摘要
由于诸多物理限制,在移动AD-HOC网络中实现节点认证存在许多困难。自发组网形式排除了采用单钥体制的可能,因为并不存在TTP或统一的管理机构。基于PKI的认证方法提供了较好的灵活性和安全性,但计算量较大,CA服务器也易于成为网络瓶颈和攻击目标。为此,利用门限秘密共享技术将CA功能分布到各网络节点上,消除了对CA服务器的过分依赖。根据漫游区域的连续性,采用门限体制对公钥认证进行优化,进一步减少了认证通信量和计算量,同时引入积分机制保障节点间的协作关系。
Due to a good many physical constrains, entity authentication is not a trivial task in wireless AD HOC networks. Self-organized networking precludes adopting symmetric cryptology for the purpose, because there are no TTPs or infrastructures available. Although PKI-based authentication provides better flexibility and security, the computation load is much heavier, also CA servers will become network bottlenecks and attacking targets. Using threshold secret sharing technique, Lidong Zhou et al. proposed the first scheme in which CA function is distributed over network nodes, thus the dependence upon CA servers is eliminated. In this paper, a further optimized scheme is proposed according to the continuity of roaming area and threshold secret sharing. The communication and computation overhead is further reduced remarkably and, tick mechanism is introduced for ensuring the cooperation between nodes.
出处
《杭州电子科技大学学报(自然科学版)》
2005年第3期47-51,共5页
Journal of Hangzhou Dianzi University:Natural Sciences
基金
国防重点实验室基金项目(No.51434060103DZ01)
关键词
自组织网络
网络安全
实体认证
self-organized network
network security
entity authentication