WSN中基于物理不可克隆函数的簇内密钥分配  被引量：1

作　　者：柳亚男 张正[1] 邱硕 程远 LIU Yanan;ZHANG Zheng;QIU Shuo;CHENG Yuan(School of Network Security,Jinling Institute of Technology,Nanjing 211169,China)

机构地区：[1]金陵科技学院网络安全学院,南京211169

出　　处：《计算机工程》2020年第9期163-171,共9页Computer Engineering

基　　金：国家自然科学基金(61902163);国家重点研发计划“网络空间安全”重点专项(2017YFB0802800);江苏省高等学校自然科学基金(17KJD5200003,19KJB5200033);金陵科技学院科研启动基金(JIT-B-201639,JIT-B-201726,JIT-B-202001)。

摘　　要：解决无线传感器网络(WSN)安全通信问题的前提条件是轻量级的认证与密钥分配,但由于传感器节点的计算、存储和通信资源有限,传统基于公钥基础设施的认证与密钥分配机制并不适用。为此,提出基于物理不可克隆函数的WSN簇内密钥分配方案,实现网关节点、簇内传感器节点之间的双向认证与密钥分配。利用物理不可克隆函数的不可克隆性和不可预测性提供更安全高效的双向认证,通过直接与间接密钥分配,实现簇内100%的安全连通性。该方案由于无需预存储密钥,因此可降低节点存储开销和密钥泄露的风险,具备完全抗俘获性。此外,激励响应对不以明文形式传输,可抵抗对物理不可克隆函数实施的建模攻击。实验结果表明,与概率型密钥预分配方案相比,在相同的存储开销下,该方案能够提供更高的节点抗俘获性、安全连通性和认证性。The prerequisite for solving the problem of secure communication in Wireless Sensor Network(WSN)is lightweight authentication and key distribution.However,due to the limited computing,storage and communication resources of sensor nodes,the traditional authentication and key distribution mechanism based on the Public Key Infrastructure(PKI)is not suitable.Therefore,this paper proposes an intra-cluster key distribution scheme based on Physical Unclonable Function(PUF)in WSN to realize bidirectional authentication and key distribution between gateway nodes and sensor nodes in the cluster.The unclonable and unpredictable properties of PUF are used to provide more secure and efficient bidirectional authentication,implementing 100%secure connectivity in the cluster through direct and indirect key distribution.Since keys are not pre-stored,the scheme reduces the cost of storage and the risk of key leakage of nodes,providing the perfect anti-capture performance.Besides,the stimulus response pairs are not transmitted in clear text,and can resist the modeling attacks to the PUF.Experimental results show that the proposed scheme provides better anti-capture performance,secure connectivity and authentication for nodes than the probability key pre-distribution schemes under the same storage overhead.

关 键 词：认证 密钥分配 物理不可克隆函数 无线传感器网络 簇 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]