检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]信息工程大学,郑州450000
出 处:《系统仿真学报》2015年第4期762-769,共8页Journal of System Simulation
摘 要:针对Zig Bee网络所面临的中间人攻击和假冒攻击,提出了一种Zig Bee节点多因子身份认证方案,该方案引入以特定周期更新的新鲜因子,并将其与节点硬件信息绑定,调用单向杂凑函数生成硬件信息因子,由控制中心匹配节点上传的密钥信息因子、硬件信息因子和配置信息因子完成对节点的身份认证;同时,节点对接收到的消息进行签名验证,完成节点对控制中心的身份认证,从而实现节点间的双向身份认证,并对节点持有的对密钥实施更新,以防止非法节点入网对整个网络造成危害。BAN逻辑安全性分析及实验结果表明,该方案可有效抵御中间人、假冒等攻击,同时在计算开销和存储需求上有明显优势。To solve the problem of the man-in-the-middle attack and impersonation attack in Zig Bee networks, a scheme based on multi-factor identity authentication for Zig Bee network nodes was proposed. The scheme bound the fresh factor updated in a particular cycle with hardware information via a one-way hash function to generate hardware information factor. On this basis, the scheme achieved the authentication mechanism for the nodes through the comparison among key factor, hardware information factor and configuration information factor received by control center. Meanwhile, the nodes completed control center authentication through the signature verification of the message received. Thus, the bidirectional authentication between nodes was achieved. The link key was updated to defense the illegal invasion of the nodes. The BAN-logic security analysis and experiment results show that the new scheme can not only resist the man-in-the-middle attack and impersonation attack effectively, but also has a distinct advantage over computing and storage.
关 键 词:节点身份认证 多因子 签名验证 帧结构 新鲜因子
分 类 号:TN92[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.158