在叢集式架構下,叢集頭負責將感測終端元件在叢集範圍所收集到的資料傳送到遠處的基地台。 為了確保資料的正確性,叢集頭必須驗證感測終端元件之完整性, 然而因感測元件之低成本需求並不適合在每一元件內嵌可信賴平台模組。 為 此 , 我 們 僅 要 求 感 測 終 端 元 件 內 擁 有 少 量 的 唯 讀 記 憶 體 (Read-Only Memory),提出一個虛擬可信賴平台模組驗證協定,使得叢集頭能驗證感測終端元件的完整性。 此外,叢集頭亦可透過此協定與感測終端元件重新建立一把共享金鑰。;Sensor nodes are usually vulnerable to be compromised due to their unattended deployment and the low costs requirement. Thus, an attacker can reprogram the compromised sensor and control the node to act on his behalf. Remote attestation is the activity of making a claim about the internal state of a platform by supplying evidence to a remote verifier. The Trusted Platform Module (TPM) is a tamper-proof hardware based on the Trusted Computing specification. A TPM is added to the platform in order to enable functions, such as platform integrity measurement, remote attestation and crypto- graphic functionality. However, in the wireless sensor network, the low cost design and large scale deployment make it infeasible to equip each resource-constrained sensor node with a TPM. We explore the cluster-based sensor network architecture to increase the network lifetime and reliability without significantly increasing the cost. The sensor network is organized in clusters where a minority of nodes are equipped with TPMs and act as the cluster heads. In this thesis, we first improve Krauβ et al.’s attestation protocol to decrease the storage overhead. Their protocol allows the sensor nodes to verify whether the platform configuration of the cluster head is trustworthy. However, a node acts as the cluster head may be valuable to attack and our new protocol enables the base station to verify the integrity of the cluster head. A cluster head is responsible for verifying the trustworthiness of the sensor nodes within the cluster. The low cost requirement of the sensor node precludes using an expensive hardware, so we propose a virtual TPM attestation protocol. Assuming only a small amount of read-only memory in each sensor node and the cluster head can verify the integrity of each underlying sensor node. Furthermore, the cluster head can re-establish the secret key with the dominated sensor nodes.
