雷欽隆Lei, Chin-Laung臺灣大學:電機工程學研究所林逸侖Lin, I-LunI-LunLin2010-07-012018-07-062010-07-012018-07-062008U0001-2307200805015200http://ntur.lib.ntu.edu.tw//handle/246246/187929本論文中，提出了兩套適用於無線感測網路的廣播驗證機制，由於構想圖形與窗簾的形狀類似，因此我們將機制命名為“Curtain”（窗簾的橫桿剛好是Bloom Bitmap），這機制具備了輕量以及可伸縮的特性。首先，我們將壓縮式布隆過濾器（Compressed Bloom Filters）應用於結合多串μTESLA 鏈，取代了前人使用Merkle 樹作為結合的方式。我們提出的機制足以持續使用夠長的時間，而且更增強了原先μTESLA 自我修復的特性。再者，藉由合適的壓縮方式，我們大量減少各個接收者的通訊負荷。另外，藉由結合公開金鑰運算（例如橢圓曲線密碼系統），我們的機制可以同時確保長久性地安全，以及減緩能量耗損。我們第二套機制，也是“Curtain”的延伸，便是改以使用計數式布隆過濾器（Counting Bloom Filters）取代原先的壓縮式布隆過濾器（Compressed Bloom Filters），如此一來便適用於多重發信端的環境，還能有效地供使用者進行刪減或增加所使用的μTESLA 鏈。First of all, we propose a light-weight and scalable broadcast authentication scheme for sensor network. Because of the schema of the scheme being similar to window curtains, we choose Curtain as the name of this scheme. Instead of using Merkle tree to combine multiple μTESLA instance, we apply compressed Bloom filters to multiple μTESLA. Our scheme can support longer duration and prolong the self-healing property. We greatly reduce the communication overhead at the cost of allocating a moderate space in each receiver. Combing with PKC computation like ECC, our scheme can guarantee the long-term security and also mitigate energy consumption. Moreover, we substituted counting Bloom filters for compressed Bloom filters. The extended Curtain will be applicable for the situation of multiple senders, offering efficient user addition and revocation.Thesis Authorization Form ihesis Approval Form iicknowledgements iiihinese Abstract ivnglish Abstract vist of Figures viiiist of Tables x Introduction 1 1.1 Motivation . . . . . . . . . . . . . . . . . . . 2 1.2 Brief literature review . . . . . . . . . . . . .3 1.2.1 Related Works . . . . . . . . . . . . . . .3 1.2.2 Standard μTESLA . . . . . . . . . . . . . 4 1.2.3 Tree-based μTESLA . . . . . . . . . . . . 6 1.3 Contributions . . . . . . . . . . . . . . . . . .7 1.4 Thesis organization . . . . . . . . . . . . . . .8 Preliminaries 9 2.1 System Model and Attack Model . . . . . . . . . .9 2.1.1 System Model . . . . . . . . . . . . . . . 9 2.1.2 Attack Model . . . . . . . . . . . . . . . 11 2.2 Bloom Filters . . . . . . . . . . . . . . . . . .12 2.2.1 Basic Bloom Filters . . . . . . . . . . . .12 2.2.2 Compressed Bloom Filters . . . . . . . . . 12 2.2.3 Counting Bloom Filters . . . . . . . . . . 13 2.3 Symbol Definition . . . . . . . . . . . . . . . .14 Proposed Schemes for Single Sender: Basic Curtain 15 3.1 Overview . . . . . . . . . . . . . . . . . . . . 15 3.2 Analysis . . . . . . . . . . . . . . . . . . . . 18 3.3 An Example . . . . . . . . . . . . . . . . . . . 20 Proposed Schemes for Multiple Sender: Extended Curtain 21 4.1 Overview . . . . . . . . . . . . . . . . . . . . 21 4.2 Analysis . . . . . . . . . . . . . . . . . . . . 23 4.3 An Example . . . . . . . . . . . . . . . . . . . 24 Implementation 25 5.1 Curtain on Single Sender . . . . . . . . . . . . 25 5.2 Curtain on Multiple Sender . . . . . . . . . . . 27 Conclusions 29 6.1 Conclusions . . . . . . . . . . . . . . . . . . .29 Future Works 31 7.1 Curtain with Merkle Tree . . . . . . . . . . . . 31ibliography 331147707 bytesapplication/pdfen-US感測網路網路安全廣播驗證μTESLA布隆過濾器（Bloom Filter）sensor networksnetwork securitybroadcast authenticationBloom filtersthesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/187929/1/ntu-97-R95921034-1.pdf