D2D通信中数据安全传输关键技术研究

Device-to-Device (D2D) communications have been proposed to be a key technology for the fifth generation mobile communication system (5G). There is intense interest in it from both telecommunications industry and academia. Data security is an important factor which affects the potential for the practical applications of D2D technology. The project aims to develop a set of cryptography based security mechanisms for data transmission in D2D communication systems, taking into account the unique characteristics of the D2D systems, including dynamic topology, limited computational capability and diversity of user’s security requirements. In order to resist data eavesdropping and fabricating during data transmission, we plan to achieve data security from the aspects of fast and effective key agreement in mobile environment, lightweight signcryption algorithm, and secure data sharing protocol. By utilizing the symmetrical and random characteristics of D2D channels, an information-theoretic secrecy based symmetric key agreement mechanism is proposed. Unlike the traditional error correction approach, the proposed mechanism is based on polynomial and Lagrange interpolation method, thereby achieving high-entropy, high-rate, and high-matching characteristics. The symmetric key negotiated between the devices is then introduced into the certificateless signcryption scheme to enhance its security level. Meanwhile, the certificateless signcryption algorithm is constructed based on Elliptic Curved Discrete Logarithm Problem, without using computationally intensive bilinear pairing. Consequently, the signcryption algorithm has the advantages of low computational complexity and high security level. Basing on the proposed certificateless signcryption algorithm, we will study a generalized certificateless signcryption scheme, which can be applied into the secure data transmission protocol to satisfy different security requirements for the various users adaptively.

D2D (Device-to-Device) 通信技术被广泛认为是第五代移动通信系统(5G)的关键技术之一，而数据传输的安全性是影响D2D技术走向实际应用的一个重要因素。针对D2D系统具有拓扑结构动态性、终端能力有限性及用户需求多样性等特点，考虑D2D数据传输过程中存在窃听和篡改信息等安全隐患，本项目拟从动态环境下高性能密钥生成、低复杂度签密技术研究和数据安全传输协议设计三方面着手，自适应、高效地实现D2D数据传输的机密性、完整性和认证性。利用D2D系统动态环境下信道的对称性和随机性，改变传统信息调和中纠错的思路，设计基于多项式的密钥协商协议，生成高熵、高速率和高一致性对称密钥；将对称密钥引入签密技术中，基于椭圆曲线上的离散对数问题，设计复杂度低、安全性高的无证书无双线性对签密算法；在此基础上，研究广义签密方案，设计基于广义签密技术的自适应数据安全传输协议，满足D2D用户多样性的安全需求。

本项目针对D2D通信数据传输过程中存在窃听和篡改数据等安全隐患，结合D2D通信系统的特点，以加密技术为基础，以数据安全传输协议设计为核心，从基于信道特性密钥生成、无证书无双线性对的签密算法研究和数据安全传输协议设计等方面进行研究，按照用户需求，高效、自适应地实现D2D通信中数据的机密性、完整性及认证性等安全目标。具体地，在基于信道特性的密钥生成方案中，将随机生成的多项式系数作为对称密钥提高其熵，根据信道特性的变化情况设置多项式阶数和多项式系数的长度，提高密钥生成速率，同时，采用校验元素保证密钥的一致性。将所生成的对称密钥加入到签密方案中，攻击者只有在同时获得对称密钥和用户私钥后才能够解密密文，增强了签密算法的安全性；签密算法避免计算复杂度高的双线性对和指数运算，采用计算复杂度低的椭圆曲线上标量乘法运算，提高了运行效率。在该签密算法的基础上，研究了广义签密方案，设计了基于广义签密技术的自适应D2D数据安全传输协议，根据应用需求分别工作于加密模式、签名模式和签密模式。理论分析和实验验证了所提出算法及方案的安全性和有效性。. 本项目在国内外重要学术期刊和著名会议上发表学术论文15篇，其中SCI收录9篇（1篇JCR一区，3篇JCR二区）。授权发明专利3项，申请发明专利5项，其中一项成果实现转化。培养硕士研究生4名，其中2名已经毕业，取得相应学位，2名在读。