, used to store the key value identified by the _ field; After establishing the ID list on M, the deployment server randomly selects nodes from the remaining n-1 nodes, and inserts their node IDs into M respectively. ID list; then, department The server selects a key from the key pool for each item in the ID list, and inserts the key identifier and the corresponding key value into the corresponding K_ID field and K_VAL field in the ID list of M respectively. And delete these keys and identifiers from the key pool KP; finally, the deployment server generates ( < «,) spare key IDs, where the alternate key ID and the key ID in the key pool KP are not Repeatedly, also loaded into Νί; the deployment server records all the information in the node's ID list; the alternate key ID here is used to identify the pair of keys established by the independent negotiation between the nodes;
1.4.2 )对于节点 ^, 部署服务器在为节点 M预分发密钥后, 开 始为节点 ^预分发密钥: 首先,部署服务器从剩余《-1个节点中随机 选择 个节点, 分别将其节点 ID插入到 Ny的 ID列表中; 然后, 部署服务器从密钥池 中为 Ny的 ID列表中的每一项不重复的选择 一个密钥, 并将这些密钥标识以及相应的密钥值分别插入 Ny的 ID列 表中对应的 K_ID字段和 K_VAL字段中, 但当为 Ny随机选择的 个节点中包括 M时, 则不再为 Ny与 M重新分配密钥, 而是为其分配 之前已为 M分配的二者之间的共享密钥, 并在 Nj的 ID列表中与 Ni 对应的项的 K_ID字段和 K_VAL字段中分别插入该共享密钥的 ID和 密钥值; 部署服务器生成 ( < «,)个与密钥池 中的密钥 ID以及 M的备用密钥 ID不重复的密钥 ID ,也加载到 Ny中;部署服务器记录 节点 Ny的 ID列表中的所有信息;  1.4.2) For the node ^, the deployment server pre-distributes the key for the node ^ after pre-distributing the key for the node M: First, the deployment server randomly selects the nodes from the remaining "-1 nodes, respectively, and nodes thereof The ID is inserted into the ID list of Ny; then, the deployment server selects a key from the key pool for each item in the Ny ID list, and inserts the key identifier and the corresponding key value respectively. Ny's ID list corresponds to the K_ID field and the K_VAL field, but when M is randomly selected for Ny, the key is no longer reassigned for Ny and M, but is allocated for M before it is allocated. The shared key between the two, and the ID and key value of the shared key are inserted in the K_ID field and the K_VAL field of the item corresponding to Ni in the ID list of Nj; deployment server generation ( < «,) The key IDs that are not duplicated with the key ID in the key pool and the alternate key ID of M are also loaded into Ny; the deployment server records all the information in the ID list of the node Ny;
1.4.3 )对于剩余节点, 部署服务器在为 ^分发密钥后, 为剩余 所有节点依次分发密钥, 分发方法与节点 ^相同; 部署服务器记录 所有剩余节点的 ID列表信息。  1.4.3) For the remaining nodes, after deploying the key, the deployment server distributes the keys for all remaining nodes in turn, and the distribution method is the same as that of node ^; the deployment server records the ID list information of all remaining nodes.
上述步骤 2.1 ) 的具体实现方式是:  The specific implementation of the above steps 2.1) is:
2.1.1 )共享密钥的建立;  2.1.1) establishment of a shared key;
2.1.2 )路径密钥的建立。  2.1.2) Establishment of a path key.
上述步骤 2.1.1 ) 的具体实现方式是:  The specific implementation of step 2.1.1 above is:
2.1.1.1 )网络部署后, 每个节点均向其邻居节点广播自己的身份 标识信息;  2.1.1.1) After the network is deployed, each node broadcasts its own identity information to its neighbor nodes;
2.1.1.2 )邻居节点收到 2.1.1.1)的广播消息后, 根据其中的身份 标识信息判断是否与该广播节点共享密钥, 如果自己的 ID列表中的 N_ID字段中存在相同的 ID ,表明自己与该节点共享密钥,即对密钥; 该邻居节点将对应 ID列表对应项中的 K_STA字段置为已建立,标识 已与 2.1.1.1 ) 中的广播节点建立对密钥, 即已建立直接安全连接。 2.1.1.2) After the neighbor node receives the broadcast message of 2.1.1.1), according to its identity The identification information determines whether the key is shared with the broadcast node. If the same ID exists in the N_ID field of the ID list, it indicates that the key is shared with the node, that is, the key; the neighbor node corresponds to the ID list. The K_STA field in the set is set to establish that the key has been established with the broadcast node in 2.1.1.1), that is, a direct secure connection has been established.
上述步骤 2.1.2 )在没有共享密钥但存在多跳安全连接的节点间 建立对密钥的过程如下:  The above steps 2.1.2) The process of establishing a key between nodes without a shared key but with a multi-hop secure connection is as follows:
2.1.2.1 )当源节点与目的节点间存在一条由两两间均存在共享密 钥的多个节点构成的安全路径时, 源节点生成一个路径密钥 并从 备用的路径密钥 ID中不重复的选择一个 ID, 通过与目的节点之间的 安全路径,将该路径密钥 PK和对应的密钥 ID以及自己的 ID和目的 节点的 ID通过安全路径上节点的逐跳加解密传输发送给目的节点; 2.1.2.1) When there is a secure path consisting of multiple nodes with shared keys between the source node and the destination node, the source node generates a path key and does not repeat from the alternate path key ID. Selecting an ID, passing the path between the path key PK and the corresponding key ID and the ID of the own node and the destination node through the hop-by-hop encryption and decryption transmission of the node on the secure path to the destination through the secure path with the destination node node;
2.1.2.2 ) 目的节点收到源节点的密钥消息并解密获得路径密钥 PK后, 通过与源节点之间的安全路径向源节点发送密钥建立成功消 息, 表明与源节点之间已建立安全连接; 此时, 源节点和目的节点分 别将对方的身份标识 ID作为新条目插入到自己的 ID列表中, 并将 PK的 ID以及 PK的值插入对应的 K_ID字段和 K_VAL字段中, 并 将对应的 K_STA字段置为已建立, 将 K_ATTR字段置为路径密钥, 如果源节点和目的节点之间在建立路径密钥时的路径为单跳,即表明 源节点和目的节点均在对方的直接通信范围内, 则将相应的 K_ATTR_EX字段置为直连密钥; 否则, 将相应的 K_ATTR_EX字段 置为多跳相连密钥。 2.1.2.2) After receiving the key message of the source node and decrypting the obtained path key PK, the destination node sends a key establishment success message to the source node through a secure path with the source node, indicating that the source node has been established. Secure connection; at this time, the source node and the destination node respectively insert the other party's identity ID as a new entry into their own ID list, and insert the PK ID and PK values into the corresponding K_ID field and K_VAL field, and The corresponding K_STA field is set to be established, and the K_ATTR field is set as the path key. If the path between the source node and the destination node when establishing the path key is a single hop, it indicates that the source node and the destination node are directly in the other party. Within the communication range, the corresponding K_ATTR_EX field is set as the direct key; otherwise, the corresponding K_ATTR_EX field is set to the multi-hop connected key.
上述步骤 2.2 ) 的具体实现方式是:  The specific implementation of step 2.2) above is:
2.2.1 )直接组密钥的建立, 用于在直连节点间建立组密钥; 2.2.2 ) 间接组密钥的建立, 用于在多跳相连节点间建立组密钥。 上述步骤 2.2.1 ) 的具体实现方式是:  2.2.1) Establishment of a direct group key for establishing a group key between directly connected nodes; 2.2.2) Establishment of an indirect group key for establishing a group key between multi-hop connected nodes. The specific implementation of step 2.2.1 above is:
2.2.1.1 )组播节点生成组密钥 MSK,利用与邻居节点即组播消息 接收节点之间的共享密钥或直连密钥将 ¾:加密后发送给组播消息 接收节点;  2.2.1.1) The multicast node generates a group key MSK, which is encrypted and sent to the multicast message receiving node by using a shared key or a direct connection key between the neighboring node, that is, the multicast message receiving node;
2.2.1.2 )组播消息接收节点成功解密 MSK后, 将其保存并向组 播节点发送组密钥建立成功消息, 直接组密钥建立过程结束。 2.2.1.2) After the multicast message receiving node successfully decrypts the MSK, save it to the group. The broadcast node sends a group key establishment success message, and the direct group key establishment process ends.
上述步骤 2.2.2 ) 的具体实现方式是:  The specific implementation of step 2.2.2 above is:
2.2.2.1 )组播节点生成组密钥 MSK,利用与其多跳相连的节点之 间共享的多跳相连密钥, 将 MSK加密后发送给与该组播节点多跳相 连的组播消息接收节点;  2.2.2.1) The multicast node generates the group key MSK, and uses the multi-hop connection key shared between the nodes connected to its multi-hop to encrypt the MSK and send it to the multicast message receiving node connected to the multicast node by multiple hops. ;
2.2.2.2 )该组播消息接收节点成功解密 M¾:后, 将其保存并利用 与其组内成员即组播消息接收节点之间的直连密钥或共享密钥将 ¾:加密后发送给组内成员,然后向组播节点发送组密钥建立成功消 息。  2.2.2.2) After the multicast message receiving node successfully decrypts M3⁄4: it is saved and sent to the group by using the direct key or shared key between the members of the group and the multicast message receiving node. The inner member then sends a group key setup success message to the multicast node.
本发明的优点是: 传感器节点通信能力严格受限, 节点在部署后 只能与其邻居节点通信, 因此在保证节点与其邻居节点间能以一定的 概率共享密钥时, 就能确保整个网络的安全连接性。基于传感器网络 的这项特性,本发明通过将每对节点共享一个密钥和随机密钥预分发 两种密钥管理方法进行结合, 采用密钥与节点绑定的方式, 提出一种 传感器网络密钥管理方法,使得网络在部署后既能达到预设的网络连 通度, 又能够支持节点间端到端的身份鉴别且仅产生较小的节点开 销。 与每对节点均共享一个密钥的密钥管理方法相比, 本发明能够为 节点节省约 倍密钥尺寸的存储空间;本发明中所有密钥仅被不 重复的分发给两个节点, 即使某个节点受损, 也不会暴露其他节点之 间的共享密钥, 具有艮好的抗毁性; 本发明在实现传感器网络密钥管 理的同时, 能够支持端到端的鉴别, 具有增强节点抗捕获攻击能力、 实现分布式的节点撤销、 抵抗节点复制攻击的特性。 此外, 本发明还 能够支持新节点的加入, 具有较好的扩展性。  The advantages of the present invention are: The communication capability of the sensor node is strictly limited, and the node can only communicate with its neighbor node after deployment, so that the security of the entire network can be ensured when the shared node and the neighbor node can share the key with a certain probability. Connectivity. Based on this characteristic of the sensor network, the present invention combines two key management methods, that is, each key pair and a random key pre-distribution, and uses a key-to-node binding method to propose a sensor network dense. The key management method enables the network to achieve preset network connectivity after deployment, and can support end-to-end identity authentication between nodes and generate only small node overhead. Compared with the key management method in which each pair of nodes share one key, the present invention can save the storage space of about twice the key size for the node; in the present invention, all the keys are only distributed to the two nodes without being repeated, even if A node is damaged, and the shared key between other nodes is not exposed, which has good invulnerability; the invention can realize end-to-end authentication while realizing sensor network key management, and has enhanced node resistance. Capturing attack capabilities, implementing distributed node revocation, and resisting node replication attacks. In addition, the present invention is also capable of supporting the joining of new nodes and has better scalability.
具体实施方式 detailed description
本发明基于经典随机图理论,通过将每对节点共享一个密钥和随 机密钥预分发两种传感器网络密钥管理方法进行结合,采用将密钥与 节点标识绑定的方式,提出一种能够适用于大规模传感器网络的密钥 预分发和密钥建立方法。 根据本发明的优选实施例, 该方法包括以下 步骤: 1 ) 密钥预分发 The invention is based on the classical random graph theory, and combines two key network management methods, namely, a key and a random key pre-distribution for each pair of nodes, and adopts a method of binding a key with a node identifier to propose a capable Key pre-distribution and key establishment methods for large-scale sensor networks. According to a preferred embodiment of the invention, the method comprises the steps of: 1) Key pre-distribution
网络部署前,部署服务器将用于建立节点间安全连接的通信密钥 预分发给所有节点, 其具体实现方式是:  Before the network is deployed, the deployment server pre-distributes the communication key used to establish a secure connection between nodes to all nodes. The specific implementation is as follows:
1.1 ) 网络部署前, 部署服务器生成密钥池 该密钥池 KP包 含若干个密钥及其密钥标识。 密钥池中密钥个数记为 Ι ΡΙ , Ι ΡΙ足够 大, 并假设部署服务器是安全的;  1.1) Before the network is deployed, the deployment server generates a key pool. The key pool KP contains several keys and their key identifiers. The number of keys in the key pool is recorded as Ι ΡΙ , Ι ΡΙ is large enough, and the deployment server is assumed to be secure;
1.2 )假定预设的网络连通度为 , 网络中的节点数为《, 每个节 点均有对应的标识 ID。 根据经典随机图理论, 计算节点的度 ί =(«-1)*(1η«-1η(-1η ¾)/«。 为保证具有较好的扩展性,通常预设的网络 节点数《要比实际的网络节点数略大;  1.2) Assume that the preset network connectivity is , the number of nodes in the network is ", and each node has a corresponding ID. According to the classical random graph theory, the degree of the node ί =(«-1)*(1η«-1η(-1η 3⁄4)/« is calculated. In order to ensure better scalability, the number of preset network nodes is usually higher than The actual number of network nodes is slightly larger;
1.3 )根据节点的度 d以及期望的网络部署后节点的邻居节点数 η, , 计算相邻节点间两两预共享密钥的概率 p=dln,;  1.3) Calculate the probability p=dln of the two-way pre-shared key between adjacent nodes according to the degree d of the node and the number of neighbor nodes of the node after the desired network deployment.
1.4 )为节点预分发密钥;  1.4) pre-distributing keys for nodes;
部署服务器为所有节点分配密钥, 具体实现方式是:  The deployment server assigns keys to all nodes. The specific implementation is:
1.4.1 )对于节点 部署服务器首先为 M构造 ID列表, 列表中 包括: N_ID 字段、 K_ID 字段、 K_STA 字段、 K_ATTR 字段和 1.4.1) For the node The deployment server first constructs a list of IDs for the M, including: N_ID field, K_ID field, K_STA field, K_ATTR field and
K_ATTR_EX字段;
Figure imgf000009_0001
K_ATTR_EX field;
Figure imgf000009_0001
N_ID字段:节点 ID,表示与节点 M共享密钥的节点身份标识值;N_ID field: a node ID indicating a node identity value that shares a key with the node M;
K_ID字段: 密钥 ID, 表示节点 M与 N_ID字段所标识的节点之 间共享密钥的标识值; K_ID field: Key ID, indicating the identification value of the shared key between the node identified by the node M and the N_ID field;
K_STA字段: 密钥状态, 表示 K_ID字段所标识的密钥的状态。 当节点 M与 N_ID字段所标识的节点已建立对密钥时, K_STA字段 的值为 "已建立", 否则为 "未建立"。 该字段的初值为"未建立";  K_STA field: Key status, indicating the status of the key identified by the K_ID field. When the node identified by the node M and the N_ID field has established a pair key, the value of the K_STA field is "established", otherwise it is "not established". The initial value of this field is "not established";
K_ATTR字段: 密钥属性, 当 K_STA字段中的值为 "已建立"时, 该字段的取值有意义, 表示 K_ID字段所标识的密钥是共享密钥还是 路径密钥。 该字段的缺省表示共享密钥; K_ATTR_EX字段: 密钥属性扩展, 当 K_ATTR字段表示的密钥 为路径密钥时, 该字段的值有意义, 用于表示路径密钥是直连密钥还 是多跳相连密钥。 该字段的缺省表示密钥为直连密钥; K_ATTR field: Key attribute. When the value in the K_STA field is "established", the value of this field is meaningful, indicating whether the key identified by the K_ID field is a shared key or a path key. The default representation of this field is the shared secret; K_ATTR_EX field: Key attribute extension. When the key represented by the K_ATTR field is a path key, the value of this field is meaningful to indicate whether the path key is a direct key or a multi-hop connected key. The default representation key of this field is the direct key;
K_VAL字段: 密钥值, 用于存储 _ 字段标识的密钥值。  K_VAL field: The key value used to store the key value identified by the _ field.
在 M上建立 ID列表后, 部署服务器从剩余 n-1个节点中随机选 择 个节点, 分别将其节点 ID插入到 M的 ID列表中; 然后, 部 署服务器从密钥池^中为 ID列表中的每一项不重复的选择一个密 钥, 并将这些密钥标识以及相应的密钥值分别插入 M的 ID列表中对 应的 K_ID字段和 K_VAL字段中, 并从密钥池中删除这些密钥及标 识。 最后, 部署服务器生成 ( < «,)个备用的密钥 ID, 这里的备用 密钥 ID与密钥池 KP中的密钥 ID不重复,也加载到 Νί中。部署月良务 器记录节点 Μ的 ID列表中的所有信息。 此处的备用的密钥 ID后续 用于标识节点间独立协商建立的、 非 中的对密钥;  After the ID list is created on the M, the deployment server randomly selects the nodes from the remaining n-1 nodes, and inserts their node IDs into the ID list of M respectively; then, the deployment server is from the key pool ^ to the ID list. Each key is selected repeatedly without a key, and these key identifiers and corresponding key values are respectively inserted into the corresponding K_ID field and K_VAL field in the ID list of M, and these keys are deleted from the key pool. And logo. Finally, the deployment server generates ( < «,) alternate key IDs, where the alternate key ID is not duplicated with the key ID in the key pool KP and is also loaded into Νί. Deploy all information in the ID list of the node. The alternate key ID here is used to identify the pair of keys established by the independent negotiation between the nodes;
1.4.2 )对于节点 ^, 部署服务器在为节点 M预分发密钥后, 开 始为节点 ^预分发密钥。首先,部署服务器从剩余《-1个节点中随机 选择 个节点, 分别将其节点 ID插入到 Ny的 ID列表中; 然后, 部署服务器从密钥池 中为 Ny的 ID列表中的每一项不重复的选择 一个密钥, 并将这些密钥标识以及相应的密钥值分别插入 Ny的 ID列 表中对应的 K_ID字段和 K_VAL字段中, 但当为 Ny随机选择的 个节点中包括 M时, 则不再为 Ny与 M重新分配密钥, 而是为其分配 之前已为 M分配的二者之间的共享密钥, 并在 Nj的 ID列表中与 Ni 对应的项的 K_ID字段和 K_VAL字段中分别插入该共享密钥的 ID和 密钥值。 部署服务器生成 ( < «,)个与密钥池 中的密钥 ID以及 M的备用密钥 ID不重复的密钥 ID ,也加载到 Ny中。部署服务器记录 节点 Ny的 ID列表中的所有信息;  1.4.2) For node ^, the deployment server starts pre-distributing the key for the node ^ after pre-distributing the key for node M. First, the deployment server randomly selects nodes from the remaining "-1 nodes, and inserts their node IDs into the Ny ID list respectively; then, the deployment server does not list each item in the Ny ID list from the key pool. Repeatingly selecting a key, and inserting the key identifier and the corresponding key value into the corresponding K_ID field and K_VAL field in the ID list of Ny, respectively, but when M is randomly selected for Ny, then The key is no longer reassigned for Ny and M, but is assigned to the shared key that was previously assigned to M, and is in the K_ID field and K_VAL field of the item corresponding to Ni in the ID list of Nj. Insert the ID and key value of the shared key separately. The deployment server generates ( < «,) key IDs that do not duplicate the key ID in the key pool and the alternate key ID of M, and is also loaded into Ny. Deploy server record All information in the node Ny's ID list;
1.4.3 )对于剩余节点, 部署服务器在为 ^分发密钥后, 为剩余 所有节点依次分发密钥, 分发方法与节点 ^相同。 同样地, 部署服 务器记录所有剩余节点的 ID列表信息。  1.4.3) For the remaining nodes, after deploying the key, the deployment server distributes the keys for all remaining nodes in turn, and the distribution method is the same as that of node ^. Similarly, the deployment server records ID list information for all remaining nodes.
2 ) 密钥建立 网络部署后, 节点间建立用于进行安全连接的对密钥和组密钥, 具体实现方式是: 2) Key establishment After the network is deployed, the pair of keys and group keys for establishing a secure connection are established between the nodes. The specific implementation manner is as follows:
2.1 )对密钥的建立  2.1) Establishment of the key
用于在节点间建立成对密钥, 具体实现方式是:  Used to establish a pairwise key between nodes. The specific implementation is:
2.1.1 )共享密钥的建立  2.1.1) Establishment of shared key
在存在共享密钥的邻居节点间建立对密钥的具体实现方式是: The specific implementation of establishing a key between neighbor nodes that have a shared key is:
2.1.1.1 )网络部署后, 每个节点均向其邻居节点广播自己的身份 标识信息; 2.1.1.1) After the network is deployed, each node broadcasts its own identity information to its neighbor nodes;
2.1.1.2 )邻居节点收到 2.1.1.1)的广播消息后, 根据其中的身份 标识信息判断是否与该广播节点共享密钥, 如果自己的 ID列表中的 N_ID字段中存在相同的 ID ,表明自己与该节点共享密钥,即对密钥; 该邻居节点将对应 ID列表对应项中的 K_STA字段置为"已建立",标 识已与 2.1.1.1 ) 中的广播节点建立对密钥, 即已建立直接安全连接。  2.1.1.2) After receiving the broadcast message of 2.1.1.1), the neighbor node determines whether to share the key with the broadcast node according to the identity information in it. If the same ID exists in the N_ID field in the ID list, it indicates that it Sharing a key with the node, that is, a pair of keys; the neighbor node sets the K_STA field in the corresponding item of the corresponding ID list to "established", and identifies that the key has been established with the broadcast node in 2.1.1.1), that is, Establish a direct secure connection.
2.1.2 )路径密钥的建立  2.1.2) Establishment of path key
在没有共享密钥但存在多跳安全连接的节点间建立对密钥的具 体实现方式是:  The specific implementation of establishing a key between nodes that do not have a shared key but has a multi-hop secure connection is:
2.1.2.1 )当源节点与目的节点间存在一条由两两间均存在共享密 钥的多个节点构成的安全路径时,对于该路径的确立方法本发明不做 讨论, 源节点生成一个路径密钥 并从备用的路径密钥 ID中不重 复的选择一个 ID, 通过与目的节点之间的安全路径, 将该路径密钥 PK和对应的密钥 ID以及自己的 ID和目的节点的 ID通过安全路径 上节点的逐跳加解密传输发送给目的节点。  2.1.2.1) When there is a secure path consisting of multiple nodes with shared keys between the source node and the destination node, the method for establishing the path is not discussed in the present invention, and the source node generates a path dense. The key selects an ID from the alternate path key ID without repeating, and passes the secure path with the destination node, and passes the path key PK and the corresponding key ID and the ID of the own ID and the destination node through security. The hop-by-hop encryption and decryption transmission of the node on the path is sent to the destination node.
2.1.2.2 ) 目的节点收到源节点的密钥消息并解密获得路径密钥 PK后, 通过与源节点之间的安全路径向源节点发送密钥建立成功消 息, 表明与源节点之间已建立安全连接。 此时, 源节点和目的节点分 别将对方的身份标识 ID作为新条目插入到自己的 ID列表中, 并将 PK的 ID以及 PK的值插入对应的 K_ID字段和 K_VAL字段中, 并 将对应的 K_STA字段置为"已建立", 将 K_ATTR字段置为"路径密 钥", 如果源节点和目的节点之间在建立路径密钥时的路径为单跳, 即表明双方均在对方的直接通信范围内,则将相应的 K_ATTR_EX字 段置为"直连密钥"; 否则, 将相应的 K_ATTR_EX字段置为"多跳相 连密钥"; 2.1.2.2) After receiving the key message of the source node and decrypting the obtained path key PK, the destination node sends a key establishment success message to the source node through a secure path with the source node, indicating that the source node has been established. Secure connection. At this time, the source node and the destination node respectively insert the identity ID of the other party into the ID list as a new entry, and insert the value of the PK and the value of the PK into the corresponding K_ID field and the K_VAL field, and the corresponding K_STA. The field is set to "established", and the K_ATTR field is set to "path key". If the path between the source node and the destination node when establishing the path key is a single hop, That is to say, both parties are within the direct communication range of the other party, and the corresponding K_ATTR_EX field is set to "direct connection key"; otherwise, the corresponding K_ATTR_EX field is set to "multi-hop connected key";
2.2 )组密钥的建立  2.2) Establishment of group key
当节点需要组播通信时, 需要建立组密钥, 包括两种建立方式: 直接组密钥建立和间接组密钥建立, 具体实现方式是:  When a node needs to communicate with a multicast group, you need to establish a group key, including two types of establishment: direct group key establishment and indirect group key establishment. The specific implementation methods are as follows:
2.2.1 )直接组密钥建立, 用于在邻居节点间建立组密钥: 2.2.1.1 )组播节点生成组密钥 MSK,利用与邻居节点即组播消息 接收节点之间的共享密钥或直连密钥将 ¾:加密后发送给组播消息 接收节点;  2.2.1) Direct group key establishment, used to establish a group key between neighbor nodes: 2.2.1.1) The multicast node generates a group key MSK, which utilizes a shared key with the neighbor node, ie, the multicast message receiving node. Or the direct connection key will be encrypted and sent to the multicast message receiving node;
2.2.1.2 )组播消息接收节点成功解密 MSK后, 将其保存并向组 播节点发送组密钥建立成功消息, 直接组密钥建立过程结束。  2.2.1.2) After the multicast message receiving node successfully decrypts the MSK, it saves and sends a group key establishment success message to the multicast node, and the direct group key establishment process ends.
2.2.2 ) 间接组密钥建立, 用于在多跳节点间建立组密钥: 2.2.2.1 )组播节点生成组密钥 MSK,利用与其多跳相连的节点之 间共享的多跳相连密钥, 将 MSK加密后发送给与该组播节点多跳相 连的组播消息接收节点;  2.2.2) Indirect group key establishment, used to establish a group key between multi-hop nodes: 2.2.2.1) The multicast node generates a group key MSK, which uses a multi-hop connection secret shared between nodes connected to its multi-hop Key, the MSK is encrypted and sent to the multicast message receiving node connected to the multicast node by multiple hops;
2.2.2.2 )该组播消息接收节点成功解密 MSK后, 将其保存并利 用与其组内成员即组播消息接收节点之间的直连密钥或共享密钥将 MSK加密后发送给组内成员, 然后向组播节点发送组密钥建立成功 消息。  2.2.2.2) After the multicast message receiving node successfully decrypts the MSK, save it and use the direct key or shared key between the members of the group, that is, the multicast message receiving node, to encrypt the MSK and send it to the members of the group. And then send a group key establishment success message to the multicast node.
本发明中所述节点泛指传感器网络中的各种网络实体,包括部署 服务器、 基站、 簇头节点、 普通节点等。  The nodes in the present invention generally refer to various network entities in a sensor network, including a deployment server, a base station, a cluster head node, a common node, and the like.
本发明提供一种传感器网络密钥预分发和密钥建立方法的执行 流程,基于随机密钥预分发和每对节点共享一个密钥的密钥预分发方 法, 提出适用于大规模传感器网络的密钥预分发和密钥建立方法。 此 方法通过将节点 ID与密钥 ID绑定,能够在帮助节点建立对密钥的同 时支持节点间实现端到端的身份鉴别。本发明还能够提供组密钥建立 服务, 支持节点间的安全组播通信。  The invention provides an execution flow of a sensor network key pre-distribution and key establishment method, and a key pre-distribution method based on random key pre-distribution and a pair of nodes sharing a key, and a density suitable for a large-scale sensor network is proposed. Key pre-distribution and key establishment methods. By binding the node ID to the key ID, this method enables end-to-end identity authentication between the nodes while helping the node establish the key. The present invention is also capable of providing a group key establishment service and supporting secure multicast communication between nodes.

Claims

权 利 要 求 Rights request
1、一种传感器网络的密钥预分发和密钥建立方法, 其特征在于: 所述方法包括以下步骤:  A key pre-distribution and key establishment method for a sensor network, characterized in that: the method comprises the following steps:
1 ) 密钥预分发, 所述步骤 1 ) 包括:  1) Key pre-distribution, the steps 1) include:
1.1 ) 网络部署前, 部署服务器生成密钥池 该密钥池 KP包 含多个密钥及其密钥标识, 密钥池中密钥个数记为 I PI足够大, 以确保能够为传感器网络中的节点提供足够的密钥,部署服务器是安 全的;  1.1) Before the network is deployed, the deployment server generates a key pool. The key pool KP contains multiple keys and their key identifiers. The number of keys in the key pool is recorded as I PI is large enough to ensure that it can be in the sensor network. The node provides enough keys to deploy the server is secure;
1.2 )计算节点的度
Figure imgf000013_0001
其中, 为预设的 网络连通度, 《为网络中的节点数, 每个节点均有对应的标识 ID; 1.2) Calculate the degree of the node
Figure imgf000013_0001
Wherein, for the preset network connectivity, "for the number of nodes in the network, each node has a corresponding identification ID;
1.3 )根据节点的度 d以及期望的网络部署后节点的邻居节点数 η, , 计算相邻节点间两两预共享密钥的概率 p=dln,;  1.3) Calculate the probability p=dln of the two-way pre-shared key between adjacent nodes according to the degree d of the node and the number of neighbor nodes of the node after the desired network deployment.
1.4 )部署服务器为节点预分发密钥;  1.4) The deployment server pre-distributes the key for the node;
2 ) 密钥建立, 所述步骤 2 ) 包括:  2) Key establishment, the step 2) includes:
2.1 )对密钥的建立;  2.1) the establishment of a key;
2.2 )组密钥的建立。  2.2) Establishment of a group key.
2、 根据权利要求 1所述的传感器网络的密钥预分发和密钥建立 方法, 其特征在于: 所述步骤 1.4 ) 包括:  2. The key pre-distribution and key establishment method for a sensor network according to claim 1, wherein: the step 1.4) comprises:
1.4.1 )对于节点 Ni , 部署服务器首先为 M构造 ID列表, ID列 表中包括: N_ID字段、 K_ID字段、 K_STA字段、 K_ATTR字段、 K_ATTR_EX字段以及 K_VAL字段;  1.4.1) For the node Ni, the deployment server first constructs an ID list for the M, and the ID list includes: an N_ID field, a K_ID field, a K_STA field, a K_ATTR field, a K_ATTR_EX field, and a K_VAL field;
其中:  among them:
N_ID字段用于填入节点 ID, 所述节点 ID表示与节点 M共享密 钥的节点身份标识值;  The N_ID field is used to fill in a node ID, and the node ID represents a node identity value that shares a key with the node M;
K_ID字段用于填入密钥 ID , 所述密钥 ID表示节点 M与 N_ID 字段所标识的节点之间共享密钥的标识值;  The K_ID field is used to fill in the key ID, and the key ID represents the identification value of the shared key between the node identified by the node M and the N_ID field;
K_STA字段用于填入密钥状态,所述密钥状态表示 K_ID字段所 标识的密钥的状态,当节点 M与 N_ID字段所标识的节点已建立对密 钥时, K_STA 字段的值为已建立, 否则为未建立, 该字段的初值为 未建立; The K_STA field is used to fill in a key state indicating the state of the key identified by the K_ID field. When the node identified by the node M and the N_ID field has established a pair of keys, the value of the K_STA field is established. , otherwise it is not established, the initial value of this field is Not established;
K_ATTR字段用于填入密钥属性, 当 K_STA字段中的值为已建 立时, 该字段的取值有意义, 表示 K_ID字段所标识的密钥是共享密 钥还是路径密钥, 该字段的缺省表示共享密钥;  The K_ATTR field is used to fill in the key attribute. When the value in the K_STA field is established, the value of the field is meaningful, indicating whether the key identified by the K_ID field is a shared key or a path key. Province represents a shared key;
K_ATTR_EX字段用于填入密钥属性扩展,当 K_ATTR字段表示 的密钥为路径密钥时, 该字段的值有意义, 用于表示路径密钥是直连 密钥还是多跳相连密钥, 该字段的缺省表示密钥为直连密钥;  The K_ATTR_EX field is used to fill in the key attribute extension. When the key represented by the K_ATTR field is the path key, the value of the field is meaningful, and is used to indicate whether the path key is a direct key or a multi-hop connected key. The default representation key of the field is a direct key;
K_VAL字段用于填入密钥值,所述密钥值用于存储 K_ID字段标 识的密钥值;  The K_VAL field is used to fill in a key value for storing the key value identified by the K_ID field;
在 M上建立 ID列表后, 部署服务器从剩余 n-1个节点中随机选 择 个节点, 分别将其节点 ID插入到 M的 ID列表中; 然后, 部 署服务器从密钥池^中为 ID列表中的每一项不重复的选择一个密 钥, 并将这些密钥标识以及相应的密钥值分别插入 M的 ID列表中对 应的 K_ID字段和 K_VAL字段中, 并从密钥池 KP中删除这些密钥 及标识; 最后, 部署服务器生成 个备用的密钥 ID, 其中, 小于《,, 这里的备用密钥 ID与密钥池 KP中的密钥 ID不重复, 也加载到 Νί 中; 部署服务器记录节点 Ni的 ID列表中的所有信息; 此处的备用的 密钥 ID后续用于标识节点间独立协商建立的、 非 中的对密钥;  After the ID list is created on the M, the deployment server randomly selects the nodes from the remaining n-1 nodes, and inserts their node IDs into the ID list of M respectively; then, the deployment server is from the key pool ^ to the ID list. Each key is selected repeatedly without a key, and these key identifiers and corresponding key values are respectively inserted into the corresponding K_ID field and K_VAL field in the ID list of M, and these secrets are deleted from the key pool KP. Key and ID; Finally, the deployment server generates an alternate key ID, where, less than,, the alternate key ID here is not duplicated with the key ID in the key pool KP, and is also loaded into Νί; All the information in the ID list of the node Ni; the alternate key ID here is used to identify the pair of keys that are independently negotiated between the nodes;
1.4.2 )对于节点 ^, 部署服务器在为节点 M预分发密钥后, 开 始为节点 ^预分发密钥: 首先,部署服务器从剩余《-1个节点中随机 选择 个节点, 分别将其节点 ID插入到 Ny的 ID列表中; 然后, 部署服务器从密钥池 中为 Ny的 ID列表中的每一项不重复的选择 一个密钥, 并将这些密钥标识以及相应的密钥值分别插入 Ny的 ID列 表中对应的 K_ID字段和 K_VAL字段中, 但当为 Ny随机选择的 个节点中包括 M时, 则不再为 Ny与 M重新分配密钥, 而是为其分配 之前已为 M分配的二者之间的共享密钥, 并在 Nj的 ID列表中与 Ni 对应的项的 K_ID字段和 K_VAL字段中分别插入该共享密钥的 ID和 密钥值; 部署服务器生成 个与密钥池^中的密钥 ID以及 M的备 用密钥 ID不重复的密钥 ID , 也加载到 ^中, 其中, 小于《,; 部 署服务器记录节点 Nj的 ID列表中的所有信息; 1.4.2) For the node ^, the deployment server pre-distributes the key for the node ^ after pre-distributing the key for the node M: First, the deployment server randomly selects the nodes from the remaining "-1 nodes, respectively, and nodes thereof The ID is inserted into the ID list of Ny; then, the deployment server selects a key from the key pool for each item in the Ny ID list, and inserts the key identifier and the corresponding key value respectively. Ny's ID list corresponds to the K_ID field and the K_VAL field, but when M is randomly selected for Ny, the key is no longer reassigned for Ny and M, but is allocated for M before it is allocated. a shared key between the two, and insert the ID and key value of the shared key in the K_ID field and the K_VAL field of the item corresponding to Ni in the ID list of Nj; the deployment server generates a key pool The key ID in ^ and the key ID of the backup key ID of M are not loaded, and are also loaded into ^, where, less than ",; The server records all the information in the ID list of the node Nj;
1.4.3 )对于剩余节点, 部署服务器在为 ^分发密钥后, 为剩余 所有节点依次分发密钥, 分发方法与节点 ^相同; 部署服务器记录 所有剩余节点的 ID列表信息。  1.4.3) For the remaining nodes, after deploying the key, the deployment server distributes the keys for all remaining nodes in turn, and the distribution method is the same as that of node ^; the deployment server records the ID list information of all remaining nodes.
3、 根据权利要求 1或 2所述的传感器网络的密钥预分发和密钥 建立方法, 其特征在于: 所述步骤 2.1 ) 包括:  The key pre-distribution and key establishment method of the sensor network according to claim 1 or 2, wherein: the step 2.1) comprises:
2.1.1 )共享密钥的建立;  2.1.1) establishment of a shared key;
2.1.2 )路径密钥的建立。  2.1.2) Establishment of a path key.
4、 根据权利要求 3所述的传感器网络的密钥预分发和密钥建立 方法, 其特征在于: 所述步骤 2.1.1 ) 包括:  4. The key pre-distribution and key establishment method for a sensor network according to claim 3, wherein: the step 2.1.1) comprises:
2.1.1.1 )网络部署后, 每个节点均向其邻居节点广播自己的身份 标识信息;  2.1.1.1) After the network is deployed, each node broadcasts its own identity information to its neighbor nodes;
2.1.1.2 )邻居节点收到步骤 2.1.1.1)中的广播消息后, 根据其中 的身份标识信息判断是否与该广播节点共享密钥, 如果自己的 ID列 表中的 N_ID字段中存在相同的 ID,表明自己与该节点共享密钥, 即 对密钥;该邻居节点将对应 ID列表对应项中的 K_STA字段置为已建 立, 标识已与步骤 2.1.1.1 )中的广播节点建立对密钥, 即已建立直接 安全连接。  2.1.1.2) After receiving the broadcast message in step 2.1.1.1), the neighbor node determines whether to share the key with the broadcast node according to the identity identification information therein. If the same ID exists in the N_ID field in the ID list, Indicates that the key is shared with the node, that is, the key; the neighbor node sets the K_STA field in the corresponding item of the corresponding ID list to be established, and the identifier has established a pair key with the broadcast node in step 2.1.1.1), that is, A direct secure connection has been established.
5、 根据权利要求 3所述的传感器网络的密钥预分发和密钥建立 方法, 其特征在于: 所述步骤 2.1.2 )在没有共享密钥但存在多跳安 全连接的节点间建立对密钥的过程如下:  5. The method for key pre-distribution and key establishment of a sensor network according to claim 3, wherein: step 2.1.2) establishing a secret between nodes having no shared key but having a multi-hop secure connection. The key process is as follows:
2.1.2.1 )当源节点与目的节点间存在一条由两两间均存在共享密 钥的多个节点构成的安全路径时, 源节点生成一个路径密钥 并从 备用的路径密钥 ID中不重复的选择一个 ID, 通过与目的节点之间的 安全路径,将该路径密钥 PK和对应的密钥 ID以及自己的 ID和目的 节点的 ID通过安全路径上节点的逐跳加解密传输发送给目的节点;  2.1.2.1) When there is a secure path consisting of multiple nodes with shared keys between the source node and the destination node, the source node generates a path key and does not repeat from the alternate path key ID. Selecting an ID, passing the path between the path key PK and the corresponding key ID and the ID of the own node and the destination node through the hop-by-hop encryption and decryption transmission of the node on the secure path to the destination through the secure path with the destination node Node
2.1.2.2 ) 目的节点收到源节点的密钥消息并解密获得路径密钥 PK后, 通过与源节点之间的安全路径向源节点发送密钥建立成功消 息, 表明与源节点之间已建立安全连接; 此时, 源节点和目的节点分 别将对方的身份标识 ID作为新条目插入到自己的 ID列表中, 并将 PK的 ID以及 PK的值插入对应的 K_ID字段和 K_VAL字段中, 并 将对应的 K_STA字段置为已建立, 将 K_ATTR字段置为路径密钥, 如果源节点和目的节点之间在建立路径密钥时的路径为单跳,即表明 源节点和目的节点均在对方的直接通信范围内, 则将相应的 K_ATTR_EX字段置为直连密钥; 否则, 将相应的 K_ATTR_EX字段 置为多跳相连密钥。 2.1.2.2) After receiving the key message of the source node and decrypting the obtained path key PK, the destination node sends a key establishment success message to the source node through a secure path with the source node, indicating that the source node has been established. Secure connection; at this point, the source node and the destination node are divided into Do not insert the other party's identity ID as a new entry into its own ID list, and insert the PK ID and PK values into the corresponding K_ID field and K_VAL field, and set the corresponding K_STA field to established, K_ATTR The field is set to the path key. If the path between the source node and the destination node is a single hop when the path key is established, indicating that both the source node and the destination node are within the direct communication range of the other party, the corresponding K_ATTR_EX field is set. Is the direct key; otherwise, the corresponding K_ATTR_EX field is set to a multi-hop connected key.
6、 根据权利要求 1至 5中任意一项所述的传感器网络的密钥预 分发和密钥建立方法, 其特征在于: 所述步骤 2.2 ) 包括:  The key pre-distribution and key establishment method of the sensor network according to any one of claims 1 to 5, wherein the step 2.2) comprises:
2.2.1 )直接组密钥的建立, 用于在直连节点间建立组密钥; 2.2.2 ) 间接组密钥的建立, 用于在多跳相连节点间建立组密钥。 2.2.1) Establishment of a direct group key for establishing a group key between directly connected nodes; 2.2.2) Establishment of an indirect group key for establishing a group key between multi-hop connected nodes.
7、 根据权利要求 6所述的传感器网络的密钥预分发和密钥建立 方法, 其特征在于: 所述步骤 2.2.1 ) 包括: 7. The key pre-distribution and key establishment method of a sensor network according to claim 6, wherein: the step 2.2.1) comprises:
2.2.1.1 )组播节点生成组密钥 MSK,利用与邻居节点即组播消息 接收节点之间的共享密钥或直连密钥将 ¾:加密后发送给组播消息 接收节点;  2.2.1.1) The multicast node generates a group key MSK, which is encrypted and sent to the multicast message receiving node by using a shared key or a direct connection key between the neighboring node, that is, the multicast message receiving node;
2.2.1.2 )组播消息接收节点成功解密 MSK后, 将其保存并向组 播节点发送组密钥建立成功消息, 直接组密钥建立过程结束。  2.2.1.2) After the multicast message receiving node successfully decrypts the MSK, it saves and sends a group key establishment success message to the multicast node, and the direct group key establishment process ends.
8、 根据权利要求 6所述的传感器网络的密钥预分发和密钥建立 方法, 其特征在于: 所述步骤 2.2.2 ) 包括:  8. The key pre-distribution and key establishment method of a sensor network according to claim 6, wherein: the step 2.2.2) comprises:
2.2.2.1 )组播节点生成组密钥 MSK,利用与其多跳相连的节点之 间共享的多跳相连密钥, 将 MSK加密后发送给与该组播节点多跳相 连的组播消息接收节点;  2.2.2.1) The multicast node generates the group key MSK, and uses the multi-hop connection key shared between the nodes connected to its multi-hop to encrypt the MSK and send it to the multicast message receiving node connected to the multicast node by multiple hops. ;
2.2.2.2 )该组播消息接收节点成功解密 MSK后, 将其保存并利 用与其组内成员即组播消息接收节点之间的直连密钥或共享密钥将 MSK加密后发送给组内成员, 然后向组播节点发送组密钥建立成功 消息。  2.2.2.2) After the multicast message receiving node successfully decrypts the MSK, save it and use the direct key or shared key between the members of the group, that is, the multicast message receiving node, to encrypt the MSK and send it to the members of the group. And then send a group key establishment success message to the multicast node.
PCT/CN2009/076172 2009-10-10 2009-12-29 Method for key pre-distribution and key establishment in a sensor network WO2011041933A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910024214.1A CN101674179B (en) 2009-10-10 2009-10-10 Method for predistributing and establishing key of sensor network
CN200910024214.1 2009-10-10

Publications (1)

Publication Number Publication Date
WO2011041933A1 true WO2011041933A1 (en) 2011-04-14

Family

ID=42021184

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/076172 WO2011041933A1 (en) 2009-10-10 2009-12-29 Method for key pre-distribution and key establishment in a sensor network

Country Status (2)

Country Link
CN (1) CN101674179B (en)
WO (1) WO2011041933A1 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101699891B (en) 2009-10-21 2012-07-25 西安西电捷通无线网络通信股份有限公司 Method for key management and node authentication of sensor network
CN101854244B (en) 2010-06-07 2012-03-07 西安西电捷通无线网络通信股份有限公司 Three-section type secure network architecture establishment and secret communication method and system
CN103179562B (en) * 2013-04-08 2015-06-03 东南大学 Node identity authentication method based on zero-knowledge proof in wireless sensor network
CN104202159B (en) * 2014-09-28 2018-09-11 网易有道信息技术(北京)有限公司 Cryptographic key distribution method and equipment
CN106850508B (en) * 2015-12-07 2020-04-17 中国电信股份有限公司 Security group communication method and system and related device
CN105933896B (en) * 2016-06-30 2019-05-24 重庆邮电大学 Key management method of wireless sensor network based on key list
CN108183898B (en) * 2017-12-28 2020-09-29 浙江中智海通信科技有限公司 Efficient encryption method based on registration service
EP4290790A4 (en) * 2021-02-26 2024-03-20 Huawei Tech Co Ltd Key acquisition method and apparatus, and key management system
CN115242490B (en) * 2022-07-19 2023-09-26 北京计算机技术及应用研究所 Group key secure distribution method and system in trusted environment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001003365A1 (en) * 1999-07-06 2001-01-11 Matsushita Electric Industrial Co., Ltd. Distributed group key management scheme for secure many-to-many communication
KR20070067589A (en) * 2005-12-24 2007-06-28 중앙대학교 산학협력단 A space-efficient algorithm for pre-distributing pairwise keys in sensor networks
CN101383699A (en) * 2008-10-22 2009-03-11 广州大学 Cipher key pre-distributing method for sensor network
CN101494861A (en) * 2009-03-03 2009-07-29 东南大学 Method for pre-distributing wireless sensor network cipher key

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101394271A (en) * 2008-10-28 2009-03-25 上海电力学院 Method for simultaneously establishing pair cipher key and group cipher key in sensor network
CN101420441A (en) * 2008-12-05 2009-04-29 北京工业大学 Adaptive cipher key deployment method for wireless sensor network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001003365A1 (en) * 1999-07-06 2001-01-11 Matsushita Electric Industrial Co., Ltd. Distributed group key management scheme for secure many-to-many communication
KR20070067589A (en) * 2005-12-24 2007-06-28 중앙대학교 산학협력단 A space-efficient algorithm for pre-distributing pairwise keys in sensor networks
CN101383699A (en) * 2008-10-22 2009-03-11 广州大学 Cipher key pre-distributing method for sensor network
CN101494861A (en) * 2009-03-03 2009-07-29 东南大学 Method for pre-distributing wireless sensor network cipher key

Also Published As

Publication number Publication date
CN101674179A (en) 2010-03-17
CN101674179B (en) 2011-06-01

Similar Documents

Publication Publication Date Title
KR101447339B1 (en) Key management and node authentication method for sensor network
WO2011041933A1 (en) Method for key pre-distribution and key establishment in a sensor network
Zhu et al. GKMPAN: An efficient group rekeying scheme for secure multicast in ad-hoc networks
Anjum et al. Security for wireless ad hoc networks
Nilsson et al. Key management and secure software updates in wireless process control environments
US6049878A (en) Efficient, secure multicasting with global knowledge
US8571223B2 (en) Method for combining authentication and secret keys management mechanism in a sensor network
Huang et al. A forward authentication key management scheme for heterogeneous sensor networks
Das An efficient random key distribution scheme for large‐scale distributed sensor networks
US20080044028A1 (en) Pair-wise key pre-distribution method for wireless sensor network
CN101494861A (en) Method for pre-distributing wireless sensor network cipher key
Saraswathi et al. Dynamic and probabilistic key management for distributed wireless sensor networks
Sudarsono et al. An implementation of secure data exchange in wireless delay tolerant network using attribute-based encryption
Soroush et al. Providing transparent security services to sensor networks
Abraham et al. An efficient protocol for authentication and initial shared key establishment in clustered wireless sensor networks
Shaik et al. Key management schemes of wireless sensor networks a survey
del Valle et al. Overview the key management in ad hoc networks
James et al. Key Management Systems for Large-Scale Quantum Key Distribution Networks
Mulugeta et al. Secured two phase geographic forwarding protocol in wireless multimedia sensor networks
Jehangir et al. Securing personal network clusters
Cichoń et al. From key predistribution to key redistribution
Krontiris et al. WSN link-layer security frameworks
Beyah et al. Security in Ad-hoc and Sensor Networks
CN111865972B (en) Anonymous communication method and system
Sieka et al. Establishing Authenticated Channels and Secure Identifiers in Ad-hoc Networks.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09850191

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09850191

Country of ref document: EP

Kind code of ref document: A1