信息网络安全 ›› 2024, Vol. 24 ›› Issue (7): 1006-1014.doi: 10.3969/j.issn.1671-1122.2024.07.003

• 专题论文:物联网安全 • 上一篇    下一篇

基于国密SM9的物联网可重构密钥安全认证协议设计

黄旺旺1, 周骅1(), 王代强1,2, 赵麒2   

  1. 1.贵州大学大数据与信息工程学院,贵阳 550025
    2.贵州民族大学机械电子工程学院,贵阳 550025
  • 收稿日期:2024-05-11 出版日期:2024-07-10 发布日期:2024-08-02
  • 通讯作者: 周骅 275320195@qq.com
  • 作者简介:黄旺旺(1997—),女,贵州,硕士研究生,主要研究方向为物联网安全|周骅(1978—),男,贵州,教授,博士,主要研究方向为物联网|王代强(1965—),男,贵州,教授,博士,主要研究方向为电路与系统|赵麒(1976—),男,河南,副教授,博士,主要研究方向为光机电一体化。
  • 基金资助:
    国家自然科学基金(62272123)

Design of Reconfigurable Key Security Authentication Protocol for IoT Based on National Cryptography SM9

HUANG Wangwang1, ZHOU Hua1(), WANG Daiqiang1,2, ZHAO Qi2   

  1. 1. School of Big Data and Information Engineering, Guizhou University, Guiyang 550025, China
    2. College of Mechanical and Electronic Engineering, Guizhou Minzu University, Guiyang 550025, China
  • Received:2024-05-11 Online:2024-07-10 Published:2024-08-02

摘要:

为增强通信协议的安全性和可靠性,提高用户隐私安全性,文章设计了一种基于国密SM9的物联网可重构密钥安全认证协议,旨在保证数据来源安全和数据传输安全。该协议仅使用倍点、点加和哈希操作就实现了共享密钥的封装与重构,并融合了伪一次一密和一次一身份机制,以提高共享密钥的传输安全性和传输效率,保证了密文数据传输与身份认证的安全性。文章所提方案经过ProVerif形式化安全仿真验证满足9个关键的安全属性,与其他协议相比,计算开销和通信开销更低,高度适用于资源受限的工业物联网设备。

关键词: SM9, 身份认证, 密钥封装, 密钥重构

Abstract:

To enhance the security and reliability of communication protocols and improve user privacy, a secure authentication protocol for IoT was designed based on the national cryptographic SM9. This protocol aimed to ensure both data source security and data transmission security. Using only point doubling, point addition, and Hash operations, the protocol achieved the encapsulation and reconstruction of shared keys. Additionally, it integrated pseudo one-time-one-key and one-time-one-identity mechanisms to enhance the security and efficiency of key transmission. The protocol guaranteed the security of ciphertext data transmission and identity authentication. The proposed scheme has been formally verified through ProVerif to satisfy nine critical security properties. Compared to other protocols, it incurs lower computational and communication overheads, making it highly suitable for resource-constrained industrial IoT devices.

Key words: SM9, identity authentication, key encapsulation, key reconstruction

中图分类号: