基于Merkle树和哈希链的层次化轻量认证方案

doi:10.3969/j.issn.1671-1122.2024.05.005

信息网络安全 ›› 2024, Vol. 24 ›› Issue (5): 709-718.doi: 10.3969/j.issn.1671-1122.2024.05.005

基于Merkle树和哈希链的层次化轻量认证方案

沈卓炜¹^,², 汪仁博¹^,², 孙贤军³()

1.东南大学网络空间安全学院，南京 211189
2.东南大学计算机网络和信息集成教育部重点实验室，南京 211189
3.公安部第三研究所安全防范技术处，上海 200031

收稿日期:2024-03-06 出版日期:2024-05-10 发布日期:2024-06-24
通讯作者: 孙贤军 E-mail:sxj_sun8110@163.com
作者简介:沈卓炜（1974—），男，江苏，副教授，博士，CCF会员，主要研究方向为分布式系统与网络安全|汪仁博（1996—），男，湖北，硕士研究生，主要研究方向为分布式系统与网络安全|孙贤军（1981—），男，安徽，助理研究员，硕士，主要研究方向为信息系统网络安全防护
基金资助:
国家重点研发计划(2022YFB3104602)

A Hierarchical Lightweight Authentication Scheme Based on Merkle Tree and Hash Chain

SHEN Zhuowei¹^,², WANG Renbo¹^,², SUN Xianjun³()

1. School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China
2. Key Laboratory of Computer Network and Information Integration of Ministry of Education, Southeast University, Nanjing 211189, China
3. Security and Preventive Technology Division, The Third Research Institute of Ministry of Public Security, Shanghai 200031, China

Received:2024-03-06 Online:2024-05-10 Published:2024-06-24
Contact: SUN Xianjun E-mail:sxj_sun8110@163.com

摘要/Abstract

摘要：

分布式系统如云计算、物联网等在各关键领域被广泛应用，其安全性越来越重要。由于部署环境复杂，具有分散、异构、动态等特性，分布式系统的信息安全保障面临着严峻的挑战，传统的身份认证方案通常计算开销大、证书管理复杂、成员动态更新不及时，不能很好地满足大型分布式系统需求。文章针对大量客户端与应用服务器交互的典型应用场景提出了一种基于Merkle树和哈希链的层次化轻量认证方案。方案将客户端划分为若干邻域，每个邻域内设置一个认证代理节点以管理邻域内的客户端并向应用服务器上报认证信息，方案结合Merkle树和哈希链技术实现对客户端的身份认证和一次一密的通信加密及消息认证，使用哈希和异或的高效运算方式实现较低的计算开销。安全性分析和性能分析表明，方案具有全面的安全性和更好的性能。

关键词: Merkle树, 哈希链, 一次性密码, 身份认证

Abstract:

Distributed systems such as cloud computing and the Internet of Things are widely used in various critical application domains, and their security issues are receiving increasing attention. Due to the complex deployment environment, the characteristics such as decentralization, heterogeneity, and dynamics, the security guarantee of distributed systems faces severe challenges. Traditional authentication schemes usually have the limitations of high computational cost, complex certificate management, and untimely member dynamic updates, which cannot meet the requirements of large-scale distributed systems. In this paper, aiming at the typical application scenarios where a large number of clients interact with application servers, a hierarchical lightweight authentication scheme based on Merkle tree and hash chain was proposed. In this scheme, there were several neighborhoods in the system, each client belongs to a neighborhood, and an authentication proxy node was set in each neighborhood to manage the clients in the neighborhood and report authentication information to the application server. The scheme adopted both Merkle tree and hash chain to realize identity authentication for the client, one-time pad encryption, and message authentication, and used efficient operations of hash and XOR to achieve lower computational costs. Security analysis and performance analysis show that the scheme has comprehensive security and better performance.

Key words: Merkle tree, hash chain, one-time pad, authentication

中图分类号:

TP309

沈卓炜, 汪仁博, 孙贤军. 基于Merkle树和哈希链的层次化轻量认证方案[J]. 信息网络安全, 2024, 24(5): 709-718.

SHEN Zhuowei, WANG Renbo, SUN Xianjun. A Hierarchical Lightweight Authentication Scheme Based on Merkle Tree and Hash Chain[J]. Netinfo Security, 2024, 24(5): 709-718.

图/表 15

图1

图2

图3

图4

图5

图6

表1

表2

图7

表3

表4

表5

图8

表6

表7

参考文献 18

[1]	YICK J, MUKHERJEE B, GHOSAL D. Wireless Sensor Network Survey[J]. Computer Networks, 2008, 52: 2292-2330.
[2]	BHUIYAN M N, RAHMAN M M, BILLAH M M, et al. Internet of Things (IoT): A Review of Its Enabling Technologies in Healthcare Applications, Standards Protocols, Security, and Market Opportunities[J]. IEEE Internet of Things Journal, 2021, 8(13): 10474-10498.
[3]	HE Debiao, ZEADALLY S, KUMAR N, et al. Anonymous Authentication for Wireless Body Area Networks with Provable Security[J]. IEEE Systems Journal, 2016, 11(4): 2590-2601.
[4]	GUO Songhui, NIU Xiaopeng, WANG Yulong. Elliptic Curve Based Light-Weight Authentication and Key Agreement Scheme[J]. Computer Science, 2015, 42(1): 137-141. doi: 10.11896/j.issn.1002-137X.2015.01.032
	郭松辉, 牛小鹏, 王玉龙. 一种基于椭圆曲线的轻量级身份认证及密钥协商方案[J]. 计算机科学, 2015, 42(1): 137-141. doi: 10.11896/j.issn.1002-137X.2015.01.032
[5]	CHANG Xiangmao, ZHAN Jun, WANG Zhiwei. Low-Cost Group-Based Identity Security Authentication Protocol for NB-IoT Nodes[J]. Journal on Communications, 2021, 42(12): 152-162. doi: 10.11959/j.issn.1000-436x.2021228
	常相茂, 占俊, 王志伟. 低开销的NB-IoT节点群组身份安全认证协议[J]. 通信学报, 2021, 42(12): 152-162. doi: 10.11959/j.issn.1000-436x.2021228
[6]	LI Tong, ZHOU Xiaoming, REN Shuai, et al. Light-Weight Mutual Authentication Protocol for Mobile Edge Computing[J]. Netinfo Security, 2021, 21(11): 58-64.
	李桐, 周小明, 任帅, 等. 轻量化移动边缘计算双向认证协议[J]. 信息网络安全, 2021, 21(11): 58-64.
[7]	TAN Yawen, WANG Jiadai, LIU Jiajia, et al. Blockchain-Assisted Distributed and Lightweight Authentication Service for Industrial Unmanned Aerial Vehicles[J]. IEEE Internet of Things Journal, 2022, 9(18): 16928-16940.
[8]	KHASHAN O A, KHAFAJAH N M. Efficient Hybrid Centralized and Blockchain-Based Authentication Architecture for Heterogeneous IoT Systems[J]. Journal of King Saud University Computer and Information Sciences, 2023, 35(2): 726-739.
[9]	DEBNATH S, CHATTOPADHYAY A, DUTTA S. Brief Review on Journey of Secured Hash Algorithms[C]// IEEE. 2017 4th International Conference on Opto-Electronics and Applied Optics (Optronix). New York: IEEE, 2017: 1-5.
[10]	PINTO A, COSTA R. Hash-Chain-Based Authentication for IoT[J]. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 2016, 5(4): 43-57.
[11]	MASUD M, GABA G S, CHOUDHARY K, et al. Lightweight and Anonymity-Preserving User Authentication Scheme for IoT-Based Healthcare[J]. IEEE Internet of Things Journal, 2021, 9(4): 2649-2656.
[12]	YIN Xinming, HE Junhui, GUO Yi, et al. An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree[J]. Sensors, 2020, 20(20): 5735-5753.
[13]	WANG Chengyu, DING Wang, DUAN Yihe, et al. Secure and Lightweight User Authentication Scheme for Cloud-Assisted Internet of Things[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 2961-2976.
[14]	LI Hongwei, LU Rongxing, ZHOU Liang, et al. An Efficient Merkle-Tree-Based Authentication Scheme for Smart Grid[J]. IEEE Systems Journal, 2013, 8(2): 655-663.
[15]	Merkle R C. Protocols for Public Key Cryptosystems[C]// IEEE. 1980 IEEE Symposium on Security and Privacy. New York: IEEE, 1980: 122-132.
[16]	JING Shimin, ZHENG Xin, CHEN Zhengwen. Review and Investigation of Merkle Tree’s Technical Principles and Related Application Fields[C]// IEEE. 2021 International Conference on Artificial Intelligence, Big Data and Algorithms (CAIBDA). New York: IEEE, 2021: 86-90.
[17]	LAMPORT L. Password Authentication with Insecure Communication[J]. Communications of the ACM, 1981, 24(11): 770-772.
[18]	MARTINO R, CILARDO A. SHA-2 Acceleration Meeting the Needs of Emerging Applications: A Comparative Survey[J]. IEEE Access, 2020, 8: 28415-28436.

ID	SK	Root Value	Set of Client(PID_l, Node_l_,_last, count_l)
认证代理1	K₁	root₁	NULL
认证代理2	K₂	root₂	NULL
认证代理3	K₃	root₃	NULL
…	…	…	…

	文献[3]方案	文献[7]方案	文献[14]方案	本文方案
抗伪造攻击	√	√	√	√
抗中间人攻击	√	√	√	√
抗重放攻击	N/A	N/A	√	√
机密性	√	√	√	√
完整性	N/A	N/A	√	√
匿名性	√	√	×	√
可撤销	×	√	√	√

客户端存储节点数	平均计算开销/ms	存储开销/KB
1	0.36000	0.03
100	0.00360	3.00
110	0.00144	3.44

符号	定义	开销/ms
T_pa	双线性配对运算	10.00257
T_Gm	椭圆曲线点乘运算	3.73970
T_Ga	椭圆曲线点加运算	0.00109
T_AES-enc	AES-256加密运算	0.00083
T_AES-dec	AES-256解密运算	0.00119
T_H	SHA-256哈希运算	0.00072
T_XOR	位异或运算	0.00014

	身份认证（密钥协商）		消息认证
	客户端	服务器	客户端	服务器
文献[3]方案	4T_Gm+T_Ga+ 5T_H+T_AES-enc	4T_Gm+T_Ga+5T_H+ T_AES-dec+2T_bp	T_AES-enc+T_H	T_AES-dec+T_H
文献[7] 方案	T_Gm+T_Ga+T_AES-enc+ T_AES-dec+T_H	T_Gm+T_Ga+T_AES-enc+ T_AES-dec+T_H	T_AES-enc+T_H	T_AES-dec+T_H
文献[14]方案	129T_AES-enc+ 255T_H	T_AES-dec+T_H	T_XOR	T_AES-dec+ T_XOR+7T_H
本文方案	/	T_AES-dec+7T_H	T_XOR+3T_H	T_XOR+3T_H

基于Merkle树和哈希链的层次化轻量认证方案

A Hierarchical Lightweight Authentication Scheme Based on Merkle Tree and Hash Chain

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 15

参考文献 18

相关文章 15

编辑推荐

Metrics

本文评价

	身份认证（密钥协商）/bit	消息验证/bit
文献[3]方案	3360	320
文献[7]方案	576+\|\|update\|\|	320
文献[14]方案	512	1856
本文方案	1856	576

	客户端/KB	服务器/KB
文献[3]方案	0.13	0.02
文献[7]方案	0.04+0.25n	0.25
文献[14]方案	28	4
本文方案	3.44	0.03

[1]	翟鹏, 何泾沙, 张昱. 物联网环境下基于SM9算法和区块链技术的身份认证方法[J]. 信息网络安全, 2024, 24(2): 179-187.
[2]	张敏, 许春香, 张建华. 无人机网络中基于多因子的认证密钥协商协议研究[J]. 信息网络安全, 2022, 22(9): 21-30.
[3]	王姝爽, 马兆丰, 刘嘉微, 罗守山. 区块链跨链安全接入与身份认证方案研究与实现[J]. 信息网络安全, 2022, 22(6): 61-72.
[4]	吴克河, 程瑞, 姜啸晨, 张继宇. 基于SDP的电力物联网安全防护方案[J]. 信息网络安全, 2022, 22(2): 32-38.
[5]	张昱, 孙光民, 翟鹏, 李煜. 一种基于切比雪夫混沌映射的可证明安全的溯源认证协议[J]. 信息网络安全, 2022, 22(12): 25-33.
[6]	吴克河, 程瑞, 郑碧煌, 崔文超. 电力物联网安全通信协议研究[J]. 信息网络安全, 2021, 21(9): 8-15.
[7]	沈卓炜, 高鹏, 许心宇. 基于安全协商的DDS安全通信中间件设计[J]. 信息网络安全, 2021, 21(6): 19-25.
[8]	张昱, 孙光民, 李煜. 基于SM9算法的移动互联网身份认证方案研究[J]. 信息网络安全, 2021, 21(4): 1-9.
[9]	王健, 赵曼莉, 陈志浩, 石波. 基于假名的智能交通条件隐私保护认证协议[J]. 信息网络安全, 2021, 21(4): 49-61.
[10]	李桐, 周小明, 任帅, 徐剑. 轻量化移动边缘计算双向认证协议[J]. 信息网络安全, 2021, 21(11): 58-64.
[11]	肖帅, 张翰林, 咸鹤群, 陈飞. 一种面向物联网设备的口令认证密钥协商协议[J]. 信息网络安全, 2021, 21(10): 83-89.
[12]	张骁, 刘吉强. 基于硬件指纹和生物特征的多因素身份认证协议[J]. 信息网络安全, 2020, 20(8): 9-15.
[13]	刘晓芬, 陈晓峰, 连桂仁, 林崧. 基于d级单粒子的可认证多方量子秘密共享协议[J]. 信息网络安全, 2020, 20(3): 51-55.
[14]	刘利娟, 李志慧, 支丹利. 可实现身份认证的多方量子密钥分发协议[J]. 信息网络安全, 2020, 20(11): 59-66.
[15]	张富友, 王琼霄, 宋利. 基于生物特征识别的统一身份认证系统研究[J]. 信息网络安全, 2019, 19(9): 86-90.