CN108768660B - Internet of things equipment identity authentication method based on physical unclonable function - Google Patents
Internet of things equipment identity authentication method based on physical unclonable function Download PDFInfo
- Publication number
- CN108768660B CN108768660B CN201810523739.9A CN201810523739A CN108768660B CN 108768660 B CN108768660 B CN 108768660B CN 201810523739 A CN201810523739 A CN 201810523739A CN 108768660 B CN108768660 B CN 108768660B
- Authority
- CN
- China
- Prior art keywords
- user
- authentication
- access
- server
- puf
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
Abstract
The invention relates to an identity authentication method of Internet of things equipment based on a physical unclonable function, which can be used for identity authentication of multiple equipment and a user in an Internet of things network by combining the property characteristics of the physical unclonable function and the content of zero knowledge proof, and belongs to the field of Internet of things safety in information safety. The authentication method comprises four entities of a server, a user, an access device and an accessed device, and comprises the following main contents: a registration stage: the server needs to store the response value of the specific challenge and the user password in a power form of a discrete logarithm group generating element for equipment registration; in the authentication stage, the server sends registered challenges to perform secondary response, and at the moment, the access equipment and the equipment as a whole perform zero-knowledge proof with the user and the server; and simultaneously, the access equipment, the equipment and the server perform another zero-knowledge proof, and the identity authentication of the user, the preliminary authentication of the legality of the access equipment and the final authentication are completed for the server.
Description
Technical Field
The invention relates to an identity authentication method of Internet of things equipment based on a physical unclonable function, which can be used for identity authentication of multiple equipment and users in an Internet of things network and belongs to the field of Internet of things safety in information safety.
Background
In the era of intersection and convergence of big data and the Internet of Things, the Internet of Things (IoT) is used as an extension and extension of the Internet, and communication between objects is established. The internet of things is a network taking 'things' as data sources. With the development of various sensing devices and information technologies, the coverage range of the internet of things is wider, information sources and information sinks contributed by a sensing layer of the internet of things to the whole information network are more and more, and the data volume generated by interactive interaction of various roles in an information space is expanding continuously, and is becoming a main information source of big data beyond the internet.
The development of the internet of things is built on the basis of information technology and is driven by social demands. With the invention of intelligent equipment in various industries and the proposal of intelligent modes, the Internet of things can be widely applied to the fields of industry, agriculture, commerce, medical health, security, environmental protection, aerospace national defense and the like. The development of internet of things network resources is related to the control of future network technologies and information resources. Modern social life work is established on a complex internet, the internet of things enables people to be in interactive contact with things, things and things, and the concept intelligent life and working modes such as computable, credible, cloud and big data are promoted, and people are bound to rely on the internet of things more and more. At that time, the network security of the internet of things inevitably becomes one of the important factors influencing the social stability and the national security.
The security issues in the internet of things are more complex than in traditional internet network security. The communication of the internet of things network not only covers the exchange of data and information under various conditions in the internet, but also includes a sensor with huge data volume in the sensing layer of the internet of things, and the data is generated and exchanged in a radio frequency network and a wireless sensor network. How to guarantee the integrity and authenticity of information between objects and people and between objects is one of important research contents of the internet of things network security technology.
The information security exchange and transmission in the network are closely related to the identity authentication technology. Traditionally, identity authentication refers to a process of confirming identity authenticity of a user/user in network communication, such as simple identity authentication through a password, a token and a fingerprint representing identity, and through identity authentication, access of the user to information and use permission of resources can be confirmed. In the internet of things network, "identity" is given more meaning: not only the identity of the user needs to be authenticated to be real and reliable, but also the credibility and the legality of equipment in the network need to be verified. In a hardware device system, authentication refers to the process of confirming the identity and authenticity of chips, circuit boards, and system components (e.g., RFID tags, smart cards, etc.). In the internet of things, higher requirements are put forward on the authentication of the equipment: (1) in a typical network, a plurality of access devices and accessed devices exist, and how to effectively manage and distinguish the access devices and the accessed devices is an important problem to avoid internal attacks; (2) data multivariate development is required; (3) the authenticity and integrity of the information of the data source are guaranteed.
The invention designs an identity authentication protocol in the Internet of things based on a Physical Unclonable Function (PUF). A PUF can provide hardware-specific strings depending on the unique characteristics of the physical hardware on which it is implemented, and provides two valuable functions for devices in networks of the internet of things: (1) sensitive information is dynamically regenerated by using the determined information without storage; (2) tamper resistance. PUFs can exploit the random differences that physical entities cause during the manufacturing process, which differences are extracted via certain rules in the form of digital information. On the premise that the entity inputs an excitation, an unpredictable response is output as a key or unique Identification ID (ID) required for encryption. Instead of storing secret information in memory, PUFs derive secret information from complex physical characteristics of an entity. The PUF is used for bearing authentication information, so that the robustness and the practicability of hardware equipment can be ensured; the PUF is bound with the device, is determined by the random difference of physical manufacture on the chip, cannot be reproduced on other devices, and has uniqueness; any attempt to tamper with the device will affect the PUF, destroying the original PUF and having the property of being non-tamperable.
Disclosure of Invention
The invention aims to provide an identity authentication method of equipment in the Internet of things based on a physical unclonable function. The invention utilizes the physical unclonable function correlation technique as the technical basis of hardware equipment authentication, combines zero knowledge proof theory design protocol in cryptography, and provides strong safety guarantee for users.
The technical scheme of the invention is as follows: an Internet of things equipment identity authentication method based on a physical unclonable function comprises four main entities:central serverThe system is also a database of the system network and represents an entity for carrying out identity authentication and data management on the user; user' sRepresenting the user; reading deviceAnd apparatusUser passes through reader(Access device) to deviceAccess is performed. Prior to proceeding with the authentication protocol, the readerAnd apparatusBuilt-in PUF (physical unclonable function) in the system participates in the serverOnce the registration process is completed and the authentication process is performed, the userCan be used inTo authenticate and reasonably access devices with the help ofThus, two processes are defined:
registering: is thatAndprotocol between, usersIn thatWith the help of which the server is registered. If the registration is successful, the server obtains and stores a token T that can be used for subsequent authenticationu。
And (3) authentication: is thatAndin which a protocol is usedIs/are as followsAnd use of the storage certificate TuIs/are as followsTo decide whether to accept or reject the user; is also thatAndthe protocol (c) of (a) is,the authentication process can prove each other that the other is a legitimate (access) device.
Assuming a small Internet of things environment containing a plurality of intelligent devicesIn this environment there is a management service center Meanwhile, the system can be used as a database to store various authentication information and usersAs a user, a reading device (or access device) is requiredBy passingTo devices in the networkAnd performing data access. The authentication process is required to satisfy the following properties:
1) even if the adversary has access to the deviceNor can it be successfully verified by the system. This security concept is essential in practice and the access device may be a mobile terminal which is easily present in the hands of the user at a certain moment. To ensure that the device itself does not reveal any sensitive information, the scheme does not store such information on the device.
2) A legitimate user cannot authenticate successfully without a device. This is also important in that it ensures that a device must be available for successful login, and that the adversary, being aware of the stored information in the server as well as the user information, cannot create a clone of the corresponding device.
3) The property of the PUF ensures that the equipment is unclonable and cannot be tampered, and any tampering can make the PUF become a brand-new PUF', so that a legal user is ensured to have to own the original equipment for authentication to successfully pass the authentication.
In this solution (protocol flow diagram as in fig. 4), we assume a serverEstablishing and declaring discrete logarithm problem prime order q groupAnd its generator g0. That is to say that the position of the first electrode,may be a multiplicative group of prime numbers pA subgroup of (a). Assuming that the PUF is constructed to useOr when challenging the PUF, the user submits the group to the PUF.
A registration stage:
the method comprises the following steps: serverTo the userSending challenge c and groupIs described byIndicating that it can be composed of a pair of (p, q) and its generator g0And (4) forming.
Step two: user' sDirectional deviceH (c | | pwd) is sent,g0where pwd is the user password for the modified Gen protocol.
Among these, the Gen protocol is two protocols from fuzzy extraction: gen and Rep protocols. A fuzzy extractor is set to have parameters (m, l, t, ε).
Gen protocol: used in the enrolment phase, the output is a set (R, P), R being the value to be regenerated and P being a common helper string for recovering the response of the PUF at a given access C. The error correction code ECC is used to eliminate up to t errors in the PUF output for a given access. Satisfies the following conditions: at any distribution of C of minimum entropy m, if (R, P) ← gen (C), then (R, P) and (U)lAnd R) is epsilon.
The Rep protocol: this is a recovery algorithm, given that P, (R, P) ← Gen (C), R can be re-output with the common helper string and the misinterpretation algorithm if the distance of the output O 'of the PUF from the output O at enrollment, dist (O, O') ≦ t: rep (O', P) ═ R.
Step three: deviceOne challenge d ═ H (c | | pwd) is calculated,<Gq>,g0) And run Gen on this value to obtain the response r, P. Then theSending to the user (g)0 r,P)。
Step four: the user will (g)0 rP) forwarding to a serverServerThe information c, g0,Are stored together.
And (3) an authentication stage:
the method comprises the following steps: serverTo the userThe challenge c is sent out and,g0p and a random number N.
Step three: access deviceComputational challenge d ═ H (c | | pwd), g0P) then runs Rep on this value to obtain the response r.Random selectionAnd calculate outAndand w ═ v-C' r mod q.C' and w are temporarily saved. In addition, the first and second substrates are,generating random numbersAnd are provided withAnd g1、p1For parameter calculationThen theWill be provided withAs inquiry information to the accessed device
Step four: devicePreliminary authentication access deviceReceive fromAfter the query message has been transmitted,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notAbsence, proof ofThe authentication process stops if it is not a legitimate device in the initialization phase. If it is notPresence, apparatusTo pairThe rounding operation is carried out to obtain D,then, the user can use the device to perform the operation,finding Auth in memoryijDivide it into Authl||AuthrWherein the high order is AuthlWhat remains is Authr. The dummy bits are padded with zeros at the time of partitioning, taking underflow into account.ComputingAndand will beIs sent as a response to
Wherein f ispseudo(. cndot.) is a pseudorandom function. AuthijIs aboutAndsetting a specific input c0,AuthijStored in a deviceEach device stores only authentication information associated with itself.
Step five: access devicePreliminary authentication deviceWhen receivingAfter the information has been transmitted, the user may,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notIf not, the authentication process stops. Otherwise, the access device performs preliminary authenticationThen will beAnd C' and w stored in the step three are sent to the user togetherThe user sends these values to the servers
Wherein, in the fourth step and the fifth step,respectively, are legitimate access devicesAnd apparatusIs determined by both its own PUFs, and is the result of processing the response of the respective PUFs to a particular input. Present in respective access control lists, e.g. access devicesAccess control list ofTherein are provided with a plurality of devicesAn identifier of (a); in the same way, the method for preparing the composite material,present in equipmentContains identifiers of various access devices.
Step six: serverFirst of all, calculateAnd if C ═ C', accepting user authentication while granting access to the deviceAnd if the equipment is legal, otherwise, the authentication is stopped.
At the same time, the server also needs to correct the receivedThe information is processed and the information is processed,computingAuth for retrieving authentication informationijAnd split it into Authl||AuthrContinue to calculateAndby making a judgmentAndwhether or not to equal to confirm the devicesThe validity of (2). If it isThen the equipmentIs legally given access to the deviceThe final authentication of (1).
Reaching step six, the user is verified to be a legal user, and the device is accessedIs a legal original equipment, andis legally given access to the deviceThe final authentication of (1).
3. The advantages and the effects are as follows:
the invention relates to an identity authentication scheme of Internet of things equipment based on a physical unclonable function, which can be used for identity authentication of multiple equipment and users in an Internet of things network and has the advantages and effects that:
1) according to the scheme, a hardware information security technology is applied to the internet of things network equipment for the first time, and a specific authentication scheme is provided by combining identity authentication and a zero-knowledge proof theory in the information security technology, so that strong security guarantee is provided for a user.
2) The scheme uses double-factor authentication, so that identity authentication and information access can be performed only under the condition that a legal user has legal equipment, and the user password and the legal equipment are not available.
3) Based on the property of a physical unclonable function, the devices cannot be copied and cloned, the uniqueness of the identity of each device is guaranteed, meanwhile, the protocol process is proved by zero knowledge, the challenge is responded by the PUF immediately, and the devices do not need extra space to store sensitive information.
4) The scheme avoids internal attacks in multi-entity systems.
Drawings
FIG. 1 is a flow chart of the present invention.
Figure 2 is a block diagram of a PUF predictive response game flow.
Figure 3 is a block diagram of a PUF response indistinguishable game flow.
Fig. 4 is a flowchart of an identity authentication protocol of an internet of things device based on PUF.
Detailed Description
The invention is further described with reference to the following figures and detailed description.
1. PUF model
(1) PUF predictive response game
As in previous PUF documents, we made a standard assumption that without a physical device, the PUF behavior is unpredictable. Let UκRepresents a number from {0,1}κA randomly selected set of strings. Let PUF be a functionAt a length of κ1Generates a length k on the input2The string of (2). Before giving a definition, let us first define the following PUF prediction response game (as in fig. 2):
stage one: enemyFor any selected ci,Wherein the challenge setsIs all challenge spacesRequesting to obtain a PUF response ri。
Stage three-challenge:selecting a challenge c that has not been queried so far, i.e.Device not allowing directionThe PUF submits a challenge c.
And a fourth stage: enemyA new set of polynomial challenges may be issued againAt the same timeStill not allowing to the deviceThe PUF submits a challenge c.
Responding:outputting PUF responsesGuess r' of (c). If r ═ r', thenAnd (6) winning. Order toTo representGuess correctlyProbability of winning in response to c. That is, whenIs equal toActual response to challenge cThe adversary wins.
(2) PUF response indistinguishable games
PUF response indistinguishable games (e.g., FIG. 3) require an adversaryDistinguishing the output R and from {0,1} of a fuzzy extractor (m, l, t, epsilon) -fuzzy extra of a PUFlA randomly selected set of strings. The game is defined as follows, let UκRepresents a number from {0,1}κA set of randomly selected strings.
And a second stage: device D returns the corresponding helper string P from the Gen's outputi,(Ri,Pi)←Gen(ri=PUFD(ci) Let CP be these (c)i,Pi) A set of pairs.
Stage four-challenge:one challenge c is selected, c being registered in the registration phase, but not in phase three, i.e.And isHas PiBut without R to challenge ci. The PUF device randomly selects a bit b, b ∈ {0,1 }.
And a fifth stage: if b is 0, then R is given Rep (PUF)D(c) R, P). Otherwise, if b is 1, thenIs given a random string s e {0,1}l。
And a sixth stage: enemyAllowing any c 'to be interrogated to the PUF of device D'i∈CP,c′iNot equal to c, for all c'iNot equal to c challenge, PUF device returns ri′|ri′←PUFD(c′i)}。
Phase seven-response: finally, the process is carried out in a batch,outputting a bit b'. If b is b ═ bAnd (6) winning. Order toTo representProbability of winning the match. Let us assume thatCan be ignored.
Now a physically unclonable function is defined, which satisfies definition 1, whose security is defined by two formalized game PUFs predicting response games and PUFs indistinguishable games.
(i) the operation is efficient: PUF (physical unclonable function)DEasy to calculate and evaluate;
(iii) Fuzzy extraction: claim during the enrollment phase of the PUF, given a challenge value c, the PUF calculates (R, P) ← gen (c), where R is the value to be regenerated, R ← PUF (c) is the response value of the PUF, and P is the helper value. The helper string allows subsequent responses R' (separated from the original response R by a distance t) to be restored to R.
(iv) Indistinguishable: requiring that the PUF output be computationally indistinguishable from a random string of the same length, within the PPTHas the advantages ofWherein epsilon1Are negligible.
(v) The noise is bounded: from the same PUF under the same challengeDIs at most t for negligible epsilon2Is provided with
(vi) Uniqueness: for each device D, the PUFDIs unique and is suitable for use in PUF of any other device DD′,ε3Small enough:
2. detailed description of the invention
In this solution we assume a serverEstablishing and declaring discrete logarithm problem prime order q groupAnd its generator g0. That is to say that the position of the first electrode,may be a multiplicative group of prime numbers pA subgroup of (a). Assuming that the PUF is constructed to useOr when challenging the PUF, the user submits the group to the PUF.
Preparation work:
let devices in the network beDjJ 1,2,3, a specific input c is set0, AuthijStored in a deviceEach device stores only authentication information associated with itself.
Setting another specific input cm,Will make theseStore its access control listIn the middle, the same process is carried out,will make theseStore its access control listIn (1).Respectively, are legitimate access devicesAnd apparatusThe identifier (c) is determined by the two PUFs themselves, and is the result of processing the response of each PUF to a particular input, and is present in the respective access control lists.
A registration stage:
the method comprises the following steps: serverTo the userSending challenge c and groupIs described byIndicating that it can be composed of a pair of (p, q) and its generator g0And (4) forming.
Step two: user' sTo the access deviceH (c | | pwd) is sent,g0where pwd is the user password, | | is the join symbol, H (-) is a hash function,these received values are used in the modified Gen protocol.
Step three: deviceOne challenge d ═ H (c | | pwd) is calculated,<Gq>,g0) And run Gen on this value to obtain the response r, P. Then theSending to the user (g)0 r,P)。
Step four: the user will(g0 rP) forwarding to a serverServerThe information c, g0,Are stored together.
And (3) an authentication stage:
the method comprises the following steps: serverTo the userThe challenge c is sent out and,g0p and a random number N.
Step three: access deviceComputational challenge d ═ H (c | | pwd), g0P) then runs Rep on this value to obtain the response r.Random selectionAnd calculate outAndand w ═ v-C' r mod q.C' and w are temporarily saved. In addition, the first and second substrates are,generating random numbersAnd are provided withAnd g1、p1For parameter calculationThen theWill be provided withAs inquiry information to the accessed device
Step four: devicePreliminary authentication access deviceReceive fromAfter the query message has been transmitted,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notAbsence, proof ofThe authentication process stops if it is not a legitimate device in the initialization phase. If it is notPresence, apparatusTo pairThe rounding operation is carried out to obtain D,then, the user can use the device to perform the operation,finding Auth in memoryijDivide it into Authl||AuthrWherein the high order is AuthlWhat remains is Authr. The dummy bits are padded with zeros at the time of partitioning, taking underflow into account.ComputingAndand will beIs sent as a response to
Step five: access devicePreliminary authentication deviceWhen receivingAfter the information has been transmitted, the user may,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notIf not, the authentication process stops. Otherwise, the access device performs preliminary authenticationThen will beAnd C' and w stored in the step three are sent to the user togetherThe user sends these values to the servers
Step six: serverFirst of all, calculateAnd if C ═ C', accepting user authentication while granting access to the deviceAnd if the equipment is legal, otherwise, the authentication is stopped.
At the same time, the server also needs to correct the receivedThe information is processed and the information is processed,computingAuth for retrieving authentication informationijAnd split it into Authl||AuthrContinue to calculateAndby making a judgmentAndwhether or not to equal to confirm the devicesThe validity of (2). If it isThen the equipmentIs legally given access to the deviceThe final authentication of (1).
And reaching the sixth step, ending the protocol and authenticating the userFor legitimate users, access to the deviceIs a legal original equipment, andis legally given access to the deviceThe final authentication of (1).
Wherein, the related foreign language vocabulary list is as follows:
TABLE 1 the present invention relates to a foreign language vocabulary
Claims (1)
1. An identity authentication method for equipment of the Internet of things based on a physical unclonable function is characterized in that: the method application scenario includes four main entities: central serverThe system is also a database of the system network and represents an entity for carrying out identity authentication and data management on the user; user' sRepresenting the user; reading deviceAnd apparatusUser passes through readerI.e. access device to deviceAccess is carried out; prior to proceeding with the authentication protocol, the readerAnd apparatusBuilt-in PUF (physical unclonable function) in the system participates in the serverOnce the registration process is completed and the authentication process is performed, the userCan be used inTo authenticate and reasonably access devices with the help ofTwo processes are defined:
registering: is thatAndprotocol between, usersIn thatWith the help of (1) register with the server; if the registration is successful, the server obtains and stores a token T that can be used for subsequent authenticationu;
And (3) authentication: is thatAndin which a protocol is usedIs/are as followsAnd use of the storage certificate TuIs/are as followsTo decide whether to accept or reject the user; is also thatAndthe protocol (c) of (a) is,the other party can be proved to be legal access equipment in the authentication process;
a small Internet of things environment comprising a plurality of intelligent devicesIn this environment there is a management service center Meanwhile, the system can be used as a database to store various authentication information and usersAs a user, a reading device or an access device is requiredBy passingTo devices in the networkData access is performed, requiring that the authentication process can satisfy the following attributes:
1) even if the adversary has access to the deviceThe system cannot be successfully verified; this security concept is essential in practical situations where the access device may be a mobile terminal, which is easily present in the hands of the user at a certain moment; in order to ensure that the device itself does not reveal any sensitive information, the device in the scheme will not store such information;
2) the method has the advantages that the legal user can not successfully authenticate without equipment, which is also important, the method ensures that equipment is required to be provided when the legal user successfully logs in, and simultaneously, an adversary knows the storage information and the user information in the server and can not create the clone of the corresponding equipment;
3) the property of the PUF ensures that the equipment cannot be cloned and tampered, and any tampering can make the PUF become a brand-new PUF', so that a legal user is ensured to have to own the original equipment for authentication and can pass the authentication successfully;
serverEstablishing and declaring discrete logarithm problem prime order q groupAnd its generator g0(ii) a That is to say that the position of the first electrode,may be a multiplicative group of prime numbers pA subgroup of (a); the PUF is constructed to useOr when the PUF is challenged, the user submits the group to the PUF;
a registration stage:
the method comprises the following steps: serverTo the userSending challenge c and groupIs described byIndicating that it can be composed of a pair of (p, q) and its generator g0Composition is carried out;
step two: user' sDirectional deviceH (c | | pwd) is sent,g0wherein pwd is a user password for modifying the Gen protocol;
among these, the Gen protocol is two protocols from fuzzy extraction: gen and Rep protocols, with a fuzzy extractor having parametersWhere m is the minimum entropy and t is the maximum number of bits of error in the allowed PUF output;
gen protocol: used in the registration phase, the output is a setAnd (R, P), wherein R is a value to be regenerated, P is a common helper string used for recovering the response of the PUF under the given access C, and the error correction code ECC is used for eliminating t errors in the output of the PUF under the given access, and the following conditions are satisfied: at any distribution of C of minimum entropy m, if (R, P) ← Gen (C), then (R, P) andhas a maximum difference of epsilon;
the Rep protocol: this is a recovery algorithm, given that P, (R, P) ← Gen (C), R can be re-output with the common helper string and the misinterpretation algorithm if the distance of the output O 'of the PUF from the output O at enrollment, dist (O, O') ≦ t: rep (O', P) ═ R;
step three: deviceOne challenge d ═ H (c | | pwd) is calculated,<Gq>,g0) Run Gen at this value to obtain the response r, P, thenSending to the user (g)0 r,P);
Step four: the user will (g)0 rP) forwarding to a serverServerThe information c, g0,Stored together;
and (3) an authentication stage:
the method comprises the following steps: serverTo the userThe challenge c is sent out and,g0p and a random number N;
step three: access deviceComputational challenge d ═ H (c | | pwd), g0P) then runs Rep on this value to obtain the response r,random selectionAnd calculate outAndand w ═ v-C' r mod q,temporarily storing the values of C', w, and, in addition,generating random numbersAnd are provided withAnd g1、p1For parameter calculationThen theWill be provided withAs inquiry information to the accessed device
Step four: devicePreliminary authentication access deviceReceive fromAfter the query message has been transmitted,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notAbsence, proof ofIf it is not a legitimate device in the initialization phase, the authentication process stops, and if it is not a legitimate device in the initialization phasePresence, apparatusTo pairThe rounding operation is carried out to obtain D,then, the user can use the device to perform the operation,finding Auth in memoryijDivide it into Authl||AuthrWherein the high order is AuthlWhat remains is AuthrIn view of underflow, dummy bits are padded with zeros at the time of partitioning,computingAndand will beIs sent as a response to
Wherein f ispseudo(. is a pseudorandom function, AuthijIs aboutAndsetting a specific input c0,AuthijStored in a deviceEach device only stores authentication information related to the device;
step five: access devicePreliminary authentication deviceWhen receivingAfter the information has been transmitted, the user may,first in the access control listIn retrieving whether an identifier existsTo perform preliminary authenticationIf it is notIf not, the authentication process is stopped, otherwise, the access device performs preliminary authenticationThen will beAnd C' and w stored in the step three are sent to the user togetherThe user sends these values to the servers
Wherein, in the fourth step and the fifth step,respectively, are legitimate access devicesAnd apparatusAre determined by their own PUFs, are the result of processing of the response of the respective PUF to a particular input, and are present in respective access control lists, such as access devicesAccess control list ofTherein are provided with a plurality of devicesAn identifier of (a); in the same way, the method for preparing the composite material,present in equipmentThe identifier of each access device is contained;
step six: serverFirst of all, calculateAnd if C ═ C', accepting user authentication while granting access to the deviceIf the equipment is legal, otherwise, the authentication is stopped;
at the same time, the server also needs to correct the receivedThe information is processed and the information is processed,computingAuth for retrieving authentication informationijAnd split it into Authl||AuthrContinue to calculateAndby making a judgmentAndwhether or not to equal to confirm the devicesIs valid ifThen the equipmentIs legally given access to the deviceThe final authentication of (1);
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810523739.9A CN108768660B (en) | 2018-05-28 | 2018-05-28 | Internet of things equipment identity authentication method based on physical unclonable function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810523739.9A CN108768660B (en) | 2018-05-28 | 2018-05-28 | Internet of things equipment identity authentication method based on physical unclonable function |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108768660A CN108768660A (en) | 2018-11-06 |
CN108768660B true CN108768660B (en) | 2021-03-30 |
Family
ID=64003067
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810523739.9A Active CN108768660B (en) | 2018-05-28 | 2018-05-28 | Internet of things equipment identity authentication method based on physical unclonable function |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108768660B (en) |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109756872B (en) * | 2018-12-06 | 2021-08-31 | 国网山东省电力公司电力科学研究院 | Power grid NB-IoT end-to-end data processing method based on physical unclonable function |
CN111327561B (en) * | 2018-12-13 | 2022-06-03 | 中国电信股份有限公司 | Authentication method, system, authentication server, and computer-readable storage medium |
CN111431841B (en) * | 2019-01-10 | 2022-08-02 | 北京普安信科技有限公司 | Internet of things security sensing system and Internet of things data security transmission method |
CN109818755A (en) * | 2019-03-08 | 2019-05-28 | 湖南第一师范学院 | A kind of transparent two-factor authentication system and method |
CN110276423A (en) * | 2019-04-20 | 2019-09-24 | 苏州因缇格电子科技有限公司 | A kind of RFID Verification System for chip finger print of high encryption |
CN110233731A (en) * | 2019-05-22 | 2019-09-13 | 南京邮电大学 | A kind of RFID safety authentication based on PUF |
CN110232293B (en) * | 2019-05-22 | 2020-11-17 | 东南大学 | APUF circuit based on cascade connection of maximum delay subchain and minimum delay subchain |
CN110290115A (en) * | 2019-06-04 | 2019-09-27 | 广东元一科技实业有限公司 | A kind of Internet of Things register method and Accreditation System |
CN110601854B (en) * | 2019-09-19 | 2023-07-14 | 许继集团有限公司 | Authorization client, power distribution terminal equipment and authorization method thereof |
CN111865570B (en) * | 2020-05-25 | 2022-06-24 | 南京理工大学 | Automatic remote certification method adaptive to heterogeneous equipment group in Internet of things |
CN113726720B (en) * | 2020-05-26 | 2023-03-24 | 中国电信股份有限公司 | Internet of things equipment communication method, equipment, server and communication system |
CN111865617B (en) * | 2020-08-04 | 2021-09-07 | 上海交通大学 | Method for enhancing system reliability based on physical unclonable function |
CN112152816B (en) * | 2020-09-24 | 2022-07-26 | 南京航灵信息科技有限公司 | Credible mechanism of Internet of things security chip |
CN112787813B (en) * | 2021-01-19 | 2023-03-24 | 北京豆荚科技有限公司 | Identity authentication method based on trusted execution environment |
CN113079132B (en) * | 2021-02-26 | 2022-04-12 | 西安电子科技大学 | Mass Internet of things equipment authentication method, storage medium and information data processing terminal |
CN113630255B (en) * | 2021-08-31 | 2022-06-10 | 北京航空航天大学 | Lightweight bidirectional authentication method and system based on SRAM PUF |
CN114039732B (en) * | 2021-11-08 | 2024-01-19 | 中国人民解放军国防科技大学 | Physical layer authentication method, system, equipment and computer readable storage medium |
CN114143343B (en) * | 2021-11-25 | 2024-04-19 | 中南财经政法大学 | Remote access control system, control method, terminal and medium in fog computing environment |
CN114143062B (en) * | 2021-11-25 | 2024-01-26 | 中南财经政法大学 | Block chain-based security authentication system, method, terminal and medium for fog computing environment |
CN113987451B (en) * | 2021-12-27 | 2022-04-08 | 北京中超伟业信息安全技术股份有限公司 | Security authentication method and system for notebook terminal equipment |
CN114915970B (en) * | 2022-04-02 | 2023-09-08 | 北京航空航天大学 | PUF-based lightweight intelligent meter batch authentication method and gateway |
CN115694843B (en) * | 2022-12-29 | 2023-04-07 | 浙江宇视科技有限公司 | Camera access management method, system, device and medium for avoiding counterfeiting |
CN115955320B (en) * | 2023-03-15 | 2023-06-30 | 北京电信易通信息技术股份有限公司 | Video conference identity authentication method |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ATE544123T1 (en) * | 2007-09-19 | 2012-02-15 | Verayo Inc | AUTHENTICATION WITH PHYSICALLY UNCLONEABLE FUNCTIONS |
CN103281189B (en) * | 2013-05-23 | 2016-08-17 | 无锡昶达信息技术有限公司 | A kind of lightweight security protocol verification system and method for radio frequency identification equipment |
EP2911335A1 (en) * | 2014-02-21 | 2015-08-26 | The European Union, represented by the European Commission | Physical uncloneable function based anti-counterfeiting system |
CN105354604B (en) * | 2015-10-30 | 2018-11-02 | 中山大学 | A kind of method for anti-counterfeit effectively based on physics unclonable function |
CN105871424B (en) * | 2016-04-05 | 2018-11-13 | 菏泽学院 | RFID groups verification method based on ECC |
-
2018
- 2018-05-28 CN CN201810523739.9A patent/CN108768660B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN108768660A (en) | 2018-11-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108768660B (en) | Internet of things equipment identity authentication method based on physical unclonable function | |
Jiang et al. | Three-factor authentication protocol using physical unclonable function for IoV | |
Kumari et al. | Design of a provably secure biometrics-based multi-cloud-server authentication scheme | |
JP4071638B2 (en) | Fingerprint remote authentication method, system and computer program via network | |
US8474025B2 (en) | Methods and apparatus for credential validation | |
US7840813B2 (en) | Method and system with authentication, revocable anonymity and non-repudiation | |
US10819516B2 (en) | System and method for generating and depositing keys for multi-point authentication | |
US11063941B2 (en) | Authentication system, authentication method, and program | |
Dwivedi et al. | A fingerprint based crypto-biometric system for secure communication | |
JP2018521417A (en) | Safety verification method based on biometric features, client terminal, and server | |
CN109756893A (en) | A kind of intelligent perception Internet of Things anonymous authentication method based on chaotic maps | |
CN106576046B (en) | System and apparatus for binding metadata with hardware-inherent properties | |
Giri et al. | A novel and efficient session spanning biometric and password based three-factor authentication protocol for consumer USB mass storage devices | |
Hossain et al. | ICAS: Two-factor identity-concealed authentication scheme for remote-servers | |
Wu et al. | A new authenticated key agreement scheme based on smart cards providing user anonymity with formal proof | |
Agrawal et al. | Game-set-MATCH: Using mobile devices for seamless external-facing biometric matching | |
Kumar et al. | A construction of post quantum secure and signal leakage resistant authenticated key agreement protocol for mobile communication | |
Zhu et al. | A Novel and Provable Authenticated Key Agreement Protocol with Privacy Protection Based on Chaotic Maps towards Mobile Network. | |
WO2004084482A1 (en) | Data transmit system and transmit methods by using n-dimensional information | |
Zhu et al. | A biometrics-based multi-server key agreement scheme on chaotic maps cryptosystem. | |
Guan et al. | Physical unclonable functions for IoT device authentication | |
Zhu et al. | An efficient biometric authenticated protocol for arbitrary-domain-server with blockchain technology | |
CN114499854B (en) | Identity authentication method and system based on wireless sensor network and electronic equipment | |
Yang et al. | A puf-based three-party authentication key establishment scheme for fog-enabled smart home | |
Vorugunti et al. | Improving security of lightweight authentication technique for heterogeneous wireless sensor networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |