摘要： 针对实际应用中移动Ad hoc网络节点可能存在身份差异的情况，提出一种非对等的移动Ad hoc网络密钥管理框架及一个密钥共享方案，该方案可以生成2类不同的主私钥共享份额，结合2类共享份额才能恢复主私钥。基于上述方案中的密钥配置结构，给出一个移动Ad hoc网络限制验证者的数字签名方案。分析结果表明，该方案在签名阶段需执行1次模幂运算和1次欧几里得算法，在验证阶段需执行O(t)次模幂运算，并且方案具有较好的实用性，安全性与部分分布式密钥管理签名方案相同。

关键词: 移动Ad hoc网络, 密钥管理, 数字签名, 限制验证者, 秘密共享, 欧几里得算法

Abstract: In the applications, the identity of nodes in mobile Ad hoc network may be different. According to the situation, this paper proposes an asymmetric key management framework for the mobile Ad hoc network. In order to satisfy the special framework, it designs a new secret sharing scheme for splitting the system private key, in which it generates two kinds of shares of the system private key: the special share and the ordinary share, so that it needs two kinds of shares to recover the system private key. Furthermore, it presents a limited verifier signature scheme in mobile Ad hoc network based on this secret sharing. Analysis results show that the scheme has a good availability since all nodes share the master private key and the decreases computation complexity, which is one time modular exponentiation and Euclid algorithm in signature phase, O(t) times modular exponentiation in verification phase. Besides, it is as safe as partially distributed key management sign scheme.

Key words: mobile Ad hoc network, key management, digital signature, limited verifier, secret sharing, Euclid algorithm

中图分类号: 

• TP393