| Because the MANET owes to the features of uncentralized, self-organizational, launch fast and strongly survival and so on, it is widely applied in military and the civil domain. Many applications are sensitive to the security, such as battlefield, business conference, person-to-person communication and so on. And the crucial question of them is the user status authentication and key management.Firstly, this article introduces the concept, characteristic and the security problem of the MANET, and analyzes present research situation of these question in China and foreign. We propose an Authentication and Key Management Scheme in Hierarchical-cluster-based MANET.Next, this article introduces architecture of MANET and several kind of clustering algorithm in cluster-based MANET. We propose clustering algorithm suiting in prototype system of the article and explain the algorithmic steps and procedure in detail.Then we establish prototype system--Two-level Distributed Certificate Authority System using threshold digital signature based on the existing certificate authority center mechanism. Integrity and non-repudiation of certificate information are achieved by asymmetric cryptography. Certificate may be updated or withdrawn, which makes it more security. Secret key shares are refreshed periodically, thus the adversary is challenged to compromise to servers between periods refreshing. Key exchange using certificate makes the communication confidentially, integrated and non-repudiated.Finally, we carry on the preliminary simulation using network simulation's software NS2 to prototype system's performance. Comparing to simulation result, we conclude that authentication time of Two-level Distributed Certificate Authority is shorter than the plaint one. |
PDF Full Text Request