Method for predistributing and establishing key of sensor network

Abstract

The invention relates to a method for predistributing and establishing a key of a sensor network, which comprises the following steps: (1.1) generating a key pool KP by a deployment server before network deployment, wherein the key pool KP comprises a plurality of keys and key marks thereof, the number of the keys in the key pool is marked as |KP|, the |KP| is large enough, and the deployment server is assumed to be safe; (1.2) assuming that the preset network communication degree is Pc, the node number in a network is n and all nodes are provided with corresponding mark IDs and calculating the node degree d=(n-1)*(1nn-1n(-1nPc)) / n according to a classic random graph theory; (1.3) calculating the probability p=d / n' of pairs of pre-shared keys between adjacent nodes according to the node degree d and the neighbor node number n' of the nodes after the expected network deployment; (1.4) predistributing keys to the nodes by the deployment server; (2.1) establishing the keys; and (2.2) establishing a group key. The invention provides a method for predistributing and establishing the key, which supports identity authentication, has relatively lower cost and good damage resistance and expansibility and can be adapted to a large-scale sensor network.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a sensor network key predistribution and key establishment method, which can be applied to large-scale sensor networks. Background technique [0002] The sensor network is composed of a large number of small, cheap, battery-powered sensor nodes with wireless communication and monitoring capabilities. These nodes are densely deployed in the monitoring area to achieve the purpose of monitoring the physical world. Wireless sensor network is a new field in information technology, and has broad application prospects in environmental monitoring, military affairs, homeland security, traffic control, community security, forest fire prevention, and target positioning. [0003] The key management mechanism is the basis of sensor network security and should have the following characteristics: [0004] 1) Scalability. As the scale of sensor network nodes expands, the ...

AI Technical Summary

Problems solved by technology

[0008] Since sensor nodes are vulnerable to capture attacks, once captured, the secret information loaded in the nodes will be leaked, so the key management method that all nodes share a master key can no longer meet the security requirements of sensor networks

The key management method in which each pair of nodes shares a key can provide identity authentication services while providing confidential communication between nodes, but this method does not support the addition of new nodes, so it does not have scalability, and for a network with n nodes For large-scale networks, this method requires each node to store n-1 keys, which consumes a large amount of node storage space and is difficult to apply to large-scale sensor networks.

At present, the key management method of random key pre-distribution is widely used in sensor networks. This method only produces small overhead and is more practical, but the distributed key does not support point-to-point identity authentication between nodes. Because the key in the key pool of this method may be distributed to different nodes multiple times, even if the key is shared between two nodes, the point-to-point identity authentication based on the pre-shared key cannot be realized.

For example, assuming that node A and node B share the key K, since the same key in the key pool in the random key pre-distribution method may be taken out and distributed to different nodes multiple times, then node C may also be distributed Key K, at this time, node A cannot determine the identity of the other node based on key K

The consequence of this is that during communication, node A cannot determine whether to communicate with node B or node C, and there is a great security risk in communicating with the other party without confirming the identity of the other party