雷欽隆臺灣大學：電機工程學研究所紀博文Chi, Po-WenPo-WenChi2007-11-262018-07-062007-11-262018-07-062005http://ntur.lib.ntu.edu.tw//handle/246246/53327為了要建構一個安全的無線感測網路環境，金鑰管理機制是一個非常重要的標準。金鑰管理機制包含兩部分，分別是金鑰協議機制以及金鑰更新機制。因為無線感測節點的資源非常有限，所以使的金鑰管理不是那麼容易。一般應用在傳統有線網路環境中的金鑰管理機制都不適合套用在無線感測網路的系統上。最近有不少人提出一些方法，要來處理金鑰協議或是金鑰更新的問題。 在本篇論文裡，我們提出了一個完整的金鑰管理機制，涵蓋了金鑰管理以及金鑰更新的範圍。我們的這個機制同時考慮到了群體金鑰以及成對金鑰。在無線感測網路的環境，這兩種不同的金鑰都是同樣的重要。金鑰伺服器可以利用中國剩餘定理的演算法來建立公告訊息，使的這個公告訊息中含有金鑰更新的資訊，並且能夠安全有效率的傳給感測節點。而每一個合法的感測節點都可以輕易得從公告訊息中取得這份資訊來更新自己擁有的金鑰資訊。因此，和前人所提出的機制比較起來，我們的機制能夠延長無線感測網路系統的壽命。To achieve security in wireless sensor networks, key management scheme is a very important issue. Key management includes both key agreement and key updating. Due to resource constraints of wireless sensor node, key management in wireless sensor networks is nontrivial. Many key management schemes in general wired networks are not suitable for wireless sensor networks. Recently, many schemes are proposed to do key agreement or key updating in efficient ways. In this thesis, we propose a complete key management scheme that can handle both key agreement and key updating. Our scheme can deal with both group key and pairwise key, which are the same important for wireless sensor networks. Our scheme can update both of them. The key server can create announcements containing updating information according to CRT algorithm and broadcast these announcement. Each legal sensor node can derive updating information and update key information easily. Therefore, the life time of our system is longer than previous key management schemes.1 Introduction 5 1.1 Security Issues in Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . 5 1.2 Wireless Sensor Network KeyManagement Scheme Overview . . . . . . . . . . . . . . . 7 1.3 Main Contributions of This Thesis . . . . . . . . . . . . . . . 8 1.4 Thesis Architecture . . . . . . . . . . . . . . . . . . . . . . . . 9 2 Previous Pre-distribution Schemes 10 2.1 Eschenauer-Gligor’s Scheme . . . . . . . . . . . . . . . . . . . 10 2.2 q-composite Scheme . . . . . . . . . . . . . . . . . . . . . . . . 14 2.3 Du et al.’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . 17 2.4 Liu-Ning’s Scheme . . . . . . . . . . . . . . . . . . . . . . . . 21 2.5 PIKE Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 2.6 GKMPAN Scheme . . . . . . . . . . . . . . . . . . . . . . . . 25 3 Related Works 30 3.1 Chinese Remainder Thereom. . . . . . . . . . . . . . . . . . . 30 3.2 μTESLA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 4 CRT-based KeyManagement Scheme inWireless Sensor Network 34 4.1 Design goals . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 4.2 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 4.3 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 4.4 CRT-based key management scheme . . . . . . . . . . . . . . 37 4.4.1 Key space pre-distribution . . . . . . . . . . . . . . . . 37 4.4.2 Pair-wise key establishment . . . . . . . . . . . . . . . 39 4.4.3 Authenticated announcement . . . . . . . . . . . . . . 42 4.4.4 Node leaving . . . . . . . . . . . . . . . . . . . . . . . 43 4.4.5 Node joining . . . . . . . . . . . . . . . . . . . . . . . . 46 5 Analysis 48 5.1 Storage analysis . . . . . . . . . . . . . . . . . . . . . . . . . . 48 5.1.1 Pre-load phase . . . . . . . . . . . . . . . . . . . . . . 48 5.1.2 Key updating operation . . . . . . . . . . . . . . . . . 51 5.2 Computation analysis . . . . . . . . . . . . . . . . . . . . . . . 53 5.2.1 Sensor node . . . . . . . . . . . . . . . . . . . . . . . . 53 5.2.2 The key server . . . . . . . . . . . . . . . . . . . . . . 54 5.3 Comparison with other key management . . . . . . . . . . . . 56 5.3.1 Comparison with Du et al.’s scheme . . . . . . . . . . . 56 5.3.2 Comparison with GKMPAN . . . . . . . . . . . . . . . 57 6 Conclusions 61618499 bytesapplication/pdfen-US無線感測網路金鑰管理中國剩餘定理wireless sensor networkskey managementCRTthesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/53327/1/ntu-94-R92921085-1.pdf