CN101715187A - Safety communication method based on dynamic gateway - Google Patents

Safety communication method based on dynamic gateway Download PDF

Info

Publication number
CN101715187A
CN101715187A CN200910219101A CN200910219101A CN101715187A CN 101715187 A CN101715187 A CN 101715187A CN 200910219101 A CN200910219101 A CN 200910219101A CN 200910219101 A CN200910219101 A CN 200910219101A CN 101715187 A CN101715187 A CN 101715187A
Authority
CN
China
Prior art keywords
node
key
territory
council
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200910219101A
Other languages
Chinese (zh)
Other versions
CN101715187B (en
Inventor
庞辽军
赵晓辉
裴庆祺
焦李成
李慧贤
谭示崇
刘思伯
崔静静
毕景娟
胡燕京
赵军
王晓芬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN200910219101A priority Critical patent/CN101715187B/en
Publication of CN101715187A publication Critical patent/CN101715187A/en
Application granted granted Critical
Publication of CN101715187B publication Critical patent/CN101715187B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a safety communication method based on a dynamic gateway. In the safety communication method, a distributed network structure is established; nodes in the network are all in parallel structures; a physical network for the communication between nodes of a wireless sensor network is formed into a logical network for the communication between domains so that network communication between the domains is realized; the domains are areas formed by all the nodes within a management range of key nodes and comprise council nodes, key nodes, dynamic gateway nodes and common nodes, wherein the dynamic gateway nodes are used for realizing inter-domain information retransmission; the key nodes are nodes voted by a council and used for inter-domain and intra-domain network data retransmission so as to realize network communication; the council nodes store master key information and collaboratively manage the key distribution of the nodes of the network, and a set of the council nodes is called council; and the council is used for realizing the information management of intra-domain and inter-domain nodes so that a safe communication process taking the key nodes as a center is realized.

Description

Safety communicating method based on dynamic gateway
Technical field
The invention belongs to wireless sensor network (Wireless Senor Network, i.e. WSN) safe practice field, relate to the safety communicating method between the node in the wireless sensor network.The communication disruption problem that adopts secret technology of sharing to solve node failure in the wireless sensor network and cause, the stability and the availability of enhancing wireless sensor network system.
Background technology
At document " secure communication that parallel cluster forms is used in Ad hoc network " (Parallel Cluster Formation forSecured Communication in Wireless Ad Hoc Networks.A master thesis submitted to the UniversityofCincinnati, India by Vivek Shah, July 14,2004) in a kind of method that adopts secret shared mechanism to improve the network service reliability in Ad hoc network has been proposed.But this method has just been considered the reliability of communicating by letter between the Ad hoc network node, the function of bunch head is distributed to council's node, a network disruption of avoiding bunch head to lose efficacy and cause replaces the function of bunch head with bunch council, chooses gateway node with bunch council and realizes communication between the network.But do not relate to the safe and secret problem of communication, mainly have the following disadvantages: the method that 1) does not relate to concrete key management and distribution; 2) do not relate to secure communication protocols, communication is expressly communication, and easy person under attack attacks.
Summary of the invention
The objective of the invention is: design between a kind of wireless sensor network node based on the safety communicating method of dynamic gateway, secure communication between the node is provided, and network automatic reconfiguration when guaranteeing that key node lost efficacy, to guarantee the stability of communication.
The technical scheme that realizes the object of the invention is: propose a kind of safety communicating method based on the shared centralized wireless sensor network of secret, set up kind of a distributed network configuration, node in this network is parallel construction, logical network communicating by letter between the physical network formative region of communicating by letter between the node in the wireless sensor network and the territory realizes network service between territory and territory; So-called " territory " is exactly the zone that all nodes in the key node compass of competency form, in the territory, comprise council's node, key node, dynamic gateway node and ordinary node, described key node: elect a node by council's node, mainly be used between the territory and the territory in the forwarding of network data, realize network service, in each territory, have only a key node; Described dynamic gateway node is the edge node in close communication direction the next field in the territory, and the dynamic gateway node is used for realizing that information is transmitted between the territory, and its picked at random, dynamic change can be ordinary nodes, also can be council's nodes; Described council node: in store master key information, managed together the encryption key distribution of node in the network, and the set of council's node is referred to as council; This council is used for realizing that it mainly acts on: initiate node is carried out encryption key distribution in the territory and the information management of territory intermediate node; Re-elect new key node and also be its distributing key and routing iinformation; To adding new node distributing key in the territory; Produce new council's node and ordinary node is upgraded to council's node or council's node is reduced to ordinary node, thereby realize with the key node being the secure communication process at center.
Communication of the present invention realizes that between territory and territory its process comprises:
1) initialization procedure
Forming with bunch head in wireless sensor network is network configuration, chooses bunch head n node on every side as council's node, and the master key with bunch head is divided into n one's share of expenses for a joint undertaking key distribution in n node then, and the master key in the leader cluster node abandons or destroys; Then, choose certain node in the territory as key node, the logical network of communicating by letter between the physical network formative region of communicating by letter between the node in the wireless sensor network and the territory by council; In the cipher key initialization stage, mainly by key between key and territory in the key distribution center KDC allocation domain, each node i and territory, place D in the territory jKey node N jShare key K iTerritory D iKey node N iWith territory D jKey node N jShare key K IjShared key K ey between council's node is by consult to decide between council's node.
2) key node communication process [information processing] between territory and territory at each node place
At territory D iMiddle key node node N iAfter receiving message:
The first step, key node N iWith it and gateway node P mThe territory in share key K mTo message
Figure G2009102191017D0000021
Recomputate the message integrity check code
Figure G2009102191017D0000022
And the message integrity check code that relatively receives With node N iThe message integrity check code that calculates
Figure G2009102191017D0000024
Whether equate,, then abandon this message if unequal; If equate, then do following work;
Second step, key node N iWith it and node N I-1The territory in key K I, i-1Derived cipher key KE I, i-1With integrity check key K I I, i-1, node N iUse key K I I, i-1To the message that receives
Figure G2009102191017D0000025
Recomputate the message integrity check code
Figure G2009102191017D0000026
And the message integrity check code that relatively receives
Figure G2009102191017D0000027
With node N iCalculate
Figure G2009102191017D0000028
Whether equate,, then abandon this message if unequal; If equate, use key K E I, i-1To cipher-text information
Figure G2009102191017D0000029
Be decrypted and obtain message
Figure G2009102191017D00000210
The 3rd step, key node N iAccording to routing iinformation between destination address b and territory, in the territory, find next territory D I+1, key node N I+1With close territory D I+1At territory D iIn gateway node P M+1, use key node N iWith key node N I+1Between the inter-domain sharing key K I, i+1Derived cipher key KE I, i+1With integrity check key K I I, i+1
The 4th step, key node N iUse key K E I, i+1Message m encrypted obtain the message ciphertext
Figure G2009102191017D0000031
Use key K I I, i+1Calculate message
Figure G2009102191017D0000032
The integrity check sign indicating number
Figure G2009102191017D0000033
The 5th step, key node N iUse key node N iWith gateway node P M+1The territory in key K M+1To message Recomputate the integrity check sign indicating number
Figure G2009102191017D0000035
Then with message
Figure G2009102191017D0000036
Send to node P M+1The place;
In the 6th step, send to node N in information iProcess in, if node N iLost efficacy and can't realize successfully sending information the time, closed gateway node P mTo key node N iTerritory, place D iThe council node send key node N iThe inefficacy broadcast after council's node is received broadcast message, is re-elected a new key node, and council's node is given this key node allocation domain D simultaneously iThe territory in key, territory D iAnd key between the territory between other territory, and network routing iinformation is if council's node can't be selected the key node that makes new advances, then notification gateway node P mCommunication failure, gateway node P mAgain choose new route and new node communicates according to routing iinformation,, then stop communication if finally can't choose key node.
The present invention is in wireless sensor network; formed the territory of forming by key node, council's node, gateway node and ordinary node; utilize secret shared mechanism; be distributed in council's node sharing key, inter-domain sharing key etc. between master key, routing iinformation, node; help protection, form more safe and reliable communication network key node and master key.It is as follows to be compared with the prior art its beneficial effect:
1. realized the communication use node-territory between the secure communication node, territory-domain key is encrypted, and guarantees the fail safe of communication.
2. improved reliability and adopted secret sharing scheme, key, routing iinformation in key, the territory between the territory have been managed, after key node lost efficacy, availablely chosen new key node again by council by council, with guarantee network service continue reliable.
3. save network energy because the partial function of key node is shared by council's node, so just alleviated the burden of key node, saved the energy of key node.
4. do not have residential gateway in this programme, gateway is choosing of dynamic change, so just is difficult for exposing the path of transmission of messages.
5. realized that the whole network of territory-domain authentication is divided into several territories, in the process that realizes inter-domain communication, provide and authenticated maintaining secrecy of assurance and inter-domain communication between the territory.
Description of drawings
The initialization procedure schematic diagram of Fig. 1 key of the present invention
The secure communication process schematic diagram of Fig. 2 dynamic gateway of the present invention
Explanation of nouns
KDC: key distribution center is generally trusted third party or Virtual network operator;
A: source node;
B: destination node;
A: the address of node A;
B: the address of Node B;
I, j: expression integer;
M: by the cleartext information of node A to Node B;
P: be the shared key between council's node;
P i: be the dynamic gateway node;
c x: encrypt the ciphertext that obtains with key x;
D i: representative domain is made of a series of nodes;
N i: the key node in the territory;
K Ij: node N iWith node N jBetween shared key;
KI Ij: node N iWith node N jShared key K IjThe integrity check key of deriving;
KE Ij: node N iWith node N jShared key K IjThe encryption key of deriving;
MIC δ, ε: the message integrity check code of node δ and node ε, node δ, node ε represent to share the both sides of key;
E x(m): plaintext m is encrypted with key x;
D y(c): ciphertext c is deciphered with key y;
Specific embodiments
The present invention proposes new network blocks method, constitute and form logical network by ordinary node, key node, council's node, territory etc.; Designed key management mechanism, key management method between node and key node, the council's node; Designed the secure communication protocols between the node-to-node; The method of the node that council's node election makes new advances after having provided when key node lost efficacy.As shown in Figure 1, form the council unit, realize in the territory and the information management of territory intermediate node with the council unit with secret shared mechanism.It mainly acts on: 1, initiate node is carried out encryption key distribution.2, when key node (as node M) because accident is caught or other reasons, can not realize its function, council utilizes that (k, threshold secret sharing mechanism n) can be re-elected new key node, and realizes its function for its distributing key and routing iinformation.3, because network is a dynamic structure, in new node (as node c) added the territory, needing council was its distributing key.4, the node of certain in council be hunted down or other reasons ineffective, council will produce a new node again and realize its function.5, can make ordinary node be upgraded to council's node and council's node is reduced to ordinary node, and realize being the secure communication process at center with the key node.
Form with the distributed network of communicate by letter between territory and the territory in, so-called territory is exactly the zone of all nodes formation in the key node administrative institute compass of competency, is referred to as the territory, as territory P and the territory Q of Fig. 1.In each territory, comprise council's node, key node and ordinary node and dynamic gateway node.So-called council node: in the territory, choose some such network nodes, their in store master key, managed together the encryption key distribution of node in the network, the set that some such nodes are formed is referred to as council, and the node that forms council is referred to as council's node.Council and council's node are as shown in Figure 1.So-called key node: in wireless sensor network, elect a node by council's node, this node mainly be used between the territory and the territory in the forwarding of network data, realize the communication of whole network, be referred to as key node for such node.In each territory, has only a key node, when losing efficacy, key node (exhausted or node is hunted down etc.) as the energy, council's node is chosen k node and is recovered master key from n node, and then choose new node again as key node, the key node here is that picked at random is used for to information encryption and forwarding.Node M and node N as Fig. 1.So-called dynamic gateway node is the edge node in close communication direction the next field in the territory, and this node is used for realizing the forwarding of the information between the territory, and it can be an ordinary node, also can be council's node, and its only just can embody in process of communication.Because this node is a picked at random, is dynamic change, therefore be referred to as the dynamic gateway node.Also have some ordinary nodes in addition.In key management, in a territory, mainly contain following several key: key between the territory: the shared key that is had between two key nodes is called key between the territory.Council's key: with (k, n) threshold secret sharing scheme are divided into n part to master key and send to n different node, and the sub-key that this n node is got is referred to as council's key; The shared key that mutual signal post has between council's node becomes council and shares key.Key in the territory: the shared key that is had between territory interior nodes and the node is referred to as key in the territory.It comprises between ordinary node and the ordinary node, between ordinary node and the council's node, the shared key that had between ordinary node and the key node, and key is shared by the council that is had between council's node.In the cipher key initialization stage, in the territory between key and territory key mainly distribute by key distribution center KDC: each node i and territory, place D in the territory jKey node N jShare key K iTerritory D iKey node N iWith territory D jKey node N iShare key K IjShared key K ey between council's node is finished by negotiation between council's node.
As shown in Figure 2, form with the distributed network of communicating by letter between territory and the territory in, territory D 1In node A to territory D nIn Node B to send the secure communication process of message m as follows:
1) at node A place message is carried out following processing:
The first step, node A uses and key node N 1The territory in key K 1Derived cipher key KE 1With integrity check key K I 1
Second step, node A key K E 1Message m encrypted obtain the message ciphertext
Figure G2009102191017D0000061
Use key K I 1To message
Figure G2009102191017D0000062
Calculate the message integrity check code
Figure G2009102191017D0000063
Wherein " || " represents linked operation;
In the 3rd step, node A is with message
Figure G2009102191017D0000064
Send to node N 1
In the 4th step, send to node N in information 1Process in, if node N 1Lost efficacy and can't realize successfully sending information the time, node A is to node N 1The territory D at place 1The council node send broadcast, after council's node is received broadcast message, re-elect a new key node, council's node is given this key node allocation domain D simultaneously 1The territory in key, territory D 1And key between the territory between other territory, and network routing iinformation, if council's node can't be selected the key node that makes new advances, then notify node A communication failure, node A chooses new route again according to routing iinformation and new node communicates, if finally can't choose key node, then stop communication;
2) at key node N 1The place, receive message after:
The first step, key node N 1With node A and node N 1The territory in share key K 1Derived cipher key KE 1With integrity check key K I 1
Second step, key node N 1Use key K I 1To the message that receives
Figure G2009102191017D0000065
Recomputate the message integrity check code
Figure G2009102191017D0000066
And the message integrity check code that relatively receives
Figure G2009102191017D0000067
With node N 1Calculate
Figure G2009102191017D0000068
Whether equate.If unequal, then abandon this message; If equate, use key K E 1To the cipher-text information ciphertext Be decrypted and obtain message expressly
Figure G2009102191017D00000610
The 3rd step, node N 1According to routing iinformation between destination address b and territory, in the territory, find next territory D 2, key node N 2With close territory D 2At territory D 1In gateway node P 1, use key node N 1With key node N 2Between the inter-domain sharing key K 12Derived cipher key KE 12With integrity check key K I 12
The 4th step, key node N 1Use key K E 12Message m encrypted obtain the message ciphertext
Figure G2009102191017D00000611
Use key K I 12Calculate message The integrity check sign indicating number
Figure G2009102191017D00000613
The 5th step, key node N 1With with gateway node P 1The territory in key K 2To message
Figure G2009102191017D00000614
Recomputate the integrity check sign indicating number
Figure G2009102191017D00000615
Then with message
Figure G2009102191017D00000616
Send to node P 1The place.
3) at node P 1The place, receive message after:
The first step, gateway node P 1With with key node N 1The territory in key K 2To message
Figure G2009102191017D0000071
Recomputate the integrity check sign indicating number
Figure G2009102191017D0000072
And the message integrity check code that relatively receives
Figure G2009102191017D0000073
With gateway node P 1The integrity check sign indicating number that calculates
Figure G2009102191017D0000074
Whether equate,, then abandon this message if unequal; If equate, then continued for second step and handle;
Second step, gateway node P 1Judge the position of oneself according to routing iinformation and it and the shared key of key node: as if gateway node P 1Be not arranged in cross section (Fig. 2 P in two territories 1Shown in), gateway node P 1Will be by broadcasting with message Send to the proximity network artis P of adjacent domains 2The place, node P 2With with territory D 2Interior key node N 2Cipher key shared K 3Recomputate message
Figure G2009102191017D0000076
The integrity check sign indicating number
Figure G2009102191017D0000077
Then with message
Figure G2009102191017D0000078
Send to node N 2The place; If gateway node P 1The cross section that is arranged in two territories is (as Fig. 2 P 3Shown in) node P 1To use territory D 2Share key K in the territory 3To message
Figure G2009102191017D0000079
Recomputate integrity check sign indicating number MIC P1, N2After, then with message
Figure G2009102191017D00000710
Send to node N 2The place;
In the 3rd step, send to key node N in information 2Process in, key node N 2Crash handling and step 1) the 4th the step processing method similar;
4) at key node N 2The place, receive message after:
The first step, key node N 2With with gateway node P 2The territory in share key K 3To message
Figure G2009102191017D00000711
Recomputate the message integrity check code
Figure G2009102191017D00000712
And the message integrity check code that relatively receives With gateway node P 1The message integrity check code that calculates
Figure G2009102191017D00000714
Whether equate,, then abandon this message if unequal; If equate, then do following work;
Second step, key node N 2With with node N 1The territory between key K 12Derived cipher key KE 12With integrity check key K I 12Use key K I 12To the message that receives Recomputate and obtain the message integrity check code
Figure G2009102191017D00000716
And the message integrity check code that relatively receives
Figure G2009102191017D00000717
With node N 2The message integrity check code that calculates
Figure G2009102191017D00000718
Whether equate,, then abandon this message if unequal; If equate, then use key K E 12To cipher-text information
Figure G2009102191017D00000719
Be decrypted and obtain message expressly
The 3rd step, key node N 2According to routing iinformation between destination node address b and territory, in the territory, find next territory D 3With key node N 3And near territory D 3At territory D 2In gateway node P 3, use key node N 2With key node N 3The territory between key K 23Derived cipher key KE 23With integrity check key K I 23
The 4th step, key node N 2Use key K E 23Message m encrypted obtain the message ciphertext
Figure G2009102191017D00000721
Use key K I 23To the message that obtains
Figure G2009102191017D0000081
The calculation of integrity check code Use key node N again 2With node P 3The territory in share key K 4To message
Figure G2009102191017D0000083
Recomputate the integrity check sign indicating number
The 5th step, key node N 2With message Send to node P 3
5) reprocessing and 3 processes) similar step, up to the territory at destination node place D nKey node N n, receive from territory D nGateway node P mThe message that sends, this message content comprises: source node address a, destination node address b, cipher-text information
Figure G2009102191017D0000086
With the integrity check sign indicating number
Figure G2009102191017D0000087
And integrity check sign indicating number
Figure G2009102191017D0000088
6) at node N nThe place, receive message after:
The first step, key node N nUse node N nWith node P mThe territory in share key K mTo message
Figure G2009102191017D0000089
Recomputate the message integrity check code
Figure G2009102191017D00000810
And the message integrity check code that relatively receives
Figure G2009102191017D00000811
With node N nThe message integrity check code that calculates
Figure G2009102191017D00000812
Whether equate.If unequal, then abandon this message; If equate, then do following work;
Second step, key node N nWith it and node N N-1The territory in key K N, n-1Derived cipher key KE N, n-1With integrity check key K I N, n-1Node N nUse key K I N, n-1To the message that receives Recomputate the message integrity check code
Figure G2009102191017D00000814
And the message integrity check code that relatively receives
Figure G2009102191017D00000815
With node N nCalculate
Figure G2009102191017D00000816
Whether equate,, then abandon this message if unequal; If equate, use key K E N, n-1To cipher-text information
Figure G2009102191017D00000817
Be decrypted and obtain message
Figure G2009102191017D00000818
The 3rd step, key node N nAccording to destination address b and routing iinformation, find Node B, use key node N nAnd key K in the territory between the Node B nDerived cipher key KE nWith integrity check key K I n
The 4th step, key node N nUse key K E nMessage m encrypted obtain the message ciphertext
Figure G2009102191017D00000819
Use key K I nTo the message of receiving
Figure G2009102191017D00000820
The calculation of integrity check code
Figure G2009102191017D00000821
Then with message
Figure G2009102191017D00000822
Send to the Node B place;
6) at the Node B place, receive message after:
The first step, Node B is with it and node N nThe territory in key K nDerive integrity check key K I nWith encryption key KE n
Second step, Node B key K I nTo message Recomputate the integrity check sign indicating number
Figure G2009102191017D00000824
And with the integrity check sign indicating number that receives
Figure G2009102191017D00000825
Whether equate,, then abandon this message if unequal; If equate, Node B is just used key K E nTo cipher-text information
Figure G2009102191017D00000826
Be decrypted and obtain message expressly
Figure G2009102191017D00000827
So far just finish the secure communication process of node A to Node B, m is the message that A sends to B.

Claims (2)

1. based on the safety communicating method of dynamic gateway, it is characterized in that: set up a kind of distributed network configuration, node in this network is parallel construction, logical network communicating by letter between the physical network formative region of communicating by letter between the node in the wireless sensor network and the territory realizes network service between territory and territory; So-called " territory " is exactly the zone that all nodes in the key node compass of competency form, in the territory, comprise council's node, key node, dynamic gateway node and ordinary node, described key node: elect a node by council's node, mainly be used between the territory and the territory in the forwarding of network data, realize network service, in each territory, have only a key node; Described dynamic gateway node is the edge node of close the next field communication direction in the territory, and the dynamic gateway node is used for realizing that information is transmitted between the territory, its picked at random, dynamic change; Described council node: in store master key information, managed together the encryption key distribution of node in the network, and the set of council's node is referred to as council; This council is used for realizing that it mainly acts on: initiate node is carried out encryption key distribution in the territory and the information management of territory intermediate node; Re-elect new key node and also be its distributing key and routing iinformation; To adding new node distributing key in the territory; Produce new council's node and ordinary node is upgraded to council's node or council's node is reduced to ordinary node, thereby realize with the key node being the secure communication process at center.
2. the safety communicating method based on dynamic gateway according to claim 1 is characterized in that: communication process is as follows between described territory and the territory:
1) initialization procedure
Forming with bunch head in wireless sensor network is network configuration, chooses bunch head n node on every side as council's node, and the master key with bunch head is divided into n one's share of expenses for a joint undertaking key distribution in n node then, and the master key in the leader cluster node abandons or destroys; Then, choose certain node in the territory as key node, the logical network of communicating by letter between the physical network formative region of communicating by letter between the node in the wireless sensor network and the territory by council; In the cipher key initialization stage, mainly by key between key and territory in the key distribution center KDC allocation domain, each node i and territory, place D in the territory jKey node N jShare key K iTerritory D iKey node N iWith territory D jKey node N jShare key K IjShared key K ey between council's node is by consult to decide between council's node;
2) key node communication process between territory and territory
At territory D iMiddle key node N iAfter receiving message:
The first step, key node N iWith with gateway node P mThe territory in share key K mTo message
Figure F2009102191017C0000011
Recomputate the message integrity check code
Figure F2009102191017C0000012
And the message integrity check code that relatively receives With key node N iThe message integrity check code that calculates
Figure F2009102191017C0000022
Whether equate,, then abandon this message if unequal; If equate, then do following work;
Second step, key node N iWith it and key node N I-1The territory in key K I, i-1Derived cipher key KE I, i-1With integrity check key K I I, i-1, key node N iUse key K I I, i-1To the message that receives
Figure F2009102191017C0000023
Recomputate the message integrity check code
Figure F2009102191017C0000024
, and the message integrity check code that relatively receives
Figure F2009102191017C0000025
With key node N iCalculate
Figure F2009102191017C0000026
Whether equate,, then abandon this message if unequal; If equate, use key K E I, i-1To cipher-text information Be decrypted and obtain message
Figure F2009102191017C0000028
The 3rd step, key node N iAccording to routing iinformation between destination address b and territory, in the territory, find next territory D I+1, key node N I+1With close territory D I+1At territory D iIn gateway node P M+1, use key node N iWith key node N I+1Between the inter-domain sharing key K I, i+1Derived cipher key KE I, i+1With integrity check key K I I, i+1
The 4th step, key node N iUse key K E I, i+1Message m encrypted obtain the message ciphertext
Figure F2009102191017C0000029
Use key K I I, i+1Calculate message
Figure F2009102191017C00000210
The integrity check sign indicating number
Figure F2009102191017C00000211
The 5th step, key node N iWith with gateway node P M+1The territory in key K M+1To message
Figure F2009102191017C00000212
Recomputate the integrity check sign indicating number
Figure F2009102191017C00000213
, then with message
Figure F2009102191017C00000214
Send to node P M+1The place;
In the 6th step, send to node N in information iProcess in, if node N iLost efficacy and can't realize successfully sending information the time, closed gateway node P mTo key node N iTerritory, place D iThe council node send key node N iThe inefficacy broadcast after council's node is received broadcast message, is re-elected a new key node, and council's node is given this key node allocation domain D simultaneously iThe territory in key, territory D iAnd key between the territory between other territory, and network routing iinformation is if council's node can't be selected the key node that makes new advances, then notification gateway node P mCommunication failure, gateway node P mAgain choose new route and new node communicates according to routing iinformation,, then stop communication if finally can't choose key node.
CN200910219101A 2009-11-20 2009-11-20 Safety communication method based on dynamic gateway Expired - Fee Related CN101715187B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200910219101A CN101715187B (en) 2009-11-20 2009-11-20 Safety communication method based on dynamic gateway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200910219101A CN101715187B (en) 2009-11-20 2009-11-20 Safety communication method based on dynamic gateway

Publications (2)

Publication Number Publication Date
CN101715187A true CN101715187A (en) 2010-05-26
CN101715187B CN101715187B (en) 2012-09-05

Family

ID=42418353

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200910219101A Expired - Fee Related CN101715187B (en) 2009-11-20 2009-11-20 Safety communication method based on dynamic gateway

Country Status (1)

Country Link
CN (1) CN101715187B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102123392A (en) * 2011-03-08 2011-07-13 东南大学 Secret key management method for distributed wireless sensor network
CN102123393A (en) * 2011-03-08 2011-07-13 东南大学 Secret key management method for distributed wireless sensor network based on one-way function
CN103152434A (en) * 2013-03-27 2013-06-12 江苏辰云信息科技有限公司 Leader node replacing method of distributed cloud system
CN103813320A (en) * 2014-01-14 2014-05-21 东北大学 Grouping cluster and master key based key management method
CN104506554A (en) * 2015-01-04 2015-04-08 西安电子科技大学 Safety method for accessing mobile phone terminal to visit cloud storage server
CN108243197A (en) * 2018-01-31 2018-07-03 北京深思数盾科技股份有限公司 A kind of data distribution, retransmission method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100581102C (en) * 2007-05-31 2010-01-13 北京泛亚创知科技发展有限公司 Data safety transmission method for wireless sensor network
CN101159748B (en) * 2007-11-14 2010-10-06 北京科技大学 Entity authentication method in wireless sensor network

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102123392A (en) * 2011-03-08 2011-07-13 东南大学 Secret key management method for distributed wireless sensor network
CN102123393A (en) * 2011-03-08 2011-07-13 东南大学 Secret key management method for distributed wireless sensor network based on one-way function
CN103152434A (en) * 2013-03-27 2013-06-12 江苏辰云信息科技有限公司 Leader node replacing method of distributed cloud system
CN103813320A (en) * 2014-01-14 2014-05-21 东北大学 Grouping cluster and master key based key management method
CN103813320B (en) * 2014-01-14 2017-01-11 东北大学 Grouping cluster and master key based key management method
CN104506554A (en) * 2015-01-04 2015-04-08 西安电子科技大学 Safety method for accessing mobile phone terminal to visit cloud storage server
CN104506554B (en) * 2015-01-04 2017-11-24 西安电子科技大学 A kind of mobile phone terminal accesses the safety method of cloud storage service device
CN108243197A (en) * 2018-01-31 2018-07-03 北京深思数盾科技股份有限公司 A kind of data distribution, retransmission method and device
CN108243197B (en) * 2018-01-31 2019-03-08 北京深思数盾科技股份有限公司 A kind of data distribution, retransmission method and device

Also Published As

Publication number Publication date
CN101715187B (en) 2012-09-05

Similar Documents

Publication Publication Date Title
CN101159748B (en) Entity authentication method in wireless sensor network
Chan et al. Key distribution techniques for sensor networks
Dhillon et al. Implementing a fully distributed certificate authority in an OLSR MANET
CN101715187B (en) Safety communication method based on dynamic gateway
CN101635918B (en) Method for hierarchichal onion rings routing
JP5293284B2 (en) COMMUNICATION METHOD, MESH TYPE NETWORK SYSTEM, AND COMMUNICATION TERMINAL
CN101715186B (en) Secret sharing based safety communication method of wireless sensor network
KR20120085826A (en) Key management and node authentication method for sensor network
Ometov et al. Securing network-assisted direct communication: The case of unreliable cellular connectivity
CN108882238B (en) Lightweight round robin CA authentication method based on consensus algorithm for mobile ad hoc network
US8345878B2 (en) Method for distributing cryptographic keys in a communication network
CN100594691C (en) Data transmission encryption method of MANET network
Salem et al. SOS: Self‐organized secure framework for VANET
Li et al. A new scheme for key management in ad hoc networks
Qin et al. Olar: On-demand lightweight anonymous routing in manets
Sharma et al. Node authentication in WSN using key distribution mechanism
Selvi et al. Enhancing security in Optimized Link State Routing protocol for MANET using threshold cryptography technique
Zhou et al. A novel group key establishment scheme for MANETs
Dey et al. A threshold cryptography based authentication scheme for mobile ad-hoc network
Pan et al. Promoting identity-based key management in wireless ad hoc networks
de Ree et al. Security for UDNs: a step toward 6G
CN114374564B (en) Internal gateway routing link security management system and method
Chang et al. An efficient authentication protocol for virtual subnets on mobile ad hoc networks
Faisal et al. Sdtp: Secure data transmission protocol in ad hoc networks based on link-disjoint multipath routing
Chang et al. Key establishment protocol for wireless sensor networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120905

Termination date: 20181120