In this letter, a Function node-based Multiple Pairwise Keys Management (MPKMF) protocol for Wireless Sensor Networks (WSNs) is firstly designed, in which ordinary nodes and cluster head nodes are responsible for data...In this letter, a Function node-based Multiple Pairwise Keys Management (MPKMF) protocol for Wireless Sensor Networks (WSNs) is firstly designed, in which ordinary nodes and cluster head nodes are responsible for data collection and transmission, and function nodes are responsible for key management. There are more than one function nodes in the cluster consulting the key generation and other security decision-making. The function nodes are the second-class security center because of the characteristics of the distributed WSNs. Secondly, It is also described that the formation of function nodes and cluster heads under the control of the former, and five kinds of keys, i.e., individual key, pairwise keys, cluster key, management key, and group key. Finally, performance analysis and experiments show that, the protocol is superior in communication and energy consumption. The delay of establishing the cluster key meets the requirements, and a multiple pairwise key which adopts the coordinated security authentication scheme is provided.展开更多
Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes...Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes have become a research focus for blockchain private key protection.The security of private keys for blockchain user wallet is highly related to user identity authentication and digital asset security.The threshold blockchain private key management schemes based on verifiable secret sharing have made some progress,but these schemes do not consider participants’self-interested behavior,and require trusted nodes to keep private key fragments,resulting in a narrow application scope and low deployment efficiency,which cannot meet the needs of personal wallet private key escrow and recovery in public blockchains.We design a private key management scheme based on rational secret sharing that considers the self-interest of participants in secret sharing protocols,and constrains the behavior of rational participants through reasonable mechanism design,making it more suitable in distributed scenarios such as the public blockchain.The proposed scheme achieves the escrow and recovery of personal wallet private keys without the participation of trusted nodes,and simulate its implementation on smart contracts.Compared to other existing threshold wallet solutions and keymanagement schemes based on password-protected secret sharing(PPSS),the proposed scheme has a wide range of applications,verifiable private key recovery,low communication overhead,higher computational efficiency when users perform one-time multi-key escrow,no need for trusted nodes,and personal rational constraints and anti-collusion attack capabilities.展开更多
By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is p...By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.展开更多
In traditional networks , the authentication is performed by certificate authoritys(CA),which can't be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public k...In traditional networks , the authentication is performed by certificate authoritys(CA),which can't be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short, the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust re quirement of hosts better.展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
Secure sensor networks has received much attention in the last few years.A sensor network always works unattended possibly in a hostile environment such as a battlefield.In such environments,sensor networks are subjec...Secure sensor networks has received much attention in the last few years.A sensor network always works unattended possibly in a hostile environment such as a battlefield.In such environments,sensor networks are subject to node capture.Constrained energy,memory,and computational capabilities of sensor nodes mandate a clever design of security solutions to minimize overhead while maintaining secure communication over the lifespan of the network.In this paper,an authenticated dynamic key management scheme,ADKM has been proposed.It provides efficient,scalable,and survivable dynamic keying in a clustered sensor network with a large number of sensor nodes.ADKM employs a combinatorial exclusion basis system (EBS) for efficiency and one-way hash chains for authentication.Analysis of security and performance demonstrate that ADKM is efficient in security of sensor networks.展开更多
Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highl...Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers (SMs) play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on leaving probability (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.展开更多
In the harsh environment where n ode density is sparse, the slow-moving nodes cannot effectively utilize the encountering opportunities to realize the self-organized identity authentications, and do not have the chanc...In the harsh environment where n ode density is sparse, the slow-moving nodes cannot effectively utilize the encountering opportunities to realize the self-organized identity authentications, and do not have the chance to join the network routing. However, considering m ost of the communications in opportunistic networks are caused by forwarding operations, there is no need to establish the complete mutual authentications for each conversation. Accordingly, a novel trust management scheme is presented based on the information of behavior feedback, in order to complement the insufficiency of identity authentications. By utilizing the certificate chains based on social attributes, the mobile nodes build the local certificate graphs gradually to realize the web of "Identity Trust" relationship. Meanwhile, the successors generate Verified Feedback Packets for each positive behavior, and consequently the "Behavior Trust" relationship is formed for slow-moving nodes. Simulation result shows that, by implementing our trust scheme, the d elivery probability and trust reconstruction ratio can be effectively improved when there are large numbers of compromised nodes, and it means that our trust management scheme can efficiently explore and filter the trust nodes for secure forwarding in opportunistic networks.展开更多
In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitra...In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitrary partially ordered user hierarchy. The advantage is in ensuring that the security class in the higher level can derive any of its successor’s secret keys directly and efficiently and show it is dynamic while a new security class is added into or a class is removed from the hierarchy. Even the ex-member problem can be solved efficiently. Moreover, any user can freely change its own key for some security reasons.展开更多
This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relat...This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).展开更多
A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mo...A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mobile Ad hoc Networks(MANETs). The polynomial interpolation by Lagrange and curve fitting requires high computational efforts for higher order polynomials and moreover they are susceptible to Runge's phenomenon. The Chebyshev polynomials are secure, accurate, and stable and there is no limit to the degree of the polynomials. The distributed key management is a big challenge in these time varying networks. In this work, the Chebyshev polynomials are used to perform key management and tested in various conditions. The secret key shares generation, symmetric key construction and key distribution by using Chebyshev polynomials are the main elements of this projected work. The significance property of Chebyshev polynomials is its recursive nature. The mobile nodes usually have less computational power and less memory, the key management by using Chebyshev polynomials reduces the burden of mobile nodes to implement the overall system.展开更多
The m ajor advantages of EBS-based key rrkanagerrent scheme are its enhanced network survivability, high dynamic performance, and better support for network expansion. But it suffers from the collusion problem, which ...The m ajor advantages of EBS-based key rrkanagerrent scheme are its enhanced network survivability, high dynamic performance, and better support for network expansion. But it suffers from the collusion problem, which means it is prone to the cooperative attack of evicted members. A novel EBS-based collusion resistant group management scheme utilizing the construction of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is proposed. The new scheme satisfies the desired security properties, such as forward secrecy, backward secrecy and collusion secrecy. Compared with existing EBS-based key rmnagement scheme, the new scheme can resolve EBS collusion problem completely. Even all evicted members work together, and share their individual piece of information, they could not access to the new group key. In addition, our scheme is more efficient in terms of conmnication and computation overhead when the group size is large. It can be well controlled even in the case of large-scale application scenarios.展开更多
A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this...A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this scheme should be efficient in the operationenvironmental alteration and toleianl faults of node, which take the advantages of the benefits ofboth key management approaches and alleviate their limitations. For the cooperation of thecontroller and participation nodes, a (t, n) threshold Elliptic curve sign-encryption scheme withthe specified receiver also has been proposed. Using this threshold sign-encryption scheme, the keymanagement distributes the trust between a controller and a set of participation nodes.展开更多
Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inn...Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inner characteristics of sensor networks: deployed in hostile environments, limited resource and ad hoc nature. This paper investigates the constraints and special requirements of key management in sensor network environment, and some basic evaluation metrics are introduced. The key pre-distribution scheme is thought as the most suitable solution for key management problem in wireless sensor networks. It can be classified into four classes: pure probabilistic key pre-distribution, polynomial-based, Blom's matrix-based, and deterministic key pre-distribution schemes. In each class of methods, the related research papers are discussed based on the basic evaluation metrics. Finally, the possible research directions in key management are discussed.展开更多
Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper...Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.展开更多
A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that...A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.展开更多
The modernization of water conservancy project management is a complicated engineering system involving a management system, a management method, management personnel, the exertion of social, economic, and ecological ...The modernization of water conservancy project management is a complicated engineering system involving a management system, a management method, management personnel, the exertion of social, economic, and ecological effects, and so on. However, indices for evaluating the modernization of water conservancy project management are usually unobtainable in practical applications. Conducting appropriate extension of the classical rough set theory and then applying it to an incomplete information system are the key to the application of the rough set theory Based on analysis of some extended rough set models in incomplete information systems, a rough set model based on the θ-improved limited tolerance relation is put forward. At the same time, upper approximation and lower approximation are defined under this improved relation. According to the evaluation index system and management practices, the threshold for θ is defined. An example study indicates the practicability and maneuverability of the model.展开更多
Wireless Sensor Network(WSN)has witnessed an unpredictable growth for the last few decades.It has many applications in various critical sectors such as real-time monitoring of nuclear power plant,disaster management,e...Wireless Sensor Network(WSN)has witnessed an unpredictable growth for the last few decades.It has many applications in various critical sectors such as real-time monitoring of nuclear power plant,disaster management,environment,military area etc.However,due to the distributed and remote deployment of sensor nodes in such networks,they are highly vulnerable to different security threats.The sensor network always needs a proficient key management scheme to secure data because of resourceconstrained nodes.Existing polynomial based key management schemes are simple,but the computational complexity is a big issue.Lucas polynomials,Fibonacci polynomials,Chebychev polynomials are used in Engineering,Physics,Combinatory and Numerical analysis etc.In this paper,we propose a key management scheme using(p,q)-Lucas polynomial to improve the security of WSN.In(p,q)-Lucas polynomial,p represents a random base number while q represents a substitute value of x in the polynomial.The value of p is unique,and q is different according to communication between nodes.Analysis of the proposed method on several parameters such as computational overhead,efficiency and storage cost have been performed and compared with existing related schemes.The analysis demonstrates that the proposed(p,q)-Lucas polynomial based key management scheme outperforms over other polynomials in terms of the number of keys used and efficiency.展开更多
In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme...In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme based on the hyperelliptic curve crypto system, which is applicable to the distributed cloud storage. A series of operation processes of the key management are elaborated, including key distribution, key updating and key agreement, etc. Analysis shows that the scheme can solve the problem of large-scale key management and storage issues in cloud storage effectively. The scheme feathers high efficiency and good scalability. It is able to resist collusion attack and ensure safe and reliable service provided by the cloud storaee system展开更多
基金Supported by the National Natural Science Foundation of China (No. 60475012)
文摘In this letter, a Function node-based Multiple Pairwise Keys Management (MPKMF) protocol for Wireless Sensor Networks (WSNs) is firstly designed, in which ordinary nodes and cluster head nodes are responsible for data collection and transmission, and function nodes are responsible for key management. There are more than one function nodes in the cluster consulting the key generation and other security decision-making. The function nodes are the second-class security center because of the characteristics of the distributed WSNs. Secondly, It is also described that the formation of function nodes and cluster heads under the control of the former, and five kinds of keys, i.e., individual key, pairwise keys, cluster key, management key, and group key. Finally, performance analysis and experiments show that, the protocol is superior in communication and energy consumption. The delay of establishing the cluster key meets the requirements, and a multiple pairwise key which adopts the coordinated security authentication scheme is provided.
基金the State’s Key Project of Research and Development Plan under Grant 2022YFB2701400in part by the National Natural Science Foundation of China under Grants 62272124 and 62361010+4 种基金in part by the Science and Technology Planning Project of Guizhou Province under Grant[2020]5017in part by the Research Project of Guizhou University for Talent Introduction underGrant[2020]61in part by theCultivation Project of Guizhou University under Grant[2019]56in part by the Open Fund of Key Laboratory of Advanced Manufacturing Technology,Ministry of Education under Grant GZUAMT2021KF[01]the Science and Technology Program of Guizhou Province(No.[2023]371).
文摘Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes have become a research focus for blockchain private key protection.The security of private keys for blockchain user wallet is highly related to user identity authentication and digital asset security.The threshold blockchain private key management schemes based on verifiable secret sharing have made some progress,but these schemes do not consider participants’self-interested behavior,and require trusted nodes to keep private key fragments,resulting in a narrow application scope and low deployment efficiency,which cannot meet the needs of personal wallet private key escrow and recovery in public blockchains.We design a private key management scheme based on rational secret sharing that considers the self-interest of participants in secret sharing protocols,and constrains the behavior of rational participants through reasonable mechanism design,making it more suitable in distributed scenarios such as the public blockchain.The proposed scheme achieves the escrow and recovery of personal wallet private keys without the participation of trusted nodes,and simulate its implementation on smart contracts.Compared to other existing threshold wallet solutions and keymanagement schemes based on password-protected secret sharing(PPSS),the proposed scheme has a wide range of applications,verifiable private key recovery,low communication overhead,higher computational efficiency when users perform one-time multi-key escrow,no need for trusted nodes,and personal rational constraints and anti-collusion attack capabilities.
文摘By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.
基金Supported by the National Natural Science Funda-tion of China (60403027)
文摘In traditional networks , the authentication is performed by certificate authoritys(CA),which can't be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short, the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust re quirement of hosts better.
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
基金The work reported in this paper was supported by the National Natural Science Foundation of China under Grant No. 60972077, the National High-Tech Research and Development Plan of China under Grant No. 2009AA01 Z430, the Beijing Municipal Natural Science Foundation under Grant No. 9092009, the Fundamental Research Funds for the Central Universities under Grant No. B 1020211, China Postdoctoral Science Foundation funded project under Grant No. 20100471373, the "Six Talent Peaks Program" of Jiangsu Province of China and Program for New Century Excellent Talents in Hohai University.
文摘Secure sensor networks has received much attention in the last few years.A sensor network always works unattended possibly in a hostile environment such as a battlefield.In such environments,sensor networks are subject to node capture.Constrained energy,memory,and computational capabilities of sensor nodes mandate a clever design of security solutions to minimize overhead while maintaining secure communication over the lifespan of the network.In this paper,an authenticated dynamic key management scheme,ADKM has been proposed.It provides efficient,scalable,and survivable dynamic keying in a clustered sensor network with a large number of sensor nodes.ADKM employs a combinatorial exclusion basis system (EBS) for efficiency and one-way hash chains for authentication.Analysis of security and performance demonstrate that ADKM is efficient in security of sensor networks.
文摘Intelligent transportation system (ITS) is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems (VCS). Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers (SMs) play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management (GKM) scheme basing on leaving probability (LP) of vehicles to depart current VCS region. Vehicle's LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework: Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.
基金supported by the Program for Changjiang Scholars and Innovative Research Team in University (IRT1078)the Key Program of NSFC-Guangdong Union Foundation (U1135002)+3 种基金the Major national S&T program(2012ZX03002003)the Fundamental Research Funds for the Central Universities(JY10000903001)the National Natural Sci ence Foundation of China (Grant No. 61363068, 61100233)the Natural Science Foundation of Shaanxi Province (Grant No. 2012JM8030, 2011JQ8003)
文摘In the harsh environment where n ode density is sparse, the slow-moving nodes cannot effectively utilize the encountering opportunities to realize the self-organized identity authentications, and do not have the chance to join the network routing. However, considering m ost of the communications in opportunistic networks are caused by forwarding operations, there is no need to establish the complete mutual authentications for each conversation. Accordingly, a novel trust management scheme is presented based on the information of behavior feedback, in order to complement the insufficiency of identity authentications. By utilizing the certificate chains based on social attributes, the mobile nodes build the local certificate graphs gradually to realize the web of "Identity Trust" relationship. Meanwhile, the successors generate Verified Feedback Packets for each positive behavior, and consequently the "Behavior Trust" relationship is formed for slow-moving nodes. Simulation result shows that, by implementing our trust scheme, the d elivery probability and trust reconstruction ratio can be effectively improved when there are large numbers of compromised nodes, and it means that our trust management scheme can efficiently explore and filter the trust nodes for secure forwarding in opportunistic networks.
文摘In this paper, we propose a practical and dynamic key management scheme based on the Rabin public key system and a set of matrices with canonical matrix multiplication to solve the access control problem in an arbitrary partially ordered user hierarchy. The advantage is in ensuring that the security class in the higher level can derive any of its successor’s secret keys directly and efficiently and show it is dynamic while a new security class is added into or a class is removed from the hierarchy. Even the ex-member problem can be solved efficiently. Moreover, any user can freely change its own key for some security reasons.
文摘This paper proposed a distributed key management approach by using the recently developed concepts of certificate-based cryptosystem and threshold secret sharing schemes. Without any assumption of prefixed trust relationship between nodes, the ad hoc network works in a self-organizing way to provide the key generation and key management services using threshold secret sharing schemes, which effectively solves the problem of single point of failure. The proposed approach combines the best aspects of identity-based key management approaches (implicit certification) and traditional public key infrastructure approaches (no key escrow).
文摘A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mobile Ad hoc Networks(MANETs). The polynomial interpolation by Lagrange and curve fitting requires high computational efforts for higher order polynomials and moreover they are susceptible to Runge's phenomenon. The Chebyshev polynomials are secure, accurate, and stable and there is no limit to the degree of the polynomials. The distributed key management is a big challenge in these time varying networks. In this work, the Chebyshev polynomials are used to perform key management and tested in various conditions. The secret key shares generation, symmetric key construction and key distribution by using Chebyshev polynomials are the main elements of this projected work. The significance property of Chebyshev polynomials is its recursive nature. The mobile nodes usually have less computational power and less memory, the key management by using Chebyshev polynomials reduces the burden of mobile nodes to implement the overall system.
基金Acknowledgements The authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped improve the quality of this paper. This work was supported by the National Natural Science Foundation of China under Crant No. 60873231, the Natural Science Foundation of Jiangsu Province under Grant No. BK2009426, Major State Basic Research Development Program of China under Cwant No.2011CB302903 and Key University Science Research Project of Jiangsu Province under Crant No. 11KJA520002.
文摘The m ajor advantages of EBS-based key rrkanagerrent scheme are its enhanced network survivability, high dynamic performance, and better support for network expansion. But it suffers from the collusion problem, which means it is prone to the cooperative attack of evicted members. A novel EBS-based collusion resistant group management scheme utilizing the construction of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is proposed. The new scheme satisfies the desired security properties, such as forward secrecy, backward secrecy and collusion secrecy. Compared with existing EBS-based key rmnagement scheme, the new scheme can resolve EBS collusion problem completely. Even all evicted members work together, and share their individual piece of information, they could not access to the new group key. In addition, our scheme is more efficient in terms of conmnication and computation overhead when the group size is large. It can be well controlled even in the case of large-scale application scenarios.
文摘A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this scheme should be efficient in the operationenvironmental alteration and toleianl faults of node, which take the advantages of the benefits ofboth key management approaches and alleviate their limitations. For the cooperation of thecontroller and participation nodes, a (t, n) threshold Elliptic curve sign-encryption scheme withthe specified receiver also has been proposed. Using this threshold sign-encryption scheme, the keymanagement distributes the trust between a controller and a set of participation nodes.
文摘Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inner characteristics of sensor networks: deployed in hostile environments, limited resource and ad hoc nature. This paper investigates the constraints and special requirements of key management in sensor network environment, and some basic evaluation metrics are introduced. The key pre-distribution scheme is thought as the most suitable solution for key management problem in wireless sensor networks. It can be classified into four classes: pure probabilistic key pre-distribution, polynomial-based, Blom's matrix-based, and deterministic key pre-distribution schemes. In each class of methods, the related research papers are discussed based on the basic evaluation metrics. Finally, the possible research directions in key management are discussed.
基金Supported by the Natural Science Foundation ofHunan Province (jj587402)
文摘Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy(LEACH) for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.
文摘A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.
基金supported by the Fundamental Research Funds for the Central Universities(Grant No.2013B102008)the Open Fund of the Yellow River Committee(Grant No.2011535012)
文摘The modernization of water conservancy project management is a complicated engineering system involving a management system, a management method, management personnel, the exertion of social, economic, and ecological effects, and so on. However, indices for evaluating the modernization of water conservancy project management are usually unobtainable in practical applications. Conducting appropriate extension of the classical rough set theory and then applying it to an incomplete information system are the key to the application of the rough set theory Based on analysis of some extended rough set models in incomplete information systems, a rough set model based on the θ-improved limited tolerance relation is put forward. At the same time, upper approximation and lower approximation are defined under this improved relation. According to the evaluation index system and management practices, the threshold for θ is defined. An example study indicates the practicability and maneuverability of the model.
文摘Wireless Sensor Network(WSN)has witnessed an unpredictable growth for the last few decades.It has many applications in various critical sectors such as real-time monitoring of nuclear power plant,disaster management,environment,military area etc.However,due to the distributed and remote deployment of sensor nodes in such networks,they are highly vulnerable to different security threats.The sensor network always needs a proficient key management scheme to secure data because of resourceconstrained nodes.Existing polynomial based key management schemes are simple,but the computational complexity is a big issue.Lucas polynomials,Fibonacci polynomials,Chebychev polynomials are used in Engineering,Physics,Combinatory and Numerical analysis etc.In this paper,we propose a key management scheme using(p,q)-Lucas polynomial to improve the security of WSN.In(p,q)-Lucas polynomial,p represents a random base number while q represents a substitute value of x in the polynomial.The value of p is unique,and q is different according to communication between nodes.Analysis of the proposed method on several parameters such as computational overhead,efficiency and storage cost have been performed and compared with existing related schemes.The analysis demonstrates that the proposed(p,q)-Lucas polynomial based key management scheme outperforms over other polynomials in terms of the number of keys used and efficiency.
基金This work was supported in part by the National Science Foundation Project of P.R.China,the Fundamental Research Funds for the Central Universities under Grant No.FRF-TP-14-046A2
文摘In order to ensure the security of cloud storage, on the basis of the analysis of cloud storage security requirements, this paper puts forward a kind of" hidden mapping hyper-combined public key management scheme based on the hyperelliptic curve crypto system, which is applicable to the distributed cloud storage. A series of operation processes of the key management are elaborated, including key distribution, key updating and key agreement, etc. Analysis shows that the scheme can solve the problem of large-scale key management and storage issues in cloud storage effectively. The scheme feathers high efficiency and good scalability. It is able to resist collusion attack and ensure safe and reliable service provided by the cloud storaee system
