跳到主要內容

臺灣博碩士論文加值系統

(18.204.48.64) 您好!臺灣時間:2021/08/04 17:17
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:張若鈺
研究生(外文):Ro-yu Chang
論文名稱:應用於感測網路上的新鄰視系統
論文名稱(外文):New Neighbor Watch System for Sensor Network
指導教授:黃宗立黃宗立引用關係
指導教授(外文):Tzonelih Hwang
學位類別:碩士
校院名稱:國立成功大學
系所名稱:資訊工程學系碩博士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2008
畢業學年度:96
語文別:中文
論文頁數:73
中文關鍵詞:群播驗證三方共享金鑰鄰視系統隔離區機制
外文關鍵詞:Tripartite keyMulticast authenticationNeighbor watch systemQuarantine
相關次數:
  • 被引用被引用:0
  • 點閱點閱:59
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
感測網路是由許多感測節點與固定的基地台所組成的無線區域網路(WLAN)。近年來因為感測節點單價日亦降低,使得感測網路儼然成為無線網路上的顯學,加上應用環境多元如:大到戰場,小到醫院、智慧家庭都可應用感測網路。關於安全的議題,於近年來相當地炙手可熱。在感測網路之中安全相關的議題,以被妥協的節點所發動之攻擊最為棘手。因為一旦節點被攻擊者妥協,該節點所擁有的金鑰和秘密訊息將會被攻擊者所奪,更甚者節點會受攻擊者之命令而從事異常的行為。

目前已有學者提出利用鄰居來監視目前負責轉遞的節點,來確保每一節點均無異常行為,完成此任務的系統稱為鄰視系統。然而在既有的鄰視系統上卻因群組金鑰上的使用疏忽,導致於仍存在某些問題。因此,根基於原先的鄰視系統,本論文提出兩個解決該系統問題的方案,將群播驗證與原先的鄰視系統結合,來改善群組金鑰使用上的瑕疵。

除群播驗證的解決方案外,本論文又額外提出分享非對稱式單鄰鄰視系統,此系統利用三方共享金鑰之特性,使鄰點具備監視能力,揪出問題節點。且更進一步的對其所附屬的三方共享金鑰分配協定作正規的安全證明,確保金鑰安全。於論文的最後,我們亦將隔離區的概念引入此篇論文中,讓整體鄰視系統的效能又更進一步的提升,讓此系統更加適用於感測網路之中。
Compromised nodes are problematic in wireless sensor networks. The packet-dropping attacks and packet-tampering attacks which are made by the compromised node causes the packets of other sensor nodes not being able to relay to the base station timely and correctly. Previously proposed Neighbor Watch System (NWS) which uses cluster key easily causes impersonation problem. In this work, a new NWS with tripartite key is proposed. A tripartite key is a key shared among three contiguous nodes: the watching node, the forwarding node and the receiving node. By the support of tripartite key, the watching node in any tripartite key operation can monitor the packets which the forwarding node forwards to the receiving node.

In this paper, we use the method which called Sequence of Games (SoG) to proof that our tripartite key distribution protocol is secure. After that, we suggest that this neighbor watch system can combine with the quarantine mechanism. By this way, our neighbor watch system can arise its performance further.
第一章 導論 4
第1.1節 感測網路 4
第1.2節 感測網路基本架構 5
第1.3節 感測網路上的攻擊 8
第1.3.1節 外部者攻擊 8
第1.3.2節 內部者攻擊 9
第1.4節 研究動機 10
第1.5節 章節概要 11
第二章 鄰視系統之介紹 12
第2.1節 鄰視系統的定義與安全需求 12
第2.2節 既有的鄰視系統所運用之技術 13
第2.3.1節 名詞介紹 13
第2.3.2節 發現鄰點階段 14
第2.3.3節 訊息轉遞階段 19
第2.3節 可能解決方法 21
第2.4.1節 使用密碼學上的非對稱式驗證 21
第2.4.2節 使用時間上的非對稱式驗證 22
第2.4.3節 使用秘密資訊上的非對稱式驗證 22
第2.4節 多鄰鄰視系統和單鄰鄰視系統 23
第2.5節 秘密資訊非對稱式群播驗證應用於鄰視系統 24
第2.6節 密碼學非對稱式群播驗證應用於鄰視系統 25
第2.7節 時間非對稱式群播驗證應用於鄰視系統 27
第三章 三方共享金鑰鄰視系統 29
第3.1節 發現鄰點階段 30
第3.1.1節 三方共享金鑰分配協定 30
第3.1.2節 資淺節點與資深節點間三方共享金鑰分配協定 32
第3.1.3節 金鑰表格 35
第3.2節 訊息轉遞階段 36
第3.3節 緊急警報階段 38
第四章 安全分析與證明 40
第4.1節 資料完整性、發送者驗證、接收者合法性 40
第4.2節 異常通報 41
第4.3節 安全的金鑰分配協定 42
第4.3.1節 證明架構 43
第4.3.2節 證明所使用的安全模型 44
第4.3.3節 初始原則 46
第4.3.4節 證明– KD協定之金鑰安全 48
第4.3.5節 證明–三方共享金鑰分配協定之金鑰安全 54
第4.3.6節 證明–三方共享金鑰分配協定之相互驗證 59
第五章 效能分析 60
第5.1節 效能分析 – 發現鄰點階段 60
第5.2節 效能分析 – 訊息轉遞階段 62
第六章 隔離區機制之運用 64
第6.1節 正常模式 64
第6.1.1節 來源點傳遞 65
第6.1.2節 轉遞點轉遞 66
第6.2節 隔離區模式 67
第七章 結論與未來研究展望 69
參考文獻 70
[1]D. Boyle, T. Newe, "Security Protocols for use with Wireless Sensor Networks.", Proceedings of the Third International Conference on Wireless and Mobile Communications (ICWMC’07),March 2007.
[2]Yang Xiao, Venkata Krishna Rayi, Bo Sun, Xiaojiang Du, Fei Hu, Michael Galloway, "A Survey of Key Management Schemes in Wireless Sensor Networks.", Computer Communications, Special issue on security on wireless ad hoc and sensor networks, April 2007.
[3]ZigBee Standards Organization, "ZigBee Specification.", 2006.
[4]Yoon-Gu Kim, Han-Kil Kim, Suk-Gyu Lee, Ki-Dong Lee, "Ubiquitous Home Security Robot based on Sensor Network.", Proceedings of the IEEE/WIC/ACM International Conference on Intelligent Agent Technology (IAT’06), 2006.
[5]Haodong Wang, Bo Sheng, Qun Li, "Elliptic Curve Cryptography-based Access Control in Sensor Networks.", International Journal of Security and Networks, Volumn 1, Number 3-4/2006, Page(s):127-137.
[6]Hsiang-An Wen, Chun-Li Lin, Tzonelih Hwang, "Provably Secure Authenticated Key Exchange Protocols for Low Power Computing clients.", Computers & Security 25, 2006, Page(s):106-113.
[7]Mihir Bellare, "New Proofs for NMAC and HMAC: Security without Collision-Resistance.", CRYPTO 2006.
[8]Sencun Zhu, Sanjeev Setia, Sushil Jajodia, "LEAP+:Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks.", ACM Transactions on Sensor Networks, Vol.2, No. 4,, November 2006,Page(s):500-528.

[9]Krzysztof Piotrowski, Peter Langendoerfer, Steffen Peter, "How Public Key Cryptography Influences Wireless Sensor Node Lifetime.", Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks (SASN’06), October 2006.
[10]Suk-Bok Lee, Yoon-Hwa Choi, "A Resilient Packet-Forwarding Scheme against Maliciously Packet-Dropping Nodes in Sensor Networks." , Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks (SASN’06), October 2006.
[11]IEEE Computer Society, "IEEE Std 802.15.4-2006.", September 2006.
[12]Vedat Coskun, Erdal Cayirci, Albert Levi, Serdar Sancak, "Quarantine Region Scheme to Mitigate Spam Attacks in Wireless Sensor Networks.", IEEE Transactions on Mobile Computing, Vol. 5, No. 8, August 2006.
[13]Yong Wang, Carhan Attebury, Byrav Ramamurthy, "A Survey of Security Issues in Wireless Sensor Networks.", IEEE Communications Surveys & Tutorials, Vol. 8, No. 2, 2nd Quarter, 2006.
[14]Michel Abdalla, Pierre-Alain Fouque, David Pointcheval, "Password-Based Authenticated Key Exchange in the Three-Party Setting.", IEE Proceedings-Information Security, Vol. 153, N0. 1, March 2006, Page(s):27-39.
[15]Xiaojiang Du, Fengjing Lin, "Improving Routing in Sensor Networks with Heterogeneous Sensor nodes.", Vehicular Technology Conference, 2005 (VTC 2005), IEEE 61st .
[16]Issa Khalil, Saurabh Bagchi, Cristina Nina-Rotaru, "DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor Networks.", Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm 2005).
[17] Accredited Standards Committee, "The Elliptic Curve Digital Signature
Algorithm (ECDSA) ", November 16, 2005.
[18] Victor Shoup, "Sequences of Games: A Tool for Taming Complexity in Security
Proofs.", Cryptology ePrint report 2004/332, November 2004.
[19]Vivek Mhatre, Catherine Rosenberg, "Homogeneous vs Heterogeneous Clustered Sensor Networks: A Comparative Study", Communicaitons , 2004 IEEE International Conference on, Vol. 6, June 2004, Page(s): 3646-3651.
[20]Yacine Challal, Hatem Bettahar, Abdelmadjid Bouabdallah, "A Taxonomy of Multicast Data Origin Authentication: Issues and Solutions.", IEEE Communications Surveys & Tutorials, Vol. 6, No. 3, 3rd Quarter 2004, Page(s):34-57.
[21]Sencun Zhu, Sanjeev Setia, Sushil Jajodia, "LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks.", Proceedings of the 1st international conference on Embedded networked sensor systems (SenSys’03), November 2003.
[22]Prasanth Ganesan, Ramnath Venugopalan, Pushkin Peddabachagari, Alexander Dean, Frank Mueller, Mihail Sichitiu, "Analyzing and Modeling Encryption Overhead for Sensor Network Nodes.", Proceedings of the 2nd ACM international conference on Wireless sensor networks and applications (WSNA’03), September 2003.
[23]Ian F. Akyldiz, Weilian Su, Yogesh Sankarasubramaniam, Erdal Cayirci, "A Survey on Sensor Networks." , IEEE Communications, August 2002.
[24]Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar, "SPINS: Security Protocols for Sensor Networks.", Wireless Networks, Vol. 8, No. 5, September 2002, Page(s): 521-534.
[25]Mihir Bellare, David Pointcheval, Phillip Rogaway, "Authenticated Key Exchange Secure Against Dictionary Attacks.", EUROCRYPT 2000.
[26] Victor S. Miller, "Use of Elliptic Curves in Cryptography.", CRYPTO 85,
1985.
[27] R. Rivest, A. Shamir, L. Adleman, "A Method for Obtaining Digital Signatures
and Public-Key Cryptosystems.", Communications of the ACM, Vol. 21 (2), pp.120–126. 1978.
[28] Whitfield Diffie, Martin Hellman, "Multiuser Cryptographic Techniques.",
IEEE Transactions on Information Theory, November 1976.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top