安全性是移动自组网络组通信的基本需求,安全、高效的组密钥更新算法是保证组通信安全的关键.在移动自组网络分布式组密钥管理框架(distrbuted group key management framework,简称DGKMF)的基础上,提出了一种组密钥更新算法--DGR(distributed group rekeying)算法.该算法能够利用局部密钥信息更新组密钥,适合拓扑结构变化频繁、连接短暂、带宽有限的移动自组网络.为了进一步降低算法的通信代价,通过在组密钥更新时动态生成组密钥更新簇，对DGR算法进行了改进，提出了CDGR(cluster distributed group rekeying)算法，并讨论了上述算法的安全性、正确性和完备性，分析了算法的通信代价.最后，利用ns2模拟器对算法的性能进行了分析.模拟结果显示，DGR和CDGR算法在组密钥更新成功率和延迟等方面均优于其他算法，并且由于采用簇结构，CDGR算法的更新延迟低于DGR算法.

Many emerging mobile wireless applications depend upon secure group communication, in which a secure and efficient group rekeying algorithm is very important. In this paper, a rekeying algorithm named DGR (distributed group rekeying algorithm) is proposed, which is based on DGKMF (distributed group key management framework). DGR algorithm generates a group key with local secrete information, and is suitable for mobile ad hoc networks. In order to further reduce the communication complexity, the DGR algorithm is improved on by generating a cluster dynamically in the rekeying process, and the CDGR (cluster distributed group rekeying algorithm) is proposed. The security, correctness, and completeness of the two algorithms are discussed in this paper, and their message complexity costs are evaluated. Simulation results demonstrate that the two algorithms are better than other algorithms and protocols such as CKD, GDH v.2 and BD in the group rekeying success ratio and delay, and the CDGR is better than GDR in the group rekeying delay because it uses the cluster in the rekeying process.

Supported by the National Natural Science Foundation of China under Grant Nos.90104001,90204005(国家自然科学基金)