摘要
为了保障数据的安全性和隐私性,防止恶意用户访问传感器设备,针对工业物联网提出一种轻量级的认证与密钥交换协议。该协议采用物理不可克隆函数,模糊提取器保障传感器设备的安全。同时采用单向散列函数、异或操作和对称加解密等技术建立安全的会话通道。实验结果表明,相比于其他认证方案,该协议有效减少了密钥交换的通信和计算开销,所提出的协议适用于资源受限的传感器设备且能够抵抗现有多种已知攻击。
To protect the security and privacy of data and prevent malicious users from accessing sensor devices,this paper proposes a lightweight authentication and key exchange protocol.The protocol adopted physical unclonable function and the fuzzy extractor to ensure the security of sensor equipment.Meanwhile,one-way hash function,bit-wise XOR operation and symmetric encryption/decryption were used to establish a secure session channel.The experimental results show that compared with other authentication schemes,the proposed protocol effectively reduces the communication and computing overhead of key exchange.It is suitable for resource constrained sensor devices and can resist a variety of known attacks.
作者
夏艳东
戚荣鑫
季赛
Xia Yandong;Qi Rongxin;Ji Sai(Network Information Center,Nanjing University of Information Science and Technology,Nanjing 210044,Jiangsu,China;School of Computer and Software,Nanjing University of Information Science and Technology,Nanjing 210044,Jiangsu,China)
出处
《计算机应用与软件》
北大核心
2022年第3期316-321,共6页
Computer Applications and Software
基金
国家自然科学基金项目(61672290)。