Internet-of things-oriented equipment anonymous identity authentication method and system

Abstract

The invention belongs to the technical field of equipment identity authentication in an internet of things environment, and discloses an internet-of things-oriented equipment anonymous identity authentication method and system, the internet-of things-oriented equipment anonymous identity authentication method comprises the following steps: defining a communication model; selecting system parameters; initializing the system; registering equipment; calculating a private key and a temporary secret value; decrypting the ciphertext by using the temporary secret value; carrying out equipment authentication and key negotiation; and judging. The method has anonymity, and the real identity of the equipment and the relation between the equipment are not exposed in the interaction process; the method has the advantages of low power consumption, consideration of factors of limited processing and communication capabilities of sensor equipment, reduction of the calculation amount, the number of communication rounds and the storage overhead of a protocol, and adoption of elliptic curve point multiplication, hash function and XOR operation in other stages except for calculation of a temporary key by using bilinear mapping in an equipment registration stage; and the method has security, can successfully resist common Internet of Things attacks, and is well suitable for the Internet of Things terminal with limited resources.

Description

technical field [0001] The invention belongs to the technical field of device identity authentication under the Internet of Things environment, and in particular relates to a device anonymous identity authentication method and system for the Internet of Things. Background technique [0002] At present, the concept of the Internet of Things (The Internet of Things) has been developed for nearly 20 years since it was proposed in 1999. IoT was originally defined as the interconnection of all items with the Internet through information sensing devices such as radio frequency identification, so as to realize Intelligent identification and management of items. Today, the definition and content of the Internet of Things have far exceeded its original concept, that is, everything is digitized, networked, and intelligent, and the relationship between things, things and people, people and people, and people and people is realized. More intelligent and efficient information interactio...

AI Technical Summary

Problems solved by technology

[0007] In 2011, Vaidya et al. proposed an implicit certificate authentication scheme based on smart home. This article uses the implicit certificate as the public key of each device. The certificate is issued by the certificate authority. After passing the verification steps, the two entities The session key is established between these entities, but the identity of the device in these entities is propagated in the network in plain text, and this scheme cannot resist device tracking attacks

In 2013, Sahingoz et al. proposed a multi-level dynamic key agreement, which is based on asymmetric key negotiation and ECC encryption. In this scheme, each device negotiates with adjacent nodes to complete the verification and signature of data, increasing the The amount of calculation is increased, which leads to serious energy loss of nodes and shortens the life of nodes

In 2014, Liao and Xiao proposed an authentication protocol based on elliptic curves, which integrated an authentication server, but this method was pointed out by Peeters and Hermans that it was vulnerable to server simulation attacks

In 2017, Wang et al. proposed an ECC-based authentication and key agreement scheme for the Internet of Things. Through the analysis of its protocol, it was found that the protocol proposed by this scheme cannot avoid traceable attacks, and attackers can easily obtain the device's Uniquely identify and track devices

[0009] (1) The perception layer of the traditional Internet of Things has problems such as heterogeneous device interconnection, low hardware cost, limited hardware resources, massive access, and open working environment, which leads to the perception layer as the underlying support and data source of the entire Internet of Things architecture. Its security needs are more prominent

[0010] (2) In the open environment of wireless sensor networks, the exposed physical space of the terminal equipment is more vulnerable to physical operations, such as node capture attacks. The attacker obtains information such as keys stored in the terminal and forges legitimate nodes to access the network, thereby launching malicious attacks on the network. attack

[0012] (4) Private environments such as body area networks, smart homes, etc. Although sensor nodes are not vulnerable to node capture attacks, there are still common malicious attacks in wireless network connection methods, and sensor nodes in private environments are directly related to user security and privacy

[0013] (5) Existing identity authentication protocols are unable to resist device tracking attacks, do not consider the anonymity of devices, are suitable for user identity authentication but not for IoT devices, etc. The protocol is either flawed in security, or the protocol is not light enough magnitude

[0014] (6) The existing identity authentication protocol increases the amount of calculation, which leads to serious energy loss of the node and shortens the life of the node; it is vulnerable to server simulation attacks and cannot avoid tracking attacks. Attackers can easily obtain the unique identifier of the device and track the device ;False identity will still lead to device tracking attack, and this protocol has security flaws of man-in-the-middle attack

In the authentication mechanism, it can be divided into the authentication based on the symmetric cryptosystem and the authentication based on the asymmetric cryptosystem. In the authentication based on the symmetric cryptosystem, the communication parties share the key, and realize the confidentiality of the same data through the same key. To authenticate the identity of the user, the defect of the symmetric cryptosystem is mainly the difficulty in key distribution and management.

In the authentication based on the asymmetric cryptographic system, a unique public-private key pair is used to confirm the identity of the communication entity. The public-private key pair usually requires complex algorithms to generate and requires huge computing overhead. For example, the PKI system widely used in Internet scenarios cannot be very good. application in resource-constrained IoT environments

Images