摘要
随着物联网终端设备间直接通信的需求不断增大,为解决物联网终端设备间安全通信和隐私保护问题,终端设备间认证技术成为人们关注的一个热点,业界诸多学者已经对此展开相关研究并提出多种物联网终端设备间的认证机制。但是,上述机制在安全强度及抵抗攻击效果方面尚存在不足。为解决此问题,该文提出一种基于IBE策略的物联网终端设备身份认证方案,实现终端设备之间匿名双向认证,同时使用椭圆曲线加密算法保证认证过程中信息传输的安全性。通过安全性理论分析和性能分析表明,该方案可很好地抵抗重放攻击、中间人攻击和篡改攻击等已知攻击且具有较低的计算开销。
Along with qrowing demand of direat communicootion between the Internet of Things terminal equipments,in order to solve the Internet of Things secure communication between terminal equipment and privacy problem,authentication techniques between terminal equipments become a hot spot of people,many scholars have a related industry research and put forward a variety of IoT authentication mechanism between the terminal equipment.However,the above mechanism is still insufficient in terms of security intensity and anti-attack effect.In order to solve this problem,this paper proposes an authentication scheme of Internet of Things terminal devices based on IBE strategy,which realizes anonymous two-way authentication between terminal devices,and uses elliptic curve encryption algorithm to ensure the security of information transmission during authentication.The analysis of security theory and performance shows that the scheme can resist replay attack,man-in-the-middle attack,tamper attack and other known attacks.
作者
李秋月
赵艳
李世明
於家伟
高胜花
Li Qiuyue;Zhao Yan;Li Shiming;Yu Jiawei;Gao Shenghua(College of Computer Science and Information Engineering,Harbin Normal University,Harbin 150025,China;School of Physics and Electronic Information,Luoyang Normal University,Luoyang 471022,China;Shanghai Key Laboratory of Information Security Management Technology Research,Shanghai 200240,China)
出处
《信息技术与网络安全》
2020年第3期6-9,22,共5页
Information Technology and Network Security
基金
上海市信息安全管理技术研究重点实验室开放课题(AGK2015003)
关键词
物联网安全
物联网终端设备认证
IBE策略
双向认证
Internet of Things security
IoT trust ID
identity-based encryption strategy
two-way authentication
