摘要
随着无线传感器网络的应用越来越广泛,保证通信实体间传输数据的安全变得尤为重要,在对传输数据加密之前,如何达成会话密钥成为了一个紧要问题,需要AKA协议进行保障。文章通过对TAI等人提出的AKA协议进行分析后,发现该协议存在一些问题,用户和传感器节点达成共享密钥后,并不能确定对方身份的真实性,因此,容易受到假冒攻击。文章指出了TAI等人的AKA协议的安全缺陷后,给出了一个改进的AKA协议。新协议对原方案中传感器节点身份信息的提供方式进行改进,将传感器节点提供身份信息改为用户提供身份信息,传感器节点可以通过计算得到用户的身份信息,从而验证通信双方的真实性,有效地避免了假冒攻击,提高了协议的安全性。
With the use of wireless sensor networks becomes more and more wildly, it is very important to ensure the safety of data transmission between communication parties. So how to reach a session key has become a critical issue before encrypting the transmission data. And AKA protocol is used to solve this problem. After analysing TAI et al's AKA protocol, we find that their protocol suffers from such a security flaw. When a user and a sensor node reach the session key, they cannot confirm identity of each other. So their AKA protocol cannot withstand impersonation attack. This paper shows the found security flaws and propose an improvement by changing the method of sensor node identity provides. And the sensor node can also get the user's identity. So the authenticity of the communication parties will be verified. The proposed protocol can resist the impersonation attack effectively and the security is improved.
出处
《信息网络安全》
CSCD
北大核心
2018年第1期23-30,共8页
Netinfo Security
基金
国家自然科学基金[51378350]
天津市应用基础与前沿技术研究计划[15JCYBJC15900]
关键词
无线传感器网络
身份认证
密钥共识
信息安全
wireless sensor networks
identity authentication
key agreement
information security
