適用於無線微型感測器網路的有效率分散式金鑰同意協定

Abstract

無線微型感測器網路是近年來逐漸受到學界重視的一項技術；它提供了許多應用層面的解決方案，例如：安全監視、野生動物追蹤、軍事偵防等。因應實用與經濟上的考量，微型感測器是由成本較低的硬體元件搭載無線電波收發器組成，佈署於待偵測之目的環境中形成無線微型感測器網路。安全金鑰的建立是此網路中相當重要的一項安全機制。透過安全金鑰的建立，微型感測器可建構安全的通訊管道，以加解密的方式防範傳輸的資料遭受竊聽、竄改等惡意攻擊。然而，低成本的硬體元件限制了微型感測器的運算能力與計憶體空間，傳統的公開金鑰密碼系統無法於微型感測器平台上實現。為了解決這個問題，我們提出了一套有效率的分散式金鑰同意協定，這套協定能讓佈署完成的微型感測器與其鄰近的感測器有效率地建立彼此共享的金鑰，並且毋須模指數運算。我們的協定主要應用單向湊雜函數以及位元比較運算；以上兩者所須的運算能力皆為微型感測器可實現。在現有的針對無線微型感測器網路所提出的金鑰機制中，我們的方法可讓佈署完成的無線微型感測器網路具備較好的安全通道建構能力，並且花費較少的感測器儲存空間。除此之外，我們的協定可為每個安全連線建構一把獨立的金鑰，減輕了微型感測器落入惡意攻擊者手中所帶來的損害。

Wireless Sensor Network (WSN) has been drawing more and more attention in recent years. WSN offers practical solutions for a variety of applications, such as security monitoring, wildlife tracking, and military detection. For practical and economical considerations, small low-cost wireless networked devices are deployed to construct the sensor networks. Secure key establishment is a fundamental security service in wireless sensor networks. It enables sensor nodes to secure their communications from malicious eavesdropping or tampering. However, due to restricted computing power and limited memory space, traditional public key cryptosystems are not applicable to sensor hardware. To address this problem, we propose a lightweight distributed key agreement protocol, which enables each sensor node to establish shared secret keys efficiently with its neighboring nodes without the computation of modular exponentiation. Our protocol utilizes one-way hash function and bit-wise comparison operations, which are efficient and feasible for sensor hardware. Our approach provides better secure connectivity with less redundant storage cost than existing schemes.