中文摘要：

以提供安全、可靠的保密通信为目标的组密钥管理方案是移动自组网安全研究领域中的一个热点.然而,固有的动态性、资源受限和无固定基础设施等特点使得目前已有组密钥管理方案不能很好地适用于MANET.针对MANET组密钥管理面临的诸多挑战,提出一种高效的安全组密钥管理方案（an efficient and secure group key management,ESGKM）.ESGKM无需控制中心,所有成员通过协商共同生成组共享秘密密钥,提高了方案的安全性,并能很好地适应拓扑频繁变化的MANET环境.基于ECC和双线性对的密码体制提高了组密钥生成的效率,同时组成员能够对接收的子密钥份额和组密钥份额进行验证,进一步增加了方案的安全性.该方案还提出基于组密钥服务中心（group key ervice center,GKSC）的组密钥更新和一致性管理算法,有效减少了ESGKM通信开销和计算量,避免了组密钥不一致造成节点孤立.使用串空间模型对ESGKM方案进行了形式化分析,证明了其正确性和安全性.最后,通过与BD,A-GDH和TGDH协议比较,表明ESGKM能有效减少节点和网络资源消耗,很好地适用于动态的MANET环境,具有更为明显的性能优势.

英文摘要：

The design of group key management schemes and protocols,whose main objective is to provide secure and reliable communication,is one of the hot topics in the basic research field of secure mobile ad hoc network.However,existent group management schemes are not suited to MANET due to its intrinsic properties such as being dynamic,node resource constraints and no fixed infrastructure.In order to overcome the drawback,an efficient and secure group key management scheme（ESGKM） is proposed in this paper.ESGKM does not require a trusted dealer and only runs an interactive protocol to generate group sharing secret key among n parties.The scheme can adapt to topological change automatically and increase the security of the protocol.The application of ECC and bilinear pairing improves the performance of group key generation algorithm and the verification of the shares of sub-secret and group secret further enhances the security of the protocol.In the scheme,a group rekeying and group key consistency management algorithm based on group key service center（GKSC） is also proposed,which can reduce communication and computation overheads of the protocol effectively the and avoid the problem of isolated nodes caused by the group key inconsistency.Strand spaces model is used to prove the correctness and security of ESGKM.The performance analysis results show that the proposed scheme can reduce effectively resource cost,adapt the characteristics of MANET and is clearly superior to the existing BD,A-GDH and TGDH protocols.