本文關(guān)鍵詞： 密鑰管理 安全協(xié)議 無線體域網(wǎng) BAN邏輯 AES　出處：《西安電子科技大學(xué)》2014年碩士論文　論文類型：學(xué)位論文

【摘要】：無線傳感器網(wǎng)近年來取得了飛速發(fā)展,在軍事、商業(yè)、醫(yī)療等方面發(fā)揮著巨大作用,與此同時(shí)無線傳感器網(wǎng)在醫(yī)療方面的分支——無線體域網(wǎng)應(yīng)運(yùn)而生,無線體域網(wǎng)是指附著在人體上的一種網(wǎng)絡(luò),由若干個(gè)微型的具有通信功能的普通傳感器和一個(gè)主傳感器節(jié)點(diǎn)組成。無線體域網(wǎng)屬于無線網(wǎng)絡(luò)范疇,而無線網(wǎng)絡(luò)的開放性、移動(dòng)性和拓?fù)涞膭?dòng)態(tài)性使其存在很多安全隱患,網(wǎng)絡(luò)中信息交互過程易受到非法攻擊,因此要采用相關(guān)的密碼技術(shù)來保證其通信安全。安全協(xié)議是以密碼技術(shù)為基礎(chǔ)的消息交換協(xié)議,其目的是在網(wǎng)絡(luò)環(huán)境中提供各種安全服務(wù)。通過安全協(xié)議可以進(jìn)行實(shí)體之間的認(rèn)證、在實(shí)體之間安全地分配密鑰或其它各種秘密、確認(rèn)收發(fā)消息的來源等。安全協(xié)議包括認(rèn)證與密鑰交換協(xié)議等,是網(wǎng)絡(luò)安全的重要組成部分和理論保證。對(duì)認(rèn)證與密鑰交換協(xié)議的設(shè)計(jì)分析一直都是安全領(lǐng)域的研究熱點(diǎn),本文根據(jù)無線體域網(wǎng)特點(diǎn)設(shè)計(jì)了新的應(yīng)用于該網(wǎng)絡(luò)的認(rèn)證與密鑰交換協(xié)議,對(duì)新協(xié)議進(jìn)行了形式化和非形式化分析證明,并在軟件環(huán)境下進(jìn)行了仿真測(cè)試。研究內(nèi)容分為以下三方面:1.根據(jù)無線體域網(wǎng)標(biāo)準(zhǔn)給出的網(wǎng)絡(luò)拓?fù)浣Y(jié)構(gòu)設(shè)計(jì)了分層的網(wǎng)絡(luò)模型,并針對(duì)該模型提出了三種認(rèn)證與密鑰交換協(xié)議。網(wǎng)絡(luò)中的每個(gè)普通節(jié)點(diǎn)分別和控制節(jié)點(diǎn)享有一對(duì)預(yù)共享密鑰。三個(gè)協(xié)議采用了不同的認(rèn)證發(fā)起方式:協(xié)議I是由二級(jí)節(jié)點(diǎn)發(fā)起認(rèn)證,由控制節(jié)點(diǎn)選擇一級(jí)認(rèn)證節(jié)點(diǎn)并生成會(huì)話密鑰;協(xié)議II則是在一級(jí)節(jié)點(diǎn)和二級(jí)節(jié)點(diǎn)協(xié)同的情況下由一級(jí)節(jié)點(diǎn)發(fā)起廣播認(rèn)證并生成會(huì)話密鑰;協(xié)議III是由二級(jí)節(jié)點(diǎn)發(fā)起認(rèn)證并生成會(huì)話密鑰,一級(jí)節(jié)點(diǎn)充當(dāng)中繼,不做解密而是直接轉(zhuǎn)發(fā)二級(jí)節(jié)點(diǎn)發(fā)送的信息。協(xié)議分別實(shí)現(xiàn)了在不同場景下無線體域網(wǎng)節(jié)點(diǎn)之間的選擇認(rèn)證,高效簡潔地生成了不同級(jí)別節(jié)點(diǎn)之間的會(huì)話密鑰。2.對(duì)安全協(xié)議的分析證明方法有形式化和非形式化兩類,事實(shí)表明許多安全協(xié)議經(jīng)過非形式化分析后仍然存在漏洞,有的甚至在應(yīng)用了多年后才發(fā)現(xiàn)其漏洞,形式化分析方法則比較全面和有效。本文簡述了形式化和非形式化分析方法,介紹了形式化分析方法中的BAN邏輯,重點(diǎn)采用BAN邏輯對(duì)三個(gè)無線體域網(wǎng)協(xié)議分別進(jìn)行了分析,在給出BAN邏輯的初始化條件和證明規(guī)則情況下,利用邏輯推理規(guī)則推導(dǎo)出協(xié)議需要達(dá)到的最終信仰,結(jié)果表明協(xié)議安全有效,符合無線體域網(wǎng)安全要求。3.對(duì)協(xié)議的運(yùn)行時(shí)間進(jìn)行了測(cè)試。介紹了對(duì)稱加密標(biāo)準(zhǔn)AES的加解密過程,給出了協(xié)議在使用AES算法的情況下,無線體域網(wǎng)認(rèn)證與密鑰交換協(xié)議的時(shí)間測(cè)試結(jié)果,本文采用C語言實(shí)現(xiàn)了仿真,在VS2010環(huán)境下分別測(cè)試了每個(gè)協(xié)議的運(yùn)行時(shí)間,測(cè)試結(jié)果表明協(xié)議均有良好的執(zhí)行效率。
[Abstract]:Wireless sensor network (WSN) has made rapid development in recent years and has played a great role in military, commercial, medical and so on. At the same time, the wireless body area network (WLAN), the branch of wireless sensor network (WSNs), has emerged as the times require. Wireless body area network (WLAN) is a kind of network attached to human body, which is composed of several miniature common sensors with communication function and one main sensor node. Wireless body area network belongs to the category of wireless network, and the wireless network is open. Because of the mobility and topology dynamics, there are many security risks, and the process of information exchange in the network is vulnerable to illegal attacks. Therefore, it is necessary to adopt the relevant cryptographic technology to ensure the security of its communication. The security protocol is a message exchange protocol based on cryptographic technology. The purpose is to provide a variety of security services in the network environment. Through security protocols, authentication between entities can be carried out, and keys or other secrets can be safely distributed among entities. The security protocols, including authentication and key exchange protocols, are important components and theoretical guarantees of network security. The design and analysis of authentication and key exchange protocols have always been the focus of research in the field of security. In this paper, a new authentication and key exchange protocol is designed according to the characteristics of the wireless body area network, and the formal and non-formal analysis of the new protocol is given. The research is divided into the following three aspects: 1. According to the wireless body area network standard, the hierarchical network model is designed. According to the model, three authentication and key exchange protocols are proposed. Each common node in the network and the control node have a pair of pre-shared keys respectively. The three protocols adopt different authentication initiation methods: protocol I is composed of. The secondary node initiates authentication, The first level authentication node is selected by the control node and the session key is generated. Protocol III is authenticated by the secondary node and generates the session key, and the primary node acts as the relay. Instead of decrypting, the protocol directly forwards the information sent by the secondary nodes. The protocol implements the selection authentication between the nodes of the wireless body area network in different scenarios. Efficient and concise generation of session keys between different levels of nodes. There are formal and non-formal methods to prove security protocols. The fact shows that many security protocols still exist vulnerabilities after non-formal analysis. Some even found the flaw after many years of application, but the formal analysis method is more comprehensive and effective. This paper briefly describes the formal and non-formal analysis methods, and introduces the BAN logic in the formal analysis method. Three wireless body area network protocols are analyzed with BAN logic. Under the condition of initializing BAN logic and proving rules, the final belief that the protocol needs to be achieved is deduced by using logic reasoning rules. The results show that the protocol is safe and effective and meets the security requirements of wireless body area network. The running time of the protocol is tested. The encryption and decryption process of symmetric encryption standard AES is introduced, and the protocol using AES algorithm is given. The time test results of wireless body area network authentication and key exchange protocol are simulated in C language. The running time of each protocol is tested in VS2010 environment. The test results show that the protocol has good execution efficiency.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TN918.4

【參考文獻(xiàn)】

相關(guān)碩士學(xué)位論文 前1條

1 張茂龍;無線體域網(wǎng)中安全問題的分析與對(duì)策[D];華中科技大學(xué);2012年

，

本文編號(hào)：1515440