摘要
由于船舶自组网是一个涉及多行业、多部门、跨地域的复杂项目,必然涉及到业务整合和数据协同,这使得提高船舶自组网络的安全性和效率变得十分重要。考虑到在船联网中发起认证识别的频率不是很高,基于单向密钥链的ID认证防御机制(OKCIDA),降低攻击者不分时间段发起攻击的可能性。并基于椭圆曲线离散对数问题(ECDLP),在邻居发现的基础上,提出一种基于双线性的认证签名方案(BASS),以丢弃无效信息并阻止攻击节点加入网络。分析表明,该方案在邻居认证、消息签名、访问控制方面能够保证通信的安全性,而且无效节点剔除能够提高节点间的通信效率。最后,将方案的复杂度与延时分别与同类型协议进行对比。实验结果表明,该方案具有一定的优势。
As the ship network is a multi-sector,multi-sectoral,cross-regional complex projects,will inevitably involve business integration and data collaboration,which makes the improvement of the ship's network security and efficiency becomes very important.Considering that the initiation of neighbor certification in the ship network is infrequent,an ID authentication defense mechanism(OKCIDA)based on the oneway key chain is adopted to reduce the possibility of an attacker attacking at any time.Then,based on the elliptic curve discrete logarithm problem(ECDLP),proposes a bilinear-based authentication signature scheme(CDT)based on the discovery of neighbors to discard invalid information and prevent attack nodes from joining the network.The analysis shows that the scheme can guarantee the security of communication in terms of neighbor authentication,message signature and access control,and invalid node elimination can improve the communication efficiency between nodes.Finally,the complexity and delay of the scheme are compared with the same type of protocol.The experimental results show that the scheme has certain advantages.
作者
常丹婷
CHANG Dan-ting(College of Information Engineering,Shanghai Maritime University,Shanghai 201306)
基金
中国博士后科学基金资助项目(No.2014M561512)
国家自然科学基金资助项目(No.61202370)
关键词
船联网
邻居认证
消息签名
单向密钥链
Ship Network
Neighbor Authentication
Message Signature
One-Way Key Chain