摘要
移动Ad Hoc网络(MANET)通常采用分布式CA认证方案,但针对认证服务中私钥元分配之前的安全审核方案很少,且已有方案是基于门限方案的单层结构,当一个节点的单跳邻居节点数目小于系统门限值时就无法正常工作。采用多层分布式技术,提出一种安全的多层分布式私钥元分配方案,一方面可以对申请私钥元的节点进行严格审核,防止多个恶意节点合谋重构系统私钥;另一方面可以使网络边缘或其他特殊位置的节点通过代理邻居节点获得正确的担保证书,解决了担保证书低于门限值的问题。
Mobile Ad Hoc Networks(MANET) usually adopt the distributed CA certification program,but the program focuses on the problem of secure auditing before the secret share distribution in certification service rarely,and the existing scheme is one hop architecture based on the threshold secret sharing cryptography scheme,a node can not work properly when the value of its one hop neighbor is less than threshold value.This paper proposes a security multi -layer distributed secret share distribution scheme combined with the multi-layer distributed technology,on the one hand,which can carry out strict auditing towards the nodes that applies for secret shares to prevent several malicious nodes working together to recover the secret key of system effectively,on the other hand can make the nodes which on the network edge or at other specific location to achieve the correct warrant certificates recur to the deputy neighbor nodes,resolve the amount of warrant certificates less than threshold value issues.
出处
《计算机工程与应用》
CSCD
北大核心
2010年第16期108-110,共3页
Computer Engineering and Applications
关键词
移动AD
HOC网络
门限秘密共享
私钥元
多层分布式
担保证书
Mobile Ad Hoc Networks
threshold secret sharing
secret share
multi-layer distributed
warrant certificate
