chrispeng [ad_1]
Wireless Sensor Network (Wireless Sensor Network, WSN) is a communication network formed by self-organization of a large number of sensor nodes integrated with sensors, microprocessors, and wireless communication units. It is generally deployed in special sensitive areas for data collection and transmission. Because of its easy layout and no need to be on duty, it is widely used in military monitoring, wireless security, anti-terrorist violence and other application environments. Network security is a factor that needs to be considered for wireless sensor networks. Security requirements include data confidentiality, data integrity, data authenticity, and non-repudiation. Because sensor nodes have the “three lows” characteristics of low energy, low resources, and low computing power, DH and RSA algorithms based on asymmetric cryptography cannot be applied to wireless sensor networks. The simple and efficient features based on symmetric cryptography are more suitable for wireless sensors. The internet. The symmetric key management scheme generally adopts a key pre-distribution model. Before the deployment of sensor nodes, a certain number of keys are allocated to each node from the global key pool. Two nodes that need to communicate with each other use their own key information to create A shared key pair to ensure the security of communication. This article analyzes the current typical wireless sensor network secret key management schemes, and pays out the advantages and disadvantages of various schemes.
1. EG program
This scheme is a random key distribution mode. Before nodes are deployed, a key pool with P keys and corresponding identifiers is generated. Each node randomly selects k different keys from the key pool (k
2. q-composite random key pre-distribution scheme
This scheme is based on preset key pairs and introduces random graph theory. Before node deployment, each node does not need to store key pairs with all other nodes, but only needs to pre-store some key pairs. Each node randomly selects m secret keys from the secret key pool S and stores them in the local space, mq), and creates the communication secret key K=hask(K1|K2|…|Kt) through the preset hash function. The advantage of this scheme is that it has a strong self-recovery ability for nodes being captured. The capture of a small number of nodes will not lead to the integrity of the network. The disadvantages are also obvious. Since the number of adjacent nodes is required to have the same secret key more than t, As a result, the connectivity of the network is slightly poor. And it is necessary to ensure that the probability that the two nodes have at least the same secret key is greater than the preset probability p. Similarly, after the node is deployed, the same secret key with the neighbor nodes is discovered through broadcast. Unlike the eg scheme, any two adjacent nodes can establish a secure link as long as they have the same secret key. This scheme requires at least q identical secret keys between the two nodes to establish a secure link. If there are t identical secret keys between certain two (t>
3. Secret key pre-distribution scheme of multiple secret key space
The idea of this scheme is to allow any two nodes in the network to directly have a shared key pair. At the same time, the scheme presets a safety factor to ensure that the captured node in the network does not exceed this factor. The safety of the entire network can be guaranteed. When this solution is deployed, the secret key server generates a matrix G on the finite field GF(q) (where q is the smallest prime number larger than the size of the key space), the size of the matrix G is (λ+1)×N (N is the network node Number, λ is the safety factor). G is published as public information, and a random symmetric matrix with a size of (λ+1)×(λ+1) is generated at the same time, the calculation matrix A=(D×G)T, and A is kept secret as private information. A×G is a symmetric matrix, that is, Aij=Aji, and A×G ultimately corresponds to an N×N key pair distribution matrix. According to its own number i, each node memorizes the i-th row A(i) of the A matrix and the i-th column G(j) of the G matrix. When two nodes i and j want to generate a key, they exchange the columns G(j) of the G matrix that they have memorized. According to the matrix multiplication, each can be calculated Aij=A(i)×G(j)=A(j) ×G(i)==Aji. With the support of the same storage space, this solution can obtain better network security and increase the difficulty of being cracked. The disadvantage is that the computational overhead is large, and the attacker can capture a pair of nodes using the key space as long as the attacker cracks a key space.
4. Random key distribution scheme based on multi-key space
This scheme proposes a key management scheme for wireless sensor networks based on a pre-distributed model of multi-key space key pairs. This scheme combines the q-composite random key pre-distribution model, and by introducing geographic location information, it effectively improves the probability of secure connection between nodes. This scheme assigns a unique identification ID to each node before node deployment, counts from 1 to N, and sets 5 safety parameters t, p, λ, ω (2≤t≤ω) and q. Similar to the multi-key space pre-allocation scheme, the private key server generates a public information matrix G with a size of (λ+1)×N, and at the same time generates ω random symmetric matrices D1 with a size of (λ+1)×(λ+1) , D2,…, Dω. Calculate the matrix Ai=(Di×G)T(i=1,2…,ω) and assign a target area expected value (Xi, Yi) to Ai at the same time, and use all the generating matrix A and the corresponding expected position as the key pool . Let Si=(Ai, Xi, Yi) (i=1, 2,…ω) as a key space. For any node j, randomly select t different key spaces from ω key spaces. When the key space Si is selected by node j, store the j-th row Ai(j) of Ai in the storage space of node j In, this information is confidential. After the node is deployed, the node knows its position (x, y) through positioning, and the node calculates the distance between the expected position of the t key spaces it stores and its actual coordinates distance(i)=(i=1, 2 …, t), the node sorts the calculated t distance values from small to large, selects the first p key spaces with smaller distance values as the final stored key space, and deletes the remaining ( tp) key spaces. The i-node adds up the i rows of the matrix corresponding to the stored key spaces, and then performs the inner product with the j-th column of the G matrix to obtain K·ij. This solution can greatly reduce the probability that the communication key of the wireless sensor network is cracked, and at the same time introduces geographic location information. After the node is deployed, some invalid key information can be deleted, which reduces the storage space requirement.
Figure 1 The probability relationship between the captured node and the security link being cracked
[ad_2]
