An Ad Hoc network is a multi-hop self-organizing network with a dynamically changing topological structure, in which nodes are frequently moved and power-limited, and a trust relationship and wireless transmission links among the nodes are rather poor. Thus, the design of a group key negotiation protocol in the Ad Hoc network is significantly different from the conventional solution. In the Ad Hoc network, in order to ensure the communication security, messages are generally encrypted and then transmitted. Due to the advantage of a symmetric cryptosystem in efficiency, the complexity of message processing is reduced greatly by sharing a key in the group. Meanwhile, the Ad hoc network is also a dynamic peer group, and is lack of the support of a fixed trustable third party, so that a group session key for encrypting the messages needs to be established through the negotiation of all group members, so as to improve the security and reliability of the group session key. Furthermore, the group key negotiation protocol in the Ad Hoc network is required to take the dynamic topology characteristics of the network into consideration, and to realize the forward security and backward security of the key and efficiently support the joining and leaving motions of nodes.
All the existing group key negotiation solutions are based on the discrete logarithm problem in the finite field. There is a group key negotiation solution applicable to the Ad Hoc network, in which n represents the number of group members; Ui represents a group member with a serial number of i; U1 represents a selected organizer, and the organizer is temporary and may be played by any member. FIG. 1 is a flow chart of a method of a group key negotiation solution in the prior art. Referring to FIG. 1, the group key negotiation solution includes:
101: System parameters are selected, and a system initialization is performed.
Supposed that p and q are large prime numbers, Zp is a collection formed by the integer modulo p, g is an element in Zp, and an order of g is q, in which q is the minimum positive integer that satisfies an equation gq≡1 mod q.
102: All members select DH secret values, generate DH public values according to the DH secret values, and broadcast the generated DH public values in the group. The group member Ui randomly selects a DH secret value ri□Zq, generates a DH public value gri according to the selected DH secret value, and broadcasts the generated DH public value gri in the group, in which i goes through 1, 2, . . . , n.
103: After receiving the DH public values of the other members, an organizer selects a secret exponent, generates an intermediate message according to the secret exponent and the DH public values, and broadcasts the intermediate message in the group, and meanwhile generates a group key.
The organizer U1 randomly selects a secret exponent v□Zq, generates an intermediate message Mi, Mi=v·griri according to the secret exponent, a DH public value of the organizer itself, and the DH public values of the other members respectively, and broadcasts the generated message Mi in the group, in which i goes through 1, 2, . . . , , n.
Specifically, the organizer computes a function F=ƒ(gr1, gr2 . . . , grn) according to the DH public value of each member and the DH public value of the organizer itself, in which ƒ represents a mapping from Zp to Zq, and then generates a group key K=gFov according to the secret exponent v.
104: After receiving the intermediate message broadcasted by the organizer, each group member extracts the secret exponent and generates a group key according to the secret exponent and the DH public value of each member.
After receiving Mi, all the group members Ui decrypt the v value, and compute the function F=ƒ(gr1, gr2, . . . , grn), in which ƒ represents a mapping from Zp to Zq. Then, the group members Ui compute a group key K=gFov, in which the symbol ∘ represents that F and v are mathematically operated and a result thereof needs to be modulo p.
Through the above steps, the group keys computed by all the group members Ui are the same, that is, the group key K=gFov.
When a member joins or leaves the group, it is required to re-generate a group key according to all the current group members after the change of group members, in which the computation is similar to the above process, and will not be repeated herein.
In the implementation of the present invention, the inventors find that the group key negotiation solution of the Ad Hoc network requires a large amount of computation, and thus has a low processing speed, a large storage space and a high bandwidth requirement.