【摘要】：無線網(wǎng)絡(luò)可以利用物理層的信道噪聲來增強系統(tǒng)的安全性能。通常物理層安全協(xié)議針對特定無線信道的噪聲特性進行設(shè)計,并假設(shè)竊聽者的信道特性已知,但在實際中該假設(shè)是不可行的。本文主要研究竊聽信道中安全通信的密鑰協(xié)商機制,針對無線信道的安全通信問題,提出密鑰進化協(xié)議,設(shè)計基于動態(tài)秘密的加密機制。密鑰進化的基本思想是在包含噪聲的無線信道中,利用無線通信過程中傳輸?shù)男畔?使合法用戶的密鑰隨傳輸數(shù)據(jù)流不斷進化,而不用假設(shè)敵手的信道特征已知。如果合法用戶之間存在認證信道,即使敵手的信道相比合法用戶的信道具有優(yōu)勢,合法用戶之間也能建立安全的會話密鑰。密鑰進化在信息論上,是一個熵增過程。對比常見的用戶名和密碼認證技術(shù),已有的安全體系,都是密鑰用的時間越長,被泄露和攻擊的可能性就越大,而密鑰進化協(xié)議則是隨著時間的推移,密鑰的安全性不會下降的安全技術(shù)。本文首先討論一個特殊的搭線竊聽信道模型,主信道是無噪聲的,竊聽信道是二元對稱信道,然后將其推廣到一般的竊聽信道,即主信道和竊聽信道都是二元對稱信道。在此基礎(chǔ)上,構(gòu)造基于動態(tài)秘密的密鑰進化協(xié)議,并且研究和分析了協(xié)議的安全特性。最后,提出k容忍加密機制(k-Resistance Encryption Scheme,k-RES),能夠容忍加密密鑰和解密密鑰之間最多有k比特不同。k-RES的目的是利用具有微小差異的密鑰對長度相對較短的消息進行加密。如果一對密鑰最多有k比特不同,則接收者可以解密消息,否則無法解密。k-RES可以等價于一個搭線竊聽信道,即誤差概率不大于k n的主信道和一個竊聽信道。利用一些編碼的閾值屬性,可以設(shè)計k-RES獲得安全可靠的通信。
[Abstract]:Wireless network can enhance the security performance of the system by using the channel noise of the physical layer. Generally, physical layer security protocols are designed for the noise characteristics of a particular wireless channel, and assume that the eavesdropper's channel characteristics are known, but this assumption is not feasible in practice. This paper mainly studies the key agreement mechanism of secure communication in eavesdropping channel. Aiming at the problem of secure communication in wireless channel, a key evolution protocol is proposed and an encryption mechanism based on dynamic secret is designed. The basic idea of key evolution is to make use of the information transmitted in the wireless communication process to make the key of the legitimate user evolve with the transmission data stream in the wireless channel containing noise, without assuming that the channel characteristics of the enemy are known. If there is an authentication channel between legitimate users, even if the channel of the adversary has advantages over the channel of the legitimate user, a secure session key can be established between the legitimate users. Key evolution in information theory is a entropy increasing process. Comparing with common username and password authentication techniques, the existing security systems are more likely to be compromised and attacked the longer the key is used, and the more time the key evolution protocol is over time, the more likely it is to be compromised and attacked. The security of the key does not decrease with the security technology. This paper first discusses a special wiretapping channel model. The primary channel is noiseless and the eavesdropping channel is a binary symmetric channel. Then it is extended to the general eavesdropping channel, that is, the primary channel and the eavesdropping channel are both binary symmetric channels. On this basis, the key evolution protocol based on dynamic secret is constructed, and the security characteristics of the protocol are studied and analyzed. Finally, a k-tolerant encryption mechanism (k-Resistance Encryption Scheme,k-RES) is proposed, which can tolerate the difference of k bits between the encryption key and the decryption key at most. The purpose of this mechanism is to encrypt a message with relatively short length by using a key with small difference. If a pair of keys is different at most k bits, the receiver can decrypt the message, otherwise, the undecrypted .k-res can be equivalent to a wiretapping channel, that is, the primary channel with an error probability not greater than k n and an eavesdropping channel. Using some encoding threshold attributes, k-RES can be designed to obtain secure and reliable communication.
【學位授予單位】：西安電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN918.4

【共引文獻】

相關(guān)碩士學位論文 前4條

1 王兵;數(shù)字簽名技術(shù)在軍事網(wǎng)絡(luò)通信安全中的應用[D];蘭州理工大學;2005年

2 張中;基于XML/SOAP協(xié)議的Web服務(wù)研究及其應用[D];哈爾濱工程大學;2006年

3 肖林;電子商務(wù)網(wǎng)上支付系統(tǒng)的研究[D];貴州大學;2006年

4 趙艷玲;協(xié)作通信物理層安全的研究[D];天津大學;2012年

，

本文編號：2208552