Key Management Based On The Threshold In Mobile Ad Hoc Network

Mobile Ad Hoc Network is a special multi-hop self-organized wireless network without the center. Because of the unique characteristics of no network infrastructure, rapid deployment and survivability, mobile ad hoc network has very good prospect in the situation which communications infrastructure could not cover or be damaged, such as in the military affairs, relief and rescue, etc. To provide secure communications is a big challenge in this special environment. Cryptography can meet the secure needs of confidentiality, integrity, authenticity and availability in the mobile ad hoc network, but effective key management mechanism is the key factor.On the basis of the analysis of the structures and features of the mobile ad hoc network, the existing problems and the facing secure threat in the mobile ad hoc network, and difficulties of the key management in the mobile ad hoc network are researched.Aiming at the actual application, some important technologies about the threshold mechanism are researched, and practical methods are given, then. Some basic technologies, including public key algorithms, RSA, digital signature, digital certificates and CA, are researched. The threshold cryptography program is used to solve the problem of the digital signature when trust is distributed. The threshold RSA digital signature which can be achieved in practical applications is given, because the theoretic threshold RSA digital signature has some difficulties in practical applications; the verifiable secret sharing scheme and the proactive threshold cryptography algorithm are analyzed and researched, to verify the correctness of the received component of the private key when updating.On the basis of threshold cryptography, a rapid response key management framework is designed. The framework establishes a distributed Certificate Authority, through the application of the verifiable secret sharing scheme. The concept of the server group is introduced, and a group of servers, which responses rapidly, is constructed. In this entironment, a node can request services more easily from the maintained group, and not from a wide range of independent server nodes which spread to the entire region. The server nodes coordinate more easily in the group rather than the entire network in the secret component update phase. Thus, the server group responses rapidly in secret share updating in the server group and certificate updating for all nodes. Then the modules of the program and the work flows are given. In order to verify the performance of the scheme, simulation results are given.