针对实时分布式应用的组密钥动态更新方案

Scheme of re-keying management in real-time distributed group communication

下载PDF

导出

摘要针对有实时性需求的分布式组通信应用问题,提出基于哈希函数和BD协议的组密钥更新机制.建立以种子成员为主导的组密钥管理模型,密钥更新主要发生在局部范围,不会引起大范围的信息耦合现象.BD协议降低了组密钥链种子参数的生成时间,从而降低了密钥更新的时间.安全性,健壮性和效率分析表明:提出的组密钥更新机制在满足实时性要求的前提下,能保证信息的前向机密性和后向机密性.相对于Io-lus模型,不仅消除了GSC与GSI处单点失效引发的1toN问题,且不需在GSI处的转发环节,消除了GSI处的数据瓶颈问题. A scheme of re-keying management based on key chain and BD protocol applied to real-time distributed communication is proposed, The scheme sets up a key management model supervised by seed nodes, in which refreshing key mainly occurs locally so that it would not result in the situation of large-scaly exchanging information. The time cost of refreshing key was reduced because of BD protocol reducing the time cost of creating key-chain＇ s seed parameter. Under the analysis of security, robustness and efficiency, the scheme can guarantees forward and backward confidentiality yet still achieves the real-time property. Compared with Iolus model, the proposed scheme resolves the 1 to N problem due to single node failure and avoids data bottleneck occurring at GSI.

作者杜春来胡铭曾张宏莉

机构地区哈尔滨工业大学计算机网络与信息安全技术研究中心

出处《哈尔滨工业大学学报》 EI CAS CSCD 北大核心 2008年第1期73-76,135,共5页 Journal of Harbin Institute of Technology

基金国家重点基础研究发展规划资助项目(2005CB321806)

关键词分布式组通信实时性 BD协议组密钥更新管理 distributed group communication real-time BD protocol re-keying management

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献14

1HARNEY H, MUCKENHIRN C. Group key management protocol (GKMP) specification [ S]. RFC2093, 1997.
2HARNEY H, MUCKENHIRN C. Group key management protocol (GKMP) architecture [S]. RFC2094, 1997.
3CHIOU Guanghuei, CHEN Wentsuen. Secure broad-casting using the secure lock [J]. IEEE Transaction on Software Engineering, 1989, 15(8): 929-934.
4WALDVOGEL M, CARONNI G, SUN Dan, et al. The VersaKey framework: Versatile group key management [ J]. IEEE Journal on Selected Areas in Communications, 1999, 17(9): 1614-1631.
5DIFFE W, HELLMAN M E. New direction in cryptology [J]. IEEE Transactions on Information Theory, 1976, 22(6) : 644 -654.
6STEINER M, TSUDIK G, CLIQUES W M. A new approach to group key agreement [C]//Proceedings of the 1998 18th International Conference on Distributed Computing Systems. Piscataway: IEEE Computer Society Press, 1998 : 380 -387.
7BURMESTER M, DESMEDT Y. A secure and efficient conference key distribution system [C]//Advances in Cryptology-Eurocrypt ' 94. Berlin: Springer-Verlag, 1994:275 - 286.
8BURMESTER M, DESMEDT Y. Efficient and secure conference key distribution[C]//Cambridge Workshop on Security Protocols of Lecture Notes in Computer Science. Berlin: Springer - Verlag, 1997 : 119 - 129.
9BURMESTER M, DESMEDT Y. A secure and scalable group key exchange system [ J ]. Information Processing Letters, 2005,94 : 137 - 143.
10MITTRA S. Iolus: A framework for scalable secure multicasting [ J ]. Computer Communication Review, 1997, 27(4): 277-288.

二级参考文献13

1[1]Ateniese G, Chevassut D, Hasse D et al. The design of a group key agreement API. In: Proc DARPA Information Survivability Conference and Exposition, SC, USA, 2000. 115-126
2[2]Caronni G, Waldvogel M, Sun D et al. Efficient security for large and dynamic groups. In: Proc the 7th Workshop on Enabling Technologies, (WET ICE'98), Stanford, California, USA,1998. 376-383. http://www.computer.org/ proceedings/wetice/8751/8751toc.htm
3[3]Lakshminath R, Mukherjee S, Sama A. A dual encryption protocol for scalable secure multicasting. In: Proc the 4th IEEE Symposium on Computers and Communications, Red Sea, Egypt, 1999. 2-8
4[4]Gong L, Shacham N. Elements of trusted multicasting. In: Proc IEEE International Conference on Network Protocols, Boston, MA, USA, 1994. 23-30
5[5]Harney H, Muckenhirn C. Group Key Management Protocol (GKMP) Architecture. RFC 2094, 1997
6[6]Blundo C, Santis A D, Herzberg A et al. Perfectly-secure key distribution for dynamic conferences. In: Proc CRYPTO'92, California, USA, 1992. 471-486
7[7]Mayer A, Yung M. Generalized secret sharing and group-key distribution using short keys. In: Proc Compression and Complexity of Sequences 1997, Salerno, Italy, 1998. 30-44
8[8]Chiou G H, Chen W T. Secure broadcasting using the secure lock. IEEE Trans Software Engineering, 1989,15(8): 929-934
9[9]Ballardie T. Scalable Multicast Key Distribution. RFC 1949, 1996
10[10]Dinsmore P T, Balenson D M, Heyman M et al. Policy-based security management for large dynamic groups: An overview of the DCCM project. In: Proc the DARPA Information Survivability Conference & Exposition, SC, USA, 2000. 64-73

共引文献25

1吴松,何亨,羌卫中.安全群组通信系统中的密钥分配机制[J].华中科技大学学报（自然科学版）,2006,34(z1):21-24. 被引量：2
2王绪安,杨晓元,张敏情,钟卫东.基于单向函数动态安全的组播密钥分配方案[J].计算机工程,2005,31(4):158-159. 被引量：1
3刘未,刘旭东.基于IPv6SSM组播的安全群密钥管理研究与实现[J].计算机工程,2005,31(8):140-142.
4卓继亮,李先贤,李建欣,怀进鹏.安全协议的攻击分类及其安全性评估[J].计算机研究与发展,2005,42(7):1100-1107. 被引量：16
5杜庆灵,吕述望.动态群密钥更新分析[J].计算机应用研究,2005,22(9):121-122.
6张煜,张文燚,李先贤,怀进鹏.多自治域协同环境中群组通信的安全访问控制[J].计算机研究与发展,2005,42(9):1558-1563. 被引量：4
7徐光伟,霍佳震,徐光远,曹奇英.基于角色授权的Ad Hoc网群密钥分配算法[J].计算机应用,2005,25(12):2768-2769. 被引量：2
8张忠,徐秋亮,原变青.虚拟动态子群密钥管理方案[J].计算机工程与设计,2006,27(5):731-734. 被引量：1
9李海锋,周健,樊静.基于代理的大型组播密钥管理系统[J].合肥工业大学学报（自然科学版）,2006,29(8):988-991.
10王国军,杨丽娟,施荣华.大规模移动自组网安全群组通信研究[J].计算机工程与设计,2006,27(17):3111-3113. 被引量：3

1董丽,蔺永政.基于车载自组网的AODV协议的改进[J].微型机与应用,2011,30(16):60-63.
2马聪,王璞,邵栋,荣国平,张贺.基于OBDII&EOBD的机动车监测系统分析与设计[J].计算机工程与应用,2016,52(1):233-238. 被引量：2
3况晓辉,张念,胡华平.移动自组网络环境下组密钥管理协议性能分析[J].计算机工程与科学,2004,26(3):4-7. 被引量：4
4李素君,周波清,羊四清.传感器网络高效密钥建立方案[J].计算机工程与应用,2013,49(2):134-136. 被引量：1
5赵华伟,刘月.适于传感网访问控制机制的密钥管理方案[J].计算机应用与软件,2010,27(12):18-20.
6于瑞华,李彦斌.一种基于Hash链的分级授权加密方案[J].中国人民公安大学学报（自然科学版）,2012,18(3):82-84. 被引量：1
7胡松,樊晓平,刘少强.一种新的基于椭圆曲线的WSN加密方案[J].微计算机信息,2008,24(36):40-41. 被引量：1
8笑傲“江湖”[J].科技新时代（下半月）,2006(11):66-66.
9刘月,赵华伟.无线传感器网中基于动态簇的密钥管理方案[J].计算机应用与软件,2012,29(4):60-64.
10徐力,李拥军.无线传感器网络安全方案分析与设计[J].科技资讯,2008,6(21):30-31.

哈尔滨工业大学学报

2008年第1期

浏览历史

内容加载中请稍等...

针对实时分布式应用的组密钥动态更新方案

参考文献14

二级参考文献13

共引文献25

相关作者

相关机构

相关主题

浏览历史