J4 ›› 2010, Vol. 37 ›› Issue (2): 305-310+325.doi: 10.3969/j.issn.1001-2400.2010.02.022

• 研究论文 • 上一篇    下一篇

一种实用的传感器网络广播认证协议

杜志强1;沈玉龙2;马建峰1;周利华1
  

  1. (1. 西安电子科技大学 计算机学院,陕西 西安  710071;
    2. 西安电子科技大学 计算机网络与信息安全教育部重点实验室,陕西 西安  710071)
  • 收稿日期:2008-12-16 出版日期:2010-04-20 发布日期:2010-06-03
  • 通讯作者: 杜志强
  • 作者简介:杜志强(1977-),男,西安电子科技大学博士研究生,E-mail: zqdu@mti.xidian.edu.cn.
  • 基金资助:

    国家自然科学基金资助项目(60633020,60573036);陕西省自然科学基金资助项目(2007F37);航空科学基金资助项目(2007ZD31003)

Practical broadcast authentication protocol for sensor networks

DU Zhi-qiang1;SHEN Yu-long2;MA Jian-feng1;ZHOU Li-hua1   

  1. (1. School of Computer Science and Technology, Xidian Univ., Xi'an  710071, China;
    2. Ministry of Education Key Lab. of Computer Network and Information Security, Xidian Univ., Xi'an  710071, China)
  • Received:2008-12-16 Online:2010-04-20 Published:2010-06-03
  • Contact: DU Zhi-qiang

摘要:

由于Tree-Based μTESLA协议随着网络中广播节点数量的增加产生大量开销,使其适用的网络规模受到限制.通过构造μTESLA参数链(μTESLA Parameters Hash Chain)和μTPC树(μTPC Merkle Hash Tree),对Tree-Based μTESLA协议进行改进,提出基于μTESLA参数链的传感器网络广播认证协议.分析和验证表明,该协议能够抵抗针对μTESLA参数分发过程的DoS攻击,较Tree-Based μTESLA协议的计算、通信和存储开销小,能够立即撤销被俘节点的认证能力,且适用于大规模多广播节点传感器网络.

关键词: 无线传感器网络, 广播认证, 网络安全, μTESLA

Abstract:

Broadcast authentication is one of the most important security primitive services in Sensor Networks. With more and more senders in a network, costs of Tree-based μTESLA are rising rapidly, which limits strictly the scale of networks employing it. Aiming at eliminating such a limit, this paper presents a μTPCT-based broadcasting authentication protocol which mainly rests on constructions of μTPC(μTESLA Parameters Hash Chain) and μTPCT(μTPC Merkle Hash Tree). Analysis and experiments have shown that our proposed protocol not only possesses both excellent resistance to DoS attacks against the distribution of μTESLA parameters and the ability to revoke authenticating capabilities of compromised nodes instantly, but also greatly outperforms the Tree-based μTESLA by largely reducing the cost of computation, communication, and storage needed, making it more applicable to large-scale sensor networks.

Key words: wireless sensor networks, broadcast authentication, network security, μTESLA