摘要
针对移动自组网中组密钥管理面临的诸多挑战,提出一种高效的安全簇组密钥协商协议(ESGKAP,efficientand secure group key agreement protocol)。ESGKAP基于提出的高性能层簇式CCQ_n网络模型,有效地减少了组密钥协商过程中的秘密贡献交互开销,增加了协议的灵活性、可扩展性和容错性。ESGKAP无需控制中心,由秘密分发中心构造门限秘密共享,所有成员通过协商生成簇组密钥,提高了方案的安全性,且基于ECC密码体制提高了簇组密钥生成的效率。同时,提出高效的签密及门限联合签名方案,确保簇组成员能够对接收的簇组密钥份额进行验证,进一步增加了方案的安全性。使用串空间模型对ESGKAP方案进行了形式化分析,证明了其正确性和安全性。最后,通过与BD、A-GDH和TGDH协议比较,表明ESGKAP能有效减少节点和网络资源消耗,很好地适用于特定的移动自组网环境,具有更为明显的安全和性能优势。
In order to overcome the drawback, an efficient and secure group key agreement protocol (ESGKAP) was proposed. ESGKAP was based on the cluster-based CQn model (CCQn) that effectively reduced communication overhead and improved the flexibility, scalability and fault-tolerance of the protocol. ESGKAP did not require a trusted dealer and only run an interactive protocol to generate group sharing secret key among n parties. The protocol could adapt to topological change automatically and increase the security of the protocol. The application of ECC improves the performance of group key agreement protocol. Efficient signcryption and threshold signature schemes were also proposed and the verification of the shares of sub-secret and group secret based on this scheme further enhanced the security of the proto- col. Strand spaces model was used to prove the correctness and security of ESGKAP. The performance analysis results show that the proposed scheme can reduce effectively resource cost, adapt the characteristics of wireless network and is clearly superior to the existing BD, A-GDH and TGDH protocols.
出处
《通信学报》
EI
CSCD
北大核心
2009年第12期68-78,共11页
Journal on Communications
基金
国家自然科学基金资助项目(60602061)
国家高技术研究发展计划("863"计划)基金资助项目(2006AA01Z413)~~
