移动Ad Hoc网络分布式轻量级CA密钥管理方案

Distributed Lite CA Key Management Scheme in Mobile Ad Hoc Networks

作者：韩磊(北京交通大学电子信息工程学院)；刘吉强(北京交通大学计算机与信息技术学院)；赵佳(北京交通大学计算机与信息技术学院;福建师范大学网络安全与密码技术重点实验室)；魏学业(北京交通大学电子信息工程学院)

Author：Han Lei(School of Electronics and Info. Eng., Beijing Jiaotong Univ.)；Liu Jiqiang(School of Computer and Info. Technol., Beijing Jiaotong Univ.)；Zhao Jia(School of Computer and Info. Technol., Beijing Jiaotong Univ.;Key Lab. of Network Security and Cryptology, Fujian Normal Univ.)；Wei Xueye(School of Electronics and Info. Eng., Beijing Jiaotong Univ.)

收稿日期：2010-09-25 年卷（期）页码：2011,43(6):133-139

期刊名称：工程科学与技术

Journal Name：Advanced Engineering Sciences

关键字：移动ad hoc网络；安全；密钥管理；轻量级CA；Shamir秘密分享

Key words：mobile ad hoc networks;security;key management;lite CA;Shamir secret sharing

基金项目：国家自然科学基金项目(60973112)；长江学者和创新团队发展计划(IRT0707)；网络安全与密码技术重点实验室开放课题(09A007)

中文摘要

为了解决移动ad hoc网络中非对称密钥管理问题，将轻量级CA认证框架与Shamir秘密分享方案相结合，为移动ad hoc网络提出一种新的分布式非对称密钥管理方案。该方案采用分布式轻量级CA证书认证机制实现本地化认证，不需要证书管理。结合无证书密码系统的优势，避免了基于身份密钥管理方案中节点私钥托管的问题，并且具有抵抗公钥替换攻击的能力。安全分析和实验结果表明，该方案具有很好的安全性和较高的实现效率。

英文摘要

In order to solve the problem of asymmetric key management in mobile ad hoc networks, a new distributed asymmetric key management scheme based on lite CA public key authentication framework and Shamir secret sharing scheme was presented. The public key could be certified locally by the mechanism of distributed lite CA certification authentication and so the certification management was not need in the scheme. It also avoided the inherent key escrow problem in identity-based cryptography to combine with the advantages of certificateless public key cryptography and provided the ability to resist the public key substitution attacks. Security analysis and experiment results showed that the scheme is secure and efficient in implementation.

【关闭】

论文摘要

移动Ad Hoc网络分布式轻量级CA密钥管理方案

Distributed Lite CA Key Management Scheme in Mobile Ad Hoc Networks