• <tr id="yyy80"></tr>
  • <sup id="yyy80"></sup>
  • <tfoot id="yyy80"><noscript id="yyy80"></noscript></tfoot>
  • 99热精品在线国产_美女午夜性视频免费_国产精品国产高清国产av_av欧美777_自拍偷自拍亚洲精品老妇_亚洲熟女精品中文字幕_www日本黄色视频网_国产精品野战在线观看 ?

    Research on stateful public key based secure data aggregation model for wireless sensor networks①

    2017-03-28 09:47:38QinDanyang秦丹陽(yáng)JiaShuangYangSongxiangWangErfuDingQun
    High Technology Letters 2017年1期
    關(guān)鍵詞:丹陽(yáng)

    Qin Danyang (秦丹陽(yáng))Jia Shuang, Yang Songxiang, Wang Erfu, Ding Qun

    (Key Lab of Electronic and Communication Engineering, Heilongjiang University, Harbin 150080, P.R.China)

    Research on stateful public key based secure data aggregation model for wireless sensor networks①

    Qin Danyang (秦丹陽(yáng))②Jia Shuang, Yang Songxiang, Wang Erfu, Ding Qun

    (Key Lab of Electronic and Communication Engineering, Heilongjiang University, Harbin 150080, P.R.China)

    Data aggregation technology reduces traffic overhead of wireless sensor network and extends effective working time of the network, yet continued operation of wireless sensor networks increases the probability of aggregation nodes being captured and probability of aggregated data being tampered. Thus it will seriously affect the security performance of the network. For network security issues, a stateful public key based SDAM (secure data aggregation model) is proposed for wireless sensor networks (WSNs), which employs a new stateful public key encryption to provide efficient end-to-end security. Moreover, the security aggregation model will not impose any bound on the aggregation function property, so as to realize the low cost and high security level at the same time.

    wireless sensor networks (WSNs), secure data aggregation, homomorphic encryption, simple power analysis

    0 Introduction

    WSN (wireless sensor network) is a major branch of the Internet of things, which is made up of many sensor nodes with constrained resource. Sensors will be affected by power supply, communication and computing power, so the data transmission is restricted[1]. Data aggregation is thought to be essential technique for WSN, since it may save the computation and communication energy effectively. With such a technique, data will be captured by sensor nodes and fused by intermediate nodes and then transmitted to sink nodes through the wireless link. Under the background of the Internet of things, the aggregation node is regarded as a network drive to collect aggregated data and send them to the cloud[2]. Data aggregation adopted in WSN will reduce packet transmission and data redundancy,and will improve the overall lifetime.

    Traditional security aggregation protocol adopts single hop encryption, in which sensor nodes will encrypt the captured data and send the ciphertext to the aggregation node; then the aggregation node will decrypt the received data, perform the aggregation function, and finally send the encryption result to the upper aggregation node. Therefore, the data aggregation protocol improves the bandwidth and network energy efficiency, but at the same time brings higher computational overhead and latency. What is more, the aggregation node may access to the plaintext data, which means there is no guarantee for end-to-end confidentiality[3]. Therefore, a higher security and more efficient solution is needed for WSN.

    1 Research status on data aggregation

    In recent years, a number of security schemes to guarantee the data confidentiality without causing delay are proposed, such as CDA (concealed data aggregation) based on PH (privacy homomorphism) which enables direct calculations on enciphered data. The advantage of CDA is confidentiality of the data without complex computation. PH, however, will significantly increase the demand for encryption energy, and limit the applicability of the aggregation query as well[4]. ECEG (Elliptic Curve El Gamal) is one of the most popular algorithms for WSN currently, which can be implemented on MicaZ efficiently with unit execution time as 1.29s. However, in some condition, the sink node needs to collect information about the target area continuously about every 20s, so such a scheme is impracticable and will cause large energy consumption. In addition, ECEG is an additive homomorphic and hence, it can only support a limited number of aggregation functions related to the addition operation. Moreover, since a single hop authentication could not guarantee the aggregator to perform the aggregate function properly and a compromised aggregator may produce fake aggregation to authenticate with its legitimate key, the end-to-end data integrity as a new security requirement becomes a new challenge for WSN nowadays, which will be considered as well in the research.

    2 Key encryption and attacks

    The SDAM adopts the combination of asymmetric and symmetric encryption algorithm, so it will briefly introduce the encryption algorithm and the classical attack types in this section.

    2.1 Stateful public key encryption

    The stateful encryption can significantly reduce the computational cost of traditional PKE (public key encryption). In SPKE (stateful public key encryption), the sender uses a state repeatedly in different encryption algorithms, which is held by the sender, and the same state is reused in different encryption processes. The use of stateful encryption will reduce the computational cost and the energy for being calculated only once. In this work, SPKE is utilized to guarantee the convergecast traffic toward BS efficiently. Accordingly the state is adopted to share with BS the information that the network nodes use to ensure the end-to-end security for aggregated data.

    2.2 Cryptographic methods

    2.2.1 Homomorphic encryption

    HE (homomorphic encryption) allows direct calculation on ciphertext with the same effect as that on the underlying plaintext data. An encryption algorithm is considered to be homomorphic, if and only if there is

    E(m1⊙Mm2)←E(m1)⊙CE(m2),

    ?m1, m2∈M (1)

    where M and C are the set of plaintext and the set of ciphertext respectively; the operation ⊙ may support the addition and multiplication or support these two kinds of algorithms at the same time with the choice depending on the characteristics of the encryption scheme. The one supporting all the functional operation on the ciphertext is known as FHE (fully homomorphic encryption). The other class of HE is PHE (partially homomorphic encryption), which includes the encryption schemes that have homomorphic property.

    2.2.2 Message authentication code

    It is clear that MAC (message authentication code) doesn’t satisfy the additive property:

    MAC(α+β)≠M(fèi)AC(α)+MAC(β)

    (2)

    where MAC can be aggregated by XOR (exclusive operation) as Eq.(3) to satisfy the integrity and authenticity so as to verify all the personal data.

    MACagg=MAC1⊕MAC2⊕…⊕MACn

    (3)

    where HMAC (Hash-based MAC) is a kind of scheme based on encryption hash function, which is always used to validate data integrity and source. The encryption intensity of HMAC depends on the property of the underlying hash function. Let HMAC(K, m) denote the message input of m using a key with the assumption that the underlying hash function is SHA-1, which will produce 20-bytes digest as the output.

    2.2.3 Relative functions

    There will be two main relative functions to be adopted in the research. PRF (pseudo random function) is a deterministic function with two inputs, namely K and m, where K is a hidden key and m is a random variable. Generally, the output of PRF by computing is different from the real output value. KDF (key derivation function) takes a given key and a random number as the input, and will generate a new key for the encryption algorithm. In this study, the HKDF (key derivation function based on Hash message authentication code) NISTSP800-108 is adopted to generate a dynamic key.

    2.3 Network model

    WSN is composed of a large number of sensor nodes and BS. Sensor nodes are resource-constrained devices, deployed in a geographical area to sense and monitor. They are arranged in multiple clusters, as shown in Fig.1. Some sensor nodes are chosen as the CHs (cluster-heads) based on dynamic selection algorithm to aggregate data from their members, and will forward the results to the next hop. All the notations used in this paper are shown in Table 1.

    Fig.1 Wireless sensor network model Table 1 Notations and definitions

    NotationDefinitionNotationDefinitionNRNumberofsensornodesYThebasestation’spublickeyRNumberofclusterheadsinthenetwork‖0zConcatenationwithaserialofz‘0’sCHjClusterheadCHj,j∈{1,…,R}λNumberofbitsneededtorepresentthedatacapturedLMaximumnumberofnodesperclusterSKBSijThekeysharedbetweenSijandBSBSThebasestationNijAsequencenumberfordatafreshnessSijSensornodebelongingtoCHj,j={1,…,L}SNSensornodes

    2.4 Attack model

    The attack types in WSN can be categorized as follows: (i) An attacker can eavesdrop and monitor the transmitted data in wireless sensor network; (ii) An attacker can produce an illegal data to modify the transmitted packets, and replay the sent packets; (iii) An attacker can threaten the sensor nodes covertly using power analysis.

    The first category mainly focuses on the passive attack to derive the key, as the main purpose. The basic attack is CA (cipher analysis), with such attack that an attacker can only obtain the information by explaining the ciphertext. Then the attacker will start KPA (known plaintext attack). In KPA, an attacker will attempt to infer the secret information with a known plaintext and corresponding ciphertext. In the same category, an attacker could also choose any plaintext to encrypt and study the generated ciphertext, namely CPA (chosen plaintext attack).In the context of WSN, the practicability of CPA is considered to be less practical than CA and KPA, but it is still a very dangerous attack. In the second category, an attacker will interfere with communication frequently and actively. Active attack includes extensibility, forge packets and playback. Extensibility allows an attacker to modify the packet without any knowledge of the content. The homomorphic encryption possesses the extensibility itself[5]. An attacker may forge the packets, and even replay valid packets already “used” in the WSN in order to deceive BS. In the third category, an attacker can covertly perform channel attacks. Such attack allows an attacker to use information leakage in the process of cryptographic operations to obtain all or a part of the secret keys[6]. In this category, an attacker does not need to delete or interfere with the operation of a node from the network, but can take power traces. In other words, an attacker can perform SPA (simple power analysis), which is quite common in WSN.

    3 Secure data aggregation models

    SDAM proposed in this work consists of two main phases, namely the forwarding phase and the aggregation phase. In the former phase, all the sensors will send their states for being used in the aggregation phase. In the latter phase, the sensor nodes will encrypt and verify the captured data using the states shared with BS. Then, CH will use homomorphic operation and XOR to aggregate ciphertext and signature respectively in order to generate a cipher and a new signature. Finally, BS will verify the aggregated data, decrypt aggregation, retrieve plaintext and call the verification process.

    3.1 Parameters setting

    3.2 Forwarding phase

    In the forwarding phase, sensor nodes will send the state Stijto produce keys required by the aggregation phase. HKDF is adopted to obtain the authentication keys. In fact, the output Kijof the PRF is computed with a nonce as the iteration variable, and then is used as key material for authentication. Each sensor Sijexecutes Algorithm 1 to send output Stijand MACijto the next hop. In order to extract all the keys from base stations, all packets must be sent. Therefore, at such stage, CH acts as a data forwarder but not a data aggregator, as shown in Fig.2(a).

    Fig.2 Data transmission in SDAM

    Algorithm1:Forwardingphase(Sij)Input:(Y,E,p,G,n),SKBSij,Nonce1.Generatearandomrij∈[1,n-1]2.ComputeStij=rijG3.ComputeKij=HKDF(Stij‖rijY‖SKBSij,Nij)4.ComputeMACij=HMAC(Stij,Kij)Output:Stij,MACij

    Each sensor will keep the state (rij, Stij) and use the state to encrypt. Once the state is received, CH forwards all data to BS or to the nearest CH. Then, BS will verify the integrity by using private key x to identify the entire senders. The verification is done by calculating all the keys corresponding to the received states (see Algorithm 2). If the verification is established, the corresponding state Stijwill be stored in the BS’s database, which is used for decryption and verification. Otherwise, the state will be rejected.

    Algorithm2:Verification(BS)Input:(Y,E,p,G,n),SKBSij,x,Nonce,allpairs(Stij,MACij)1.Foreachi∈{1,…,L},j∈{1,…,R}1.1.ComputeKij=HKDF(Stij‖xijStij‖SKBSij,Nij)2.Foreachi∈{1,…,L},j∈{1,…,R}2.1.ComputeMACij=HMAC(Stij,Kij)2.2.IfMAC'ij=MACij, ThenacceptOtherwiserejectOutput:MACverification

    3.3 Aggregation phase

    The aggregation phase consists of three steps: encryption, aggregation and verification.

    3.3.1 Encryption

    Algorithm3:Encrypt&sign(Sij)Input:mij,(rij,Stij),Y,M,Nonce1.Encodemijintoeij=mij‖0z,wherez=λ·(i-1)2.ComputeKij=HKDF(Stij‖rijY‖Y,Nij),whereKij=Kij1‖Kij23.ComputeCij=Kij1+eijmodM4.ComputeMACij=HMAC(Cij,Kij2)Output:Cij,MACij

    3.3.2 Aggregation

    In this step, CH acts as the data aggregator and uses dispersion aggregation. For multi-user, the data are randomly aggregated, the process of which is shown in Fig.2(b). CH will aggregate all ciphertext including its own ciphertext into a new cipher Cagg, and aggregate MACs and its own MAC into a new MACagg(see Algorithm 4). Using addition operation modulo, the ciphertext is aggregated homomorphically, and MAC is XORed[7]. After that, the output of Algorithm 4 will be sent to BS or the nearest CH. When a CH receives the packets from another CH, it will forward the packet to BS. The execution homomorphism aggregation of each CHjis as follows:

    Algorithm4:Homomorphicaggregation(CHj)Input:Allpairs(Cij,MACij),wherei∈{1,…,L}1.ForLciphertexts(C1j…CLj)1.1.ComputeCagg=∑ji=1…LCijmodM2.ForLMACs(MAC1j…MACLj)2.1.ComputeMACagg=⊕MACijOutput:Cagg,MACagg

    3.3.3 Verification

    In the verification step, BS will call the decryption and verification process for the aggregation of each cluster after the data packets are received. BS will firstly calculate the current keys corresponding to all network nodes using the state stored in the database. Then, BS will decrypt the aggregated ciphertext, and retrieve the personal plaintext (see Algorithm 5). Finally, BS will calculate (Cij, MACij), and check the end-to-end integrity of the information. If the verification is passed, aggregated data eaggwill be accepted; otherwise it will be rejected. BS will send (Cij, MACij) by notifying CHj, and verify each pair of nodes to determine the malicious nodes. Another advantage of the model is that the node does not need to send a response to BS, because all the sensors are involved in the aggregation. In SDAM, even without sensing data, each sensor will produce the encryption and sign MAC. In Algorithm 5, the non-responding node will simply use the zero value of m; thus, after sending all the sensor data to BS, it can perform any aggregation function, which is a major advantage of multi-hop solutions. SDAM is flexible without imposing any constraints on the property of the function.

    Algorithm5:End-to-end(BS)Input:Allpairs(Cagg,MACagg),wherej∈{1,…,R}1.ComputeKij=HKDF(Stij‖xijStij‖Y,Nij)2.Foreachpair(Cagg,MACagg)j2.1.Computeeagg=Cagg-∑ji=1…LKi1modM2.2.Encode(eagg,L,λ):mi=e[(i-1)·λ,λ·i-1],wherei=1,…,L2.3.Formi,wherei=1,…,L2.3.1.ComputeMACi2.4.ComputeMAC'agg=⊕MACi2.5.IfMAC'agg=MACagg TheneaggisacceptedOtherwiseeaggisrejectedOutput:MACverification

    Aggregation phase is to be executed for many times until the state is failed. Therefore, a deadline has been designed in this paper. Key expiration is a very important security measurement, which allows key refreshing and involves a new forwarding phase so as to increase the security theoretically. In SDAM, a node can be seen as a lifetime sequence epoch, and each period consists of two phases, namely forwarding and aggregation phases (see Fig.3). In fact, the security level can be used to judge whether to meet the required security level of sensitive information. Therefore, the key refreshing is very important for security improvement before deadline, which may be pre-installed in the sensor practically. Further, due to some faults, some nodes’ synchronization may be lost. Then, the synchronization of new forwarding phase should be refreshed. In this case, the base station will request a new forwarding phase by using a specific active message.

    Fig.3 Node lifetime

    4 Simulation results and performance analysis

    The confidentiality and integrity, as well as the performance evaluation of SDAM will be analyzed in terms of security, computation and communication overhead, energy consumption, scalability and portability.

    4.1 Security performance analysis

    SDAM proposed in this paper will increase the data aggregating efficiency and enhance the information security performance at the same time. The metric of average packet successful delivery rate (PSDR)[8]with different number of attackers is adopted to compare different security algorithms. The number of nodes remains 200 with the attack type as the classical SPA (simple power analysis), and the security aggregating algorithms are SHA[9], EVCDA[10]and SDAM. The simulating results in Fig.4 show that the average PSDR will decrease with the number of attackers increasing for all the algorithms. The average PSDR of SDAM, however, is superior to the other two obviously. Especially when the number of attackers approaches to 10% of the total nodes, SHA and EVCDA are not available, while it is still over 40% with SDAM. The error packets are reduced by SDAM since the bidirectional malware detection technology to eliminate malicious node cluster members and CH. Therefore, the security performance can be well provided by SDAM.

    Fig.4 Comparison of average PSDR with different number of attackers

    4.2 Computation overhead analysis

    To analyze the computational complexity reduction, let SM denote the cost of scalar multiplication, MA denote the cost of modulo addition, and SG denote the cost of one signature. In the forwarding phase, each sensor must calculate its state and send it to BS. Such calculation will involve 2SM+2SG operations. In the aggregation stage, each sensor requires an operator to calculate the encryption and signature for MA+2SG operations. It will cost CH2·(L-1)·MA to perform homomorphic aggregation. Thus, the total computational cost of SDAM will be:

    2SM+2SG+NS·(NR·(MA+2SG)

    +2R·MA·(L-1))

    where NS is the number of session in one aggregation phase.

    In order to illustrate it obviously, the operations are implemented on TelosB, with TinyOS and TinyECC being adopted. TinyOS is an open resource designed for low-power wireless equipment, while TinyECC is a free library that provides operations of elliptic curves over prime field Fp[11]. For HKDF and signature, HMAC provided by the library is used and SHA-1 is taken as hash function. HKDF will generate 20-byte key in forwarding phase and two 20-byte keys in aggregation phase. Here M (see Section 3.1) should be selected as 2160to avoid overflow. Before calculating the cost of encryption function, it is focused on the scalar point multiplication, efficiency and security against side channel attacks. Table 2 shows the execution time of the proposed encryption functions on TelosB, where

    Table 2 Execution time of the proposed cryptographic functions

    both SWM (sliding windows method) and Comb method are cryptographic functions to improve the performance of SM.

    w in Table 2 is the number of windows being used. G and Y are pre-calculated in Stpke.init(). The execution time is the average execution time of the relative operations. Since the curve points (G and Y) are fixed, the overhead of Stpke.init() can be ignored. SPA attacks only consider the state calculation, namely Stpke.state(). And the state of SDAM is used in the aggregation phase and performs unprotected operation; SPA attacker can restore the state, thus undermining the aggregation of all communication phases. However, the keys used for encryption and authentication will change from one message to another. Thus, the operations performed in aggregation phase namely, Stpke.encrypt() and Hom.Add() are not vulnerable to SPA. The results in Table 2 show that, in the forwarding phase, the comb method can significantly increase the perform time. In addition, SPA secure version is efficient, and it will improve the operating speed by 61% and 15% faster than SWM and Comb, both of which are vulnerable to SPA attacks.

    In the aggregation phase, the sensor takes about 0.081s to encrypt and generate an MAC. Comparison with related encryption methods shows that SDAM is much more effective since the time is cost only in the forwarding phase. In the aggregation phase, the aggregation state performs homomorphism operations on encrypted data with only a small amount of computation. In other models, the aggregation should be operated on the elliptic curve, which will not only produce high energy consumption, but also increase the end-to-end delay[12], for BS must wait for a certain period of time before receiving the aggregate data. SDAM takes the advantages of ECC and El Gamal encryptions to reduce the computational overhead. Moreover, El Gamal scheme is adopted to produce a state, which will be taken into encryption in all future transmissions to further reduce the operating overhead.

    4.3 Communication overhead analysis

    In the forwarding phase, the communication complexity is O(1) for the non-CH nodes. For CH node, however, the complexity is O(L). Since all the data packets are sent to BS, the total communication overhead at this stage is R(2L-1). In the aggregation phase, the data are aggregating toward the BS to which each sensor sends a data packet to form aggregating communication streams. The complexity of both non-CH and CH node are O(1). Thus, the total communication cost is N. It only considers the condition that CH is directly connected to BS. Otherwise the costs may increase depending on the depth and the number L.

    Simulations take three models as SHA, EVCDA and SDAM to compare. In simulation scenarios, 50, 100 and 150 sensor nodes are randomly deployed within a square area with a single base station centered. In SDAM, the state is a point belonging to an elliptic curve, which is transmitted in a compressed way and requires only (1+log2p) bits. In the aggregation phase, a 20-byte encoded plaintext is used to produce a 20-byte ciphertext. Therefore, short packets are only adopted to provide both end-to-end confidentiality and integrity. The cost can be calculated by the following ways for transmitting a corresponding data packet, which corresponds to two different methods: (i) sending longer messages, which will increase the bit error rate and reduce the reliability; (ii) splitting the packet into blocks and sending each block separately which will incur not only delay but also additional cluster head overhead. However, no matter which is used, SDAM will produce less energy consumption. Simulating duration is 500s for each. The average of 10 simulations will be obtained. The data are sent to BS using a simple clustering algorithm based on TDMA. 4, 8 and 12 cluster heads (channels) are selected for three topologies with number of nodes. Therefore, the number of nodes per cluster is L∈[8,13]. It is noted that for the same simulation time, an expiration date is considered 5 times in 5E (5 Epochs) and 10 times in 10E (10 Epochs). The results of different models are shown in Fig.5. Simulation results show that SDAM will bring lower communication overhead. Due to the use of the stateful public key encryption, the data using symmetric encryption can produce short ciphertext, resulting in short packets. In addition, the advantage of SDAM can be viewed when the network density is increasing as shown in Fig.5 (b) and (c).

    4.4 Energy consumption analysis

    Energy is the core issue of WSN[13]. Computation and communication have a direct impact on the energy consumption and the lifetime of nodes[14]. TOSSIM-CC2420 integrates a Power-TOSSIM. The dynamic model is extended to TOSSIM. Power-TOSSIM includes the model of TelosB power consumption. However, TOSSIM cannot simulate the execution time of CPU, and will not provide any accurate information for the energy consumption calculation. For this purpose, the computation overhead corresponding to each transmitted/received packet is added in performance analysis. Energy consumption E can be calculated by E=U·I·t,

    Fig.5 The communication overhead for different topologies

    where U denotes the voltage on the calculation, I denotes current, and t denotes the execution time. For 2AA batteries, the voltage is 3.0V, and the current consumption of TelosB is 1.8mA for MCU On/Radio Off. Thus the energy consumption of the proposed cryptographic function can be calculated and is given in Table 3.

    Table 3 Energy consumption of the proposed cryptographic functions

    These measurements are added to the energy model. The simulations with three models above are performed with 500s for each to estimate the energy consumption in the entire network. The results at non-CH and CH node are shown in Fig.6(a) and (b) respectively.

    In Fig.6(a), the comparison shows that SDAM will greatly reduce the energy consumption, due to the symmetric primitive and the asymmetric operations (state calculation) in SDAM which will cause less computational overhead. Thus, for providing the same level of security, SDAM will increase the network lifetime obviouly. Fig.6(b) shows that, no matter at CH or at non-CH, there will be significant reduction in SDAM. That is because (i) the nodes will continuously perform a large amount of calculation in EVCDA, while the complex operations of SHA lie in forwarding phase; (ii) CH will participate in aggregation and will perform an aggregate function (same-state operation). In SHA and EVCDA, the addition operation is required on the elliptic curve, while it will only demand a small amount of calculation in SDAM.

    Fig.6 The estimated total energy

    It follows that the energy cost of communication using asymmetric calculation can be ignored. However, if the energy required for cryptographic computations is reduced, the communication cost will become crucial. By saving two ECC scalar multiplications, SDAM will reduce the computational cost of the traditional PKE. Therefore, the communication cost is considered to highlight the advantages of using data aggregation in WSN. The estimated total energy costs of SHA, EVCDA and SDAM at the CH node and non-CH node are presented in Table 4. The results show that the computation cost on TelosB is reduced by SDAM effectively so as to lower the total energy cost.

    Table 4 The estimated total energy costs (mJ) of SHA, EVCDA and SDAM at CH and non-CH node in a network of 100 nodes

    Scheme CHnon-CHSDAM(1E)Comm33.446(60%)15.029(48%)Comp21.999(40%)16.649(48%)Total55.46531.678SDAM(5E)Comm35.711(32%)15.191(20%)Comp77.461(68%)63.038(80%)Total113.17278.229SDAM(10E)Comm38.103(21%)15.284(11%)Comp141.145(79%)128.369(89%)Total179.248143.653EVCDAComm39.007(3%)16.748(1%)Comp1497.143(97%)1408.692(99%)Total1536.151425.44SHAComm90.744(4%)27.488(1%)Comp2038.263(96%)1950.672(99%)Total2129.0071978.16

    4.5 Scaling and portability analysis

    The solution of SDAM is scalable and can be added to any desired cluster. The only condition is that the number of nodes L per cluster cannot exceed the maximum number of nodes supported by the coding function. How to change the level of security and the number λ and L is shown in Table 5. For multi-hop network, CH that received the aggregation ciphertext from another CH needs to send the corresponding data packets to the BS or the nearest CH.

    Table 5 Maximum number of nodes per cluster and the security level

    SDAM has also been implemented on MicaZ mote platform. In fact, the state calculation requires only 1.48s by ECC, encrypt and sign function takes approximate 0.057s, and the homomorphism operation requires only 0.0012s. The corresponding energy consumption is calculated and shown in Table 6. Since power consumption of TelosB is lower than MicaZ, its total energy consumption is low as well. In fact, the results show that the execution time of MicaZ is 34% faster than that of TelsoB, while in the same period the energy consumption of TelsoB is only 27% of that of MicaZ.

    Table 6 Estimated energy costs of SDAM computation on MicaZ and TelsoB motes

    5 Conclusion

    Wireless sensor network is an important component of modern communication systems, and the security of the network is an important guarantee for the successful rate of data transmission, so the study of WSN security is very important and necessary. In this study, a secure data aggregation model (SDAM) based on stateful public key is proposed, which uses an addition homomorphic encryption and aggregated MAC to provide end-to-end confidentiality and integrity. Experimental and simulation results have confirmed the efficiency of SDAM in terms of security and energy, comparing with traditional models. Moreover, relative data and curves illustrate that SDAM can achieve higher security level and produce less energy consumption. In the topology of the 100 nodes, SDAM generates energy consumption in the cluster head node only 179.248mJ, while the energy consumption is 1536.15mJ for EVCDA and 2129.007mJ for SHA. Therefore, SDAM is able to achieve an efficient low-power and safe data aggregation. Future research will extend to the network with moving nodes and will consider new attacks such as selective forwarding in order to provide the best way for subsequent research on aggregated data. Some of the results will provide ideas for robust multihop routing in future ubiquitous communication network.

    [1] Li F M, L X H, Kuang H L. Reaearch on an energy-efficient low latency flooding algorithm for wireless sensor network. Journal of communication, 2013, 28(8): 46-53

    [2] Habib M, Ammari B. On the problem of k-coverage in mission-oriented mobile wireless sensor networks. Computer Networks, 2012, 6(1):7-9

    [3] Chen Z Y, Yang G, Chen L, et al. Summary of wireless sensor network data fusion research. Application Research of Computers, 2011, 10(5): 6-8

    [4] Lucas D, Joel J. A survey on cross-layer solutions for wireless sensor networks. IEICE Transaction on Journal of Network and Computer Applications, 2011, 5(34): 523-534

    [5] Egemen K C, Dan B, Amit D, et al. Modelling communication network challenges for future internet resilience, survivability, and disruption tolerance: a simulation-based approach. Telecommunication Systems, 2014, 2(6): 751-768

    [6] Liu M, Gong H G, Mao Y C. Collection and aggregation protocol on high efficiency and energy saving of sensor network data. Journal of software, 2012, 16(12): 2106-2116

    [7] Kumar V, Madria S K. Secure hierarchical data aggregation in wireless sensor networks: performance evaluation and analysis. In: Proceeding of the IEEE 14th International Conference on Mobile Data Management (MDM), Bengaluru, India, 2012. 196-201

    [8] Rabaey J, Ammer J. Distributed framework for correlated data gathering in sensor networks. IEEE Transactions on Mobile Computing, 2010, 57(1): 578-593

    [9] Albath J, Madria S K. Secure hierarchical data aggregation in wireless sensor networks. In: Proceeding of the Wireless Communications and Networking Conference (WCNC), Bengaluru, India, 2009. 1-6

    [10] Sun H M, Lin Y H, Hsiao Y C, et al. An efficient and verifiable concealed data aggregation scheme in wireless sensor networks. In: Proceeding of the International Conference on Embedded Software and Systems, Chengdu, China, 2008. 19-26

    [11] Yao J S, Liu Y L. WSN hierarchical trust management model. Heilongjiang science and technology information, 2013, 36(11): 25-26

    [12] Sanli H O, Ozdemir S, Cam H. SRDA: secure reference-based data aggregation protocol for wireless sensor networks. In: Proceeding of IEEE 60th Vehicular Technology Conference (VTC), Los Angeles, USA, 2004. 4650-4654

    [13] Hedabou M, Beneteaus L, Pinel P. Some ways to secure elliptic curve cryptosystem. Advances in Applied Clifford Algebras, 2008, 8(2): 677-688

    [14] Anastasi G, Conti M. Data collection in sensor networks with data mules: An intergrade simulation analysis. IEEE Symposium on Computers and Communications, 2012, 3(7): 1096-1102

    Qin Danyang, born in 1983. She received her B. Sc. degree in communication engineering from Harbin Institute of Technology in 2006, and both M. Sc and Ph.D. degrees in information and communication system from Harbin Institute of Technology in 2008 and 2011 respectively. Currently, she is an associated professor at the Department of Communication Engineering of Heilongjiang University, Harbin, P.R.China. Her researches include wireless sensor network, wireless multihop routing and ubiquitous sensing.

    10.3772/j.issn.1006-6748.2017.01.006

    ①Support by the National High Technology Research and Development Program of China (No. 2012AA120802), the National Natural Science Foundation of China (No. 61302074), Specialized Research Fund for the Doctoral Program of Higher Education (No. 20122301120004), Natural Science Foundation of Heilongjiang Province (No. QC2013C061).

    ②To whom correspondence should be addressed. E-mail: qindanyang@hlju.edu.cn Received on Mar. 8, 2016,

    猜你喜歡
    丹陽(yáng)
    Fabrication of High-Efficiency Polyvinyl Alcohol Nanofiber Membranes for Air Filtration Based on Principle of Stable Electrospinning
    孔門(mén)十二時(shí)辰
    做好“四篇文章” 擦亮運(yùn)河文化“丹陽(yáng)名片”
    李丹陽(yáng)雕塑作品
    火花(2022年2期)2022-03-17 11:06:02
    李丹陽(yáng)
    陶瓷研究(2021年4期)2021-10-07 06:46:34
    丹陽(yáng)眼鏡,改變世界的“目光”
    丹陽(yáng)各行業(yè)領(lǐng)域?qū)m?xiàng)整治行動(dòng)穩(wěn)步推進(jìn)
    江蘇丹陽(yáng):建暢通農(nóng)路,走富民大道
    丹陽(yáng)地區(qū)農(nóng)民梅毒感染狀況調(diào)查
    去哪兒、攜程互咬一路廝打至商務(wù)部沈丹陽(yáng)證實(shí)收到舉報(bào)材料
    一个人观看的视频www高清免费观看 | 亚洲第一欧美日韩一区二区三区| www.熟女人妻精品国产| 欧美日韩亚洲国产一区二区在线观看| 淫妇啪啪啪对白视频| 淫妇啪啪啪对白视频| 日韩大尺度精品在线看网址| 欧美国产日韩亚洲一区| 高清在线国产一区| 国产av一区在线观看免费| 国产日本99.免费观看| 亚洲欧美激情综合另类| av片东京热男人的天堂| 久久久国产成人免费| 亚洲精品中文字幕一二三四区| 88av欧美| 亚洲国产欧美网| 亚洲国产欧洲综合997久久, | 美国免费a级毛片| ponron亚洲| 亚洲成av片中文字幕在线观看| 好男人电影高清在线观看| 天堂动漫精品| 青草久久国产| 久久人妻av系列| 亚洲专区国产一区二区| 久久天堂一区二区三区四区| 男人操女人黄网站| 99国产精品99久久久久| 自线自在国产av| 国产三级黄色录像| 欧美人与性动交α欧美精品济南到| 久久热在线av| 久久久久久人人人人人| 亚洲精品国产精品久久久不卡| 国产av又大| 两个人看的免费小视频| 少妇粗大呻吟视频| 一个人免费在线观看的高清视频| 人人妻人人澡人人看| 日日爽夜夜爽网站| 亚洲精品中文字幕在线视频| a级毛片a级免费在线| 日本一区二区免费在线视频| 日日夜夜操网爽| 国产成人欧美| 久久久精品欧美日韩精品| 中文字幕精品亚洲无线码一区 | 免费av毛片视频| 亚洲狠狠婷婷综合久久图片| 色精品久久人妻99蜜桃| 亚洲一卡2卡3卡4卡5卡精品中文| 人人妻人人澡人人看| 狂野欧美激情性xxxx| 国产精品电影一区二区三区| 国产精品1区2区在线观看.| 国产男靠女视频免费网站| 欧美黑人欧美精品刺激| 日本 欧美在线| 亚洲成a人片在线一区二区| 午夜久久久在线观看| 啦啦啦观看免费观看视频高清| 国产99久久九九免费精品| 中文字幕久久专区| 中文字幕av电影在线播放| 国产成人精品久久二区二区免费| 欧美绝顶高潮抽搐喷水| 老司机在亚洲福利影院| 亚洲中文字幕一区二区三区有码在线看 | 国产一区二区三区在线臀色熟女| 大型av网站在线播放| 精品久久久久久久末码| 免费在线观看亚洲国产| 亚洲男人的天堂狠狠| 激情在线观看视频在线高清| 亚洲第一青青草原| 国产亚洲av嫩草精品影院| 我的亚洲天堂| 日本五十路高清| 99国产综合亚洲精品| e午夜精品久久久久久久| 久久久久免费精品人妻一区二区 | 欧美日韩一级在线毛片| 好看av亚洲va欧美ⅴa在| 日韩成人在线观看一区二区三区| 最近最新免费中文字幕在线| 50天的宝宝边吃奶边哭怎么回事| 波多野结衣高清无吗| 免费高清在线观看日韩| 欧美另类亚洲清纯唯美| 2021天堂中文幕一二区在线观 | 免费无遮挡裸体视频| 中文字幕人成人乱码亚洲影| 夜夜爽天天搞| 男女那种视频在线观看| 一进一出抽搐gif免费好疼| 美女高潮到喷水免费观看| 无人区码免费观看不卡| 国产成+人综合+亚洲专区| 国产一区在线观看成人免费| 久久精品91无色码中文字幕| 成人一区二区视频在线观看| 一级a爱片免费观看的视频| 久久久久久久精品吃奶| 人妻丰满熟妇av一区二区三区| 老熟妇仑乱视频hdxx| 亚洲av日韩精品久久久久久密| 99热6这里只有精品| 香蕉久久夜色| 久久精品国产清高在天天线| 非洲黑人性xxxx精品又粗又长| 在线观看舔阴道视频| 久久久国产欧美日韩av| 夜夜爽天天搞| 黄色a级毛片大全视频| 日韩免费av在线播放| 天天添夜夜摸| 久久久久精品国产欧美久久久| 动漫黄色视频在线观看| 亚洲九九香蕉| 特大巨黑吊av在线直播 | 午夜精品久久久久久毛片777| 热re99久久国产66热| 91成人精品电影| 亚洲七黄色美女视频| 丰满人妻熟妇乱又伦精品不卡| 精品国产亚洲在线| 美女高潮到喷水免费观看| 最新在线观看一区二区三区| 亚洲色图av天堂| 久久精品国产清高在天天线| 国产区一区二久久| 成人特级黄色片久久久久久久| 欧美色视频一区免费| 国产激情偷乱视频一区二区| 日韩精品免费视频一区二区三区| 国产极品粉嫩免费观看在线| 免费无遮挡裸体视频| 欧美黑人欧美精品刺激| 国内精品久久久久久久电影| 欧美国产精品va在线观看不卡| 国产蜜桃级精品一区二区三区| 欧美色视频一区免费| 亚洲国产日韩欧美精品在线观看 | 人人澡人人妻人| 久久久久久免费高清国产稀缺| 国产三级黄色录像| 在线播放国产精品三级| av中文乱码字幕在线| av视频在线观看入口| 国产又黄又爽又无遮挡在线| 国内少妇人妻偷人精品xxx网站 | 久久中文字幕一级| 精品久久久久久成人av| 午夜福利高清视频| 男女之事视频高清在线观看| 制服人妻中文乱码| 波多野结衣av一区二区av| a级毛片在线看网站| 午夜免费鲁丝| 一a级毛片在线观看| 成年人黄色毛片网站| 国产成人精品久久二区二区免费| 日韩精品免费视频一区二区三区| 国产成人一区二区三区免费视频网站| 又黄又爽又免费观看的视频| 美女高潮到喷水免费观看| 中出人妻视频一区二区| 亚洲国产高清在线一区二区三 | 午夜免费鲁丝| 欧美黑人精品巨大| 亚洲欧美激情综合另类| 国产午夜福利久久久久久| 亚洲五月婷婷丁香| 国产亚洲精品av在线| 午夜a级毛片| 久久香蕉激情| 国产伦在线观看视频一区| 一进一出好大好爽视频| 首页视频小说图片口味搜索| 国产亚洲av高清不卡| 琪琪午夜伦伦电影理论片6080| 成年女人毛片免费观看观看9| 欧美成人午夜精品| 国产亚洲精品久久久久5区| 国产人伦9x9x在线观看| 波多野结衣av一区二区av| 亚洲五月婷婷丁香| 欧美激情久久久久久爽电影| 久久久水蜜桃国产精品网| 欧美黄色淫秽网站| 一边摸一边做爽爽视频免费| 久久中文字幕一级| 淫妇啪啪啪对白视频| 日韩成人在线观看一区二区三区| 国产亚洲av嫩草精品影院| 美国免费a级毛片| 黄片小视频在线播放| 国产日本99.免费观看| 麻豆成人av在线观看| or卡值多少钱| 精品国产乱子伦一区二区三区| 久久人人精品亚洲av| 99riav亚洲国产免费| 搡老熟女国产l中国老女人| 国产蜜桃级精品一区二区三区| 无人区码免费观看不卡| 999久久久精品免费观看国产| 精品国产乱码久久久久久男人| 久久热在线av| 欧美黑人精品巨大| 久久精品国产99精品国产亚洲性色| 黄网站色视频无遮挡免费观看| 嫩草影院精品99| 国产高清videossex| 此物有八面人人有两片| 两性夫妻黄色片| 99国产精品一区二区三区| 国产成年人精品一区二区| 女人被狂操c到高潮| 动漫黄色视频在线观看| 久久久久久久精品吃奶| 看黄色毛片网站| 午夜福利一区二区在线看| 18禁黄网站禁片午夜丰满| 一二三四在线观看免费中文在| 成人亚洲精品一区在线观看| 日韩大尺度精品在线看网址| 亚洲成人国产一区在线观看| 一卡2卡三卡四卡精品乱码亚洲| 少妇粗大呻吟视频| 黄片大片在线免费观看| 亚洲色图av天堂| 精品久久久久久久毛片微露脸| 国内久久婷婷六月综合欲色啪| 波多野结衣高清无吗| 日韩大码丰满熟妇| 亚洲一区二区三区不卡视频| 成人免费观看视频高清| 脱女人内裤的视频| 亚洲成人国产一区在线观看| 91麻豆av在线| 国产亚洲精品第一综合不卡| 一进一出抽搐动态| 免费在线观看影片大全网站| 午夜免费激情av| 老司机深夜福利视频在线观看| 久久久水蜜桃国产精品网| 久久伊人香网站| 午夜免费成人在线视频| 香蕉国产在线看| www日本在线高清视频| 女性生殖器流出的白浆| 精品一区二区三区av网在线观看| 精品国产美女av久久久久小说| 国产日本99.免费观看| 妹子高潮喷水视频| 免费人成视频x8x8入口观看| 国产成+人综合+亚洲专区| 哪里可以看免费的av片| 久久伊人香网站| 精品久久久久久,| 久99久视频精品免费| 女同久久另类99精品国产91| 日韩三级视频一区二区三区| 亚洲免费av在线视频| 少妇 在线观看| 黄色视频,在线免费观看| 国产精品久久电影中文字幕| 精品国产亚洲在线| 女生性感内裤真人,穿戴方法视频| 欧美人与性动交α欧美精品济南到| 波多野结衣巨乳人妻| 亚洲成人精品中文字幕电影| 两个人视频免费观看高清| 国内精品久久久久精免费| 韩国精品一区二区三区| 日韩欧美免费精品| 精品久久久久久成人av| 夜夜看夜夜爽夜夜摸| 色综合站精品国产| 可以免费在线观看a视频的电影网站| 亚洲专区国产一区二区| 久久精品影院6| xxxwww97欧美| 色婷婷久久久亚洲欧美| 午夜福利一区二区在线看| 一本久久中文字幕| 国产精品国产高清国产av| or卡值多少钱| 亚洲国产欧美网| 国产欧美日韩精品亚洲av| 国产高清videossex| 97人妻精品一区二区三区麻豆 | 日本成人三级电影网站| 免费人成视频x8x8入口观看| 婷婷亚洲欧美| 国产精品久久久久久人妻精品电影| 国产亚洲精品av在线| 19禁男女啪啪无遮挡网站| 天堂影院成人在线观看| 国内揄拍国产精品人妻在线 | 精品电影一区二区在线| 久9热在线精品视频| 精品少妇一区二区三区视频日本电影| 精品久久久久久久末码| 久热爱精品视频在线9| 国产成人精品无人区| 好看av亚洲va欧美ⅴa在| av有码第一页| 日日爽夜夜爽网站| av有码第一页| 波多野结衣巨乳人妻| 亚洲av成人av| 亚洲欧美日韩高清在线视频| 十八禁网站免费在线| 伦理电影免费视频| 他把我摸到了高潮在线观看| 国产人伦9x9x在线观看| 一区二区日韩欧美中文字幕| 日韩欧美在线二视频| 国产在线观看jvid| 99久久综合精品五月天人人| av中文乱码字幕在线| 日本一区二区免费在线视频| 久热爱精品视频在线9| 天天添夜夜摸| 人人澡人人妻人| 亚洲片人在线观看| 欧美日韩一级在线毛片| 欧美绝顶高潮抽搐喷水| 亚洲第一青青草原| 国产亚洲欧美98| 欧美日韩精品网址| 亚洲精品粉嫩美女一区| www国产在线视频色| 黄网站色视频无遮挡免费观看| 99国产综合亚洲精品| 欧美久久黑人一区二区| 97碰自拍视频| 免费人成视频x8x8入口观看| 99精品在免费线老司机午夜| 国产一区在线观看成人免费| 麻豆成人午夜福利视频| 一本大道久久a久久精品| 18禁国产床啪视频网站| 在线av久久热| 久久婷婷成人综合色麻豆| 国产黄色小视频在线观看| 中文在线观看免费www的网站 | 久久狼人影院| 操出白浆在线播放| 国产黄片美女视频| 欧美在线一区亚洲| 国产精品一区二区精品视频观看| 1024视频免费在线观看| 黑人巨大精品欧美一区二区mp4| 一个人观看的视频www高清免费观看 | 禁无遮挡网站| 丝袜在线中文字幕| 日本一区二区免费在线视频| 婷婷精品国产亚洲av在线| 国内精品久久久久久久电影| 午夜福利18| av片东京热男人的天堂| 成人三级黄色视频| 精品日产1卡2卡| 亚洲第一av免费看| √禁漫天堂资源中文www| 婷婷六月久久综合丁香| 久久国产精品人妻蜜桃| 波多野结衣高清作品| 50天的宝宝边吃奶边哭怎么回事| 男女床上黄色一级片免费看| 日日摸夜夜添夜夜添小说| 久久久久久国产a免费观看| 波多野结衣巨乳人妻| 亚洲无线在线观看| av电影中文网址| 国产精品av久久久久免费| 黑人操中国人逼视频| 久久中文字幕人妻熟女| 欧美 亚洲 国产 日韩一| 亚洲七黄色美女视频| 欧美激情久久久久久爽电影| 免费看十八禁软件| 亚洲精品中文字幕在线视频| 国产麻豆成人av免费视频| 男人舔女人的私密视频| 很黄的视频免费| 人人妻,人人澡人人爽秒播| 亚洲成a人片在线一区二区| 精品久久久久久,| av片东京热男人的天堂| 国产一级毛片七仙女欲春2 | 白带黄色成豆腐渣| 亚洲人成77777在线视频| 最新美女视频免费是黄的| 天天躁狠狠躁夜夜躁狠狠躁| 午夜精品在线福利| 欧美日韩瑟瑟在线播放| 欧美性猛交黑人性爽| 国产人伦9x9x在线观看| 搡老岳熟女国产| 99久久国产精品久久久| 亚洲精品国产区一区二| 男女视频在线观看网站免费 | 无限看片的www在线观看| 国产精品乱码一区二三区的特点| 变态另类丝袜制服| 九色国产91popny在线| 搡老岳熟女国产| 三级毛片av免费| 国产午夜福利久久久久久| 日本 欧美在线| 国产精品乱码一区二三区的特点| 午夜福利免费观看在线| 国产成人av激情在线播放| 一进一出好大好爽视频| 精品久久久久久成人av| 无遮挡黄片免费观看| 精品一区二区三区四区五区乱码| 美女国产高潮福利片在线看| 少妇粗大呻吟视频| 日本 欧美在线| 我的亚洲天堂| 久久精品夜夜夜夜夜久久蜜豆 | 欧美激情 高清一区二区三区| 精品午夜福利视频在线观看一区| 国内少妇人妻偷人精品xxx网站 | 91字幕亚洲| 丝袜人妻中文字幕| 久久久久国产精品人妻aⅴ院| 天天添夜夜摸| 一级毛片精品| 亚洲男人天堂网一区| 国产精品 欧美亚洲| 国产在线观看jvid| 热99re8久久精品国产| 亚洲国产欧美日韩在线播放| 男女做爰动态图高潮gif福利片| 国产成人一区二区三区免费视频网站| www.自偷自拍.com| 欧美成人免费av一区二区三区| 婷婷六月久久综合丁香| 中文字幕久久专区| 久久人妻福利社区极品人妻图片| 亚洲欧美精品综合一区二区三区| 真人一进一出gif抽搐免费| 男人舔奶头视频| 亚洲第一欧美日韩一区二区三区| 丰满的人妻完整版| 精品国内亚洲2022精品成人| av在线天堂中文字幕| 色婷婷久久久亚洲欧美| 国产精华一区二区三区| 午夜福利在线在线| 99热这里只有精品一区 | 亚洲精品中文字幕在线视频| 97超级碰碰碰精品色视频在线观看| 97人妻精品一区二区三区麻豆 | 中文亚洲av片在线观看爽| 母亲3免费完整高清在线观看| 99国产精品一区二区三区| 欧美成人性av电影在线观看| 欧美不卡视频在线免费观看 | 精品一区二区三区四区五区乱码| 亚洲精品一区av在线观看| x7x7x7水蜜桃| 久久精品人妻少妇| 最近在线观看免费完整版| 亚洲电影在线观看av| 中国美女看黄片| 老司机在亚洲福利影院| 99国产精品一区二区蜜桃av| 亚洲最大成人中文| 亚洲av第一区精品v没综合| 香蕉久久夜色| 极品教师在线免费播放| 亚洲国产欧美网| a级毛片a级免费在线| 国产亚洲精品综合一区在线观看 | 亚洲av熟女| 亚洲va日本ⅴa欧美va伊人久久| 丝袜美腿诱惑在线| 亚洲国产日韩欧美精品在线观看 | 在线看三级毛片| 日本五十路高清| 最新在线观看一区二区三区| 亚洲精品在线观看二区| 最新在线观看一区二区三区| 巨乳人妻的诱惑在线观看| 婷婷丁香在线五月| 久久99热这里只有精品18| 制服人妻中文乱码| 国产一卡二卡三卡精品| 国产片内射在线| 色综合亚洲欧美另类图片| 欧美国产日韩亚洲一区| 两个人免费观看高清视频| 欧美日韩亚洲国产一区二区在线观看| 精华霜和精华液先用哪个| 欧美一级毛片孕妇| 欧美在线黄色| 成年女人毛片免费观看观看9| 国产成人系列免费观看| www国产在线视频色| 亚洲国产精品999在线| 高潮久久久久久久久久久不卡| 日韩免费av在线播放| 婷婷丁香在线五月| 波多野结衣高清作品| av电影中文网址| a在线观看视频网站| 国产精品久久久久久亚洲av鲁大| 国内久久婷婷六月综合欲色啪| 国产精品九九99| 女性被躁到高潮视频| 欧美成狂野欧美在线观看| 久久国产乱子伦精品免费另类| 久久国产精品人妻蜜桃| 欧美激情高清一区二区三区| 国产精品99久久99久久久不卡| 可以在线观看的亚洲视频| avwww免费| 可以在线观看毛片的网站| 99国产精品一区二区蜜桃av| 久久久久久九九精品二区国产 | 丁香六月欧美| 男女视频在线观看网站免费 | 免费高清在线观看日韩| 麻豆成人av在线观看| 免费在线观看亚洲国产| 他把我摸到了高潮在线观看| 韩国av一区二区三区四区| 国产成人影院久久av| 精品人妻1区二区| 中文在线观看免费www的网站 | 免费看日本二区| 国产成年人精品一区二区| 一本大道久久a久久精品| 欧美成狂野欧美在线观看| 成人三级黄色视频| 看免费av毛片| cao死你这个sao货| 久久婷婷成人综合色麻豆| 精品日产1卡2卡| 女生性感内裤真人,穿戴方法视频| 免费无遮挡裸体视频| 黄色片一级片一级黄色片| 日韩欧美一区二区三区在线观看| 国产成人精品久久二区二区免费| 亚洲精品久久国产高清桃花| 村上凉子中文字幕在线| 人妻丰满熟妇av一区二区三区| 两个人视频免费观看高清| 国产精品综合久久久久久久免费| 成熟少妇高潮喷水视频| 成人免费观看视频高清| 精品不卡国产一区二区三区| 99久久精品国产亚洲精品| 国产一卡二卡三卡精品| 熟妇人妻久久中文字幕3abv| 最近在线观看免费完整版| avwww免费| 亚洲国产欧美网| 大香蕉久久成人网| 久久国产精品男人的天堂亚洲| 亚洲精品av麻豆狂野| 色精品久久人妻99蜜桃| 国产亚洲精品第一综合不卡| 欧美一级a爱片免费观看看 | 国产亚洲欧美精品永久| 欧美激情极品国产一区二区三区| 亚洲专区国产一区二区| 欧美丝袜亚洲另类 | 国产免费av片在线观看野外av| 看黄色毛片网站| 黄片大片在线免费观看| www日本黄色视频网| 日日爽夜夜爽网站| 免费看十八禁软件| 天天躁狠狠躁夜夜躁狠狠躁| 亚洲精品av麻豆狂野| 一边摸一边抽搐一进一小说| 亚洲国产精品999在线| 窝窝影院91人妻| 亚洲精品久久国产高清桃花| 成人三级黄色视频| 看片在线看免费视频| 俺也久久电影网| www日本黄色视频网| 在线国产一区二区在线| 嫁个100分男人电影在线观看| 97人妻精品一区二区三区麻豆 | 亚洲精品色激情综合| 成人国产综合亚洲| 欧美色欧美亚洲另类二区| 免费高清视频大片| 国产乱人伦免费视频| 国产97色在线日韩免费| 啦啦啦 在线观看视频| 国产亚洲av高清不卡| 91麻豆av在线| 淫秽高清视频在线观看| 国产午夜福利久久久久久| 亚洲国产中文字幕在线视频| 亚洲性夜色夜夜综合| 亚洲成人久久性| 中文字幕最新亚洲高清| 欧美成人性av电影在线观看| 国产精品影院久久| 一级毛片女人18水好多| av超薄肉色丝袜交足视频| 日韩成人在线观看一区二区三区|