MANET節点不相交多路径安全源路由协议(.doc

MANET节点不相交多路径安全源路由协议* 冯 涛1，2)1，3)2) 李兴华2) 1)（兰州理工大学计算机与通信学院，兰州，730050） 2)（西安电子科技大学计算机网络与信息安全教育部重点实验室，西安，710071） 3)（甘肃联合大学数学与信息科学学院，兰州，730010） 摘 要：多路径路由实现是移动Ad hoc网络(MANET)可靠运行的有效保证。现有MANET节点不相交多路径路由协议主要关注节点不相交多路径的可实现性和效率问题。针对节点不相交多路径路由协议MNDP协议在主动攻击者安全模型中的安全缺陷，提出了可证明安全的MANET节点不相交多路径动态源路由协议SMNDP协议。SMNDP协议路由请求算法中，建立了中间节点路由请求消息传播策略的检错机制、SMNDP协议路由应答算法中建立了消息防篡改机制和身份认证机制。基于攻陷的网络拓扑模型，扩展了可模糊路由概念，提出了多路径可模糊路由集合概念和节点不相交多路径源路由协议的安全定义，并应用于SMNDP协议的安全分析。SMNDP协议的安全性可以归约为消息认证码和签名机制的安全性。 关键词：MANET；MNDP；可证明安全；可模糊路由；SMNDP 中图法分类号:TP 309 Multiple Node-Disjoint Paths Secure Source Routing For MANET Feng Tao1,2), Guo Xian1,3), Ma Jian-feng2), Li Xing-hua2) 1) (School of Computer and Communication, Lanzhou University of Technology, Lanzhou, 730050, China) 2) (Ministry of Education Key Laboratory of Computer Networks and Information Security, Xidian University, Xian 710071, China) 3) (School of Computer and Math, Gansu Lianhe University, Lanzhou 730010, China) Abstract: The implementation of multipath routing provides guarantee for reliable running of mobile ad hoc network (MANET). Most of existing node-disjoint multipath routing focuses mainly on establishment issues of multiple node-disjoint paths and efficiency issues of identifying multiple node-disjoint paths. Multiple Node-Disjoint Paths (MNDP) has secure faults in the secure model of active adversary. To address this issue, a provably Secure Multiple Node-Disjoint Paths source routing (SMNDP) is proposed in this paper. Error-check scheme is used for the transmission of the route quest in the alogrithm of route request for SMNDP. In addition, the schemes such as the message authentication and the digital signature are used in the algorithm of route reply for SMNDP. The concept of plausible route is extended in this paper, and the definition of plausible-route set is given. And then, security definition of multiple node-disjoint paths routing is presented. The security of SMNDP can be reduced to the security of the message authenti