無線感測網路是由一群低成本的微型感測器所組成的無線通訊網路,它們可能散佈在某特定區域進行感測資料收集的任務。在無線感測網路中有關安全的議題愈來愈受到重視,而金鑰分發則是影響了訊息加密與認證等安全機制能否正常運作的基本前提。本論文提出了一個具有可擴充性、群組式之隨機金鑰分發機制,它將所有節點分為多個群組並利用單向函數來產生群組對群組的金鑰,以提高金鑰之連結性與最大支援節點數。在效能評估上,我們分析出在目前所有基於隨機預先分發的金鑰機制中,本機制能夠提供最大支援的節點數,而在安全性方面模擬結果也顯示此機制對於入侵節點之攻擊有著良好的抵禦能力。 除此之外,為了降低已遭入侵之節點對網路的不良影響,本論文也提出了一個分散式節點撤銷機制,此機制採用了投票的方式,對已遭入侵之節點進行撤銷的動作,並且利用Threshold Secret Sharing的概念來降低記憶體空間成本。 The security issue in distributed sensor networks (DSNs) has been drawing considerable research attention in recent years. Key management, a basic security service, becomes the core design for various security services like encryption and authentication. This thesis presents a Scalable Grouping (SG) random key predistribution scheme which divides all nodes into several groups and uses the one-way function to generate group-to-group pairwise keys to increase the connectivity of each key and to enlarge the maximum supportable network size. Experimental results show that the SG scheme is able to yield more enhanced resilience against node capture in large-scale networks, generate higher scalability than existing random key based schemes, and limit global payoff from local compromised nodes. Besides, in order to reduce the effect from compromised nodes, we also propose a distributed node revocation scheme based on the SG scheme. It can revoke the existing compromised node by voting and adopt the concept of Threshold Secret Sharing to reduce the memory cost.
