可追踪身份的物联网感知层节点匿名认证方案

doi:10.3969/j.issn.1671-1122.2022.09.007

信息网络安全 ›› 2022, Vol. 22 ›› Issue (9): 55-62.doi: 10.3969/j.issn.1671-1122.2022.09.007

可追踪身份的物联网感知层节点匿名认证方案

张学旺, 刘宇帆()

重庆邮电大学软件工程学院，重庆 400065

收稿日期:2022-07-22 出版日期:2022-09-10 发布日期:2022-11-14
通讯作者: 刘宇帆 E-mail:779889642@qq.com
作者简介:张学旺（1974—），男，湖南，副教授，博士，主要研究方向为区块链、物联网、数据安全、隐私保护|刘宇帆（1996—），男，河北，硕士研究生，主要研究方向为物联网安全、互联网软件及安全技术
基金资助:
重庆市自然科学基金重点项目(cstc2019jcyj-zdxm0008);南充市科技计划项目(21YFZJ0033);渝北区大数据智能化科技专项重点项目(2020-02)

Identity Traceable Anonymous Authentication Scheme for Nodes in the Perception Layer of IoT

ZHANG Xuewang, LIU Yufan()

School of Software Engineering, Chongqing University of Posts and Telecommunications, Chongqing 400065, China

Received:2022-07-22 Online:2022-09-10 Published:2022-11-14
Contact: LIU Yufan E-mail:779889642@qq.com

摘要/Abstract

摘要：

物联网感知层的节点资源有限、设备脆弱、数据复杂，使得感知层安全问题层出不穷。感知层的数据可信与安全是保障整个物联网系统安全运行的基础。文章结合可信计算与环签密技术，提出一种适用于物联网感知层节点的可追踪成员身份的匿名认证方案，该方案在对外提供证明的同时能够隐藏节点的隐私信息，在数据存疑时可通过可信第三方进行身份追踪。文章最后通过理论分析和对比实验证明了该方案的正确性和高效性。

关键词: 物联网, 身份追踪, 可信计算, 隐私保护, 匿名认证

Abstract:

The limited node resources, fragile devices, and complex data of the perception layer of the Internet of things make the security problems of the perception layer emerge in endlessly. Ensuring the credibility and security of the data in the perception layer is the basis to ensure the safe operation of the entire Internet of things system. Combining trusted computing and ring signcryption technology, this paper proposed an anonymous authentication scheme for traceable membership of nodes in the perception layer of the Internet of things. This scheme can hide the privacy information of nodes while providing external proof and can track the identity through a trusted third party when the data is in doubt. In addition, the correctness and effectiveness of this scheme are verified by simulation experiments, and the theoretical analysis shows that this scheme is efficient.

Key words: Internet of things, identity tracing, trusted computing, privacy protection, anonymous authentication

中图分类号:

TP309

张学旺, 刘宇帆. 可追踪身份的物联网感知层节点匿名认证方案[J]. 信息网络安全, 2022, 22(9): 55-62.

ZHANG Xuewang, LIU Yufan. Identity Traceable Anonymous Authentication Scheme for Nodes in the Perception Layer of IoT[J]. Netinfo Security, 2022, 22(9): 55-62.

图/表 6

图1

表1

图2

图3

图4

表2

参考文献 19

[1]	SRIVASTAVA L, KELLY T. The Internet of Things[EB/OL]. (2005-11-17)[2022-05-10]. https://www.itu.int/osg/spu/presentations/2005/srivastava_internetofthings_press%20.pdf.
[2]	GONZALEZ G R, ORGANERO M M, KLOOS C D. Early Infrastructure of an Internet of Things in Spaces for Learning[C]// IEEE. 8th IEEE International Conference on Advanced Learning Technologies. New York: IEEE, 2008: 381-383.
[3]	SARMA A C, GIRÃO J. Identities in the Future Internet of Things[J]. Wireless Personal Communications, 2009, 49(3): 353-363.
[4]	COSTIN A, ZADDACH J, FRANCILLON A, et al. A Large-Scale Analysis of the Security of Embedded Firmwares[C]// USENIX. 23nd USENIX Security Symposium. Berkeley: USENIX, 2014: 95-110.
[5]	FENG Dengguo, LIU Jingbin, QIN Yu, et al. Trusted Computing Theory and Technology in Innovation-Driven Development[J]. Scientia Sinica: Informationis, 2020, 50(8): 1127-1147.
	冯登国, 刘敬彬, 秦宇, 等. 创新发展中的可信计算理论与技术[J]. 中国科学:信息科学, 2020, 50(8):1127-1147.
[6]	ZHANG Yan, ZHANG Liwu. Survey on Anonymous Credential Schemes[J]. Netinfo Security, 2012, 12(1): 17-22.
	张严, 张立武. 匿名凭证方案研究进展[J]. 信息网络安全, 2012, 12(1):17-22.
[7]	BRICKELL E, CHENLiqun, LIJiangtao. A New Direct Anonymous Attestation Scheme from Bilinear Maps[C]// Springer. International Conference on Trusted Computing. Heidelberg: Springer, 2008: 166-178.
[8]	RIVEST R L, SHAMIR A, TAUMAN Y. How to Leak a Secret[C]// Springer. International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg: Springer, 2001: 552-565.
[9]	HUANG Dawei, YANG Xiaoyuan, CHEN Haibin. Ring Signature Scheme with Revocable Anonymity[J]. Computer Engineering and Applications, 2010, 46(24): 88-89.
	黄大威, 杨晓元, 陈海滨. 一种可撤销匿名性的环签名方案[J]. 计算机工程与应用, 2010, 46(24):88-89.
[10]	YANG Huajie, MIAO Xianghua, ZHU Haitao, et al. Efficient Certificateless Ring Signature Scheme with Identity Tracing[J]. Cyberspace Security, 2014, 5(7): 32-35.
	杨华杰, 缪祥华, 朱海韬, 等. 一种高效无证书可追踪环签名方案[J]. 信息安全与技术, 2014, 5(7):32-35.
[11]	WANG Hongyuan, MENG Jin, DU Xilong, et al. Lightweight and Anonymous Mutual Authentication Protocol for Edge IoT Nodes with Physical Unclonable Function[EB/OL]. (2022-01-04)[2022-06-11]. https://doi.org/10.1155/2022/1203691.
[12]	GHAHRAMANI M, JAVIDAN R. A Robust Anonymous Remote User Authentication Protocol for IoT Services[J]. Wireless Personal Communications, 2021, 121(3): 2347-2369.
[13]	LI Xiong, NIU Jianwei, KUMARI S, et al. A Three-Factor Anonymous Authentication Scheme for Wireless Sensor Networks in Internet of Things Environments[J]. Journal of Network and Computer Applications, 2018, 103: 194-204.
[14]	SADRI M J, ASAAR M R. An Anonymous Two-Factor Authentication Protocol for IoT-Based Applications[EB/OL]. (2021-11-09)[2022-06-12]. https://doi.org/10.1016/j.comnet.2021.108460.
[15]	HUANG Jing, CHEN Jia, ZHANG Huijuan, et al. A Remote Attestation Mechanism Using a Threshold Ring Signature for a Perception Layer of Distributed Networking[EB/OL]. (2022-01-22)[2022-06-12]. https://doi.org/10.1155/2022/6603754.
[16]	YU Chen, CHEN Liquan, LU Tianyu. M2M Network Anonymous Attestation Scheme Based on Mimic Defense[J]. Journal of Cryptologic Research, 2021, 8(3): 468-477.
[17]	XIE Run, HE Chanlian, XU Chunxiang, et al. Lattice-Based Dynamic Group Signature for Anonymous Authentication in IoT[J]. Annals of Telecommunications, 2019, 74(7): 531-542.
[18]	NUNES I D O, DESSOUKY G, IBRAHIM A, et al. Towards Systematic Design of Collective Remote Attestation Protocols[C]// IEEE. 39th International Conference on Distributed Computing Systems(ICDCS). New York: IEEE, 2019: 1188-1198.
[19]	ZHAO Na, LONG Hui, SU Jinshu. A Scheme for Anonymous Authentication and Privacy Protection in the Internet of Things Environment[J]. Netinfo Security, 2018, 18(11): 1-7
	赵娜, 龙慧, 苏金树. 一种适用于物联网环境的匿名认证与隐私保护方案[J]. 信息网络安全, 2018, 18(11):1-7.

符号	含义
${{Z}_{q}}$	小于$q$的正整数集合
$Z_{q}^{*}$	模为$q$的整数乘法群
$x\in \text{Z}_{q}^{*}$	从模为$q$的整数乘法群中任取一个元素$x$
${{\{0,1\}}^{*}}$	由0和1组成的任意长度的二进制序列
${{G}_{1}}$	阶为素数$q$的加法循环群，生成元为$P$
${{G}_{2}}$	阶数为素数$q$的乘法循环群

方案	签名	验证	追踪
文献[9]方案	$(5n-1)m$	$2p+nm$	$4np+(2n+2)m$
文献[10]方案	$(4n+3)m$	$2p+nm$	$4np$
文献[17]方案	$(n+2)m+(n+1)p$	$2p+2nm$	—
本文方案	$(4n+2)m$	$2p+nm$	$2np$

可追踪身份的物联网感知层节点匿名认证方案

Identity Traceable Anonymous Authentication Scheme for Nodes in the Perception Layer of IoT

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献 19

相关文章 15

编辑推荐

Metrics

本文评价

[1]	于晶, 袁曙光, 袁煜琳, 陈驰. 基于k匿名数据集的鲁棒性水印技术研究[J]. 信息网络安全, 2022, 22(9): 11-20.
[2]	秦宝东, 余沛航, 郑东. 基于双陷门同态加密的决策树分类模型[J]. 信息网络安全, 2022, 22(7): 9-17.
[3]	赵洪, 李姗, 左珮良, 魏占祯. 基于强化学习的物联网安全资源分配方法[J]. 信息网络安全, 2022, 22(6): 44-52.
[4]	陈彬杰, 魏福山, 顾纯祥. 基于KNN的具有隐私保护功能的区块链异常交易检测[J]. 信息网络安全, 2022, 23(3): 78-84.
[5]	吴克河, 程瑞, 姜啸晨, 张继宇. 基于SDP的电力物联网安全防护方案[J]. 信息网络安全, 2022, 22(2): 32-38.
[6]	李桐, 任帅, 王刚, 孟庆宇. 基于变色龙认证树的云边端协同流式数据完整性验证模型[J]. 信息网络安全, 2022, 22(1): 37-45.
[7]	徐硕, 张睿, 夏辉. 基于数据属性修改的联邦学习隐私保护策略[J]. 信息网络安全, 2022, 22(1): 55-63.
[8]	陈庆港, 杜彦辉, 韩奕, 刘翔宇. 基于深度可分离卷积的物联网设备识别模型[J]. 信息网络安全, 2021, 21(9): 67-73.
[9]	吴克河, 程瑞, 郑碧煌, 崔文超. 电力物联网安全通信协议研究[J]. 信息网络安全, 2021, 21(9): 8-15.
[10]	路宏琳, 王利明, 杨婧. 一种新的参数掩盖联邦学习隐私保护方案[J]. 信息网络安全, 2021, 21(8): 26-34.
[11]	靳姝婷, 何泾沙, 朱娜斐, 潘世佳. 基于本体推理的隐私保护访问控制机制研究[J]. 信息网络安全, 2021, 21(8): 52-61.
[12]	李群, 董佳涵, 关志涛, 王超. 一种基于聚类分类的物联网恶意攻击检测方法[J]. 信息网络安全, 2021, 21(8): 82-90.
[13]	刘忻, 杨浩睿, 郭振斌, 王家寅. 一种实现在线注册与权限分离的工业物联网身份认证协议[J]. 信息网络安全, 2021, 21(7): 1-9.
[14]	刘忻, 郭振斌, 宋宇宸. 一种基于SGX的工业物联网身份认证协议[J]. 信息网络安全, 2021, 21(6): 1-10.
[15]	刘子昂, 黄缘缘, 马佳利, 周睿. 基于区块链的医疗数据滥用监控平台设计与实现[J]. 信息网络安全, 2021, 21(5): 58-66.