IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0913891
(2010-10-28)
|
등록번호 |
US-8607341
(2013-12-10)
|
우선권정보 |
KR-10-2009-0103535 (2009-10-29) |
발명자
/ 주소 |
- Yoon, Mi Yeon
- Kim, Mi Joo
- Jeong, Hyun Cheol
|
출원인 / 주소 |
- Korea Internet & Security Agency
|
대리인 / 주소 |
Ohlandt, Greeley, Ruggiero & Perle, LLP
|
인용정보 |
피인용 횟수 :
9 인용 특허 :
2 |
초록
▼
A method and a system for preserving sensor data based on a time key, and a recording medium thereof are provided. The time key based sensor data security preserving method includes encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numb
A method and a system for preserving sensor data based on a time key, and a recording medium thereof are provided. The time key based sensor data security preserving method includes encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numbers and a secret key which is shared by a sensor node and an application system; and decrypting the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random numbers and the secret key. Thus, integrity and confidentiality of the sensor data can be preserved.
대표청구항
▼
1. A method for preserving security of sensor data in a ubiquitous sensor network based on a time key, comprising automated computer-implemented steps of: encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numbers and a secret key which
1. A method for preserving security of sensor data in a ubiquitous sensor network based on a time key, comprising automated computer-implemented steps of: encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numbers and a secret key which is shared by a sensor node and an application system;sending the time key and the encrypted sensor data from the sensor node to a sink node, which does not have access to the secret key;sending the encrypted sensor data and the time key, via the sink node, to the application system; anddecrypting the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random numbers and the secret key, wherein the deriving of the time key based polynomial comprises: calculating two coordinates (px, py) and (qx, qy) which are roots of the following quadratic polynomial using the application random number p and the sink random number q; andderiving the following equation using the two coordinates and the secret key shared by the sensor node and the application, y=|ax2+bx+C|where y, which is an output value for a time key input, is the material value used to generate the encryption key, a and b are coefficients of the quadratic polynomial, x is a certain time key value, C is the secret key value as a constant value of the quadratic polynomial, and |x| denotes an absolute value of x. 2. The method of claim 1, wherein the time key is generated using sensor data collection time information, and is an input value of the time key based polynomial which produces an encryption key material value used to generate the encryption key as an output value. 3. The method of claim 1, wherein the encrypting of the sensor data comprises: generating an application random number p and a sink random number q;encrypting the generated random numbers with an initial group key of a sensor node and sending the encrypted random numbers to the sensor node;deriving the time key based polynomial to generate a sensor data encryption key at the sensor node; generating, at the sensor node, an authentication key using the sink random number q;providing the sink random number q to the sink node and an application system; andgenerating the encryption key by applying the encryption key material value calculated using the time key based polynomial to a cryptographic algorithm of the sensor node. 4. The method of claim 3, wherein the encrypting and sending of the random numbers comprises: sending the application random number p from the application system to the sensor node; andsending the sink random number q from the sink node to the application system and the sensor node. 5. The method of claim 3, wherein the application random number p, the sink random number q, and the time key x are updated periodically, and an update period of the time key is shorter than an update period of the random numbers p and q. 6. The method of claim 1, wherein the calculating of the coordinates comprises: concatenating the application random number p and the sink random number q;remainder-operating results of the concatenation and the secret key; andcalculating coordinates by applying a Hash function to the remainder-operating results. 7. The method of claim 1, wherein the decrypting of the sensor data comprises: deriving the same polynomial as the time key based polynomial generated at the sensor node; generating the decryption key by applying a decryption key material value obtained from the time key based polynomial to a cryptographic algorithm of the application system; anddecrypting the encrypted sensor data with the generated decryption key. 8. The method of claim 1, wherein the sending of the encrypted sensor data and the encrypted time key to the application system transmits the encrypted sensor data on a periodic basis or according to a request of the application system. 9. The method of claim 1, wherein the sending of the encrypted sensor data and the encrypted time key to the application system maintains a constant packet length by adding the time key to a sensor data packet, and when the time key is updated to a new time key, the updated time key is added to the sensor data packet and transmitted. 10. The method of claim 9, wherein whether the new time key contained in the sensor data packet is determined by a flag of the sensor data packet. 11. The method of claim 9, wherein, when the time key is not updated, additional sensor data is added to the sensor data packet to maintain the constant packet length and transmitted. 12. The method of claim 1, wherein the sensor node has an initial group key recognized by the application system and the sink node, and a private key. 13. The method of claim 1, wherein the sensor node shares the secret key with the application system. 14. A non-transitory recording medium containing a program to execute the time key based sensor data security preserving method according to claim 1 in a computer system which controls a ubiquitous sensor network, the recording medium readable by the computer system. 15. A system for preserving security of sensor data in a ubiquitous sensor network based on a time key, comprising: a sensor node having an RF module with an RF receiver operative to receive the sensor data, the sensor node being operative to encrypt the sensor data with an encryption key obtained using a time key based polynomial derived using at least one random number from an application system and/or a sink node and a secret key shared by said sensor node and said application system;said sink node having an RF module with an RF receiver operative to receive the encrypted sensor data and said time key from the sensor node, the sink node, which does not have access to the secret key, being operative to authenticate said time key, and send the encrypted sensor data and the time key to the application system;said application system having an RF module with an RF receiver operative to receive the encrypted sensor data, the application system being operative to decrypt the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random number and the secret key; andan encryption part for generating an encryption key using the random number and the time key, wherein the encryption part comprises: a time key generator for generating the time key using time information according to a certain rule;a concatenation operator for splitting the random number to two random numbers;a remainder operator for performing remainder operation by dividing results of the concatenation by a secret key;a Hash function operator for obtaining coordinates by applying the Hash function to results of the remainder operation;a time key based polynomial generator for generating a quadratic polynomial which produces an encryption key material value y using the coordinates and the secret key; andan encryption key generator for generating an encryption key by applying the encryption key material value to a cryptographic algorithm used by the sensor node. 16. The system of claim 15, wherein the time key is generated using sensor data collection time information, and the time key is an input value of the time key based polynomial which produces an encryption key material value as an output value. 17. The system of claim 16, wherein: the RF module is operative to receive, via the RF receiver, random numbers from the application system and the sink node; andthe sensor node further comprises:a sensor data storage part for storing the sensor data; andan authentication part for generating an authentication key by applying the random number to a Hash function. 18. The system of claim 15, wherein: the RF module for receiving the sensor data and is operative to receive the time key; andthe application system further comprises:an authentication part for generating an authentication key by applying the random number to a Hash function, and verifying the time key and the sensor data using the authentication key;a decryption part for generating a decryption key using the random number and the time key; anda sensor data analyzer for analyzing the sensor data using the decryption key. 19. A system for preserving security of sensor data in a ubiquitous sensor network based on a time key, comprising: a sensor node having an RF module with an RF receiver operative to receive the sensor data, the sensor node being operative to encrypt the sensor data with an encryption key obtained using a time key based polynomial derived using a random number received from an application system and/or a sink node and a secret key received from an application system;said sink node having an RF module with an RF receiver operative to receive the encrypted sensor data from the sensor node, the sink node, which does not have access to the secret key, being operative to authenticate a time key, and send the sensor data and the time key to the application system; andsaid application system having an RF module with an RF receiver operative to receive the encrypted sensor data, the application system being operative to decrypt the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random number and the secret key;wherein the RF module for receiving the sensor data and is operative to receive the time key; andwherein the application system further comprises: an authentication part for generating an authentication key by applying the random number to a Hash function, and verifying the time key and the sensor data using the authentication key; a decryption part for generating a decryption key using the random number and the time key; and a sensor data analyzer for analyzing the sensor data using the decryption key; andwherein the decryption part comprises:a concatenation operator for splitting the random number into two random numbers;a remainder operator for performing remainder operation by dividing results of the concatenation by a secret key;a Hash function operator for obtaining coordinates by applying the Hash function to results of the remainder operation;a time key based polynomial generator for generating a quadratic polynomial which produces a decryption key material value y using the coordinates and the secret key; anda decryption key generator for generating a decryption key by applying the decryption key material value to a cryptographic algorithm used by the application system.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.