因為無限感測網路的傳輸媒介是無線電波,攻擊者可以輕易地利用無線電設施擷取在傳輸中的封包。為了確保資料傳輸的安全性,一般的解決方法是利用對稱式金鑰(Symmetric key)來對封包做加密的動作,但這種方式只能杜絕攻擊者竊取封包內容以及避免攻擊者進一步竄改封包內容。攻擊者仍可以藉由流量分析(Traffic analysis)的方式來取得網路拓墣(Network topology),以更有效率的方式發動攻擊。我們提出了一種適用於無線感測網路的匿名繞徑法;在此繞徑法中,所有在網路間流通的封包皆以成偶金鑰加密封包,並以事先建立好的成偶匿名取代節點身份傳輸。此方法可以防止攻擊者以觀察法取得流通封包間的關連性。本篇論文的分析結果顯示匿名繞徑法可以提供無線感測網路足夠的安全保障。此外,因無線感測節點具有許多先天上的硬體限制,諸如運算速度、記憶體大小與傳輸頻寬等,為了展示本匿名繞徑法對於無線感測網路的適用性,我們亦以MICAz作為平台實作本匿名繞徑法,顯示本匿名繞徑法可以在無線感測網路上實際應用。 Since the transmitting medium of wireless sensor networks (WSNs) is the air, adversaries can easily overhear any packet “flying in the air”. In order to secure the data transmission, the general solutions are encrypting the packet payload with symmetric keys. But those algorithms only keep adversaries out of prying the content of packets and prevent the packets from being modified by adversaries. Adversaries still can learn networks topology by traffic analysis attack. In this paper, we propose an anonymous path routing (APR) protocol for WSNs. By APR protocol, the data is transmitted with anonymity between sensor nodes. Anonymous communications break the relative of the packets flying in the air. APR ensures that the adversaries cannot discover the real identities of local transmitters. The evaluation result shows that APR can achieve both anonymity and security properties of the routing protocol in WSNs. In addition, we implement our APR in the MICAz platform with TinyOS to demonstrate its applicability and communication capability in WSNs.
