摘要
物联网承载着大量敏感信息的安全传输与存储.由于物联网设备资源有限,通信开销大、传输速率慢且需存储敏感信息的安全原语(如公钥算法、数字签名等)不适用于轻量级设备的认证.本文利用硬件物理不可克隆函数(PUF)具备的防篡改防克隆特性来生成共享密钥,结合MASK算法、Hash函数等安全原语,为物联网设备提出一种轻量级匿名密钥共享安全认证协议.通过Ban逻辑和形式化工具ProVerif进行安全分析验证,证明该协议能够防御中间人攻击、去同步攻击、假冒攻击、建模攻击等.通过对比其他协议,证明该协议具备计算成本低、通信开销和存储容量小以及安全性能高的优点,适合于资源受限设备的安全通信传输.
The Internet of Things(IoT)carries the safe transmission and storage of a large amount of sensitive information.Since IoT devices are resource-constrained,which have expensive communication,slow mission velocity and need to store sensitive information security primitives(such as public key algorithm and digital signature),they are not suitable for the authentication of lightweight IoT devices.This paper proposes a lightweight anonymous key sharing security authentication protocol for IoT devices,which generates a shared key by the Physical Unclonable Function(PUF)and uses security primitives such as the MASK algorithm and the Hash function.The security analysis and verification are accomplished by Ban logic and ProVerif to prove that the protocol ensures security attributes such as anonymity,non-repudiation,and forward/backward confidentiality.Compared with other protocols,this protocol has the characteristics of low computing cost,small communication overhead and storage capacity,and high security performance,which is suitable for the secure communication transmission of resource-constrained devices.
作者
王振宇
李少青
郭阳
曾健平
WANG Zhenyu;LI Shaoqing;GUO Yang;ZENG Jianping(College of Computer Science and Technology,National University of Defense Technology,Changsha 410000,China;School of Physics and Microelectronics Science,Hunan University,Changsha 410082,China)
出处
《湖南大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2022年第10期103-110,共8页
Journal of Hunan University:Natural Sciences
基金
国家自然科学基金资助项目(61832018)。
关键词
物理不可克隆函数
轻量级
密钥共享
认证协议
物联网
physical unclonable function
lightweight
key sharing
authentication protocol
internet of things
