分布式CA下空间网络认证密钥安全度量方法

罗长远; 李伟; 李海林; 蹇波

doi:10.3724/SP.J.1146.2008.01343

分布式CA下空间网络认证密钥安全度量方法

doi: 10.3724/SP.J.1146.2008.01343

罗长远^①;李伟,
李伟,
李海林,
蹇波

基金项目:

国家863计划项目(2006AAJ124)资助课题

计量
- 文章访问数: 3158
- HTML全文浏览量: 83
- PDF下载量: 777
- 被引次数: 0
出版历程
- 收稿日期: 2008-10-14
- 修回日期: 2009-03-17
- 刊出日期: 2009-10-19

Measurement Method for Space Networks Authenticated Key Security under Distributed CA

摘要

摘要: 基于分布式CA的密钥管理策略解决了空间网络中不易实施集中式密钥管理的难题，但也给认证密钥的安全带来了新的威胁。该文在描述和分析空间网络中认证密钥的安全威胁的基础上，提出了一种度量认证密钥安全强度的方法。该方法可根据系统门限值、密钥更新周期等参数的设置情况，定量度量认证密钥的安全强度。通过分析系统门限值和密钥分量更新周期对安全强度的影响，给出了合理设置这两个网络安全参数的方法。
- 空间网络; 分布式CA; 门限机制
Abstract: The key management schemes bsaed on Distributed Certificate Authority resolve the difficulty to adopting concentrating key management in space networks, but result in some new threats of authenticated key. Based on discribing and analyzing the threats suffered by authenticated key of space networks, a measurement method for security intensity of authenticated key is proposed. The method can quantitatively measure the security intensity of authenticated key according to the setting of parameters, such as threshold value, key-update period etc. By analyzing the impact of threshold value and key-update period on authenticated key security, a method of setting the two networks security parameters reasonably is given.

HTML全文

参考文献(1)

徐志博, 马恒太. 一种用于卫星网络安全认证的协议设计与仿真[J]. 计算机工程与应用, 2007, 43(17): 130-132.Xu Zhi-bo and Ma Heng-tai. Design and simulation ofsecurity authentication protocol for satellite network [J].Computer Engineering and Applications, 2007, 43(17):130-132.[2]唐志华. 基于临近空间的目标探测及宽带通信[J]. 无线电工程, 2007, 37(11): 28-30.Tang Zhi-hua. Target acquisition and broadbandcommunications based on near-space vehicles [J]. RadioEngineering of China. 2007, 37(11): 28-30.[3]杨德明, 慕德俊, 许钟. Ad hoc 空间网络密钥管理与认证方案[J]. 通信学报. 2006, 27(8): 104-107.Yang De-ming, Mu De-jun, and Xu Zhong. Novel keymanagement and authentication scheme for Ad hoc spacenetworks [J]. Journal on Communications, 2006, 27(8):104-107.[4]Zhou L and Hass Z J. Securing Ad hoc networks [J]. IEEENetworks, 1999, 13(6): 24-30.[5]Wu B, Wu J, and Fernandez E B, et al.. Secure and efficientkey management in mobile Ad hoc networks[C]. Proc of the19th IEEE International Parallel and Distributed ProcessingSymposium (IPDPS05). Denver: IEEE Computer Society.2005: 288-295.[6]Dong Y, Wing G, and Sui A, et al.. Providing distributedcertificate authority service in mobile ad hoc networks[C].Proc of the First International Conference on Security andPrivacy for Emerging Areas in Communications Networks.Athens: IEEE Computer Society, 2005: 149-156.[7]曾萍, 陈瑞利, 方勇. 基于自认证公钥的全分布式移动Adhoc 网络密钥管理方案[J]. 计算机应用研究, 2008, 25(6):1779-1782.Zeng Ping, Chen Rui-li, and Fang Yong. Fully-distributedkey management scheme based on self-certified public key formobile Ad hoc network [J]. Application Research ofComputers, 2008, 25(6): 1779-1782.[8]Luo H Y.[J].Zerfos P, and Kong J, et al.. Self-securing Ad hocNetworks[C]. Proc of the Seventh IEEE Symposium onComputers and Communications (ISCC02). IEEEComputer Society.2002,:-[9]Shamir A. How to share a secret [J]. Communications of theACM, 1979, 22(11): 6l2-6l3.

施引文献

资源附件(0)

访问统计