CN115333743A - Fine-grained secure communication method for MQTT protocol - Google Patents

Fine-grained secure communication method for MQTT protocol Download PDF

Info

Publication number
CN115333743A
CN115333743A CN202210809089.0A CN202210809089A CN115333743A CN 115333743 A CN115333743 A CN 115333743A CN 202210809089 A CN202210809089 A CN 202210809089A CN 115333743 A CN115333743 A CN 115333743A
Authority
CN
China
Prior art keywords
user
key
identity authentication
timestamp
topic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210809089.0A
Other languages
Chinese (zh)
Inventor
李延斌
邵天岳
任守纲
顾兴健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Agricultural University
Original Assignee
Nanjing Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Agricultural University filed Critical Nanjing Agricultural University
Priority to CN202210809089.0A priority Critical patent/CN115333743A/en
Publication of CN115333743A publication Critical patent/CN115333743A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a fine-grained safety communication method aiming at an MQTT protocol, which can be applied to an Internet of things system using the MQTT as a communication protocol. The scheme is based on bilinear mapping and Diffie-Hellman keyexchange to complete bidirectional identity authentication and key agreement, and finally encrypts the sent message to realize the secure communication between the user and the equipment. The method comprises the steps of firstly utilizing identity information of an MQTT theme (topic) to participate in fine-grained identity authentication aiming at the theme, then carrying out end-to-end key agreement between a legal user and equipment, and finally utilizing a generated symmetric key to complete encrypted communication. The method can be suitable for the scene of safe communication between one user and one or more devices in the MQTT, and can cope with the situation of dynamic change of the number of the devices.

Description

Fine-grained secure communication method for MQTT protocol
Technical Field
The invention belongs to the technical field of computer security, and particularly relates to an information security transmission method under an MQTT protocol.
Background
With the rapid development of the technology of the internet of things, more and more devices access the internet of things to provide services. Considering the large number of terminal devices with limited resources and the huge traffic, how internet of things devices communicate with each other or servers efficiently and safely is an important issue. In a plurality of internet of things communication protocols, the MQTT (message queue telemetry transport) protocol is widely applied by virtue of the characteristics of light weight and easy use. However, the MQTT protocol itself has only a few security mechanisms explicitly defined, for example, authentication of an agent is performed by a preset shared username and password, and encryption of information is recommended using SSL/TLS protocol. It lacks adequate security protection such as access control, authentication, and control message security. There are several problems with existing methods: (1) no two-way authentication can be provided; (2) The problem that the client who passes the identity authentication at the proxy still tries to publish or subscribe to an unauthorized subject exists; (3) The high calculation load of TLS causes low communication efficiency, and is not suitable for information security transmission in the actual application scene of the Internet of things; (4) In the current encryption mode, an agent is required to participate in encryption and decryption, so that the risk that the agent is attacked by an adversary to cause data to be leaked exists.
Therefore, aiming at the defect of insufficient safety function in the prior art, the safety of the MQTT protocol can be improved by aiming at the fine-grained safety authentication of the theme and finishing the end-to-end key agreement; meanwhile, the efficiency of safe communication can be improved by adopting a lightweight AES encryption method.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a fine-grained secure communication method aiming at an MQTT protocol, and bidirectional identity authentication and key agreement are carried out on the basis of a bilinear mapping and DH key exchange scheme. The method is suitable for one-to-one and one-to-many working scenes under the MQTT protocol, and can simultaneously deal with the situation of dynamic change of participating members, thereby finally realizing the safe transmission of information.
The technical solution for realizing the purpose of the invention is as follows:
a fine-grained secure communication method for an MQTT protocol comprises the following steps:
step 1: the initialization stage is that users, equipment and subjects complete registration, and TA generates and distributes system parameters;
and 2, step: the identity authentication stage completes bidirectional identity authentication;
and step 3: in the key negotiation stage, end-to-end key negotiation is completed between the user and the equipment to generate a session key;
and 4, step 4: designing a corresponding method when the participating members of the system are dynamically changed.
Further, a fine-grained secure communication method for the MQTT protocol specifically includes, in step 1:
step 1-1: completing registration for users, equipment and subjects to generate ACLs;
step 1-2: the trusted TA generates and distributes system parameters to system participants.
Further, a fine-grained secure communication method for the MQTT protocol includes the following steps 1-1: as the basis of the initialization phase, the topics in the users, devices and agents in the system all have to perform registration operations with the TA; let U = { U = 1 ,U 2 … and D = { D = { (D) 1 ,D 2 … is two sets of authorized clients, TID = { TID = { (TID) } 1 ,TID 2 … is a set of valid subject names registered at the agent; wherein U represents a user, D represents a device, and TID represents unique ID information of a subject; in the initialization phase, TA prepares the access policy preset according to MQTT
Figure BDA0003739767090000021
The TA then sends an ACL to the proxy, based on which the proxy can perform fine-grained access control; specifically, let
Figure BDA0003739767090000022
And
Figure BDA0003739767090000023
are publishers and subscribers authorized to legitimately access a topic, wherein the TID t Representing the unique identity of the tth topic in the proxy.
Furthermore, the invention relates to a fine-grained secure communication method aiming at an MQTT protocol, and the steps 1-2 are specifically
Comprises the following steps:
after the registration is completed, TA selects a cyclic addition group G 1 And a cyclic multiplicative group G 2 The orders of the two are large prime numbers q; TA selects two cryptographic hash functions: h (·): g 1 →Z q * And h (·) {0,1} * →Z q * (ii) a Then, TA selects a random number s ∈ Z q * Computing the public key P of the system as the master key of the system pub = sP, where P is a generator. TA publishes these initialization common parameters trans = { G ] to all users and devices within the system 1 ,G 2 ,q,P,P pub H (·), H (·) }; TA is device D i Selecting a random number a i Calculating
Figure BDA0003739767090000024
And
Figure BDA0003739767090000025
where t represents the number of the topic and i represents the number of the device; finally, TA sends information { VTID to U through secure channel respectively t i } and D i Transmission information { a i 、b i 、TID i }。
Further, the invention relates to a fine-grained secure communication method for an MQTT protocol, and the step 2 specifically comprises the following steps:
the identity authentication part is applicable to a single device scene and a plurality of device scenes, and specifically comprises the following steps:
(1) Identity authentication between a user and a single device:
first, the user U calculates a bilinear map e (H (VTID) from initialization information received from the TA t )+H(VTID t )·h(TS),P pub ) And send the results toTo the current topic, where TS is a timestamp; when the device D receives the information of the user U in a mode of subscribing the same theme, the freshness of the timestamp in the message is immediately checked, and if the freshness of the timestamp is not the fresh timestamp, the authentication process is immediately terminated; after the timestamp verifies legal, device D calculates w = b + b · h (TS) and e (w, P); at this time, the proxy verifies e (w, P) = e (H (VTID) t )+H(VTID t )·h(TS),P pub ) If the equation is established, the identity authentication of the two parties passes, namely the two parties are legal participants under the current theme; if the user U and the field device D are not in the right state, at least one illegal participant exists in the user U and the field device D, and the process is terminated.
(2) Group identity authentication between a user and a plurality of devices:
first, user U calculates a bilinear map based on initialization information received from TA
Figure BDA0003739767090000031
And publishing the result to the current topic, wherein TS is a timestamp; device D i After receiving the information of the user U by subscribing the same theme, each device immediately checks the freshness of the timestamp in the respective message, and if the timestamp is not the fresh timestamp, the authentication process is terminated. After the time stamp is validated, D i Calculating w i =b i +b i h (TS) and
Figure BDA0003739767090000032
at this point, the MQTT agent is authorized to verify
Figure BDA0003739767090000033
If the equation is established, the identity authentication between the user U and the plurality of devices is passed, namely the identity authentication is a legal participant under the current theme; if not, the user U and the field device D are indicated i Where there is at least one illegal participant, the process terminates immediately.
Further, the invention relates to a fine-grained secure communication method for an MQTT protocol, wherein step 3 specifically comprises: after the identity authentication, the legal user and the equipment perform key agreement to complete the end-to-end communication encryption work. Similar to identity authentication, the key agreement of the present solution is applicable to a single device scenario and multiple device scenarios, specifically:
(1) Key agreement of a user and a single device:
firstly, selecting a random number R by a legal device D passing identity authentication, calculating R = rP and issuing a calculation result to a user U through a current theme; after receiving R, U selects random number c belonged to Z q * Calculating C = cR and sending it to the topic; at this point, user U calculates its session key K U = e (C, cP); d after receiving the message C from the same subject, calculating a device session key K D =e(C,r - 1 C) (ii) a The session key generated by the user and the equipment is a symmetric key;
(2) Group key negotiation of a user and a plurality of devices:
first, the device D passes the authentication i Selecting a random number r i Calculating R i =r i P, issuing a calculation result to a user U through a current theme; u receives R sent by all devices i Then selecting random number c belonged to Z q * Calculating C i =cR i And send it to the topic; at this point, user U calculates its session key
Figure BDA0003739767090000034
All D i Receiving message C from the same subject i Thereafter, a group session key of the computing device
Figure BDA0003739767090000035
The session keys generated by the user and the plurality of devices are symmetric keys.
Further, the invention relates to a fine-grained secure communication method for an MQTT protocol, and the step 4 specifically comprises the following steps:
if no equipment is added or departed from the group of the current subject in the whole process, the system does not need to update the ACL and generate the initial parameters of the system again, namely the initialization stage is only executed once; at the same time, the client does not have to perform authentication between themselves; each key only belongs to the current session, when a new message is issued, the previous key is discarded, and a new session key is established after the key agreement is re-established;
every time the subject membership changes dynamically, the ACL is updated immediately and then the proxy is informed of the result; the TA must then generate new system parameters, including the master key and the system public key, and then distribute them to the new system participants; after the initialization phase, the mutual authentication and key agreement will continue to be performed according to the proposed scheme content.
Compared with the prior art, the technical scheme adopted by the invention has the following technical effects:
1. the invention utilizes the identity information of the theme to participate in the bidirectional identity authentication, and provides more fine-grained safety protection compared with other methods;
2. the key agreement is directly carried out between the user and the equipment, and the generated symmetric key is used for information encryption during communication, so that compared with other scheme technologies, the invention can provide end-to-end security. In addition, the transmitted message is encrypted by AES, so that the communication efficiency is high.
3. The invention designs a strategy when the members dynamically change, and is more suitable for the actual application scene of the Internet of things compared with other schemes.
Drawings
FIG. 1 is a flow chart of a fine-grained secure communication method for an MQTT protocol of the invention;
FIG. 2 is a diagram of MQTT protocol secure communication scenario for application of the present invention;
FIG. 3 is a schematic diagram of the embodiment of the present invention;
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
A fine-grained secure communication method for MQTT protocol, as shown in fig. 1, includes three phases, namely an initialization phase, an identity authentication phase, and a key agreement phase. With reference to fig. 1 and 3, the method specifically includes the following steps:
step 1: completing registration for users, equipment and themes, and generating and distributing system parameters by the TA;
step 1-1: as a basis for the initialization phase, the user, the device and the subject in the agent in the system must perform a registration operation with the TA. Let U = { U = 1 ,U 2 … and D = { D = { (D) 1 ,D 2 … is two sets of authorized clients, TID = { TID = { (TID) } 1 ,TID 2 … is a valid set of subject names registered at the agent. Where U represents the user, D represents the device, and TID represents the unique ID information of the topic. In the initialization phase, TA prepares the access policy preset according to MQTT
Figure BDA0003739767090000041
The TA then sends the ACL to the proxy, which can perform fine-grained access control based on it. Specifically, let
Figure BDA0003739767090000042
And
Figure BDA0003739767090000043
are publishers and subscribers authorized to legitimately access a topic, wherein the TID t Representing the unique identity of the tth topic in the proxy.
Step 1-2: after the registration is completed, TA selects a cyclic addition group G 1 And a cyclic multiplicative group G 2 The order of both is a large prime number q. TA selects two cryptographic hash functions: h (·): g 1 →Z q * And h (·) {0,1} * →Z q * . Then, TA selects a random number s ∈ Z q * Computing the public key P of the system as the master key of the system pub = sP, where P is a generator. TA publishes these initialization common parameters trans = { G ] to all users and devices within the system 1 ,G 2 ,q,P,P pub H (·), H (·). TA is device D i Selecting a random number a i Calculating
Figure BDA0003739767090000051
And
Figure BDA0003739767090000052
where i denotes the number of the device. Finally, TA sends information { VTID to U through secure channel respectively t i And D i Transmission information { a i 、b i 、TID i }。
Step 2: the identity authentication is completed by using the subject identity information, and the specific steps are as follows:
the identity authentication part may be applicable to a single device scenario and a plurality of device scenarios, and the following will describe the contents of the schemes in the two scenarios in detail.
(1) Identity authentication between a user and a single device:
first, the user U calculates a bilinear map e (H (VTID) from initialization information received from TA t )+H(VTID t )·h(TS),P pub ) And publish the results to the current topic, where TS is a timestamp. And when the device D receives the information of the user U in a mode of subscribing the same theme, immediately checking the freshness of the timestamp in the message, and if the timestamp is not the fresh timestamp, immediately terminating the authentication process. After the timestamp verifies legal, device D calculates w = b + b · h (TS) and e (w, P). At this time, the agent may verify e (w, P) = e (H (VTID) t )+H(VTID t )·h(TS),P pub ) If the equation is established, the identity authentication of the two parties passes, namely the two parties are legal participants under the current theme; if the user U and the field device D are not in the right state, at least one illegal participant exists in the user U and the field device D, and the process is terminated.
(2) Group identity authentication between a user and a plurality of devices:
first, user U calculates a bilinear map based on initialization information received from TA
Figure BDA0003739767090000053
And issues the result to the applicationThe former topic, where TS is a timestamp. Device D i After receiving the information of the user U by subscribing the same theme, each device immediately checks the freshness of the timestamp in the respective message, and if the timestamp is not the fresh timestamp, the authentication process is terminated. After the time stamp is validated, D i Calculating w i =b i +b i h (TS) and
Figure BDA0003739767090000054
at this point, the MQTT agent is authorized to verify
Figure BDA0003739767090000055
If the equation is established, the identity authentication between the user U and the plurality of devices is passed, namely the identity authentication is a legal participant under the current theme; if not, the user U and the field device D are indicated i Where there is at least one illegal participant, the process terminates immediately.
And step 3: end-to-end key agreement is executed between the user and the equipment, and the specific steps are as follows:
the key agreement may be applicable to either a single device scenario or multiple device scenarios, and the following describes the scheme contents of the two scenarios, respectively.
(1) Key agreement of a user and a single device:
firstly, the legal device D passing the identity authentication selects a random number R, calculates R = rP and issues the calculation result to the user P through the current theme. P selects random number c belonged to Z after receiving R q * C = cR is calculated and sent to the topic. At this point, user U may calculate session key K U = e (C, cP). D after receiving the message C from the same subject, a session key K can be calculated D =e(C,r -1 C)。
It turns out that the generated session key is a symmetric key:
K D =e(C,r -1 C)
=e(C,r -1 C)
=e(C,r -1 crP)
=e(C,cP)
=K U
(2) Group key negotiation of a user and a plurality of devices:
first, the device D passes the authentication i Selecting a random number r i Calculating R i =r i And P, issuing the calculation result to the user U through the current theme. U receives R sent by all devices i Then selecting random number c belonged to Z q * Calculating C i =cR i And sends it to the topic. At this time, the user U may calculate a group key
Figure BDA0003739767090000061
All D i Receiving a message C from the same topic i Thereafter, a group session key may all be calculated
Figure BDA0003739767090000062
It turns out that the generated session key is a symmetric key:
Figure BDA0003739767090000063
and 4, step 4: designing a strategy for dynamic change of a subject member, specifically:
if no device joins or leaves the group of the current topic throughout the process, the system does not need to update the ACL and regenerate the system initial parameters, i.e., the initialization phase is performed only once. At the same time, the client does not have to perform authentication between themselves. However, each key belongs only to the current session, and when a new message is issued, the previous key is discarded and a new session key is established after rekeying. I.e. if the membership in the topic does not change dynamically, only the key agreement phase needs to be performed again.
Whenever a dynamic change in subject membership occurs, the ACL will be immediately updated and the agent will then be notified of its results. For example, ACLs 2 =(TID 2 ,U(TID 2 )={U 1 },D(TID 2 )={D 1 ,D 2 ,D 3 }) when D 3 No longer subscribing to TID at this point 2 And D 4 When added, the current ACL 2 Update to ACL 2 =(TID 2 ,U(TID 2 )={U 1 },D(TID 2 )={D 1 ,D 2 ,D 4 }). The TA must then generate new system parameters, such as a master key and a system public key, and then distribute them to the new system participants. After the initialization phase, the mutual authentication and key agreement will continue to be performed according to the proposed scheme content. In summary, this case requires the initialization and two-way authentication phases to be performed once more than without dynamic changes.
Example 1
The method of the invention is tested by using Java language to finish programming on IntelliJ IDEA, and can realize the processes of identity authentication, key generation and complete encryption and decryption, and the result is as follows:
based on the Java platform, experiments used an Eclipse paho client and an Apache Apollo proxy as clients of MQTT, including publishers and subscribers. In the initialization phase, the experiment assumes that the TA calculates all system parameters and distributes them to the users and devices in a safe way. Each entity may then compute a bilinear map to participate in the verification phase. After successful verification, the valid client will generate a symmetric key. For testing, the issued information is encrypted using 128-bit AES, and the device then receives and decrypts the ciphertext. In all implementations, the plaintext message to be published is uniformly set to occupy 8 bytes.
Fig. 2 shows a MQTT protocol secure communication scenario applied in the present solution. The following table shows the experimental results of the experimental scheme under two communication scenarios of one device and three devices, respectively, the results including the whole process of the scheme and the running time of each part being recorded.
Experimental result of MQTT safety communication
Number of devices Identity authentication Key generation Encryption and decryption
1 table 349ms 66ms 1056ms
3 tables 476ms 120ms 1058ms
From the above experiments, the method of the present invention is properly feasible.
The above description is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications may be made without departing from the principles of the invention and these modifications are to be considered as within the scope of the invention.

Claims (7)

1. A fine-grained secure communication method for an MQTT protocol is characterized by comprising the following steps:
step 1: in the initialization stage, the user, the equipment and the subject are registered, and a trusted authority TA generates and distributes system parameters;
step 2: the identity authentication stage completes the bidirectional identity authentication;
and step 3: in the key negotiation stage, end-to-end key negotiation is completed between the user and the equipment to generate a session key;
and 4, step 4: and designing a corresponding method when the member of the equipment dynamically changes.
2. The method according to claim 1, wherein the step 1 initialization phase specifically comprises:
step 1-1: completing registration for users, equipment and subjects to generate ACLs;
step 1-2: the trusted TA generates and distributes system parameters to system participants.
3. The method according to claim 2, characterized in that step 1-1 is in particular:
as the basis of the initialization phase, the topics in the users, devices and agents in the system all have to perform registration operation with the TA; let U = { U = 1 ,U 2 … and D = { D = { (D) 1 ,D 2 … is two sets of authorized clients, TID = { TID = { (TID) } 1 ,TID 2 … is a valid set of topic names registered at the agent, where U represents a user, D represents a device, and TID represents ID information for the topic; in the initialization phase, TA prepares the access policy preset according to MQTT
Figure FDA0003739767080000011
Then TA sends ACL to agent, the agent carries out fine-grained access control on the basis of it; specifically, make
Figure FDA0003739767080000012
And
Figure FDA0003739767080000013
are publishers and subscribers authorized to legitimately access a topic, wherein the TID t Representing the unique identity of the tth topic.
4. The method according to claim 2, wherein steps 1-2 are in particular:
after the registration is completed, TA selects a cyclic addition group G 1 And one cyclic multiplicationFarmoug G 2 The orders of the two are large prime numbers q; TA selects two cryptographic hash functions: h (·): g 1 →Z q * And h (·) {0,1} * →Z q * (ii) a Then, TA selects a random number s ∈ Z q * Computing the public key P of the system as the master key of the system pub = sP, where P is a generator. TA publishes these initialization common parameters trans = { G ] to all users and devices within the system 1 ,G 2 ,q,P,P pub H (·), H (·) }; TA is device D i Selecting a random number a i Calculating
Figure FDA0003739767080000014
And
Figure FDA0003739767080000015
wherein t is the number of the theme and i represents the number of the device; finally, TA sends information { VTID to U through secure channel respectively t i And D i Transmitting information { a } i ,b i ,TID i }。
5. The method according to claim 1, wherein step 2 is specifically:
the identity authentication part is applicable to a single device scene and a plurality of device scenes, and specifically comprises the following steps:
(1) Identity authentication between a user and a single device:
first, the user U calculates a bilinear map e (H (VTID) from initialization information received from TA t )+H(VTID t )·h(TS),P pub ) And publishing the result to the current topic, wherein TS is a timestamp; and when the device D receives the information of the user U in a mode of subscribing the same theme, immediately checking the freshness of the timestamp in the message, and if the timestamp is not the fresh timestamp, immediately terminating the authentication process. After the timestamp verifies legal, device D calculates w = b + b · h (TS) and e (w, P); at this time, the proxy verifies e (w, P) = e (H (VTID) t )+H(VTID t )·h(TS),P pub ) If yes, both parties can pass identity authenticationIf so, all the participants are legal participants under the current theme; if the user U and the field device D are not established, at least one illegal participant exists in the user U and the field device D, and the process is terminated;
(2) Group identity authentication between a user and a plurality of devices:
first, user U calculates a bilinear map based on initialization information received from TA
Figure FDA0003739767080000021
And publishing the result to the current topic, wherein TS is a timestamp; device D i After receiving the information of the user U by subscribing the same theme, each device immediately checks the freshness of the timestamp in the respective message, and if the timestamp is not the fresh timestamp, the authentication process is terminated; after the time stamp is validated, D i Calculating w i =b i +b i h (TS) and
Figure FDA0003739767080000022
at this point, the MQTT agent is authorized to verify
Figure FDA0003739767080000023
If the equation is established, the identity authentication between the user U and the plurality of devices is passed, namely the identity authentication is a legal participant under the current theme; if not, the user U and the field device D are indicated i Where there is at least one illegal participant, the process terminates immediately.
6. The method according to claim 1, wherein step 3 is specifically:
after the identity authentication, a legal user and equipment perform key agreement to complete end-to-end communication encryption work; the key agreement is applicable to a single device scenario and multiple device scenarios, specifically:
(1) Key agreement of a user and a single device:
firstly, selecting a random number R by a legal device D passing identity authentication, calculating R = rP and issuing a calculation result to a user U through a current theme; after U receives RSelecting a random number c ∈ Z q * Calculating C = cR and sending it to the topic; at this point, user U calculates its session key K U = e (C, cP); d after receiving the message C from the same subject, calculating a device session key K D =e(C,r -1 C) (ii) a The session key generated by the user and the device is a symmetric key:
(2) Group key negotiation of a user and a plurality of devices:
first, the device D passes the authentication i Selecting a random number r i Calculating R i =r i P, issuing a calculation result to a user U through a current theme; u receives R sent by all devices i Then selecting random number c belonged to Z q * Calculating C i =cR i And send it to the topic; at this point, user U calculates its session key
Figure FDA0003739767080000024
All D i Receiving message C from the same subject i Thereafter, computing device group session keys
Figure FDA0003739767080000025
The session keys generated by the user and the plurality of devices are symmetric keys.
7. The method according to claim 1, wherein step 4 is specifically:
if no equipment is added or departed from the group of the current subject in the whole process, the system does not need to update the ACL and generate the initial parameters of the system again, namely the initialization stage is only executed once; at the same time, the client does not have to perform authentication between themselves; each key only belongs to the current session, when a new message is issued, the previous key is discarded, and a new session key is established after the key agreement is re-established;
every time the subject membership changes dynamically, the ACL is updated immediately and then the proxy is informed of the result; the TA must then generate new system parameters, including the master key and the system public key, and then distribute them to the new system participants; after the initialization phase, the mutual authentication and key agreement will continue to be performed according to the proposed scheme content.
CN202210809089.0A 2022-07-11 2022-07-11 Fine-grained secure communication method for MQTT protocol Pending CN115333743A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210809089.0A CN115333743A (en) 2022-07-11 2022-07-11 Fine-grained secure communication method for MQTT protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210809089.0A CN115333743A (en) 2022-07-11 2022-07-11 Fine-grained secure communication method for MQTT protocol

Publications (1)

Publication Number Publication Date
CN115333743A true CN115333743A (en) 2022-11-11

Family

ID=83917688

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210809089.0A Pending CN115333743A (en) 2022-07-11 2022-07-11 Fine-grained secure communication method for MQTT protocol

Country Status (1)

Country Link
CN (1) CN115333743A (en)

Similar Documents

Publication Publication Date Title
CN108352015B (en) Secure multi-party loss-resistant storage and encryption key transfer for blockchain based systems in conjunction with wallet management systems
Araki et al. High-throughput semi-honest secure three-party computation with an honest majority
CN105959269B (en) A kind of identifiable dynamic group key agreement method of identity-based
CN107947913B (en) Anonymous authentication method and system based on identity
EP2984782B1 (en) Method and system for accessing device by a user
US11044082B2 (en) Authenticating secure channel establishment messages based on shared-secret
EP3462667A1 (en) Blockchain based joint blind key escrow
WO2017147503A1 (en) Techniques for confidential delivery of random data over a network
CN111277412B (en) Data security sharing system and method based on block chain key distribution
WO2008022520A1 (en) A method, system and device for achieving multi-party communication security
Li et al. Certificateless online/offline signcryption scheme
CN112187450A (en) Method, device, equipment and storage medium for key management communication
CN116527279A (en) Verifiable federal learning device and method for secure data aggregation in industrial control network
CN113098681B (en) Port order enhanced and updatable blinded key management method in cloud storage
US20240113885A1 (en) Hub-based token generation and endpoint selection for secure channel establishment
CN114765543A (en) Encryption communication method and system of quantum cryptography network expansion equipment
KR100456624B1 (en) Authentication and key agreement scheme for mobile network
CN114189338B (en) SM9 key secure distribution and management system and method based on homomorphic encryption technology
CN114760060A (en) Service scheduling method for edge computing
CN115333743A (en) Fine-grained secure communication method for MQTT protocol
CN113918971A (en) Block chain based message transmission method, device, equipment and readable storage medium
CN113596004A (en) Identity authentication method and device in multi-party security computing
Rawat et al. PAS-TA-U: PASsword-based threshold authentication with password update
Surya et al. Single sign on mechanism using attribute based encryption in distributed computer networks
CN114500070B (en) Secret sharing algorithm-based MQTT protocol secure communication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination