SKAIT: طرح واگذاری کلید پارامتری شده برای ارتباط محرمانه در شبکه های بی سبم ad hoc منابع محدود ☆
|کد مقاله||سال انتشار||مقاله انگلیسی||ترجمه فارسی||تعداد کلمات|
|70497||2014||19 صفحه PDF||سفارش دهید||15029 کلمه|
Publisher : Elsevier - Science Direct (الزویر - ساینس دایرکت)
Journal : Ad Hoc Networks, Volume 20, September 2014, Pages 163–181
Predistribution of cryptographic keys is a widely used approach for establishing secure communication between severely resource-constrained nodes with limited or no access to network infrastructure. Many existing key predistribution schemes make the implicit assumption that the contents of the communication messages need not be kept private from nodes other than the intended recipient. Messages in such schemes are not guaranteed to be confidential—they may be read by nodes within the network other than the intended recipient. In this paper, we propose SKAIT, a parameterized symmetric key predistribution scheme that guarantees a secure and confidential channel between every pair of nodes in a wireless network. Specifically, our scheme guarantees that the contents of messages exchanged between two nodes in the network cannot be read even by other nodes within the network. But, like many other key assignment schemes, our scheme is also vulnerable to collusion-based attacks in which several nodes can pool their keys together to eavesdrop on communications between other nodes. Parameterization enables control over the number of keys assigned to a node, and allows users to trade increased key space complexity for improved resistance against collusion-based attacks. We also present an extension to SKAIT, referred to as SKAIT-MI, that reduces the minimum number of keys that a node is required to store by replacing the single large key assignment instance with several smaller key assignment instances. We show via simulation that SKAIT and its extension SKAIT-MI provide significantly better resistance against collusion than other proposed schemes that support internal confidentiality—by as much as a factor of two—for a large range of key storage capacities. Finally, we describe an extension to our key assignment schemes to add support for node additions and revocations.