星内集群自组织网络自治群组密钥管理研究  被引量：1

作　　者：周健[1,2] 孙丽艳[1] 陈红琳[1] ZHOU Jian;SUN Li-yan;CHENG Hong-lin(School of Management Science and Engineer,Anhui University of Finance and Economics,Bengbu 233041 ,China;Computer School,Beijing University of Post and Telecommunications,Beijing 100083 ,China)

机构地区：[1]安徽财经大学管理科学与工程学院,安徽蚌埠233041 [2]北京邮电大学计算机学院,北京100083

出　　处：《小型微型计算机系统》2018年第5期904-909,共6页Journal of Chinese Computer Systems

基　　金：国家自然科学基金项目(61402001;61402147)资助;安徽省高等学校自然基金项目(KJ2013B001)资助

摘　　要：身份对等的群组密钥管理方案不适用成员异构、链路状态非可靠的星内集群自组织网络.针对该问题,提出一种基于K级门限密钥(t_k,t_(k-1),..,t_0,n)的自治群组密钥管理方案,通过多级共享的方式使得高层的密钥碎片被多个解密密钥共享,成员根据自身空间属性选择密钥碎片,满足安全管理的异构性.同时,在群成员加入和退出中,具有密钥独立性的密钥更新操作保证非更新成员密钥碎片的合法性,非更新成员无需与更新成员交互,密钥更新效率与网络规模无关,解决密钥更新1-affect-n问题.因此建议的方案,在安全性上具有抗合谋攻击、前向/后向安全性;在效率上容忍非可靠端到端链路,减少交互延时.due to network entities＇ identities are not equality and the links are not reliable among entities,existing group key management schemes for distributed networks are not suitable to the intra-satellite clustering network. To solve the question,this paper put forwards an autonomous group key management scheme based on K level threshold key（ t_k,t_（k-1）,..,t_0,n）,key fragment in high level is shared by multi decryption keys with which all key fragments are split into K layers,so as to space entity selects key fragment according to its capability and attributes,therefore the suggested scheme meets the heterogeneity. At time,when an entity leaves/joins network,rekeying operation having key independence guarantees the validity of key fragments belonging to non-updated entities,non-updated entities don＇t participate in the rekeying process,so the scale of rekeying is not related to the network scale,and the question of 1-affect-n is overcome. In security aspect,our proposed scheme guarantees forward security and backward security and secures against collusion attack; in efficiency aspect,the scheme tolerates non-reliable end-to-end link and reduces time delay in interaction.

关 键 词：星内集群自组织网络 群组密钥管理 多级门限密钥 自治 安全 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]