Research On Several Key Management Schemes And Applications For Mobile Ad Hoc Networks

Intelligent transportation is one of important application fields for mobile ad hoc networks. Because of a wide range of application requirements the security of the mobile ad hoc networks has become a hot spot of research. Key management is the premise and foundation to solve the security problems in mobile ad hoc networks for the use of cryptographic technology. How to improve the model and the performance of key management as well as further to meet different application requirements are very important issues. In this dissertation, we focus on studying the key management schemes and key protection mechanisms, and take the vehicle secure communication as application background. The dissertation concentrates on improving application performances of key management schemes. Several key management schemes are proposed for different application requirements. The contributions of this dissertation are mainly embodied as follows.Firstly, a new distributed asymmetric key management scheme based on lightweight CA public key authentication framework and Shamir secret sharing scheme is presented so as to solve the problems of distributed certificate management and complex key management model in existing CA-based key management schemes of mobile ad hoc networks. The lightweight CA is distributed and the public key can be certified locally by the mechanism of distributed lightweight CA certification authentication, so the certification management is not needed in the scheme, which simplifies the process of key management based on CA. It also provides the mechanisms of legal node key update and malicious node key revocation.Secondly, aiming at reducing communication overhead and solving key escrow problem of identity-based asymmetric key management in mobile ad hoc networks, an identity-based pre-distribution asymmetric key management scheme (PAKMS) based on combined public key framework is presented. The scheme essentially reduces communication overhead of the asymmetric key management in mobile ad hoc networks and also makes the nodes obtain their keys and key update services by pre-distributing mode, which don't need to rely on online PKG. Thus, the inherent key escrow problem existing in identity-based asymmetric key management is avoided to some degree.Thirdly, in order to improve node's security in mobile ad hoc networks, a portable trusted platform module (PTPM) based on trusted computing has been designed and implemented for mobile ad hoc network node. Moreover, a PTPM-based key management scheme is proposed, so as to protect key and ensure trusted node in the process of pre-distribution asymmetric key management. In the scheme, PTPM is a basic secure hardware to pre-distribute, store and manage key, which provides a fast key management service with the secure support based on hardware for mobile ad hoc network. Meanwhile, a new application paradigm of key management based on PTPM is showed.Fourthly, for the purpose of meeting the requirements of managing and using multiple keys as well as improving the flexibility of node using keys, a new node key management scheme is presented for mobile ad hoc networks. In the scheme, the combined public key based on elliptic curve cryptography is adopted to generate multiple keys which are protected and managed by protected storage of PTPM. By this way, the scheme can improve the key distribution and storage mechanisms and meet the requirements of node managing and securely using multiple keys.Finally, to meet the requirements of secure communication in intelligent transportation system, an identity-based key management framework is described combined with privacy protection and accountability. Meanwhile, a secure enhancement mechanism of routing protocol based on the proposed identity-based key management framework is presented. This mechanism can protect routing and improve the security and the privacy of routing, by which routing can fast detect node malicious behaviors and prevent the attacks. The experimental results show that the proposed identity-based key management framework can effectively provide the key management service for secure routing and meet the requirements of secure communication. Meanwhile, an example is given in terms of using key management scheme to construct secure routing protocol.In a word, this dissertation takes the security of mobile ad hoc networks as target to research key management schemes and key protection mechanisms. To improve the performances of key management processes, several key management schemes are proposed for different application requirements. The work is useful for promoting the secure applications and provides new idea for key management schemes in mobile ad hoc networks.