無線隨意網路近年來已經被應用在很多領域上，其中有包括軍事上的應用、緊急通訊的應用、科學研究和資料探勘。在無線隨意網路中，所需要保護的資料有包括位置訊息跟訊息內容。在本論文中，我們將針對位置資訊和訊息內容的機密性保護，討論三種在無線隨意網路中有關於機密性保護的議題: (1)無線感測網路中，節點位置資訊的機密性保護，(2) 無線感測網路中，節點間所傳送之訊息內容的機密性保護，(3) 行動隨意網路中，群體通訊間所傳送之訊息內容的機密性保護。
在本論文第一個議題和第二個議題中，我們將先討論無線感測網路上資料機密性保護的議題。無線感測網路是一種無線隨意網路。在無線感測網路中，異質架構常用以增進通訊的效率和延長網路的使用壽命。而一個異質架構中，佈放有能力較強的節點。這些能力較強的節點通常扮演重要的角色。所以對於這些能力較強的節點，其相關資訊的機密性保護是一個很重要的議題。在無線感測網路中，為了保護匯聚節點，匯聚節點不會常駐於網路中。在匯聚節點不在無線感測網路的時間區段中，感測節點就需要將感測的資料存於自身的記憶體上。在這樣的環境下，若能力較強的節點被攻擊者抓取時，需要一個自我修復的機制去回復因為節點被抓取時所造成的傷害。
在無線感測網路中，由於匯聚節點不會常駐於網路中，對於所探勘到的資料，為了避免攻擊者去抓取節點後將所探勘到的資料刪除，所探勘到的資料會複製成多個副本，再將這些副本分別儲存在不同的節點上以提高資料被匯聚節點成功接收的機率。在這樣的保護機制下，我們考慮一種攻擊者。這種攻擊者除了刪除節點中的資料之外，他會將所抓取到有存取資料副本的節點之位置記錄下來，利用這些位置去估計傳送這些資料副本的節點之位置。在這樣的攻擊下，資料成功被接收的機率和節點位置的機密性便存在一個權衡的關係。在第一個議題中，我們去研究這樣的關係。我們提出了多個估計節點位置的演算法來顯示出這樣權衡的關係。由模擬結果可以發現，當同時需要兼顧到資料成功被接收的機率和節點位置的機密性時，資料副本的數量就應該要有所限制。
在第二個議題中，我們考慮在叢集式無線感測網路的環境下，叢集群首被攻擊者抓取之後，如何去回復叢集和叢集之間安全的通訊。在這個主題中，我們提出一個自我修復的金鑰管理方法。在這個方法中，會有一個安全的節點被選取來做為繼承者來取代被抓取的節點。其他未被抓取的叢集群首將會提供特定的金鑰資訊來讓繼承者重建出可以產生和叢集群首間通訊的金鑰函式。經由安全分析，我們找到了可以提高安全度的參數設定方式。經由模擬的結果，相較於沒有使用自我修復機制的金鑰管理協定，我們的方法可以在攻擊者抓取到50%的節點的時候提高75%的系統效能。
在最後一個議題中，我們著重在移動隨意網路中，群體間所傳送的資料之機密性保護。在群體間訊息的分享與傳遞需要一把群體金鑰來保護其機密性。由於，現有的分散式群體金鑰協定，需要傳送較大的封包。這樣會在傳輸時造成較大的時間延遲。我們提出一個新的群體金鑰協定。這個群體金鑰協定可以減少所需傳送的封包大小。經由安全分析，我們證明我們所提出的群體金鑰協定可以滿足群體金鑰協定所需要的安全需求。經由模擬結果，在無線隨意網路中，相較於現有的分散式群體金鑰協定，我們所提出的群體金鑰協定，在更新群體金鑰時所花費時間比較小。當成員加入的時候，我們的群體金鑰協定所要傳送的封包數較少。當成員離開的時候，在現存成員數較大的情況下，我們所需傳送的封包數相較於現有的分散式群體金鑰協定來得少。

Wireless ad hoc networks have been applied in many areas, including military communications, emergency search, rescue operations, and data acquisition. Information in a wireless ad hoc network that needs confidentiality protection includes location information and message content. In this dissertation, for confidentiality of location information and message content, we study three issues of confidentiality protection in wireless ad hoc networks: (1) confidentiality protection of location information in wireless sensor networks, (2) confidentiality protection of message content in wireless sensor networks, (3) confidentiality protection of message content in group communication of mobile ad hoc networks.
In the first and second issues of this dissertation, we focus on wireless sensor networks, which are a form of wireless ad hoc networks. For a wireless sensor network, a heterogeneous structure is frequently used to improve communication efficiency and prolong life time of the wireless sensor network. In a heterogeneous structure, a wireless sensor network consists of critical sensors and normal sensors. A critical sensor usually plays an important role in a heterogeneous wireless sensor network. Therefore, confidentiality protection for information of critical nodes in a heterogeneous wireless sensor networks is an important issue. Furthermore, to prevent a sink node that collects acquired data being compromised by an adversary, a sink is usually not constantly present in the network. Therefore, with these features, sensors need to store acquired data during a period that a sink is absent. Once a critical sensor is compromised, there should a mechanism to recover damage caused by compromise of the critical node. In the first issue, we found a trade-off between data survivability and location privacy when a strategy of data replication is used to defeat an adversary that attempts to compromise and delete the acquired data in the sensors. We consider a new kind of adversary that, by using specific location estimation schemes, attempts to derive location information of a critical node based on the locations of the compromised sensors that store the data replicas. Under this kind of attack, the number of data replicas of the acquired data should be limited. We propose three possible location estimation schemes to demonstrate the trade-off relationship in a grid-based unattended wireless sensor network. According to simulation results, the number of data replicas must be limited when considering data survivability and location privacy at the same time.
In the second issue, we focus on a typical heterogeneous wireless sensor network: a cluster-based wireless sensor network. In a cluster-based wireless sensor network, a cluster head is a critical node. We propose a self-healing cluster key management scheme to recover secure inter-cluster communication when any cluster head is compromised. In the self-healing cluster key management scheme, when a cluster head is compromised, a specific sensor in the cluster of the compromised cluster head is chosen as a successor to replace the compromised cluster head. Other cluster heads sponsor specific keying materials to the chosen sensor to reconstruct a key generation function. Through security analysis, we derive a parameter setting to enhance the security of our scheme. Simulation results show that our scheme significantly improves the number of available nodes by about 75% when 50% of the entities are compromised.
In the third issue, we focus on the confidentiality of the message content for a group of members in mobile ad hoc networks. Existing group key agreements need messages in large sizes to generate and refresh the group key, but we propose a group key agreement that reduces the size of the message needed to generate or refresh the group keys. Through security analysis, we show that our group key agreement satisfies the security requirements of a group key agreement. Simulation results show that our group key agreement can provide lower communication overhead and lower latency of generating or refreshing a group key compared with the existing contributory group key agreements. When a new member joins the group, our scheme requires fewer packets to be sent and forwarded. When an existing member leaves, our scheme requires a smaller number of packets to be sent and forwarded when the current group size is large.

[1] A. Mishra and K. M. Nadkami, “Security in wireless ad hoc networks,” The handbook of ad hoc wireless networks, CRC Press, Inc. Boca Raton, FL, U.S.A, pp. 499–549, 2003.
[2] M. Yarvis, N. Kushalnagar, H.Singh, A. Rangarajan, Y. Liu, and S. Singh, “Exploiting heterogeneity in sensor networks,” in Proc. IEEE INFOCOM, vol.. 2, pp. 878-890, Mar. 2005.
[3] X. Du and F. Lin, “Maintaining differentiated coverage in heterogenerous sensor networks,” EURASIP Journal Wireless Commmun. and Netw., vol. 5, issue 4, no. 4, pp. 565-572, Sep. 2005.
[4] R. Di Pietro, L. V. Mancini, C. Soriente, A. Spognardi, and G. Tsudik, “Catch me (if you can): data survival in unattended sensor networks,” in Proc. 6th Annual IEEE Int. Conf. Pervasive Comput. and Commun., pp. 185–194, Mar. 2008.
[5] R. Di Pietro, L. V. Mancini, C. Soriente, A. Spognardi, and G. Tsudik, “Data security in unattended wireless sensor networks, ” IEEE Trans. Comput., vol. 58, no. 11, pp. 1500–1511, Nov. 2009.
[6] M. F. Younis, K. Ghumman, and M. Eltoweissy, “Location-aware combinatorial key management scheme for clustered sensor networks,” IEEE Trans. Parallel Distrib. Syst., vol. 17, no. 8, pp. 865–881, Aug. 2006.
[7] I. Ingemarsson, D. Tang, and C. Wong, “A conference key distribution systems,” IEEE Trans. Inf. Theory, vol. 28, no. 5, pp.714–720, Sep. 1982.
[8] W. Diffie and M. E. Hellman, “New directions in cryptography,” IEEE Trans. Inf. Theory, vol. IT-22, no. 6, pp. 644–654,1976.
[9] M. Burmester and Y. Desmedt, “A secure and efficient conference key distribution system,” in Advances in Cryptology (EUROCRYPT’94), Lecture Notes in Computer Science, vol. 950, pp. 275–286, May 1994.
[10] M. Steiner, G. Tsudik, and M. Waidner, “Key agreement in dynamic peer groups,” IEEE Trans. Parallel Distrib. Syst., vol. 11, issue 8, pp. 769–780, Aug. 2000.
[11] C. K. Wong, M. Gouda, and S.S. Lam, “Secure group communications using key graphs,” IEEE Trans. Netw., pp. 16–30, Feb. 2000.
[12] Y. Kim, A. Perrig, and G. Tsudik, “Communication-efficient group key agreement,” IEEE Trans. Comput., vol. 53, no. 7, pp. 905–921, Jul. 2004.
[13] Y. Kim, A. Perrig, and G. Tsudik, “Tree-based group key agreement,” ACM Transactions on Information and System Security, vol. 7, issue 1, pp. 60–96, 2004.
[14] P. Kamat, Y. Zhang, W. Trappe, and C. Ozturk, “Enhancing source-location privacy in sensor network routing,” in Proc. IEEE 25th Int. Conf. Distrib. Comput. Syst. (ICDCS 2005), pp. 599–608, Jun. 2005.
[15] Y. Jian, S. Chen, Z. Zhang, and L. Zhang, “A novel scheme for protecting receiver’s location privacy in wireless sensor networks,” IEEE Trans. Wireless Commun., vol. 7, no. 10, pp. 3769–3779, Oct. 2008.
[16] K. Mehta, D. Liu, and M. Wright, “Location privacy in sensor networks against a global eavesdropper,” in Proc. IEEE Int. Conf. Network Protocols (ICNP 2007), pp. 314–323, Oct. 2007.
[17] M. Shao, S. Zhu, W. Zhang, G. Cao, and Y. Yang, “pDCS: security and privacy support for data-centric sensor networks,” IEEE Trans. Mobile Comput., vol. 8, no. 8, pp. 1023–1038, Aug. 2009.
[18] J.-P. Sheu, J.-R. Jiang, and C. Tu, “Anonymous path routing in wireless sensor networks,” in Proc. IEEE Int. Conf. Commun., pp. 2728–2734, May 2008.
[19] R. Lu, X. Lin, H. Zhu, P.-H. Ho, and X. Shen, “ECPP: efficient conditional privacy preservation protocol for secure vehicular communications,” in Proc. 27th Conf. Comput. Commun. INFOCOM 2008, pp. 1229–1237, Apr. 2008.
[20] M. Hitchens, J. Kay, B. Kummerfeld, and A. Brar, “Secure identity management for pseudo-anonymous service access,” Lecture Notes in Computer Science, vol. 3450, pp. 48–55, 2005.
[21] D. C. Dhanapala, A. P. Jayasumana, and Q. Han, “Performance of random routing on grid-based sensor networks,” in Proc. IEEE 6th Conf. Consumer Commun. and Netw., pp. 1–5, Jan. 2009.
[22] A. Ghafoor, “Random routing of tasks in hypercube architectures,” in Proc. Int. Conf. Parallel Process.(ICPP 1993), vol. 1, pp. 128–131, Aug. 1993.
[23] A. P. Dempster, N. M. Laird, and D. B. Rubin, “Maximum likelihood from incomplete data via the EM algorithm,” J. R. Statist. Soc. B, vol. 39, no. 1, pp. 1–38, 1977.
[24] O. Younis and S. Fahmy, “HEED: A hybrid, energy-efficient, distributed clustering approach for ad hoc sensor networks,” IEEE Trans. Mobile Comput., vol. 3, no. 4, pp. 366–379, Oct.-Dec. 2004.
[25] A. Rachedi and A. Benslimane, “Security and pseudo-anonymity with a cluster-based approach for MANET,” in Proc. IEEE Global Telecommunications Conf. (IEEE GLOBECOM 2008), pp. 1–6, Nov. 30-Dec. 4, 2008.
[26] Y. Cheng and D. P. Agrawal, “An improved key distribution mechanism for large-scale hierarchical wireless sensor networks,” Ad Hoc Networks, vol. 5, no. 1, pp. 35–48, Jan. 2007.
[27] X. Du, H. H. Chen, Y. Xiao, and M. Guizani, “A pseudo-random function based key management scheme for heterogeneous sensor networks,” in Proc. IEEE Global Telecommunications Conf., Washington, DC, U.S.A., pp. 5138–5142, Nov. 2007.
[28] P. Traynor, R. Kumar, H. Choi, G. Cao, S. Zhu, and T. L. Porta, “Efficient hybrid security mechanisms for heterogeneous sensor networks,” IEEE Trans. Mobile Comput., vol. 6, no. 6, pp. 663–677, Jun. 2007.
[29] C. Blundo, A. D. Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung “Perfectly-secure key distribution for dynamic conferences,” in Proc. 12th Annual International Cryptology Conf. Advances in Cryptology, Lecture Notes in Computer Science, pp. 471–486, 1992.
[30] A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, issue 11, pp. 612–613, Nov. 1979.
[31] D. Liu, P. Ning, and R. Li, “Establishing pairwise keys in distributed sensor networks,” ACM Transactions on Information and System Security, vol. 8, no. 1, pp. 41–77, Feb. 2005.
[32] N. T. Canh, T. V. Phuong, Y.-K. Lee, S. Lee, and H. Lee “A location-aware key predistribution scheme for distributed wireless sensor networks,” in Proc. IEEE 15th International Conf. on Networks, Adelaide, Australia, pp. 188–193, Nov. 2007.
[33] L. Xu and J. Shen, “A novel key pre-distribution scheme using one-way hash chain and bivariate polynomial for wireless sensor networks,” in Proc. 3rd International Conf. on Anti-Counterfeiting, Security, and Identification in Communication, pp. 575–580, Aug. 2009.
[34] W. Qian, H. Chen, Z. Li, and C. Jia, “On a practical distributed key generation scheme based on bivariate polynomials,” in Proc. 7th International Conf. on Wireless Communications, Networking and Mobile Computing, Wuhan, China, pp. 1–4, Sept. 2011.
[35] N. Saxena, G. Tsudik, and J. H. Yi, “Efficient node admission for short-lived ad hoc networks,” in Proc. 13th IEEE International Conf. on Network Protocols, Boston, U.S.A., pp.269–278, Nov. 2005.
[36] D. Dong, Y. Liu, and X. Liao, “Self-monitoring for sensor networks,” in Proc. 9th ACM International Symposium on Mobile Ad Hoc Networking and Computing, Hong Kong, China, pp. 431–440, May 2008.
[37] J. W. Ho, D. Liu, M. Wright, and S. K. Das, “Distributed detection of replica node attacks with group deployment knowledge in wireless sensor networks,” Ad Hoc Networks, vol. 7, issue 8, pp. 1476–1488, Nov. 2009.
[38] D. Hu and J. Chen, “Protecting data aggregation from compromised nodes in wireless sensor network,” in Proc. 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, vol. 1, Wuhan, Hubei China, pp.231–234, Apr. 2009.
[39] Y. Sei and S. Honiden, “Distributed detection of node replication attacks resilient to many compromised nodes in wireless sensor networks,” in Proc. 4th Annual International Conference on Wireless Internet, Article no. 28, Maui, Hawaii, U.S.A., pp. 1–8, 2008.
[40] R. A. Horn and C. R. Johnson, Topics in Matrix Analysis, Cambridge University Press, Cambridge, 1991.
[41] M. Manulis, “Contributory group key agreement protocols, revisited for mobile ad-hoc groups,” in Proc. IEEE International Conf. Mobile Ad-hoc and Sensor Systems (MASS’05), Washington, U.S.A., pp. 811–818, Nov. 2005.
[42] L. Liao and M. Manulis, “Tree-based group key agreement framework for mobile ad-hoc networks,” Future Generation Computer Systems, vol. 23, issue 6, pp. 787–803, Jul. 2007.
[43] S. Jarecki, J. Kim, and G. Tsudik, “Robust group key agreement using short broadcasts,” in Proc. 14th ACM Conf. Computer and Communications Security (CCS ‘07), Alexandria, U.S.A., pp. 441–420, Oct. 29-Nov. 2 2007.
[44] A. J Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press Series on Discrete Mathematics and Its Applications, 1996.
[45] P. F. Oliveira and J. Barros, “A network coding approach to secret key distribution,” IEEE Trans. Inf. Forensics Security, vol. 3, issue 3, pp. 414–423, Sep. 2008.
[46] The network simulator-NS2, http://www.isi.edi/nsnam/ns/.