本文關(guān)鍵詞： 密鑰管理 安全協(xié)議 無線體域網(wǎng) BAN邏輯 AES　出處：《西安電子科技大學》2014年碩士論文　論文類型：學位論文

【摘要】：無線傳感器網(wǎng)近年來取得了飛速發(fā)展,在軍事、商業(yè)、醫(yī)療等方面發(fā)揮著巨大作用,與此同時無線傳感器網(wǎng)在醫(yī)療方面的分支——無線體域網(wǎng)應(yīng)運而生,無線體域網(wǎng)是指附著在人體上的一種網(wǎng)絡(luò),由若干個微型的具有通信功能的普通傳感器和一個主傳感器節(jié)點組成。無線體域網(wǎng)屬于無線網(wǎng)絡(luò)范疇,而無線網(wǎng)絡(luò)的開放性、移動性和拓撲的動態(tài)性使其存在很多安全隱患,網(wǎng)絡(luò)中信息交互過程易受到非法攻擊,因此要采用相關(guān)的密碼技術(shù)來保證其通信安全。安全協(xié)議是以密碼技術(shù)為基礎(chǔ)的消息交換協(xié)議,其目的是在網(wǎng)絡(luò)環(huán)境中提供各種安全服務(wù)。通過安全協(xié)議可以進行實體之間的認證、在實體之間安全地分配密鑰或其它各種秘密、確認收發(fā)消息的來源等。安全協(xié)議包括認證與密鑰交換協(xié)議等,是網(wǎng)絡(luò)安全的重要組成部分和理論保證。對認證與密鑰交換協(xié)議的設(shè)計分析一直都是安全領(lǐng)域的研究熱點,本文根據(jù)無線體域網(wǎng)特點設(shè)計了新的應(yīng)用于該網(wǎng)絡(luò)的認證與密鑰交換協(xié)議,對新協(xié)議進行了形式化和非形式化分析證明,并在軟件環(huán)境下進行了仿真測試。研究內(nèi)容分為以下三方面:1.根據(jù)無線體域網(wǎng)標準給出的網(wǎng)絡(luò)拓撲結(jié)構(gòu)設(shè)計了分層的網(wǎng)絡(luò)模型,并針對該模型提出了三種認證與密鑰交換協(xié)議。網(wǎng)絡(luò)中的每個普通節(jié)點分別和控制節(jié)點享有一對預(yù)共享密鑰。三個協(xié)議采用了不同的認證發(fā)起方式:協(xié)議I是由二級節(jié)點發(fā)起認證,由控制節(jié)點選擇一級認證節(jié)點并生成會話密鑰;協(xié)議II則是在一級節(jié)點和二級節(jié)點協(xié)同的情況下由一級節(jié)點發(fā)起廣播認證并生成會話密鑰;協(xié)議III是由二級節(jié)點發(fā)起認證并生成會話密鑰,一級節(jié)點充當中繼,不做解密而是直接轉(zhuǎn)發(fā)二級節(jié)點發(fā)送的信息。協(xié)議分別實現(xiàn)了在不同場景下無線體域網(wǎng)節(jié)點之間的選擇認證,高效簡潔地生成了不同級別節(jié)點之間的會話密鑰。2.對安全協(xié)議的分析證明方法有形式化和非形式化兩類,事實表明許多安全協(xié)議經(jīng)過非形式化分析后仍然存在漏洞,有的甚至在應(yīng)用了多年后才發(fā)現(xiàn)其漏洞,形式化分析方法則比較全面和有效。本文簡述了形式化和非形式化分析方法,介紹了形式化分析方法中的BAN邏輯,重點采用BAN邏輯對三個無線體域網(wǎng)協(xié)議分別進行了分析,在給出BAN邏輯的初始化條件和證明規(guī)則情況下,利用邏輯推理規(guī)則推導出協(xié)議需要達到的最終信仰,結(jié)果表明協(xié)議安全有效,符合無線體域網(wǎng)安全要求。3.對協(xié)議的運行時間進行了測試。介紹了對稱加密標準AES的加解密過程,給出了協(xié)議在使用AES算法的情況下,無線體域網(wǎng)認證與密鑰交換協(xié)議的時間測試結(jié)果,本文采用C語言實現(xiàn)了仿真,在VS2010環(huán)境下分別測試了每個協(xié)議的運行時間,測試結(jié)果表明協(xié)議均有良好的執(zhí)行效率。
[Abstract]:Wireless sensor network (WSN) has made rapid development in recent years and has played a great role in military, commercial, medical and so on. At the same time, the wireless body area network (WLAN), the branch of wireless sensor network (WSNs), has emerged as the times require. Wireless body area network (WLAN) is a kind of network attached to human body, which is composed of several miniature common sensors with communication function and one main sensor node. Wireless body area network belongs to the category of wireless network, and the wireless network is open. Because of the mobility and topology dynamics, there are many security risks, and the process of information exchange in the network is vulnerable to illegal attacks. Therefore, it is necessary to adopt the relevant cryptographic technology to ensure the security of its communication. The security protocol is a message exchange protocol based on cryptographic technology. The purpose is to provide a variety of security services in the network environment. Through security protocols, authentication between entities can be carried out, and keys or other secrets can be safely distributed among entities. The security protocols, including authentication and key exchange protocols, are important components and theoretical guarantees of network security. The design and analysis of authentication and key exchange protocols have always been the focus of research in the field of security. In this paper, a new authentication and key exchange protocol is designed according to the characteristics of the wireless body area network, and the formal and non-formal analysis of the new protocol is given. The research is divided into the following three aspects: 1. According to the wireless body area network standard, the hierarchical network model is designed. According to the model, three authentication and key exchange protocols are proposed. Each common node in the network and the control node have a pair of pre-shared keys respectively. The three protocols adopt different authentication initiation methods: protocol I is composed of. The secondary node initiates authentication, The first level authentication node is selected by the control node and the session key is generated. Protocol III is authenticated by the secondary node and generates the session key, and the primary node acts as the relay. Instead of decrypting, the protocol directly forwards the information sent by the secondary nodes. The protocol implements the selection authentication between the nodes of the wireless body area network in different scenarios. Efficient and concise generation of session keys between different levels of nodes. There are formal and non-formal methods to prove security protocols. The fact shows that many security protocols still exist vulnerabilities after non-formal analysis. Some even found the flaw after many years of application, but the formal analysis method is more comprehensive and effective. This paper briefly describes the formal and non-formal analysis methods, and introduces the BAN logic in the formal analysis method. Three wireless body area network protocols are analyzed with BAN logic. Under the condition of initializing BAN logic and proving rules, the final belief that the protocol needs to be achieved is deduced by using logic reasoning rules. The results show that the protocol is safe and effective and meets the security requirements of wireless body area network. The running time of the protocol is tested. The encryption and decryption process of symmetric encryption standard AES is introduced, and the protocol using AES algorithm is given. The time test results of wireless body area network authentication and key exchange protocol are simulated in C language. The running time of each protocol is tested in VS2010 environment. The test results show that the protocol has good execution efficiency.
【學位授予單位】：西安電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN918.4

【參考文獻】

相關(guān)碩士學位論文 前1條

1 張茂龍;無線體域網(wǎng)中安全問題的分析與對策[D];華中科技大學;2012年

，

本文編號：1515440